Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/8fe7d8-017b-41aa-a91f-28b19e3fd4a6/1/5SXtHBB5BFneQMqj2EDpNe40EVI.roa
File: 5SXtHBB5BFneQMqj2EDpNe40EVI.roa (raw, json)
Hash identifier: 0hvZe+UE8KUQ5ssFw2L54mlrMIHhkbU4QyZiDgOh6DU=
Subject key identifier: E5:25:ED:1C:10:79:04:59:DE:40:CA:A3:D8:40:E9:35:EE:34:11:52
Certificate issuer: /CN=aca77c708af0ba1f81549c9f87089559390167a5
Certificate serial: 019DE4081A151E055D1A86C1BF800E51271F
Authority key identifier: AC:A7:7C:70:8A:F0:BA:1F:81:54:9C:9F:87:08:95:59:39:01:67:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rKd8cIrwuh-BVJyfhwiVWTkBZ6U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/8fe7d8-017b-41aa-a91f-28b19e3fd4a6/1/5SXtHBB5BFneQMqj2EDpNe40EVI.roa
Signing time: Fri 01 May 2026 14:53:49 +0000
ROA not before: Fri 01 May 2026 14:53:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 15830
IP address blocks: 88.84.128.0/21 maxlen: 24
88.84.136.0/21 maxlen: 24
88.84.144.0/21 maxlen: 24
88.84.152.0/21 maxlen: 24
89.202.0.0/17 maxlen: 24
193.110.116.0/22 maxlen: 24
217.68.144.0/20 maxlen: 24
217.79.208.0/20 maxlen: 24
2001:4c68::/32 maxlen: 48
2001:4c68:201::/48 maxlen: 48
2a02:20a8::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/8fe7d8-017b-41aa-a91f-28b19e3fd4a6/1/rKd8cIrwuh-BVJyfhwiVWTkBZ6U.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/8fe7d8-017b-41aa-a91f-28b19e3fd4a6/1/rKd8cIrwuh-BVJyfhwiVWTkBZ6U.mft
rsync://rpki.ripe.net/repository/DEFAULT/rKd8cIrwuh-BVJyfhwiVWTkBZ6U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 11:01:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:e4:08:1a:15:1e:05:5d:1a:86:c1:bf:80:0e:51:27:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aca77c708af0ba1f81549c9f87089559390167a5
Validity
Not Before: May 1 14:53:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e525ed1c10790459de40caa3d840e935ee341152
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:0f:ee:0e:4b:71:61:74:13:b1:af:8a:4e:a2:
24:09:97:fb:e4:fe:cd:da:7e:81:82:61:77:39:35:
c0:e8:3d:0b:dd:ca:49:22:24:3e:7b:ce:8c:3d:9c:
8b:8b:87:21:55:f0:09:5a:07:07:71:01:c2:ab:34:
58:2f:00:a3:bb:8c:b1:7e:de:64:86:b4:ad:ad:5f:
9a:ff:48:f2:d1:f1:5a:2f:9b:9d:48:80:0f:81:45:
ee:27:5d:a1:80:3e:3f:ba:25:1b:46:67:b0:1e:c0:
97:7d:37:e3:b8:ea:cd:d7:16:ba:14:c7:13:7d:52:
34:4b:ca:37:0b:d7:d2:77:0a:c8:3d:b7:b4:60:99:
62:95:15:8a:33:88:3d:34:bf:a8:f5:0a:34:b3:25:
7b:01:02:84:fc:49:fe:d4:38:51:77:a0:36:c4:a7:
c5:ee:1e:55:0e:79:06:c8:2f:ed:3d:a6:8b:ad:b8:
87:fa:1c:fe:d7:ce:49:e9:25:ad:cc:06:43:6c:2a:
7a:78:78:d2:32:37:1b:9b:0b:94:80:f0:79:92:fb:
50:19:b7:91:a0:11:9e:43:6c:a9:9f:b1:ad:f9:ce:
64:69:6d:81:b9:82:13:64:50:03:a5:da:e4:17:d3:
f1:ad:20:8c:49:a2:2c:6e:13:01:f2:10:ad:f2:18:
f2:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:25:ED:1C:10:79:04:59:DE:40:CA:A3:D8:40:E9:35:EE:34:11:52
X509v3 Authority Key Identifier:
keyid:AC:A7:7C:70:8A:F0:BA:1F:81:54:9C:9F:87:08:95:59:39:01:67:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rKd8cIrwuh-BVJyfhwiVWTkBZ6U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/8fe7d8-017b-41aa-a91f-28b19e3fd4a6/1/5SXtHBB5BFneQMqj2EDpNe40EVI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/8fe7d8-017b-41aa-a91f-28b19e3fd4a6/1/rKd8cIrwuh-BVJyfhwiVWTkBZ6U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.84.128.0/19
89.202.0.0/17
193.110.116.0/22
217.68.144.0/20
217.79.208.0/20
IPv6:
2001:4c68::/32
2a02:20a8::/29
Signature Algorithm: sha256WithRSAEncryption
46:a4:02:c8:0e:ec:69:01:f3:a8:c7:0d:0e:3e:29:6c:73:38:
85:22:47:44:62:e7:e8:89:a2:dc:0a:32:50:70:be:65:8f:e0:
67:b4:11:61:b0:0a:30:fb:5a:63:ce:f8:66:a9:96:b9:75:63:
d9:5e:2a:79:e6:9c:32:a1:db:ab:ef:27:ef:5f:21:58:b6:96:
fc:e1:75:fe:ea:d1:73:7e:d9:c0:d0:fb:4e:16:20:a8:c2:54:
a3:50:f1:68:89:94:c3:6d:2b:59:97:7f:b0:21:e5:88:c1:7f:
3e:d4:23:74:fb:b3:c1:6a:e0:80:4f:1d:83:a5:ab:aa:06:d5:
1d:9a:e6:e5:60:2e:32:df:f1:26:7b:58:75:78:05:3c:d7:e8:
1e:4b:32:f7:55:40:12:83:51:97:ee:e7:73:bd:93:99:c3:ee:
fb:b4:54:6e:e8:5f:13:1b:c1:31:07:c0:02:1a:32:58:62:78:
44:18:c4:e5:00:20:26:87:ae:de:3d:e6:2f:ad:83:f5:49:be:
6f:07:0e:b5:9a:b2:7c:f9:18:de:79:36:ac:d5:a2:30:74:05:
dd:28:3d:22:d2:7f:ca:c6:37:5c:83:ed:6a:c6:7a:dd:f2:83:
15:3b:47:79:d9:5f:91:c4:44:e1:30:ef:8e:20:e3:08:8c:50:
3c:57:f7:f1
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZ3kCBoVHgVdGobBv4AOUScfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjYTc3YzcwOGFmMGJhMWY4MTU0OWM5Zjg3MDg5NTU5Mzkw
MTY3YTUwHhcNMjYwNTAxMTQ1MzQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTI1ZWQxYzEwNzkwNDU5ZGU0MGNhYTNkODQwZTkzNWVlMzQxMTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArw/uDktxYXQTsa+KTqIkCZf75P7N
2n6BgmF3OTXA6D0L3cpJIiQ+e86MPZyLi4chVfAJWgcHcQHCqzRYLwCju4yxft5k
hrStrV+a/0jy0fFaL5udSIAPgUXuJ12hgD4/uiUbRmewHsCXfTfjuOrN1xa6FMcT
fVI0S8o3C9fSdwrIPbe0YJlilRWKM4g9NL+o9Qo0syV7AQKE/En+1DhRd6A2xKfF
7h5VDnkGyC/tPaaLrbiH+hz+185J6SWtzAZDbCp6eHjSMjcbmwuUgPB5kvtQGbeR
oBGeQ2ypn7Gt+c5kaW2BuYITZFADpdrkF9PxrSCMSaIsbhMB8hCt8hjykwIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFOUl7RwQeQRZ3kDKo9hA6TXuNBFSMB8GA1UdIwQY
MBaAFKynfHCK8LofgVScn4cIlVk5AWelMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcktkOGNJcnd1aC1CVkp5Zmh3aVZXVGtCWjZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS84ZmU3ZDgtMDE3Yi00MWFhLWE5MWYt
MjhiMTllM2ZkNGE2LzEvNVNYdEhCQjVCRm5lUU1xajJFRHBOZTQwRVZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS84ZmU3ZDgtMDE3Yi00MWFhLWE5MWYtMjhiMTllM2ZkNGE2
LzEvcktkOGNJcnd1aC1CVkp5Zmh3aVZXVGtCWjZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQFWFSAAwQH
WcoAAwQCwW50AwQE2USQAwQE2U/QMBQEAgACMA4DBQAgAUxoAwUDKgIgqDANBgkq
hkiG9w0BAQsFAAOCAQEARqQCyA7saQHzqMcNDj4pbHM4hSJHRGLn6Imi3AoyUHC+
ZY/gZ7QRYbAKMPtaY874ZqmWuXVj2V4qeeacMqHbq+8n718hWLaW/OF1/urRc37Z
wND7ThYgqMJUo1DxaImUw20rWZd/sCHliMF/PtQjdPuzwWrggE8dg6WrqgbVHZrm
5WAuMt/xJntYdXgFPNfoHksy91VAEoNRl+7nc72TmcPu+7RUbuhfExvBMQfAAhoy
WGJ4RBjE5QAgJoeu3j3mL62D9Um+bwcOtZqyfPkY3nk2rNWiMHQF3Sg9ItJ/ysY3
XIPtasZ63fKDFTtHedlfkcRE4TDvjiDjCIxQPFf38Q==
-----END CERTIFICATE-----
Generated at Tue May 12 21:47:54 2026 by rpki-client