Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/Q97nfM5-kvYwVeUtHIxB-OOXCaM.roa
File: Q97nfM5-kvYwVeUtHIxB-OOXCaM.roa (raw, json)
Hash identifier: V/DqEUoREeqngaZLDbe1A/F1+qH5nWRStC2j7PD5YfM=
Subject key identifier: 43:DE:E7:7C:CE:7E:92:F6:30:55:E5:2D:1C:8C:41:F8:E3:97:09:A3
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 019E63A2EC040FDDA710448D107BBEFBABAD
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/Q97nfM5-kvYwVeUtHIxB-OOXCaM.roa
Signing time: Tue 26 May 2026 09:34:42 +0000
ROA not before: Tue 26 May 2026 09:34:42 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 214639
IP address blocks: 5.83.129.0/24 maxlen: 24
5.175.178.0/24 maxlen: 24
83.243.86.0/24 maxlen: 24
85.93.10.0/24 maxlen: 24
87.239.135.0/24 maxlen: 24
89.106.86.0/24 maxlen: 24
89.144.35.0/24 maxlen: 24
94.249.176.0/24 maxlen: 24
94.249.225.0/24 maxlen: 24
94.249.240.0/24 maxlen: 24
178.18.147.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 05 Jun 2026 05:46:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:63:a2:ec:04:0f:dd:a7:10:44:8d:10:7b:be:fb:ab:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: May 26 09:34:42 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=43dee77cce7e92f63055e52d1c8c41f8e39709a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:da:87:bc:5f:ce:99:e0:ff:fb:48:f2:64:30:
59:8b:18:f2:bd:05:35:3c:f9:9f:94:85:b5:b0:d7:
a9:c0:ed:d7:a4:cc:03:c5:5c:b1:8d:1b:66:5e:b2:
c5:20:6c:31:82:19:43:dc:9f:98:14:eb:cd:b2:ff:
38:d3:b6:36:ff:1a:2f:15:ab:4c:45:19:e5:50:5d:
cb:cf:1e:b8:06:75:b6:bf:79:cc:96:e5:e2:50:38:
e3:e5:43:91:74:d4:c7:9e:30:c5:b8:94:25:0e:ca:
dc:9e:87:1f:d6:10:95:bf:c0:43:05:a3:a9:14:6e:
d7:1f:c9:12:00:c0:9e:62:ca:c2:da:55:45:27:71:
26:d3:7b:60:3f:50:26:f7:3d:82:ec:d8:4c:05:85:
1e:67:e5:22:54:a3:3a:85:e5:7f:c6:41:1d:e0:00:
4f:b4:e5:83:fd:a4:86:1e:f7:e5:2b:e9:15:04:8b:
fd:8a:f9:65:0b:2d:97:72:29:32:7d:c2:f4:ea:9c:
43:ad:c6:61:9a:95:83:5e:e0:3b:8c:e8:7b:fc:c8:
69:8a:50:35:62:1f:57:7f:4c:3a:da:0d:b7:bb:f0:
3f:e3:31:ba:96:87:72:52:d6:e0:39:a9:39:ac:25:
a6:a5:e3:b3:06:2d:26:aa:07:29:3e:7c:99:c3:7c:
fa:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:DE:E7:7C:CE:7E:92:F6:30:55:E5:2D:1C:8C:41:F8:E3:97:09:A3
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/Q97nfM5-kvYwVeUtHIxB-OOXCaM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.129.0/24
5.175.178.0/24
83.243.86.0/24
85.93.10.0/24
87.239.135.0/24
89.106.86.0/24
89.144.35.0/24
94.249.176.0/24
94.249.225.0/24
94.249.240.0/24
178.18.147.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:d2:a7:23:e1:d6:bc:8b:7c:34:73:00:f8:26:f0:ea:1e:b0:
db:a2:15:2a:78:cd:a9:61:44:76:11:d3:b9:35:ac:9a:b4:44:
f9:3a:cd:8b:32:b1:c9:78:81:46:4c:eb:93:82:b5:a7:e9:ff:
c3:b3:29:1e:bc:52:6e:15:5d:58:a2:af:75:c0:35:ca:cc:1e:
cd:04:92:24:d7:7f:af:0f:67:d5:7a:9c:94:0f:10:11:8a:48:
09:7e:45:a7:fb:ae:52:59:26:98:03:55:01:e0:d5:e9:65:64:
fa:97:0a:06:6a:6a:a9:59:20:57:5b:8c:cc:c9:96:07:19:e7:
da:6f:52:52:fb:5c:04:4e:ad:a8:57:07:c3:64:53:69:0a:62:
3a:30:4b:93:8e:00:6f:e5:cc:fe:6e:3c:70:cc:0c:21:a2:d7:
c8:49:94:9a:0f:a6:fb:b1:0b:51:0d:8e:c3:ae:70:44:b3:d8:
01:b2:a0:31:30:c7:46:2f:d9:76:0f:55:b6:79:c3:27:37:7f:
61:fb:92:3e:e5:25:08:f5:f9:79:0c:ef:fe:40:50:86:bd:98:
ce:9f:9d:49:33:12:2a:3e:42:eb:bc:aa:96:63:3a:06:e8:1c:
5e:84:c9:72:6e:d0:b6:4e:7f:26:6a:5d:a4:69:f6:16:a7:66:
96:20:7c:0c
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZ5jouwED92nEESNEHu++6utMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjYwNTI2MDkzNDQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2RlZTc3Y2NlN2U5MmY2MzA1NWU1MmQxYzhjNDFmOGUzOTcwOWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmNqHvF/OmeD/+0jyZDBZixjyvQU1
PPmflIW1sNepwO3XpMwDxVyxjRtmXrLFIGwxghlD3J+YFOvNsv8407Y2/xovFatM
RRnlUF3Lzx64BnW2v3nMluXiUDjj5UORdNTHnjDFuJQlDsrcnocf1hCVv8BDBaOp
FG7XH8kSAMCeYsrC2lVFJ3Em03tgP1Am9z2C7NhMBYUeZ+UiVKM6heV/xkEd4ABP
tOWD/aSGHvflK+kVBIv9ivllCy2XcikyfcL06pxDrcZhmpWDXuA7jOh7/MhpilA1
Yh9Xf0w62g23u/A/4zG6lodyUtbgOak5rCWmpeOzBi0mqgcpPnyZw3z6+QIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFEPe53zOfpL2MFXlLRyMQfjjlwmjMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvUTk3bmZNNS1rdll3VmVVdEhJeEItT09YQ2FNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQABVOBAwQA
Ba+yAwQAU/NWAwQAVV0KAwQAV++HAwQAWWpWAwQAWZAjAwQAXvmwAwQAXvnhAwQA
XvnwAwQAshKTMA0GCSqGSIb3DQEBCwUAA4IBAQAa0qcj4da8i3w0cwD4JvDqHrDb
ohUqeM2pYUR2EdO5NayatET5Os2LMrHJeIFGTOuTgrWn6f/DsykevFJuFV1Yoq91
wDXKzB7NBJIk13+vD2fVepyUDxARikgJfkWn+65SWSaYA1UB4NXpZWT6lwoGamqp
WSBXW4zMyZYHGefab1JS+1wETq2oVwfDZFNpCmI6MEuTjgBv5cz+bjxwzAwhotfI
SZSaD6b7sQtRDY7DrnBEs9gBsqAxMMdGL9l2D1W2ecMnN39h+5I+5SUI9fl5DO/+
QFCGvZjOn51JMxIqPkLrvKqWYzoG6BxehMlybtC2Tn8mal2kafYWp2aWIHwM
-----END CERTIFICATE-----
Generated at Thu Jun 4 09:59:25 2026 by rpki-client