Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/obuN62KDwmFx2dVjKmLODGzhVx0.roa
File: obuN62KDwmFx2dVjKmLODGzhVx0.roa (raw, json)
Hash identifier: JEDHjNNr+TZZD/UPavgu7Jop8+8Yo/KQ8o66CebY1W8=
Subject key identifier: A1:BB:8D:EB:62:83:C2:61:71:D9:D5:63:2A:62:CE:0C:6C:E1:57:1D
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 019CB921D2940CA79FF5A11177E3CE2F8C4E
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/obuN62KDwmFx2dVjKmLODGzhVx0.roa
Signing time: Wed 04 Mar 2026 13:55:27 +0000
ROA not before: Wed 04 Mar 2026 13:55:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 211066
IP address blocks: 5.83.134.0/24 maxlen: 24
5.175.140.0/24 maxlen: 24
5.175.161.0/24 maxlen: 24
5.175.192.0/24 maxlen: 24
5.175.221.0/24 maxlen: 24
85.93.31.0/24 maxlen: 24
87.239.131.0/24 maxlen: 24
89.106.73.0/24 maxlen: 24
89.106.75.0/24 maxlen: 24
89.106.82.0/24 maxlen: 24
89.144.3.0/24 maxlen: 24
89.144.22.0/24 maxlen: 24
94.249.243.0/24 maxlen: 24
94.249.244.0/24 maxlen: 24
94.249.249.0/24 maxlen: 24
95.215.32.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Mar 2026 16:05:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:b9:21:d2:94:0c:a7:9f:f5:a1:11:77:e3:ce:2f:8c:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Mar 4 13:55:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a1bb8deb6283c26171d9d5632a62ce0c6ce1571d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:49:84:5f:3b:56:19:2d:cb:11:1e:e4:f7:8f:
8e:ad:a9:f4:2f:70:34:0f:bf:9b:5d:70:0c:0b:0c:
ae:b7:9b:cf:5f:89:eb:38:8d:49:00:07:8c:79:0b:
f2:f9:3e:d6:ae:f9:a0:e9:5e:e7:a9:9a:71:0e:3d:
f5:6b:38:e9:f8:19:ec:2b:b1:ba:88:e8:c3:86:97:
73:bf:cb:78:18:4b:a3:3a:81:55:a6:02:76:9c:a2:
5a:45:03:f8:75:33:fb:ea:73:82:33:cb:d0:2a:5c:
51:0d:20:19:bf:d1:bb:ee:da:5e:88:91:04:79:79:
df:e9:49:a8:12:a9:78:99:71:87:cd:99:ef:01:f4:
10:da:39:77:bc:75:5a:51:a7:55:75:d4:3a:1c:21:
0c:a2:7b:58:c5:49:1f:e7:2e:71:7a:2b:43:4c:33:
2e:8c:e1:bf:83:06:81:d6:7e:c3:60:fa:8c:17:eb:
34:36:7f:5a:17:75:f7:ae:de:67:f1:f0:34:95:3a:
bd:ac:26:53:ac:c5:e5:18:e0:7f:b3:4e:bb:63:8b:
2e:63:3d:06:c4:8d:02:fc:07:4e:6a:e5:ff:44:5a:
54:38:f2:3c:b3:28:21:45:88:40:12:ac:b1:ed:d5:
9e:6c:a3:09:2b:83:02:b4:33:bf:3b:d9:b0:88:07:
bc:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:BB:8D:EB:62:83:C2:61:71:D9:D5:63:2A:62:CE:0C:6C:E1:57:1D
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/obuN62KDwmFx2dVjKmLODGzhVx0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.134.0/24
5.175.140.0/24
5.175.161.0/24
5.175.192.0/24
5.175.221.0/24
85.93.31.0/24
87.239.131.0/24
89.106.73.0/24
89.106.75.0/24
89.106.82.0/24
89.144.3.0/24
89.144.22.0/24
94.249.243.0-94.249.244.255
94.249.249.0/24
95.215.32.0/24
Signature Algorithm: sha256WithRSAEncryption
85:1d:8e:24:1b:e0:15:f4:5f:fe:3a:87:bc:7c:69:ff:5e:3f:
6a:f7:14:1d:96:42:88:ce:0e:8c:d2:b5:e4:0e:0d:70:94:71:
bb:14:37:7f:1d:14:3a:68:29:b5:fe:3d:10:46:33:45:d4:66:
57:ce:6e:85:64:ce:e9:79:c9:0e:a8:ad:d6:e8:13:92:18:f8:
0e:1a:a9:ba:f3:e3:30:04:c0:7a:b2:44:19:07:32:81:9f:4d:
f2:d5:c1:5d:0d:d4:a9:86:b3:2b:aa:e3:0c:1b:95:06:02:52:
02:68:09:ad:92:fc:2e:18:c7:db:62:95:76:33:71:14:7e:2e:
7b:45:ed:20:d5:c6:2f:6b:05:5e:3b:eb:7c:51:36:07:e3:6c:
c9:7e:16:e0:d6:06:61:f2:ff:b6:94:d2:40:c2:5d:5a:1b:23:
d7:c1:6a:ee:8b:d2:45:90:3e:04:58:c6:3d:97:a8:84:f5:98:
29:eb:fb:0d:5f:1c:b2:64:eb:e9:cd:28:9c:17:05:3c:91:6c:
05:8a:02:f1:e2:49:8c:f5:1a:9a:42:ca:35:e7:f0:6b:de:9b:
4e:d5:52:1b:f3:8f:2a:45:44:aa:89:0a:90:7e:18:be:b6:12:
db:05:48:90:1a:1e:e9:83:06:49:b2:ac:40:b6:c8:a7:77:fc:
71:74:67:e8
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAZy5IdKUDKef9aERd+POL4xOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjYwMzA0MTM1NTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWJiOGRlYjYyODNjMjYxNzFkOWQ1NjMyYTYyY2UwYzZjZTE1NzFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApUmEXztWGS3LER7k94+Oran0L3A0
D7+bXXAMCwyut5vPX4nrOI1JAAeMeQvy+T7Wrvmg6V7nqZpxDj31azjp+BnsK7G6
iOjDhpdzv8t4GEujOoFVpgJ2nKJaRQP4dTP76nOCM8vQKlxRDSAZv9G77tpeiJEE
eXnf6UmoEql4mXGHzZnvAfQQ2jl3vHVaUadVddQ6HCEMontYxUkf5y5xeitDTDMu
jOG/gwaB1n7DYPqMF+s0Nn9aF3X3rt5n8fA0lTq9rCZTrMXlGOB/s067Y4suYz0G
xI0C/AdOauX/RFpUOPI8syghRYhAEqyx7dWebKMJK4MCtDO/O9mwiAe8UQIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFKG7jetig8JhcdnVYypizgxs4VcdMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvb2J1TjYyS0R3bUZ4MmRWakttTE9ER3poVngwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBoBAIAATBiAwQABVOGAwQA
Ba+MAwQABa+hAwQABa/AAwQABa/dAwQAVV0fAwQAV++DAwQAWWpJAwQAWWpLAwQA
WWpSAwQAWZADAwQAWZAWMAwDBABe+fMDBABe+fQDBABe+fkDBABf1yAwDQYJKoZI
hvcNAQELBQADggEBAIUdjiQb4BX0X/46h7x8af9eP2r3FB2WQojODozSteQODXCU
cbsUN38dFDpoKbX+PRBGM0XUZlfOboVkzul5yQ6ordboE5IY+A4aqbrz4zAEwHqy
RBkHMoGfTfLVwV0N1KmGsyuq4wwblQYCUgJoCa2S/C4Yx9tilXYzcRR+LntF7SDV
xi9rBV4763xRNgfjbMl+FuDWBmHy/7aU0kDCXVobI9fBau6L0kWQPgRYxj2XqIT1
mCnr+w1fHLJk6+nNKJwXBTyRbAWKAvHiSYz1GppCyjXn8Gvem07VUhvzjypFRKqJ
CpB+GL62EtsFSJAaHumDBkmyrEC2yKd3/HF0Z+g=
-----END CERTIFICATE-----
Generated at Thu Mar 5 23:39:03 2026 by rpki-client