Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/sQrvyzK7N0wULm1wo0uM6xtxoDE.roa
File: sQrvyzK7N0wULm1wo0uM6xtxoDE.roa (raw, json)
Hash identifier: RQiHy4v+nKjO+WuHpQyymNIHaVpKrkrIV4MD67pQ4Kg=
Subject key identifier: B1:0A:EF:CB:32:BB:37:4C:14:2E:6D:70:A3:4B:8C:EB:1B:71:A0:31
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 019D285DA7A9F75C41DA74639B48B4B0104F
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/sQrvyzK7N0wULm1wo0uM6xtxoDE.roa
Signing time: Thu 26 Mar 2026 04:18:39 +0000
ROA not before: Thu 26 Mar 2026 04:18:39 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 33651
IP address blocks: 5.182.186.0/24 maxlen: 24
5.182.193.0/24 maxlen: 24
5.182.194.0/24 maxlen: 24
5.182.195.0/24 maxlen: 24
36.255.215.0/24 maxlen: 24
45.67.141.0/24 maxlen: 24
63.246.129.0/24 maxlen: 24
63.246.148.0/24 maxlen: 24
63.246.152.0/24 maxlen: 24
63.246.159.0/24 maxlen: 24
78.31.206.0/24 maxlen: 24
103.216.197.0/24 maxlen: 24
162.218.89.0/24 maxlen: 24
185.201.41.0/24 maxlen: 24
185.201.43.0/24 maxlen: 24
2a0c:1900::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.mft
rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 04:18:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:5d:a7:a9:f7:5c:41:da:74:63:9b:48:b4:b0:10:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Mar 26 04:18:39 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b10aefcb32bb374c142e6d70a34b8ceb1b71a031
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:97:a2:70:a8:08:6c:3c:12:2a:6b:b5:11:e1:
00:c5:4d:ed:a8:65:eb:9f:0e:f8:da:28:8f:d7:a4:
e3:59:f6:94:cd:df:a2:ee:52:f4:3c:37:46:fb:52:
86:8a:2a:30:c8:4f:4a:88:35:b0:d4:70:30:46:cb:
d3:1f:b0:5d:db:82:87:2d:ed:8e:02:bb:ed:54:3d:
49:68:09:c6:ec:84:cc:d0:d3:07:38:fb:31:c3:c7:
4b:c0:64:62:78:3c:01:31:b9:73:db:c4:52:39:e1:
b3:af:af:14:83:7b:98:d4:e0:58:0b:93:15:ae:3f:
62:45:87:92:63:bf:de:56:7d:f6:b0:b8:ea:b1:c4:
17:5d:bd:b5:33:46:7c:de:80:6e:c7:a3:e9:07:ec:
b0:ae:93:3d:63:8e:7f:c2:00:b2:d0:3c:25:95:85:
9e:c2:87:5f:8a:8d:2a:45:85:d8:44:93:b3:5d:aa:
b1:65:8d:6e:23:58:05:b0:5b:ba:c9:50:86:8f:90:
97:bb:16:a0:8e:13:5b:64:d5:0d:aa:ca:27:ef:8b:
eb:16:9e:ae:49:bd:d1:f3:19:f1:b5:56:2a:70:21:
94:06:94:1d:2e:c3:38:eb:fa:4f:99:3e:0d:d3:07:
21:30:bb:7b:00:f2:60:ec:0c:74:9c:8b:52:89:f4:
0c:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:0A:EF:CB:32:BB:37:4C:14:2E:6D:70:A3:4B:8C:EB:1B:71:A0:31
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/sQrvyzK7N0wULm1wo0uM6xtxoDE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.186.0/24
5.182.193.0-5.182.195.255
36.255.215.0/24
45.67.141.0/24
63.246.129.0/24
63.246.148.0/24
63.246.152.0/24
63.246.159.0/24
78.31.206.0/24
103.216.197.0/24
162.218.89.0/24
185.201.41.0/24
185.201.43.0/24
IPv6:
2a0c:1900::/29
Signature Algorithm: sha256WithRSAEncryption
48:25:50:7e:ad:8b:b0:97:a7:39:7e:a1:68:97:78:2e:26:c5:
90:00:35:b9:35:43:9a:10:36:3f:9e:3f:2c:d7:3f:f0:1e:21:
da:b4:bc:96:20:ea:a4:cd:90:06:d7:1d:90:4a:0e:83:82:2c:
8d:2d:28:46:31:2f:15:82:ca:80:c1:49:64:5c:47:fe:e5:f2:
10:69:f8:9b:25:b9:e2:2f:5a:cb:dc:30:e7:9d:c3:86:6f:6f:
bf:b8:2c:e7:eb:02:3f:2d:7e:b6:eb:6f:1a:bb:05:bd:70:d2:
0e:c8:69:76:11:be:5d:0d:0e:c1:55:20:1b:be:6a:ef:7f:01:
be:86:30:83:09:d1:af:3c:ee:22:f5:0b:81:08:46:2f:57:7f:
7e:f7:79:d3:46:0f:b3:40:00:88:b0:5a:47:28:74:c7:05:76:
54:35:d4:15:ea:2d:9f:7e:bf:f1:0a:8c:8a:d6:0a:2d:28:41:
61:9e:4b:14:59:e7:1d:e1:7f:ec:8b:c8:1c:b5:4e:1b:53:c8:
df:4b:98:7a:e0:fa:aa:17:2c:60:e0:8d:03:74:a9:9c:06:c8:
8c:dc:c0:e3:bf:5b:be:7f:4d:3b:74:3a:8b:2b:bf:59:2a:43:
85:36:68:b2:f1:7d:0f:db:db:33:6d:ab:99:f7:e2:dd:96:0f:
1e:df:dc:77
-----BEGIN CERTIFICATE-----
MIIFXDCCBESgAwIBAgISAZ0oXaep91xB2nRjm0i0sBBPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjYwMzI2MDQxODM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTBhZWZjYjMyYmIzNzRjMTQyZTZkNzBhMzRiOGNlYjFiNzFhMDMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyZeicKgIbDwSKmu1EeEAxU3tqGXr
nw742iiP16TjWfaUzd+i7lL0PDdG+1KGiiowyE9KiDWw1HAwRsvTH7Bd24KHLe2O
ArvtVD1JaAnG7ITM0NMHOPsxw8dLwGRieDwBMblz28RSOeGzr68Ug3uY1OBYC5MV
rj9iRYeSY7/eVn32sLjqscQXXb21M0Z83oBux6PpB+ywrpM9Y45/wgCy0DwllYWe
wodfio0qRYXYRJOzXaqxZY1uI1gFsFu6yVCGj5CXuxagjhNbZNUNqson74vrFp6u
Sb3R8xnxtVYqcCGUBpQdLsM46/pPmT4N0wchMLt7APJg7Ax0nItSifQMnwIDAQAB
o4ICaDCCAmQwHQYDVR0OBBYEFLEK78syuzdMFC5tcKNLjOsbcaAxMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvc1Fydnl6SzdOMHdVTG0xd28wdU02eHR4b0RFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH4GCCsGAQUFBwEHAQH/BG8wbTBcBAIAATBWAwQABba6MAwD
BAAFtsEDBAIFtsADBAAk/9cDBAAtQ40DBAA/9oEDBAA/9pQDBAA/9pgDBAA/9p8D
BABOH84DBABn2MUDBACi2lkDBAC5ySkDBAC5ySswDQQCAAIwBwMFAyoMGQAwDQYJ
KoZIhvcNAQELBQADggEBAEglUH6ti7CXpzl+oWiXeC4mxZAANbk1Q5oQNj+ePyzX
P/AeIdq0vJYg6qTNkAbXHZBKDoOCLI0tKEYxLxWCyoDBSWRcR/7l8hBp+JslueIv
WsvcMOedw4Zvb7+4LOfrAj8tfrbrbxq7Bb1w0g7IaXYRvl0NDsFVIBu+au9/Ab6G
MIMJ0a887iL1C4EIRi9Xf373edNGD7NAAIiwWkcodMcFdlQ11BXqLZ9+v/EKjIrW
Ci0oQWGeSxRZ5x3hf+yLyBy1ThtTyN9LmHrg+qoXLGDgjQN0qZwGyIzcwOO/W75/
TTt0Oosrv1kqQ4U2aLLxfQ/b2zNtq5n34t2WDx7f3Hc=
-----END CERTIFICATE-----
Generated at Thu Mar 26 15:54:39 2026 by rpki-client