Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/097748-5cc8-450f-9fbb-8c8d10e8eabc/1/IK4nJYFQUmKZNbdR--FPWuUhVxU.roa
File: IK4nJYFQUmKZNbdR--FPWuUhVxU.roa (raw, json)
Hash identifier: 6+SF1nvClEObRj38PWV6BTQEdzViGHThkpCqyru0FWk=
Subject key identifier: 20:AE:27:25:81:50:52:62:99:35:B7:51:FB:E1:4F:5A:E5:21:57:15
Certificate issuer: /CN=e6faa0d2f5dec0201f55e40979c1909b6db77c3b
Certificate serial: 019D058CF8EBB1FA6CBD133EFFE5052913D8
Authority key identifier: E6:FA:A0:D2:F5:DE:C0:20:1F:55:E4:09:79:C1:90:9B:6D:B7:7C:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5vqg0vXewCAfVeQJecGQm223fDs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/097748-5cc8-450f-9fbb-8c8d10e8eabc/1/IK4nJYFQUmKZNbdR--FPWuUhVxU.roa
Signing time: Thu 19 Mar 2026 10:03:37 +0000
ROA not before: Thu 19 Mar 2026 10:03:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 197075
IP address blocks: 5.152.149.0/24 maxlen: 24
37.77.160.0/21 maxlen: 24
45.156.60.0/23 maxlen: 24
45.156.62.0/23 maxlen: 23
46.31.104.0/21 maxlen: 24
81.29.176.0/22 maxlen: 23
85.208.76.0/22 maxlen: 24
185.25.234.0/23 maxlen: 23
185.47.138.0/24 maxlen: 24
185.59.20.0/22 maxlen: 23
185.186.12.0/22 maxlen: 23
185.246.95.0/24 maxlen: 24
195.177.114.0/24 maxlen: 24
2a02:2420::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/097748-5cc8-450f-9fbb-8c8d10e8eabc/1/5vqg0vXewCAfVeQJecGQm223fDs.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/097748-5cc8-450f-9fbb-8c8d10e8eabc/1/5vqg0vXewCAfVeQJecGQm223fDs.mft
rsync://rpki.ripe.net/repository/DEFAULT/5vqg0vXewCAfVeQJecGQm223fDs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:05:8c:f8:eb:b1:fa:6c:bd:13:3e:ff:e5:05:29:13:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e6faa0d2f5dec0201f55e40979c1909b6db77c3b
Validity
Not Before: Mar 19 10:03:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=20ae2725815052629935b751fbe14f5ae5215715
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:ad:34:bd:56:5d:2d:0c:7d:fd:7e:6c:f1:bb:
a5:6a:e2:9d:14:c6:fa:57:30:36:f6:50:a0:c8:20:
f0:48:10:63:5d:a2:ba:0a:74:5b:73:3b:48:59:d8:
83:3e:53:a5:29:26:c5:1c:03:2c:4c:36:d8:74:76:
20:b5:c4:10:5e:c1:30:56:b4:16:f2:84:d5:9b:d5:
d5:db:5e:88:f0:92:46:87:e6:8b:1e:63:61:8f:92:
ce:bf:c0:85:11:68:69:0e:31:0f:f3:2a:d0:32:2d:
68:13:83:23:c1:ae:82:38:7c:6f:66:87:94:6c:b6:
28:a3:a7:16:9d:69:d2:15:a4:5e:30:59:45:8f:2a:
e2:ce:5f:58:c1:ec:0b:da:05:d2:8b:86:2f:ec:10:
32:2f:20:d9:d1:69:22:22:8a:a3:0c:95:a1:6e:ae:
55:94:e4:72:07:54:5b:03:ca:00:f8:25:38:85:51:
2d:98:98:01:09:b4:8a:d9:5a:77:53:06:91:39:f9:
96:78:7a:4a:8a:5d:b3:54:09:cd:ed:07:e4:cc:40:
72:5f:10:45:0c:1e:16:f9:c1:21:eb:55:92:47:86:
7a:6b:36:dc:00:18:56:0d:df:79:17:b1:b6:5e:22:
57:7c:9c:aa:6b:f4:bc:55:f9:cd:95:b3:d5:85:c1:
63:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:AE:27:25:81:50:52:62:99:35:B7:51:FB:E1:4F:5A:E5:21:57:15
X509v3 Authority Key Identifier:
keyid:E6:FA:A0:D2:F5:DE:C0:20:1F:55:E4:09:79:C1:90:9B:6D:B7:7C:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5vqg0vXewCAfVeQJecGQm223fDs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/097748-5cc8-450f-9fbb-8c8d10e8eabc/1/IK4nJYFQUmKZNbdR--FPWuUhVxU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/097748-5cc8-450f-9fbb-8c8d10e8eabc/1/5vqg0vXewCAfVeQJecGQm223fDs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.152.149.0/24
37.77.160.0/21
45.156.60.0/22
46.31.104.0/21
81.29.176.0/22
85.208.76.0/22
185.25.234.0/23
185.47.138.0/24
185.59.20.0/22
185.186.12.0/22
185.246.95.0/24
195.177.114.0/24
IPv6:
2a02:2420::/32
Signature Algorithm: sha256WithRSAEncryption
a1:4f:87:8b:a3:1e:06:1a:e7:4e:82:b9:dd:38:36:29:64:d8:
99:40:45:26:16:ee:a2:55:1a:40:cb:7e:3d:33:e1:d4:d2:54:
a7:33:f8:25:29:72:ea:d0:ca:40:11:de:91:68:52:ab:f4:cb:
6a:11:99:c6:17:34:9a:29:d3:ce:55:7d:15:86:f3:44:35:3c:
22:bc:66:f4:b3:66:99:a0:d3:e9:7c:62:6a:dd:7b:0f:82:5e:
b6:ff:89:df:b4:da:7f:f2:99:1a:57:ee:a4:f9:c5:6f:8c:00:
db:f7:01:3e:69:46:c7:dd:22:5e:85:e5:23:4c:c9:83:3a:20:
c0:32:8c:6b:1c:7d:b2:ec:58:83:24:e7:27:31:35:41:f1:e8:
95:e6:16:1d:aa:43:b8:52:42:c6:4a:12:3a:68:7f:6b:f8:b1:
7c:fb:8f:e1:84:98:86:bd:b8:b0:ca:0e:09:1d:4a:2b:4c:23:
c4:ce:2e:63:f2:e7:dc:83:76:bf:a1:f8:37:aa:47:b6:a2:25:
9c:00:36:92:d1:e2:6a:f6:9c:15:7c:68:3b:1b:28:b6:bb:c5:
15:b3:c4:3b:d8:07:44:ec:92:85:62:ba:9e:0f:67:3f:3f:cd:
b3:5c:bc:40:72:bb:44:aa:b4:41:fb:7e:4f:f1:10:68:81:1c:
1d:14:e0:07
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAZ0FjPjrsfpsvRM+/+UFKRPYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2ZmFhMGQyZjVkZWMwMjAxZjU1ZTQwOTc5YzE5MDliNmRi
NzdjM2IwHhcNMjYwMzE5MTAwMzM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGFlMjcyNTgxNTA1MjYyOTkzNWI3NTFmYmUxNGY1YWU1MjE1NzE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgq00vVZdLQx9/X5s8bulauKdFMb6
VzA29lCgyCDwSBBjXaK6CnRbcztIWdiDPlOlKSbFHAMsTDbYdHYgtcQQXsEwVrQW
8oTVm9XV216I8JJGh+aLHmNhj5LOv8CFEWhpDjEP8yrQMi1oE4Mjwa6COHxvZoeU
bLYoo6cWnWnSFaReMFlFjyrizl9YwewL2gXSi4Yv7BAyLyDZ0WkiIoqjDJWhbq5V
lORyB1RbA8oA+CU4hVEtmJgBCbSK2Vp3UwaROfmWeHpKil2zVAnN7QfkzEByXxBF
DB4W+cEh61WSR4Z6azbcABhWDd95F7G2XiJXfJyqa/S8VfnNlbPVhcFjoQIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFCCuJyWBUFJimTW3UfvhT1rlIVcVMB8GA1UdIwQY
MBaAFOb6oNL13sAgH1XkCXnBkJttt3w7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXZxZzB2WGV3Q0FmVmVRSmVjR1FtMjIzZkRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8wOTc3NDgtNWNjOC00NTBmLTlmYmIt
OGM4ZDEwZThlYWJjLzEvSUs0bkpZRlFVbUtaTmJkUi0tRlBXdVVoVnhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8wOTc3NDgtNWNjOC00NTBmLTlmYmItOGM4ZDEwZThlYWJj
LzEvNXZxZzB2WGV3Q0FmVmVRSmVjR1FtMjIzZkRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQABZiVAwQD
JU2gAwQCLZw8AwQDLh9oAwQCUR2wAwQCVdBMAwQBuRnqAwQAuS+KAwQCuTsUAwQC
uboMAwQAufZfAwQAw7FyMA0EAgACMAcDBQAqAiQgMA0GCSqGSIb3DQEBCwUAA4IB
AQChT4eLox4GGudOgrndODYpZNiZQEUmFu6iVRpAy349M+HU0lSnM/glKXLq0MpA
Ed6RaFKr9MtqEZnGFzSaKdPOVX0VhvNENTwivGb0s2aZoNPpfGJq3XsPgl62/4nf
tNp/8pkaV+6k+cVvjADb9wE+aUbH3SJeheUjTMmDOiDAMoxrHH2y7FiDJOcnMTVB
8eiV5hYdqkO4UkLGShI6aH9r+LF8+4/hhJiGvbiwyg4JHUorTCPEzi5j8ufcg3a/
ofg3qke2oiWcADaS0eJq9pwVfGg7Gyi2u8UVs8Q72AdE7JKFYrqeD2c/P82zXLxA
crtEqrRB+35P8RBogRwdFOAH
-----END CERTIFICATE-----
Generated at Thu Mar 26 08:44:59 2026 by rpki-client