Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/Ik1cj9KAcZmR7KbispL0fBOPUoQ.roa
File: Ik1cj9KAcZmR7KbispL0fBOPUoQ.roa (raw, json)
Hash identifier: 5jIEnECppWdfK4IsNPYOU0byieHt9O89l+zqNiT1Vnk=
Subject key identifier: 22:4D:5C:8F:D2:80:71:99:91:EC:A6:E2:B2:92:F4:7C:13:8F:52:84
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 019CDB54C45FEA2A9033164F3E1165238E4B
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/Ik1cj9KAcZmR7KbispL0fBOPUoQ.roa
Signing time: Wed 11 Mar 2026 05:18:11 +0000
ROA not before: Wed 11 Mar 2026 05:18:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 209874
IP address blocks: 5.83.142.0/24 maxlen: 24
5.83.150.0/24 maxlen: 24
5.175.137.0/24 maxlen: 24
5.175.162.0/24 maxlen: 24
5.175.174.0/24 maxlen: 24
5.175.187.0/24 maxlen: 24
5.175.225.0/24 maxlen: 24
5.230.9.0/24 maxlen: 24
5.231.23.0/24 maxlen: 24
5.231.25.0/24 maxlen: 24
5.231.82.0/24 maxlen: 24
5.231.96.0/24 maxlen: 24
5.231.203.0/24 maxlen: 24
77.90.39.0/24 maxlen: 24
85.118.162.0/24 maxlen: 24
87.239.129.0/24 maxlen: 24
89.144.1.0/24 maxlen: 24
94.103.167.0/24 maxlen: 24
94.249.150.0/24 maxlen: 24
94.249.153.0/24 maxlen: 24
94.249.197.0/24 maxlen: 24
94.249.236.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Mar 2026 07:40:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:db:54:c4:5f:ea:2a:90:33:16:4f:3e:11:65:23:8e:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Mar 11 05:18:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=224d5c8fd280719991eca6e2b292f47c138f5284
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:a3:aa:24:44:58:75:cc:6d:59:25:49:c5:c2:
d0:43:3a:6a:50:2a:e2:ca:53:19:5f:0c:8b:8f:1b:
3d:7c:9d:ff:53:28:25:2a:6e:49:d4:95:20:c1:b1:
93:3b:46:1e:fa:8c:11:95:be:b6:c5:a8:27:9d:4d:
52:1a:58:a8:63:70:f0:2a:e5:9e:91:bb:00:45:e6:
55:3a:da:84:71:cc:00:6c:1e:fd:6a:8b:0d:65:8a:
39:a0:12:bd:60:2b:86:bb:68:f6:a4:c3:35:6d:bf:
81:58:02:bf:c0:6f:22:44:6b:b2:56:23:02:56:3c:
ba:4e:64:6f:d6:a3:b7:a7:8d:b5:07:74:7d:07:a2:
7a:3d:29:4a:42:cb:f9:74:c3:cb:8f:a9:48:d6:51:
36:ac:59:ce:18:bc:a0:69:1f:24:0a:cb:c7:97:d2:
de:4a:ae:42:34:c2:96:d9:98:74:a1:68:fc:c3:b7:
75:da:8c:5f:5d:bc:b9:09:4f:dd:3a:38:2c:27:67:
a3:4d:3c:31:16:ec:e8:93:7f:63:69:a1:65:c3:48:
1d:fa:64:a5:ef:4a:5a:e7:47:d8:58:12:5f:f3:36:
72:f4:c9:68:f0:42:44:9e:71:c1:4e:46:a8:22:10:
44:ec:af:c9:b9:18:12:3b:a9:3f:dd:eb:0b:f2:81:
39:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:4D:5C:8F:D2:80:71:99:91:EC:A6:E2:B2:92:F4:7C:13:8F:52:84
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/Ik1cj9KAcZmR7KbispL0fBOPUoQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.142.0/24
5.83.150.0/24
5.175.137.0/24
5.175.162.0/24
5.175.174.0/24
5.175.187.0/24
5.175.225.0/24
5.230.9.0/24
5.231.23.0/24
5.231.25.0/24
5.231.82.0/24
5.231.96.0/24
5.231.203.0/24
77.90.39.0/24
85.118.162.0/24
87.239.129.0/24
89.144.1.0/24
94.103.167.0/24
94.249.150.0/24
94.249.153.0/24
94.249.197.0/24
94.249.236.0/24
Signature Algorithm: sha256WithRSAEncryption
22:f3:9b:fc:5a:da:05:63:c1:ea:81:25:3b:68:ce:0e:51:82:
d4:2c:98:1d:12:28:bc:28:f4:26:fd:f5:05:88:13:b8:9f:1a:
92:e9:ee:91:48:85:95:ce:15:0a:30:03:13:f5:01:01:76:0b:
de:49:ef:fd:ab:89:c4:5d:68:12:89:2c:81:0f:74:fd:83:cf:
e3:52:44:58:b0:7a:b5:9d:15:54:65:cc:b2:5f:b1:6e:1e:9c:
16:c0:2e:3f:57:f9:a0:aa:5d:18:d0:17:5c:34:24:aa:4b:18:
f4:64:fa:7c:fc:dd:0d:b2:58:44:7f:43:d7:b8:97:8a:e1:5b:
11:3a:9b:8b:8d:bc:f2:c5:e5:9f:40:62:55:8d:25:e3:ea:26:
72:9e:11:64:b9:e4:b7:cf:9a:44:1e:fa:b7:e4:ba:dd:b2:77:
71:52:ca:53:c0:93:ed:25:79:9f:69:9c:3b:a3:b8:f1:95:d1:
df:e2:09:af:ad:8d:f5:09:7f:a3:58:dd:9b:91:91:7a:2a:75:
ed:07:d4:08:da:c9:db:37:9a:3a:bb:50:84:ea:bd:66:39:f0:
c7:ed:28:a9:02:39:cb:60:3a:3f:c6:89:09:36:2e:12:47:63:
70:90:13:f9:4f:01:59:28:2b:b6:f8:68:1e:4f:5e:fb:d5:8a:
02:4f:39:60
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAZzbVMRf6iqQMxZPPhFlI45LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjYwMzExMDUxODExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjRkNWM4ZmQyODA3MTk5OTFlY2E2ZTJiMjkyZjQ3YzEzOGY1Mjg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKOqJERYdcxtWSVJxcLQQzpqUCri
ylMZXwyLjxs9fJ3/UyglKm5J1JUgwbGTO0Ye+owRlb62xagnnU1SGlioY3DwKuWe
kbsAReZVOtqEccwAbB79aosNZYo5oBK9YCuGu2j2pMM1bb+BWAK/wG8iRGuyViMC
Vjy6TmRv1qO3p421B3R9B6J6PSlKQsv5dMPLj6lI1lE2rFnOGLygaR8kCsvHl9Le
Sq5CNMKW2Zh0oWj8w7d12oxfXby5CU/dOjgsJ2ejTTwxFuzok39jaaFlw0gd+mSl
70pa50fYWBJf8zZy9Mlo8EJEnnHBTkaoIhBE7K/JuRgSO6k/3esL8oE5ewIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFCJNXI/SgHGZkeym4rKS9HwTj1KEMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvSWsxY2o5S0FjWm1SN0tiaXNwTDBmQk9QVW9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjCBiwQCAAEwgYQDBAAF
U44DBAAFU5YDBAAFr4kDBAAFr6IDBAAFr64DBAAFr7sDBAAFr+EDBAAF5gkDBAAF
5xcDBAAF5xkDBAAF51IDBAAF52ADBAAF58sDBABNWicDBABVdqIDBABX74EDBABZ
kAEDBABeZ6cDBABe+ZYDBABe+ZkDBABe+cUDBABe+ewwDQYJKoZIhvcNAQELBQAD
ggEBACLzm/xa2gVjweqBJTtozg5RgtQsmB0SKLwo9Cb99QWIE7ifGpLp7pFIhZXO
FQowAxP1AQF2C95J7/2ricRdaBKJLIEPdP2Dz+NSRFiwerWdFVRlzLJfsW4enBbA
Lj9X+aCqXRjQF1w0JKpLGPRk+nz83Q2yWER/Q9e4l4rhWxE6m4uNvPLF5Z9AYlWN
JePqJnKeEWS55LfPmkQe+rfkut2yd3FSylPAk+0leZ9pnDujuPGV0d/iCa+tjfUJ
f6NY3ZuRkXoqde0H1Ajayds3mjq7UITqvWY58MftKKkCOctgOj/GiQk2LhJHY3CQ
E/lPAVkoK7b4aB5PXvvVigJPOWA=
-----END CERTIFICATE-----
Generated at Fri Mar 13 12:26:54 2026 by rpki-client