Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/b4dc3c-ecab-436d-ac52-595307f47110/1/iH5XJxRHMuZplPHXUVXS4UztXoc.roa
File: iH5XJxRHMuZplPHXUVXS4UztXoc.roa (raw, json)
Hash identifier: 0SYvVBVFyUSv31vxwNANiF5Kj2haBl2zGv3sJ7c90/4=
Subject key identifier: 88:7E:57:27:14:47:32:E6:69:94:F1:D7:51:55:D2:E1:4C:ED:5E:87
Certificate issuer: /CN=e5805c5fe3450287dcde6ade0d9c9558ba615e32
Certificate serial: 019D25CE1FDDE24F11673C286EC2FEB3BEEB
Authority key identifier: E5:80:5C:5F:E3:45:02:87:DC:DE:6A:DE:0D:9C:95:58:BA:61:5E:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5YBcX-NFAofc3mreDZyVWLphXjI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/b4dc3c-ecab-436d-ac52-595307f47110/1/iH5XJxRHMuZplPHXUVXS4UztXoc.roa
Signing time: Wed 25 Mar 2026 16:22:38 +0000
ROA not before: Wed 25 Mar 2026 16:22:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 48817
IP address blocks: 45.67.64.0/22 maxlen: 24
185.139.248.0/22 maxlen: 22
185.252.48.0/22 maxlen: 24
193.22.15.0/24 maxlen: 24
2a10:db40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/b4dc3c-ecab-436d-ac52-595307f47110/1/5YBcX-NFAofc3mreDZyVWLphXjI.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/b4dc3c-ecab-436d-ac52-595307f47110/1/5YBcX-NFAofc3mreDZyVWLphXjI.mft
rsync://rpki.ripe.net/repository/DEFAULT/5YBcX-NFAofc3mreDZyVWLphXjI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:25:ce:1f:dd:e2:4f:11:67:3c:28:6e:c2:fe:b3:be:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5805c5fe3450287dcde6ade0d9c9558ba615e32
Validity
Not Before: Mar 25 16:22:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=887e5727144732e66994f1d75155d2e14ced5e87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:04:b4:7e:95:9f:f5:42:4b:bb:99:9c:7d:b0:
0b:15:47:97:27:cf:9b:69:8a:c3:9e:4d:b4:ba:47:
53:52:f8:86:72:30:69:8d:0d:32:10:03:c3:d5:e9:
6a:bd:f6:52:d9:c1:de:1c:ca:42:97:2c:60:51:72:
71:9e:7a:e0:e9:c5:b1:b0:ae:cd:5a:0a:82:69:7d:
aa:0a:48:b2:94:90:ad:66:6f:11:b3:72:b4:0a:93:
01:a3:3c:9d:18:b5:35:c1:b0:65:bc:00:80:9c:2f:
f7:55:d9:79:98:b6:99:26:8c:89:79:2b:7d:54:64:
c0:81:b4:bc:00:52:8c:14:2d:15:be:26:20:4d:ff:
4b:ec:83:0e:2f:02:54:b0:34:2f:03:1c:0a:00:30:
40:32:0f:8d:dc:4b:16:0c:f7:fc:70:91:f9:a7:04:
c1:96:2c:8a:39:5d:75:1a:2e:65:fe:d6:7f:7c:e2:
ad:96:a7:52:9f:30:3e:7e:33:40:ea:d9:92:e4:e5:
42:03:6d:f2:a4:66:73:ae:bb:95:b1:56:8b:0e:7a:
51:ae:0c:af:9a:16:f4:9b:60:69:18:6d:f0:8e:6b:
e7:73:99:6e:3a:e1:23:c5:60:40:86:26:b1:50:fe:
4e:6a:54:00:62:c0:09:48:66:40:80:73:b1:ff:be:
34:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:7E:57:27:14:47:32:E6:69:94:F1:D7:51:55:D2:E1:4C:ED:5E:87
X509v3 Authority Key Identifier:
keyid:E5:80:5C:5F:E3:45:02:87:DC:DE:6A:DE:0D:9C:95:58:BA:61:5E:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5YBcX-NFAofc3mreDZyVWLphXjI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/b4dc3c-ecab-436d-ac52-595307f47110/1/iH5XJxRHMuZplPHXUVXS4UztXoc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/b4dc3c-ecab-436d-ac52-595307f47110/1/5YBcX-NFAofc3mreDZyVWLphXjI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.64.0/22
185.139.248.0/22
185.252.48.0/22
193.22.15.0/24
IPv6:
2a10:db40::/29
Signature Algorithm: sha256WithRSAEncryption
a8:10:23:c0:52:ee:dc:0d:0e:f5:d9:bd:32:96:b6:bd:b2:6f:
0f:79:ef:d9:0e:35:ea:7b:33:16:cd:f3:db:57:e5:e2:8c:aa:
53:3b:e6:0f:5a:df:02:cb:be:8d:24:26:6c:95:02:51:ac:4f:
e6:2b:9b:16:9e:3b:31:b0:db:08:6a:b3:dd:03:bd:d0:e6:2f:
0f:4b:f7:14:c3:7c:78:74:d3:93:99:70:60:e1:b3:4e:cb:1e:
01:f1:0d:f7:e8:65:e5:a9:0d:a5:d9:79:5a:ef:e7:b7:11:68:
b0:81:d3:54:24:c7:7d:b6:06:d1:34:09:fe:d6:9a:95:96:31:
a4:71:2a:77:7a:a8:84:a3:2e:f2:90:11:4e:4a:72:66:cc:a9:
d8:fb:2b:5e:76:96:af:ee:e2:b5:5b:b4:8a:b9:76:43:44:29:
0f:fa:08:d6:b7:a6:75:bd:a7:f4:54:28:d3:8e:f0:5f:2d:95:
93:b8:35:81:58:14:96:99:57:7f:98:65:65:d0:91:c0:d3:dd:
38:93:a3:ec:52:d7:28:39:55:1f:24:76:3e:de:13:84:f2:8e:
ec:f7:8b:51:14:1a:06:26:2f:ea:32:92:49:37:10:95:6a:42:
8d:52:45:b2:c2:3c:80:ac:75:e5:16:7e:08:d1:fa:4b:b6:b4:
9c:5b:ac:5a
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZ0lzh/d4k8RZzwobsL+s77rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1ODA1YzVmZTM0NTAyODdkY2RlNmFkZTBkOWM5NTU4YmE2
MTVlMzIwHhcNMjYwMzI1MTYyMjM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODdlNTcyNzE0NDczMmU2Njk5NGYxZDc1MTU1ZDJlMTRjZWQ1ZTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvAS0fpWf9UJLu5mcfbALFUeXJ8+b
aYrDnk20ukdTUviGcjBpjQ0yEAPD1elqvfZS2cHeHMpClyxgUXJxnnrg6cWxsK7N
WgqCaX2qCkiylJCtZm8Rs3K0CpMBozydGLU1wbBlvACAnC/3Vdl5mLaZJoyJeSt9
VGTAgbS8AFKMFC0VviYgTf9L7IMOLwJUsDQvAxwKADBAMg+N3EsWDPf8cJH5pwTB
liyKOV11Gi5l/tZ/fOKtlqdSnzA+fjNA6tmS5OVCA23ypGZzrruVsVaLDnpRrgyv
mhb0m2BpGG3wjmvnc5luOuEjxWBAhiaxUP5OalQAYsAJSGZAgHOx/740uwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFIh+VycURzLmaZTx11FV0uFM7V6HMB8GA1UdIwQY
MBaAFOWAXF/jRQKH3N5q3g2clVi6YV4yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVlCY1gtTkZBb2ZjM21yZURaeVZXTHBoWGpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9iNGRjM2MtZWNhYi00MzZkLWFjNTIt
NTk1MzA3ZjQ3MTEwLzEvaUg1WEp4UkhNdVpwbFBIWFVWWFM0VXp0WG9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9iNGRjM2MtZWNhYi00MzZkLWFjNTItNTk1MzA3ZjQ3MTEw
LzEvNVlCY1gtTkZBb2ZjM21yZURaeVZXTHBoWGpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCLUNAAwQC
uYv4AwQCufwwAwQAwRYPMA0EAgACMAcDBQMqENtAMA0GCSqGSIb3DQEBCwUAA4IB
AQCoECPAUu7cDQ712b0ylra9sm8Pee/ZDjXqezMWzfPbV+XijKpTO+YPWt8Cy76N
JCZslQJRrE/mK5sWnjsxsNsIarPdA73Q5i8PS/cUw3x4dNOTmXBg4bNOyx4B8Q33
6GXlqQ2l2Xla7+e3EWiwgdNUJMd9tgbRNAn+1pqVljGkcSp3eqiEoy7ykBFOSnJm
zKnY+ytedpav7uK1W7SKuXZDRCkP+gjWt6Z1vaf0VCjTjvBfLZWTuDWBWBSWmVd/
mGVl0JHA0904k6PsUtcoOVUfJHY+3hOE8o7s94tRFBoGJi/qMpJJNxCVakKNUkWy
wjyArHXlFn4I0fpLtrScW6xa
-----END CERTIFICATE-----
Generated at Thu Mar 26 14:03:23 2026 by rpki-client