Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/S5-CrQHToYtJbKH1pcCHBoCXS4M.roa
File: S5-CrQHToYtJbKH1pcCHBoCXS4M.roa (raw, json)
Hash identifier: VYYu211XTPv+jCorEGLOy8Uq9b2d8Jsfe8Ufjh67BZQ=
Subject key identifier: 4B:9F:82:AD:01:D3:A1:8B:49:6C:A1:F5:A5:C0:87:06:80:97:4B:83
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019D67B9DC31D1DB747D9873F3AA835AD734
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/S5-CrQHToYtJbKH1pcCHBoCXS4M.roa
Signing time: Tue 07 Apr 2026 11:35:26 +0000
ROA not before: Tue 07 Apr 2026 11:35:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 50053
IP address blocks: 45.128.96.0/24 maxlen: 24
45.128.232.0/24 maxlen: 24
45.144.154.0/24 maxlen: 24
45.149.234.0/24 maxlen: 24
79.110.48.0/24 maxlen: 24
185.222.161.0/24 maxlen: 24
193.222.97.0/24 maxlen: 24
194.31.204.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 Apr 2026 11:35:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:67:b9:dc:31:d1:db:74:7d:98:73:f3:aa:83:5a:d7:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 7 11:35:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4b9f82ad01d3a18b496ca1f5a5c0870680974b83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:4f:4f:dc:74:fb:9b:d1:f8:c5:05:ff:0a:d3:
97:01:18:71:13:1c:87:9b:93:a6:8e:3a:23:76:25:
53:2e:d3:89:65:15:9b:77:80:6c:e9:1a:ba:62:80:
2e:96:e7:90:9d:c4:6f:7c:88:0f:a1:76:ef:72:ce:
96:fd:c9:d0:9a:c4:f6:f2:62:1f:9e:df:dd:e7:9b:
8f:21:ba:f4:e9:66:00:16:0b:95:9f:c0:8c:2b:11:
48:3c:c4:51:b3:ef:ea:f2:66:17:8a:71:ee:23:7b:
1a:6a:62:8a:af:1f:f0:99:26:e4:45:f3:8d:6e:36:
9a:df:8c:b9:19:8e:ee:ae:dc:5a:d4:a9:b5:04:50:
be:94:11:ac:17:ae:ec:51:10:aa:25:c2:e7:c3:98:
dc:5a:80:bb:03:df:8e:00:35:96:3d:82:11:cd:bb:
0c:3a:f1:e9:f7:50:b7:29:04:c7:98:dd:c7:fc:28:
e7:56:79:6d:03:bf:d6:5a:32:03:a4:15:9b:9d:44:
bb:d3:27:1d:2a:c3:23:32:19:7e:8d:d3:ee:a4:74:
9c:f1:15:50:74:f8:c1:de:95:d8:29:ae:9a:39:6b:
20:a1:44:89:3d:3a:0f:f7:cc:c0:df:11:3b:21:8f:
46:ea:8e:4a:31:8d:51:84:d5:cb:e7:91:e9:e2:51:
44:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:9F:82:AD:01:D3:A1:8B:49:6C:A1:F5:A5:C0:87:06:80:97:4B:83
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/S5-CrQHToYtJbKH1pcCHBoCXS4M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.96.0/24
45.128.232.0/24
45.144.154.0/24
45.149.234.0/24
79.110.48.0/24
185.222.161.0/24
193.222.97.0/24
194.31.204.0/24
Signature Algorithm: sha256WithRSAEncryption
11:c9:01:0d:7e:1f:46:05:b2:99:d7:69:fa:71:5d:33:48:2b:
23:45:3f:7e:de:45:bd:3d:62:3e:e6:ad:fe:0e:02:c4:89:be:
b3:2d:48:40:cf:9b:b2:ab:7d:3b:14:48:ac:6d:81:b9:43:f8:
c3:1e:8e:01:87:eb:4e:45:f3:31:66:e2:ca:62:08:a2:30:86:
0d:b3:64:1f:5c:b1:19:3d:e4:7a:9a:2f:c5:50:83:07:dc:f7:
c4:31:a7:7d:c5:f3:3f:64:94:3d:4b:84:73:6d:a8:f5:d0:16:
7f:fd:cb:43:0b:33:22:8c:93:db:d5:e3:54:f5:ec:08:cd:62:
1d:a0:e7:59:8a:b8:9f:68:4d:42:96:54:84:00:b8:c3:39:0d:
eb:7b:15:92:ad:2b:ee:9f:37:ba:e1:7a:5f:70:b8:90:40:86:
82:0e:1e:52:e5:60:a4:82:0b:f6:bb:7e:8a:4f:ef:d0:dc:4d:
81:47:9d:8d:8a:e6:a4:4b:67:78:c6:de:1d:06:be:63:f9:ba:
dd:b9:c1:02:db:26:44:fa:37:93:50:37:08:b4:7f:9c:e7:6e:
27:13:37:1f:c9:9c:da:d2:fa:13:01:97:95:5d:57:2e:36:e8:
22:0a:bd:2a:4c:61:d4:52:59:01:8b:d9:4a:52:b3:e2:cf:bb:
0f:11:e8:97
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZ1nudwx0dt0fZhz86qDWtc0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjYwNDA3MTEzNTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjlmODJhZDAxZDNhMThiNDk2Y2ExZjVhNWMwODcwNjgwOTc0YjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjk9P3HT7m9H4xQX/CtOXARhxExyH
m5OmjjojdiVTLtOJZRWbd4Bs6Rq6YoAulueQncRvfIgPoXbvcs6W/cnQmsT28mIf
nt/d55uPIbr06WYAFguVn8CMKxFIPMRRs+/q8mYXinHuI3saamKKrx/wmSbkRfON
bjaa34y5GY7urtxa1Km1BFC+lBGsF67sURCqJcLnw5jcWoC7A9+OADWWPYIRzbsM
OvHp91C3KQTHmN3H/CjnVnltA7/WWjIDpBWbnUS70ycdKsMjMhl+jdPupHSc8RVQ
dPjB3pXYKa6aOWsgoUSJPToP98zA3xE7IY9G6o5KMY1RhNXL55Hp4lFEfQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFEufgq0B06GLSWyh9aXAhwaAl0uDMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvUzUtQ3JRSFRvWXRKYktIMXBjQ0hCb0NYUzRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALYBgAwQA
LYDoAwQALZCaAwQALZXqAwQAT24wAwQAud6hAwQAwd5hAwQAwh/MMA0GCSqGSIb3
DQEBCwUAA4IBAQARyQENfh9GBbKZ12n6cV0zSCsjRT9+3kW9PWI+5q3+DgLEib6z
LUhAz5uyq307FEisbYG5Q/jDHo4Bh+tORfMxZuLKYgiiMIYNs2QfXLEZPeR6mi/F
UIMH3PfEMad9xfM/ZJQ9S4Rzbaj10BZ//ctDCzMijJPb1eNU9ewIzWIdoOdZirif
aE1CllSEALjDOQ3rexWSrSvunze64XpfcLiQQIaCDh5S5WCkggv2u36KT+/Q3E2B
R52NiuakS2d4xt4dBr5j+brducEC2yZE+jeTUDcItH+c524nEzcfyZza0voTAZeV
XVcuNugiCr0qTGHUUlkBi9lKUrPiz7sPEeiX
-----END CERTIFICATE-----
Generated at Tue Apr 7 18:27:31 2026 by rpki-client