Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/AV9c5f_5pMau9sx8UY9xlkty44k.roa
File: AV9c5f_5pMau9sx8UY9xlkty44k.roa (raw, json)
Hash identifier: R/+04o1JTkGf+0R7R8H6YzCpfa9QGyEFttIu2s1e6P8=
Subject key identifier: 01:5F:5C:E5:FF:F9:A4:C6:AE:F6:CC:7C:51:8F:71:96:4B:72:E3:89
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019EE02D5D67B246D6A2FA06D7E854EDAF25
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/AV9c5f_5pMau9sx8UY9xlkty44k.roa
Signing time: Fri 19 Jun 2026 13:58:49 +0000
ROA not before: Fri 19 Jun 2026 13:58:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 5.253.57.0/24 maxlen: 24
37.139.128.0/24 maxlen: 24
45.66.228.0/24 maxlen: 24
45.66.231.0/24 maxlen: 24
45.89.247.0/24 maxlen: 24
45.91.194.0/24 maxlen: 24
45.141.158.0/24 maxlen: 24
81.161.238.0/24 maxlen: 24
83.143.113.0/24 maxlen: 24
85.217.130.0/23 maxlen: 24
87.120.87.0/24 maxlen: 24
87.120.126.0/24 maxlen: 24
87.120.166.0/24 maxlen: 24
87.120.192.0/23 maxlen: 24
87.121.114.0/23 maxlen: 24
87.121.114.0/24 maxlen: 24
87.121.115.0/24 maxlen: 24
87.121.221.0/24 maxlen: 24
92.249.50.0/24 maxlen: 24
93.123.100.0/23 maxlen: 24
93.123.109.0/24 maxlen: 24
94.156.188.0/24 maxlen: 32
147.78.101.0/24 maxlen: 24
185.218.84.0/22 maxlen: 24
185.222.160.0/24 maxlen: 24
185.246.221.0/24 maxlen: 24
185.252.177.0/24 maxlen: 24
194.55.186.0/24 maxlen: 24
194.169.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 20 Jun 2026 13:58:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:e0:2d:5d:67:b2:46:d6:a2:fa:06:d7:e8:54:ed:af:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jun 19 13:58:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=015f5ce5fff9a4c6aef6cc7c518f71964b72e389
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:82:28:a4:70:6a:24:15:02:6a:a0:a8:2f:d5:
2a:0c:e7:51:0b:cc:0d:aa:16:ad:79:ae:01:c0:28:
f6:3b:5c:96:cf:0b:14:99:55:b9:9c:00:88:74:21:
34:18:4a:de:4b:2f:c4:b6:f9:0c:1b:7a:f0:4d:b3:
76:94:0d:61:13:f9:dd:11:0f:d2:54:25:f5:f9:e0:
f0:cd:b4:12:4b:7a:44:b7:12:f7:1c:4d:7c:1b:05:
80:84:60:a6:9b:a5:df:72:72:47:3b:57:54:fb:cd:
d7:c9:9b:63:0d:e9:6b:e2:7f:00:1b:a3:d1:04:d2:
0a:1d:e2:d7:7f:36:1c:36:d2:4a:f3:c0:9a:ca:52:
63:62:92:27:0f:89:7a:da:0a:a0:a9:40:a1:71:71:
78:13:1e:a4:01:49:fc:f5:3e:d5:6f:aa:00:fc:aa:
90:36:cc:5a:49:a9:b6:9a:6e:93:af:11:a7:2b:df:
7f:23:2a:c5:90:d2:b8:4e:9c:54:e3:f8:86:01:2c:
85:f4:fd:9f:6e:26:8c:6a:41:e5:74:e7:f2:c3:30:
07:cf:07:30:b6:2b:ac:39:90:41:38:eb:5b:40:6e:
4a:48:f5:36:06:aa:3c:5f:fc:9c:ee:f9:d2:80:da:
56:c8:40:a1:0f:f5:b7:30:ad:b0:01:e5:b5:44:c4:
e3:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:5F:5C:E5:FF:F9:A4:C6:AE:F6:CC:7C:51:8F:71:96:4B:72:E3:89
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/AV9c5f_5pMau9sx8UY9xlkty44k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.57.0/24
37.139.128.0/24
45.66.228.0/24
45.66.231.0/24
45.89.247.0/24
45.91.194.0/24
45.141.158.0/24
81.161.238.0/24
83.143.113.0/24
85.217.130.0/23
87.120.87.0/24
87.120.126.0/24
87.120.166.0/24
87.120.192.0/23
87.121.114.0/23
87.121.221.0/24
92.249.50.0/24
93.123.100.0/23
93.123.109.0/24
94.156.188.0/24
147.78.101.0/24
185.218.84.0/22
185.222.160.0/24
185.246.221.0/24
185.252.177.0/24
194.55.186.0/24
194.169.175.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:19:33:6a:da:e0:84:cb:28:23:41:67:73:a4:61:40:e0:db:
4c:31:46:dc:4c:52:6b:5f:15:46:85:36:0d:d4:c0:ca:75:cf:
1d:4c:dd:78:38:06:90:e4:84:f3:90:2a:e9:c1:07:20:59:2d:
dd:27:91:b7:c9:ec:1d:21:60:f9:76:5d:0b:4e:3f:81:c8:bf:
3d:3b:de:06:b4:2b:74:2c:aa:ba:9a:17:d7:f8:07:41:30:22:
e0:8f:cc:d5:32:0a:be:18:f3:f3:27:69:b4:d5:2b:d8:7b:5c:
05:05:4c:60:7c:11:19:24:5d:d3:15:8a:4d:75:1d:ed:65:5e:
4c:ea:5f:c6:50:04:50:20:8e:0a:19:e5:3b:75:3d:5b:30:de:
d8:7b:40:e9:d7:96:d6:b4:c9:a9:a0:14:9b:f1:86:64:ef:65:
f5:0a:97:13:8b:f3:af:90:d7:07:78:43:e0:2d:45:6c:86:42:
a1:3e:2b:2a:69:3d:74:90:20:87:81:13:ae:63:4e:5c:28:fa:
ec:e1:d4:d4:c6:89:7d:d0:4c:69:c7:8c:b9:22:20:76:81:31:
2c:19:9c:f8:22:19:90:1f:af:ef:b9:a7:e8:f2:50:02:63:2c:
4d:9c:2e:4b:c4:60:f5:ce:62:a5:d3:31:0f:4b:fa:79:d3:94:
9a:e2:7c:cc
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgISAZ7gLV1nskbWovoG1+hU7a8lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjYwNjE5MTM1ODQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTVmNWNlNWZmZjlhNGM2YWVmNmNjN2M1MThmNzE5NjRiNzJlMzg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+YIopHBqJBUCaqCoL9UqDOdRC8wN
qhatea4BwCj2O1yWzwsUmVW5nACIdCE0GEreSy/EtvkMG3rwTbN2lA1hE/ndEQ/S
VCX1+eDwzbQSS3pEtxL3HE18GwWAhGCmm6XfcnJHO1dU+83XyZtjDelr4n8AG6PR
BNIKHeLXfzYcNtJK88CaylJjYpInD4l62gqgqUChcXF4Ex6kAUn89T7Vb6oA/KqQ
NsxaSam2mm6TrxGnK99/IyrFkNK4TpxU4/iGASyF9P2fbiaMakHldOfywzAHzwcw
tiusOZBBOOtbQG5KSPU2Bqo8X/yc7vnSgNpWyEChD/W3MK2wAeW1RMTjVQIDAQAB
o4ICqjCCAqYwHQYDVR0OBBYEFAFfXOX/+aTGrvbMfFGPcZZLcuOJMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvQVY5YzVmXzVwTWF1OXN4OFVZOXhsa3R5NDRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG/BggrBgEFBQcBBwEB/wSBrzCBrDCBqQQCAAEwgaIDBAAF
/TkDBAAli4ADBAAtQuQDBAAtQucDBAAtWfcDBAAtW8IDBAAtjZ4DBABRoe4DBABT
j3EDBAFV2YIDBABXeFcDBABXeH4DBABXeKYDBAFXeMADBAFXeXIDBABXed0DBABc
+TIDBAFde2QDBABde20DBABenLwDBACTTmUDBAK52lQDBAC53qADBAC59t0DBAC5
/LEDBADCN7oDBADCqa8wDQYJKoZIhvcNAQELBQADggEBAF8ZM2ra4ITLKCNBZ3Ok
YUDg20wxRtxMUmtfFUaFNg3UwMp1zx1M3Xg4BpDkhPOQKunBByBZLd0nkbfJ7B0h
YPl2XQtOP4HIvz073ga0K3QsqrqaF9f4B0EwIuCPzNUyCr4Y8/MnabTVK9h7XAUF
TGB8ERkkXdMVik11He1lXkzqX8ZQBFAgjgoZ5Tt1PVsw3th7QOnXlta0yamgFJvx
hmTvZfUKlxOL86+Q1wd4Q+AtRWyGQqE+KyppPXSQIIeBE65jTlwo+uzh1NTGiX3Q
TGnHjLkiIHaBMSwZnPgiGZAfr++5p+jyUAJjLE2cLkvEYPXOYqXTMQ9L+nnTlJri
fMw=
-----END CERTIFICATE-----
Generated at Fri Jun 19 22:49:39 2026 by rpki-client