Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/57e08c-ca3a-4099-ae74-e7daec194a69/1/cH5zbNz1Wh4pKh9CZsUewwJjPYc.roa
File: cH5zbNz1Wh4pKh9CZsUewwJjPYc.roa (raw, json)
Hash identifier: o7xAeOganmOKEfHkamPKsHaW6ANhyRw4vYPfGEPHmXY=
Subject key identifier: 70:7E:73:6C:DC:F5:5A:1E:29:2A:1F:42:66:C5:1E:C3:02:63:3D:87
Certificate issuer: /CN=25776c77f8ebe7094ca007ace1a9c0bfdc2b3aec
Certificate serial: 019D1E7776FD7332C58304BFF9DBA0B16263
Authority key identifier: 25:77:6C:77:F8:EB:E7:09:4C:A0:07:AC:E1:A9:C0:BF:DC:2B:3A:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JXdsd_jr5wlMoAes4anAv9wrOuw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/57e08c-ca3a-4099-ae74-e7daec194a69/1/cH5zbNz1Wh4pKh9CZsUewwJjPYc.roa
Signing time: Tue 24 Mar 2026 06:10:38 +0000
ROA not before: Tue 24 Mar 2026 06:10:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 21859
IP address blocks: 23.90.128.0/18 maxlen: 24
94.154.120.0/24 maxlen: 24
104.166.128.0/18 maxlen: 24
185.207.112.0/22 maxlen: 24
192.169.96.0/19 maxlen: 24
192.169.104.0/22 maxlen: 24
193.118.32.0/19 maxlen: 24
193.118.96.0/19 maxlen: 19
199.182.232.0/21 maxlen: 24
2a0b:21c0::/29 maxlen: 48
2a0b:21c1:602d::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/57e08c-ca3a-4099-ae74-e7daec194a69/1/JXdsd_jr5wlMoAes4anAv9wrOuw.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/57e08c-ca3a-4099-ae74-e7daec194a69/1/JXdsd_jr5wlMoAes4anAv9wrOuw.mft
rsync://rpki.ripe.net/repository/DEFAULT/JXdsd_jr5wlMoAes4anAv9wrOuw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:1e:77:76:fd:73:32:c5:83:04:bf:f9:db:a0:b1:62:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25776c77f8ebe7094ca007ace1a9c0bfdc2b3aec
Validity
Not Before: Mar 24 06:10:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=707e736cdcf55a1e292a1f4266c51ec302633d87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:ba:d7:14:11:15:3b:64:ce:12:40:d4:17:29:
11:9a:d4:9c:80:16:8b:95:82:d0:82:57:2f:03:84:
fd:8d:79:4d:6c:4d:99:fe:74:8d:e7:1e:ee:db:24:
06:b0:30:f9:c8:86:d2:68:f1:6d:f8:25:64:14:fd:
95:4b:2c:1a:4a:5b:ef:dc:10:77:f9:e5:31:bf:89:
48:86:50:50:4f:e7:2c:86:96:d9:d6:40:1e:af:4b:
9c:68:a2:91:20:1e:ad:e8:52:09:ed:75:7a:f3:02:
f0:e2:f8:26:9e:9e:77:19:d8:0c:fd:12:e1:7e:3d:
88:d3:ce:2d:6e:3e:ce:3c:8a:38:3f:64:1e:48:ab:
51:46:e3:14:08:d9:fb:f3:74:d4:85:cf:d1:a2:03:
d1:e1:c0:87:b9:73:4f:ba:58:ca:39:49:6b:a4:47:
9a:da:d3:53:d8:28:3c:64:14:d2:8d:e5:b6:32:69:
0b:53:8c:6b:da:df:7b:6f:f5:26:9e:07:95:b6:b0:
7c:cd:8a:72:b1:62:a2:02:ec:7e:05:b1:57:a7:81:
b5:f1:b3:d9:aa:f0:c1:43:98:d0:2d:0b:1b:cf:81:
e8:d3:96:36:62:ae:19:0b:66:68:ef:dd:66:99:8f:
61:ff:82:12:5b:bc:1d:d4:4b:91:a6:db:78:74:a1:
ea:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:7E:73:6C:DC:F5:5A:1E:29:2A:1F:42:66:C5:1E:C3:02:63:3D:87
X509v3 Authority Key Identifier:
keyid:25:77:6C:77:F8:EB:E7:09:4C:A0:07:AC:E1:A9:C0:BF:DC:2B:3A:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JXdsd_jr5wlMoAes4anAv9wrOuw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/57e08c-ca3a-4099-ae74-e7daec194a69/1/cH5zbNz1Wh4pKh9CZsUewwJjPYc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/57e08c-ca3a-4099-ae74-e7daec194a69/1/JXdsd_jr5wlMoAes4anAv9wrOuw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
23.90.128.0/18
94.154.120.0/24
104.166.128.0/18
185.207.112.0/22
192.169.96.0/19
193.118.32.0/19
193.118.96.0/19
199.182.232.0/21
IPv6:
2a0b:21c0::/29
Signature Algorithm: sha256WithRSAEncryption
86:ac:4d:22:70:4d:7a:80:4e:41:f8:df:df:ca:5f:13:cc:de:
83:d5:0d:cc:36:ea:fc:32:0f:67:6b:5c:65:9a:e6:80:89:43:
bf:73:9c:5f:46:c7:ca:90:c2:79:38:b5:12:1d:eb:74:77:19:
2d:9e:f3:cd:b3:c9:43:19:d5:c3:a0:6e:87:02:28:5c:5f:c3:
a0:35:f2:2d:d9:5d:dd:4a:61:86:a9:3c:f8:47:b2:a3:0e:bc:
51:ff:4f:52:61:29:7b:e4:ed:c3:4a:5b:2a:a7:4d:d5:1c:42:
0c:c0:96:da:b0:8c:30:d4:de:d5:58:24:14:88:6d:c0:f0:69:
f6:db:59:d1:97:7c:28:18:bb:43:7f:7e:9b:ac:92:ab:0c:30:
16:f3:c1:cc:01:49:78:ff:bb:61:b9:52:57:6d:1c:82:cd:7e:
1c:16:4b:0a:6c:91:8a:d1:3c:93:56:b5:d8:1c:a6:e0:2e:6d:
dd:e0:c5:05:73:31:fa:69:b1:25:6e:ee:ea:19:7b:13:71:0c:
68:2a:4c:9f:ce:b8:41:7b:79:e6:7d:57:e9:17:92:a6:9b:ad:
63:f7:61:7b:2d:64:95:0a:45:fe:1a:95:83:e6:eb:e9:ac:2e:
8c:40:cf:2a:1a:ad:8e:34:c0:a3:1e:21:86:c7:99:18:7d:4f:
a2:b3:0a:f2
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZ0ed3b9czLFgwS/+dugsWJjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1Nzc2Yzc3ZjhlYmU3MDk0Y2EwMDdhY2UxYTljMGJmZGMy
YjNhZWMwHhcNMjYwMzI0MDYxMDM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDdlNzM2Y2RjZjU1YTFlMjkyYTFmNDI2NmM1MWVjMzAyNjMzZDg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvbrXFBEVO2TOEkDUFykRmtScgBaL
lYLQglcvA4T9jXlNbE2Z/nSN5x7u2yQGsDD5yIbSaPFt+CVkFP2VSywaSlvv3BB3
+eUxv4lIhlBQT+cshpbZ1kAer0ucaKKRIB6t6FIJ7XV68wLw4vgmnp53GdgM/RLh
fj2I084tbj7OPIo4P2QeSKtRRuMUCNn783TUhc/RogPR4cCHuXNPuljKOUlrpEea
2tNT2Cg8ZBTSjeW2MmkLU4xr2t97b/UmngeVtrB8zYpysWKiAux+BbFXp4G18bPZ
qvDBQ5jQLQsbz4Ho05Y2Yq4ZC2Zo791mmY9h/4ISW7wd1EuRptt4dKHqJwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFHB+c2zc9VoeKSofQmbFHsMCYz2HMB8GA1UdIwQY
MBaAFCV3bHf46+cJTKAHrOGpwL/cKzrsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlhkc2RfanI1d2xNb0FlczRhbkF2OXdyT3V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS81N2UwOGMtY2EzYS00MDk5LWFlNzQt
ZTdkYWVjMTk0YTY5LzEvY0g1emJOejFXaDRwS2g5Q1pzVWV3d0pqUFljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS81N2UwOGMtY2EzYS00MDk5LWFlNzQtZTdkYWVjMTk0YTY5
LzEvSlhkc2RfanI1d2xNb0FlczRhbkF2OXdyT3V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQGF1qAAwQA
Xpp4AwQGaKaAAwQCuc9wAwQFwKlgAwQFwXYgAwQFwXZgAwQDx7boMA0EAgACMAcD
BQMqCyHAMA0GCSqGSIb3DQEBCwUAA4IBAQCGrE0icE16gE5B+N/fyl8TzN6D1Q3M
Nur8Mg9na1xlmuaAiUO/c5xfRsfKkMJ5OLUSHet0dxktnvPNs8lDGdXDoG6HAihc
X8OgNfIt2V3dSmGGqTz4R7KjDrxR/09SYSl75O3DSlsqp03VHEIMwJbasIww1N7V
WCQUiG3A8Gn221nRl3woGLtDf36brJKrDDAW88HMAUl4/7thuVJXbRyCzX4cFksK
bJGK0TyTVrXYHKbgLm3d4MUFczH6abElbu7qGXsTcQxoKkyfzrhBe3nmfVfpF5Km
m61j92F7LWSVCkX+GpWD5uvprC6MQM8qGq2ONMCjHiGGx5kYfU+iswry
-----END CERTIFICATE-----
Generated at Thu Mar 26 08:18:36 2026 by rpki-client