Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/747836-7822-4ed7-8291-dac25b266d8e/1/05dVc6ABA35s1lIVZCX4MyAVWsE.roa
File: 05dVc6ABA35s1lIVZCX4MyAVWsE.roa (raw, json)
Hash identifier: A7QaqhKGTQnL4Dm/bLJ1IF2pAVw/4/vPWwEpS9iWxoc=
Subject key identifier: D3:97:55:73:A0:01:03:7E:6C:D6:52:15:64:25:F8:33:20:15:5A:C1
Certificate issuer: /CN=4a7e8c622c87532f8c449f347433dae52b7738f0
Certificate serial: 019CDA3632E77559794AB48A3572067934EF
Authority key identifier: 4A:7E:8C:62:2C:87:53:2F:8C:44:9F:34:74:33:DA:E5:2B:77:38:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Sn6MYiyHUy-MRJ80dDPa5St3OPA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/747836-7822-4ed7-8291-dac25b266d8e/1/05dVc6ABA35s1lIVZCX4MyAVWsE.roa
Signing time: Wed 11 Mar 2026 00:05:10 +0000
ROA not before: Wed 11 Mar 2026 00:05:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 50477
IP address blocks: 5.149.200.0/22 maxlen: 22
5.149.201.0/24 maxlen: 24
5.149.204.0/22 maxlen: 22
5.149.204.0/24 maxlen: 24
5.149.205.0/24 maxlen: 24
5.149.206.0/24 maxlen: 24
46.19.112.0/23 maxlen: 23
46.19.114.0/24 maxlen: 24
46.19.115.0/24 maxlen: 24
46.19.116.0/22 maxlen: 22
109.236.208.0/23 maxlen: 23
109.236.210.0/24 maxlen: 24
109.236.211.0/24 maxlen: 24
109.236.212.0/22 maxlen: 22
109.236.216.0/21 maxlen: 21
134.19.144.0/21 maxlen: 21
134.19.152.0/24 maxlen: 24
134.19.153.0/24 maxlen: 24
134.19.154.0/23 maxlen: 23
134.19.154.0/24 maxlen: 24
134.19.156.0/22 maxlen: 22
134.19.156.0/23 maxlen: 23
2a04:6000::/29 maxlen: 29
2a04:6006::/32 maxlen: 32
2a04:6007::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ae/747836-7822-4ed7-8291-dac25b266d8e/1/Sn6MYiyHUy-MRJ80dDPa5St3OPA.crl
rsync://rpki.ripe.net/repository/DEFAULT/ae/747836-7822-4ed7-8291-dac25b266d8e/1/Sn6MYiyHUy-MRJ80dDPa5St3OPA.mft
rsync://rpki.ripe.net/repository/DEFAULT/Sn6MYiyHUy-MRJ80dDPa5St3OPA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:da:36:32:e7:75:59:79:4a:b4:8a:35:72:06:79:34:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a7e8c622c87532f8c449f347433dae52b7738f0
Validity
Not Before: Mar 11 00:05:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d3975573a001037e6cd652156425f83320155ac1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:6c:d7:03:22:53:b7:2f:fc:2f:f4:38:da:c0:
ec:b2:3d:59:6e:c6:fa:6f:ef:b6:a2:52:ba:45:90:
60:bb:84:96:2c:ae:e0:4e:e2:53:52:67:40:ae:d7:
e6:69:0e:95:be:9e:6c:3d:e8:52:1b:41:ca:5c:67:
2c:5c:74:9c:5d:86:ee:b4:a9:d4:29:89:72:73:b7:
3d:0e:37:6c:c5:66:6a:0f:21:6d:7b:90:6f:56:23:
46:72:5d:92:af:64:d4:6f:82:37:13:54:1a:49:30:
e9:a7:29:5c:2e:10:47:09:aa:bd:8d:b9:58:64:e4:
bc:22:38:ab:67:0a:db:de:b7:a8:fa:c5:0e:4d:7e:
b1:bd:ad:51:97:77:ef:2b:36:5c:c4:67:a2:b3:0d:
9b:f0:16:1d:c0:a7:fb:2a:02:96:d2:ad:7a:aa:47:
78:7c:0b:9e:9c:b3:3f:cc:82:2f:50:f9:86:35:95:
dd:1c:f0:e8:54:d1:8f:80:06:c6:1f:d2:ba:a8:a2:
52:f9:91:4e:ab:83:06:ea:0c:14:4e:f7:80:a7:35:
2c:13:8f:17:b1:18:f6:28:fe:0c:d1:cc:d6:08:4e:
d5:00:90:36:ef:a8:aa:a8:9c:84:09:36:16:2f:8a:
a8:12:df:72:f1:89:db:e2:27:3c:39:8c:bb:20:1d:
88:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:97:55:73:A0:01:03:7E:6C:D6:52:15:64:25:F8:33:20:15:5A:C1
X509v3 Authority Key Identifier:
keyid:4A:7E:8C:62:2C:87:53:2F:8C:44:9F:34:74:33:DA:E5:2B:77:38:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sn6MYiyHUy-MRJ80dDPa5St3OPA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/747836-7822-4ed7-8291-dac25b266d8e/1/05dVc6ABA35s1lIVZCX4MyAVWsE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/747836-7822-4ed7-8291-dac25b266d8e/1/Sn6MYiyHUy-MRJ80dDPa5St3OPA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.200.0/21
46.19.112.0/21
109.236.208.0/20
134.19.144.0/20
IPv6:
2a04:6000::/29
Signature Algorithm: sha256WithRSAEncryption
9c:9f:d6:29:48:44:d9:61:43:aa:64:76:86:18:1c:8f:36:9b:
7d:8f:49:dc:e0:e7:b2:df:89:87:a4:d1:d9:78:39:82:77:a7:
21:3f:3e:c5:bb:6e:00:29:76:d2:66:ce:9e:4d:c4:16:b7:d9:
0a:59:73:87:03:25:eb:e5:24:1b:b2:25:a5:df:8c:43:ce:d2:
34:91:35:96:fd:fd:57:a2:41:b4:8e:67:82:cf:b1:e6:04:a6:
8d:a6:4a:74:9c:54:25:f6:27:1c:b6:80:25:d2:01:f6:b6:63:
9f:54:d2:97:21:f0:83:a3:7d:b9:34:d6:bd:3d:5b:0a:e5:fc:
48:b9:4a:14:3b:69:de:3c:fa:f1:3a:4c:be:3b:52:29:08:77:
94:45:a0:70:69:8d:1e:6a:40:ed:30:e9:3f:24:77:2d:fc:34:
fd:71:44:13:04:8e:2e:2f:73:73:7b:f8:fd:27:67:7b:2e:69:
a6:f0:84:15:c3:6b:68:19:1b:79:3b:3e:34:73:74:6e:b0:7c:
ef:0f:b4:4c:d6:b5:35:e0:de:b3:7f:01:78:26:e3:ff:78:7e:
6e:06:3a:d1:17:f1:d8:14:63:5a:fb:8d:da:9b:c1:eb:c6:29:
cb:d2:80:1d:ce:eb:a0:63:c2:d2:57:e0:20:eb:55:4f:ba:4c:
84:36:26:54
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZzaNjLndVl5SrSKNXIGeTTvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhN2U4YzYyMmM4NzUzMmY4YzQ0OWYzNDc0MzNkYWU1MmI3
NzM4ZjAwHhcNMjYwMzExMDAwNTEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzk3NTU3M2EwMDEwMzdlNmNkNjUyMTU2NDI1ZjgzMzIwMTU1YWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8GzXAyJTty/8L/Q42sDssj1Zbsb6
b++2olK6RZBgu4SWLK7gTuJTUmdArtfmaQ6Vvp5sPehSG0HKXGcsXHScXYbutKnU
KYlyc7c9DjdsxWZqDyFte5BvViNGcl2Sr2TUb4I3E1QaSTDppylcLhBHCaq9jblY
ZOS8IjirZwrb3reo+sUOTX6xva1Rl3fvKzZcxGeisw2b8BYdwKf7KgKW0q16qkd4
fAuenLM/zIIvUPmGNZXdHPDoVNGPgAbGH9K6qKJS+ZFOq4MG6gwUTveApzUsE48X
sRj2KP4M0czWCE7VAJA276iqqJyECTYWL4qoEt9y8Ynb4ic8OYy7IB2IeQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFNOXVXOgAQN+bNZSFWQl+DMgFVrBMB8GA1UdIwQY
MBaAFEp+jGIsh1MvjESfNHQz2uUrdzjwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU242TVlpeUhVeS1NUko4MGREUGE1U3QzT1BBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS83NDc4MzYtNzgyMi00ZWQ3LTgyOTEt
ZGFjMjViMjY2ZDhlLzEvMDVkVmM2QUJBMzVzMWxJVlpDWDRNeUFWV3NFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS83NDc4MzYtNzgyMi00ZWQ3LTgyOTEtZGFjMjViMjY2ZDhl
LzEvU242TVlpeUhVeS1NUko4MGREUGE1U3QzT1BBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDBZXIAwQD
LhNwAwQEbezQAwQEhhOQMA0EAgACMAcDBQMqBGAAMA0GCSqGSIb3DQEBCwUAA4IB
AQCcn9YpSETZYUOqZHaGGByPNpt9j0nc4Oey34mHpNHZeDmCd6chPz7Fu24AKXbS
Zs6eTcQWt9kKWXOHAyXr5SQbsiWl34xDztI0kTWW/f1XokG0jmeCz7HmBKaNpkp0
nFQl9icctoAl0gH2tmOfVNKXIfCDo325NNa9PVsK5fxIuUoUO2nePPrxOky+O1Ip
CHeURaBwaY0eakDtMOk/JHct/DT9cUQTBI4uL3Nze/j9J2d7Lmmm8IQVw2toGRt5
Oz40c3RusHzvD7RM1rU14N6zfwF4JuP/eH5uBjrRF/HYFGNa+43am8HrxinL0oAd
zuugY8LSV+Ag61VPukyENiZU
-----END CERTIFICATE-----
Generated at Thu Mar 26 11:49:42 2026 by rpki-client