Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/5eb212-46f5-438c-8672-1fa78018a6e9/1/G5eQXu5H__QhEkQxf42-4uqMKhw.roa
File: G5eQXu5H__QhEkQxf42-4uqMKhw.roa (raw, json)
Hash identifier: zH3RuDSSRJhuo5vyXWEf9sITlhQIFjIKWux7GYGzXfk=
Subject key identifier: 1B:97:90:5E:EE:47:FF:F4:21:12:44:31:7F:8D:BE:E2:EA:8C:2A:1C
Certificate issuer: /CN=2d1c16f7ea710af45e2b3a11e628a38ce67bc7a5
Certificate serial: 019CFB7AB7E00DB8AC887B965B9FBCEFB520
Authority key identifier: 2D:1C:16:F7:EA:71:0A:F4:5E:2B:3A:11:E6:28:A3:8C:E6:7B:C7:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRwW9-pxCvReKzoR5iijjOZ7x6U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/5eb212-46f5-438c-8672-1fa78018a6e9/1/G5eQXu5H__QhEkQxf42-4uqMKhw.roa
Signing time: Tue 17 Mar 2026 11:07:29 +0000
ROA not before: Tue 17 Mar 2026 11:07:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 51791
IP address blocks: 153.56.128.0/24 maxlen: 24
153.56.129.0/24 maxlen: 24
153.56.130.0/24 maxlen: 24
2a11:1fc0::/48 maxlen: 48
2a11:1fc0:2::/48 maxlen: 48
2a11:1fc0:3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/5eb212-46f5-438c-8672-1fa78018a6e9/1/LRwW9-pxCvReKzoR5iijjOZ7x6U.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/5eb212-46f5-438c-8672-1fa78018a6e9/1/LRwW9-pxCvReKzoR5iijjOZ7x6U.mft
rsync://rpki.ripe.net/repository/DEFAULT/LRwW9-pxCvReKzoR5iijjOZ7x6U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 16:32:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:fb:7a:b7:e0:0d:b8:ac:88:7b:96:5b:9f:bc:ef:b5:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1c16f7ea710af45e2b3a11e628a38ce67bc7a5
Validity
Not Before: Mar 17 11:07:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1b97905eee47fff4211244317f8dbee2ea8c2a1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:ac:8e:4f:e5:8c:e5:34:e2:e0:97:41:d8:95:
56:9f:08:94:ea:f1:74:d1:b5:e2:b2:ea:ea:4d:24:
ba:88:c3:5e:4d:1f:59:f8:30:b2:c8:2a:4e:bf:7d:
be:f2:b2:b4:75:6a:89:54:81:c5:f9:2c:3d:d2:2f:
eb:d2:ce:ed:82:3f:c7:67:a3:bc:6c:9e:af:20:ad:
ba:fc:f6:ce:a9:be:db:e4:92:84:44:b0:ec:a0:88:
19:25:e2:b3:fc:2e:5d:38:e7:9d:00:46:78:bd:a3:
e7:bf:ca:0a:02:2f:4c:d8:e5:e6:43:41:00:8c:71:
4c:3b:66:5c:e5:46:fb:73:1a:70:1f:7e:66:10:33:
9c:01:99:df:8e:23:e2:30:9b:17:1e:1f:eb:93:70:
f4:88:c6:ac:1b:96:42:07:63:b9:a6:cf:2a:f8:1e:
40:b7:35:f5:6b:c8:5e:5d:1a:64:2f:be:5b:5f:4f:
12:53:4c:53:9c:65:70:04:41:05:7e:dd:e3:73:7e:
e1:01:5b:a2:88:3b:f4:a3:16:2c:17:96:5b:4d:15:
38:62:ec:9d:d5:4a:23:59:31:a8:42:6d:34:f8:21:
4c:4f:8d:7a:e1:a3:55:dd:30:37:03:bb:14:d3:e0:
61:46:70:e6:a6:8d:b1:2e:a2:c5:4e:93:22:46:0a:
b9:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:97:90:5E:EE:47:FF:F4:21:12:44:31:7F:8D:BE:E2:EA:8C:2A:1C
X509v3 Authority Key Identifier:
keyid:2D:1C:16:F7:EA:71:0A:F4:5E:2B:3A:11:E6:28:A3:8C:E6:7B:C7:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRwW9-pxCvReKzoR5iijjOZ7x6U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/5eb212-46f5-438c-8672-1fa78018a6e9/1/G5eQXu5H__QhEkQxf42-4uqMKhw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/5eb212-46f5-438c-8672-1fa78018a6e9/1/LRwW9-pxCvReKzoR5iijjOZ7x6U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
153.56.128.0-153.56.130.255
IPv6:
2a11:1fc0::/48
2a11:1fc0:2::/47
Signature Algorithm: sha256WithRSAEncryption
21:d1:60:b7:dd:fa:71:82:b3:a2:83:95:b5:10:1f:4f:84:d3:
7d:59:b4:99:94:ff:56:2e:4a:44:ee:f7:fc:4b:02:c0:a1:31:
8b:8c:b6:60:ca:ce:71:41:c6:5e:77:f6:e4:24:54:91:d3:66:
3d:8a:7b:17:60:2b:5a:5f:ea:d0:59:d5:81:15:ef:cc:ac:95:
5e:94:88:16:22:63:c9:fb:f8:60:1a:02:a0:1a:6c:ea:5e:b1:
d2:0b:b6:40:a7:a4:00:c4:5d:41:02:0d:99:8e:91:0b:39:17:
6f:a8:a6:77:1c:48:9a:24:0b:5b:da:e3:d2:41:01:d1:49:8e:
97:33:b5:a6:3a:f8:3c:bf:6a:5d:59:d1:64:25:8b:d8:24:ac:
17:73:f9:21:2d:46:de:03:1e:77:33:63:e5:78:50:12:21:3a:
1b:26:de:6b:6b:25:fe:1d:2e:d6:21:df:01:2a:40:5f:45:7f:
a0:cd:1d:7a:cd:63:9f:30:31:cb:2c:e5:a4:96:dd:6f:90:ed:
06:03:45:a6:9b:6a:1b:e9:e9:d7:de:5e:05:6b:1b:fb:96:63:
36:2f:e7:ac:e1:35:8b:0c:6b:cb:55:76:39:d7:73:51:df:ff:
8d:c0:d0:54:d5:45:6d:c6:22:43:be:e2:9f:a1:32:13:99:f3:
e6:23:4f:4d
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZz7erfgDbisiHuWW5+877UgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWMxNmY3ZWE3MTBhZjQ1ZTJiM2ExMWU2MjhhMzhjZTY3
YmM3YTUwHhcNMjYwMzE3MTEwNzI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjk3OTA1ZWVlNDdmZmY0MjExMjQ0MzE3ZjhkYmVlMmVhOGMyYTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoayOT+WM5TTi4JdB2JVWnwiU6vF0
0bXisurqTSS6iMNeTR9Z+DCyyCpOv32+8rK0dWqJVIHF+Sw90i/r0s7tgj/HZ6O8
bJ6vIK26/PbOqb7b5JKERLDsoIgZJeKz/C5dOOedAEZ4vaPnv8oKAi9M2OXmQ0EA
jHFMO2Zc5Ub7cxpwH35mEDOcAZnfjiPiMJsXHh/rk3D0iMasG5ZCB2O5ps8q+B5A
tzX1a8heXRpkL75bX08SU0xTnGVwBEEFft3jc37hAVuiiDv0oxYsF5ZbTRU4Yuyd
1UojWTGoQm00+CFMT4164aNV3TA3A7sU0+BhRnDmpo2xLqLFTpMiRgq5bwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFBuXkF7uR//0IRJEMX+NvuLqjCocMB8GA1UdIwQY
MBaAFC0cFvfqcQr0Xis6EeYoo4zme8elMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ3VzktcHhDdlJlS3pvUjVpaWpqT1o3eDZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy81ZWIyMTItNDZmNS00MzhjLTg2NzIt
MWZhNzgwMThhNmU5LzEvRzVlUVh1NUhfX1FoRWtReGY0Mi00dXFNS2h3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy81ZWIyMTItNDZmNS00MzhjLTg2NzItMWZhNzgwMThhNmU5
LzEvTFJ3VzktcHhDdlJlS3pvUjVpaWpqT1o3eDZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAUBAIAATAOMAwDBAeZOIAD
BACZOIIwGAQCAAIwEgMHACoRH8AAAAMHASoRH8AAAjANBgkqhkiG9w0BAQsFAAOC
AQEAIdFgt936cYKzooOVtRAfT4TTfVm0mZT/Vi5KRO73/EsCwKExi4y2YMrOcUHG
Xnf25CRUkdNmPYp7F2ArWl/q0FnVgRXvzKyVXpSIFiJjyfv4YBoCoBps6l6x0gu2
QKekAMRdQQINmY6RCzkXb6imdxxImiQLW9rj0kEB0UmOlzO1pjr4PL9qXVnRZCWL
2CSsF3P5IS1G3gMedzNj5XhQEiE6Gybea2sl/h0u1iHfASpAX0V/oM0des1jnzAx
yyzlpJbdb5DtBgNFpptqG+np195eBWsb+5ZjNi/nrOE1iwxry1V2OddzUd//jcDQ
VNVFbcYiQ77in6EyE5nz5iNPTQ==
-----END CERTIFICATE-----
Generated at Fri Mar 27 02:08:24 2026 by rpki-client