Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/RaSDCVs_3yb1Ag2Siqma7OPDTfI.roa
File: RaSDCVs_3yb1Ag2Siqma7OPDTfI.roa (raw, json)
Hash identifier: 1BDwjFvUC8jAom6YokpKMPw9vBJY33AEAijvzVkLCbY=
Subject key identifier: 45:A4:83:09:5B:3F:DF:26:F5:02:0D:92:8A:A9:9A:EC:E3:C3:4D:F2
Certificate issuer: /CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Certificate serial: 019D04626217AA771610DB336ECC9A258CF9
Authority key identifier: 92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/RaSDCVs_3yb1Ag2Siqma7OPDTfI.roa
Signing time: Thu 19 Mar 2026 04:37:29 +0000
ROA not before: Thu 19 Mar 2026 04:37:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 136787
IP address blocks: 5.44.248.0/24 maxlen: 24
36.255.188.0/24 maxlen: 24
36.255.189.0/24 maxlen: 24
36.255.190.0/24 maxlen: 24
36.255.191.0/24 maxlen: 24
45.94.232.0/24 maxlen: 24
45.94.233.0/24 maxlen: 24
45.94.234.0/24 maxlen: 24
45.94.235.0/24 maxlen: 24
45.143.68.0/24 maxlen: 24
45.143.69.0/24 maxlen: 24
45.143.70.0/24 maxlen: 24
45.143.71.0/24 maxlen: 24
45.157.124.0/22 maxlen: 24
45.157.124.0/24 maxlen: 24
45.157.125.0/24 maxlen: 24
45.157.126.0/24 maxlen: 24
45.157.127.0/24 maxlen: 24
83.150.240.0/24 maxlen: 24
83.150.241.0/24 maxlen: 24
83.150.242.0/24 maxlen: 24
83.150.243.0/24 maxlen: 24
87.239.254.0/24 maxlen: 24
95.181.216.0/24 maxlen: 24
95.181.217.0/24 maxlen: 24
95.181.218.0/24 maxlen: 24
95.181.219.0/24 maxlen: 24
103.53.82.0/24 maxlen: 24
103.53.83.0/24 maxlen: 24
103.225.200.0/24 maxlen: 24
103.225.201.0/24 maxlen: 24
103.225.202.0/24 maxlen: 24
103.225.203.0/24 maxlen: 24
167.160.122.0/24 maxlen: 24
167.160.123.0/24 maxlen: 24
167.160.124.0/24 maxlen: 24
167.160.125.0/24 maxlen: 24
167.160.126.0/24 maxlen: 24
167.160.127.0/24 maxlen: 24
171.22.252.0/24 maxlen: 24
185.46.116.0/24 maxlen: 24
185.46.117.0/24 maxlen: 24
185.46.240.0/24 maxlen: 24
185.46.241.0/24 maxlen: 24
185.46.242.0/24 maxlen: 24
185.46.243.0/24 maxlen: 24
185.75.208.0/24 maxlen: 24
185.75.209.0/24 maxlen: 24
185.75.210.0/24 maxlen: 24
185.75.211.0/24 maxlen: 24
185.201.190.0/24 maxlen: 24
185.253.68.0/24 maxlen: 24
185.253.69.0/24 maxlen: 24
185.253.70.0/24 maxlen: 24
185.253.71.0/24 maxlen: 24
193.108.242.0/24 maxlen: 24
193.108.243.0/24 maxlen: 24
193.201.248.0/24 maxlen: 24
193.201.249.0/24 maxlen: 24
193.201.250.0/24 maxlen: 24
193.201.251.0/24 maxlen: 24
194.32.106.0/24 maxlen: 24
194.36.96.0/24 maxlen: 24
194.36.97.0/24 maxlen: 24
194.36.98.0/24 maxlen: 24
194.36.99.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.mft
rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:04:62:62:17:aa:77:16:10:db:33:6e:cc:9a:25:8c:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Validity
Not Before: Mar 19 04:37:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=45a483095b3fdf26f5020d928aa99aece3c34df2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:e6:59:48:b5:f0:2a:0a:9e:57:3d:77:31:61:
01:58:2c:50:a3:69:43:38:73:67:e1:5d:ce:1f:4f:
d4:8f:95:50:2a:e5:27:1f:15:d6:4f:66:4c:f4:c7:
a1:52:d6:4a:c4:c8:34:15:58:b6:e5:2b:10:69:81:
5d:3e:46:20:25:8f:2d:22:fe:c4:2f:14:dd:cc:19:
9c:64:69:58:47:64:bd:58:a9:77:15:17:b6:12:d5:
6b:b0:83:6d:17:74:4b:0d:14:33:19:3e:90:95:1a:
c2:64:3b:4b:da:8a:56:90:f4:0c:2d:4e:e6:fa:a2:
60:dd:a0:40:32:45:26:98:ab:7a:52:76:5d:06:b8:
c0:7c:6b:b8:13:26:fb:e3:5b:73:bf:0e:63:64:6a:
b0:b2:59:8d:66:e7:e4:93:a8:44:1f:39:44:d4:b3:
d3:36:4b:e0:36:68:85:9d:54:28:2f:28:0b:b8:df:
7c:b3:77:7c:dc:bf:b6:c6:d2:a4:1a:5d:72:4a:ac:
e7:7f:f0:a8:d6:6b:3a:5a:20:00:d0:9d:4c:53:6b:
d9:b8:ec:ef:38:64:a9:92:d6:34:ea:14:10:fc:98:
a7:8c:6c:67:fe:12:2d:7a:8f:92:c0:86:b5:73:73:
53:76:a3:0a:4e:40:36:4a:2e:84:ad:74:dc:7c:f8:
df:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:A4:83:09:5B:3F:DF:26:F5:02:0D:92:8A:A9:9A:EC:E3:C3:4D:F2
X509v3 Authority Key Identifier:
keyid:92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/RaSDCVs_3yb1Ag2Siqma7OPDTfI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.248.0/24
36.255.188.0/22
45.94.232.0/22
45.143.68.0/22
45.157.124.0/22
83.150.240.0/22
87.239.254.0/24
95.181.216.0/22
103.53.82.0/23
103.225.200.0/22
167.160.122.0-167.160.127.255
171.22.252.0/24
185.46.116.0/23
185.46.240.0/22
185.75.208.0/22
185.201.190.0/24
185.253.68.0/22
193.108.242.0/23
193.201.248.0/22
194.32.106.0/24
194.36.96.0/22
Signature Algorithm: sha256WithRSAEncryption
0e:1e:3c:a5:80:95:c1:a8:8f:26:d0:76:0b:20:72:ae:73:b3:
6e:14:7e:e0:0d:db:0f:1f:2c:8f:9a:48:df:31:c9:33:e0:b0:
f5:53:d6:74:68:cb:3c:88:13:9f:a9:86:54:51:bb:30:cc:2a:
d4:b4:d8:d6:a8:19:7f:d9:31:d8:4e:0a:dd:3b:4f:eb:80:1b:
15:fe:31:77:fa:5a:b5:7d:f8:2c:7a:3c:1f:9f:49:1f:6a:46:
7e:0e:f2:51:94:88:58:2e:89:88:15:e6:b1:41:1b:42:69:d4:
04:11:6c:17:1d:b1:90:c4:51:b0:b8:fd:fa:35:01:2b:4c:fa:
95:9f:5c:54:5c:0e:a0:9f:32:c0:e0:9f:92:48:95:05:46:7c:
b8:69:2d:5f:8a:66:8a:73:7c:b7:2b:dc:b0:ba:d4:23:cf:ad:
17:d8:66:53:76:9e:fa:12:ac:a6:6e:c9:04:b3:36:f3:59:55:
30:03:42:ee:5f:58:c0:cb:96:01:f8:38:18:67:2e:20:1c:f6:
f0:4c:0a:ba:60:23:cb:d7:24:b4:38:06:3c:40:81:25:33:7f:
e7:c7:13:e1:fa:f1:7f:cb:26:82:70:68:c0:cc:54:0e:a4:7b:
3e:8a:13:2c:d9:1d:17:4f:3d:e9:b0:03:a7:2c:da:9c:7d:46:
5b:95:54:4e
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgISAZ0EYmIXqncWENszbsyaJYz5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMjIwOGI0N2I2YTg2NGQ5ZDFmZjMzZTA2YWE4MWQxMzgx
OWE3NGUwHhcNMjYwMzE5MDQzNzI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWE0ODMwOTViM2ZkZjI2ZjUwMjBkOTI4YWE5OWFlY2UzYzM0ZGYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2OZZSLXwKgqeVz13MWEBWCxQo2lD
OHNn4V3OH0/Uj5VQKuUnHxXWT2ZM9MehUtZKxMg0FVi25SsQaYFdPkYgJY8tIv7E
LxTdzBmcZGlYR2S9WKl3FRe2EtVrsINtF3RLDRQzGT6QlRrCZDtL2opWkPQMLU7m
+qJg3aBAMkUmmKt6UnZdBrjAfGu4Eyb741tzvw5jZGqwslmNZufkk6hEHzlE1LPT
NkvgNmiFnVQoLygLuN98s3d83L+2xtKkGl1ySqznf/Co1ms6WiAA0J1MU2vZuOzv
OGSpktY06hQQ/JinjGxn/hIteo+SwIa1c3NTdqMKTkA2Si6ErXTcfPjfRwIDAQAB
o4ICjjCCAoowHQYDVR0OBBYEFEWkgwlbP98m9QINkoqpmuzjw03yMB8GA1UdIwQY
MBaAFJIiCLR7aoZNnR/zPgaqgdE4GadOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTct
OTViMDhlMzY2MGNmLzEvUmFTRENWc18zeWIxQWcyU2lxbWE3T1BEVGZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTctOTViMDhlMzY2MGNm
LzEva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGjBggrBgEFBQcBBwEB/wSBkzCBkDCBjQQCAAEwgYYDBAAF
LPgDBAIk/7wDBAItXugDBAItj0QDBAItnXwDBAJTlvADBABX7/4DBAJftdgDBAFn
NVIDBAJn4cgwDAMEAaegegMEB6egAAMEAKsW/AMEAbkudAMEArku8AMEArlL0AME
ALnJvgMEArn9RAMEAcFs8gMEAsHJ+AMEAMIgagMEAsIkYDANBgkqhkiG9w0BAQsF
AAOCAQEADh48pYCVwaiPJtB2CyByrnOzbhR+4A3bDx8sj5pI3zHJM+Cw9VPWdGjL
PIgTn6mGVFG7MMwq1LTY1qgZf9kx2E4K3TtP64AbFf4xd/patX34LHo8H59JH2pG
fg7yUZSIWC6JiBXmsUEbQmnUBBFsFx2xkMRRsLj9+jUBK0z6lZ9cVFwOoJ8ywOCf
kkiVBUZ8uGktX4pminN8tyvcsLrUI8+tF9hmU3ae+hKspm7JBLM281lVMANC7l9Y
wMuWAfg4GGcuIBz28EwKumAjy9cktDgGPECBJTN/58cT4frxf8smgnBowMxUDqR7
PooTLNkdF0896bADpyzanH1GW5VUTg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 10:46:19 2026 by rpki-client