Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/5UaMSt_8DXEjleJYjp7squu37_M.roa
File: 5UaMSt_8DXEjleJYjp7squu37_M.roa (raw, json)
Hash identifier: 1MmZ1HhUVhmNyhmnHXa+CiYkywSrX17N1Owop3Mk+AQ=
Subject key identifier: E5:46:8C:4A:DF:FC:0D:71:23:95:E2:58:8E:9E:EC:AA:EB:B7:EF:F3
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 019CBA7DB824FFBE4521CD8CE41382180945
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/5UaMSt_8DXEjleJYjp7squu37_M.roa
Signing time: Wed 04 Mar 2026 20:15:27 +0000
ROA not before: Wed 04 Mar 2026 20:15:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 205463
IP address blocks: 2.56.108.0/24 maxlen: 24
2.56.109.0/24 maxlen: 24
45.9.30.0/24 maxlen: 24
45.81.113.0/24 maxlen: 24
45.81.115.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
45.88.139.0/24 maxlen: 24
45.94.170.0/24 maxlen: 24
45.132.181.0/24 maxlen: 24
85.209.120.0/24 maxlen: 24
193.57.41.0/24 maxlen: 24
194.15.52.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 05 Mar 2026 19:55:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ba:7d:b8:24:ff:be:45:21:cd:8c:e4:13:82:18:09:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Mar 4 20:15:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e5468c4adffc0d712395e2588e9eecaaebb7eff3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:68:72:e6:01:59:67:82:e3:61:23:41:19:62:
a9:23:07:a4:74:cd:08:64:3c:94:d0:96:c8:df:33:
34:07:06:94:39:ce:35:b5:38:8e:c7:57:3b:c8:81:
94:21:3a:54:82:9f:7d:16:f5:c2:74:80:9e:68:48:
21:13:88:6e:b2:81:4e:1b:44:36:d3:53:4f:ba:c1:
1a:c7:6c:d4:de:e2:0e:23:73:40:12:be:24:c9:71:
36:0e:68:56:fc:5d:ab:bd:e9:59:f5:d4:55:26:50:
83:4d:c0:f2:27:15:d5:b1:76:3f:49:0a:50:45:39:
7e:7b:99:bd:3d:ea:fa:50:a3:d3:63:ae:80:4e:7c:
e1:b4:17:d4:f9:89:bd:3e:dc:1b:c9:90:72:3a:2f:
c3:af:d7:cf:b1:65:38:78:72:37:54:38:ca:05:3a:
4c:59:36:3f:05:48:d0:5e:11:0d:47:f7:6b:59:b2:
14:fa:4c:7a:54:a7:0f:68:0a:bc:da:ff:d6:ed:af:
26:14:31:37:cb:fa:5f:52:09:1a:ae:1c:fe:1b:4e:
fc:26:34:5d:9d:78:fb:fa:45:5b:4b:81:ed:a5:d1:
00:e8:35:2c:0e:2d:39:06:cd:ff:e1:15:cf:da:7e:
1e:76:5a:a4:fe:73:5c:2b:f4:6d:e1:68:45:ac:32:
3e:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:46:8C:4A:DF:FC:0D:71:23:95:E2:58:8E:9E:EC:AA:EB:B7:EF:F3
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/5UaMSt_8DXEjleJYjp7squu37_M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.108.0/23
45.9.30.0/24
45.81.113.0/24
45.81.115.0/24
45.88.136.0/24
45.88.139.0/24
45.94.170.0/24
45.132.181.0/24
85.209.120.0/24
193.57.41.0/24
194.15.52.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:b7:f7:8b:6c:ba:f2:46:9a:9e:e9:7f:ee:01:46:ea:17:2e:
b6:14:fb:a4:00:8e:23:24:90:a9:c0:f2:7f:65:4f:e0:d8:47:
f5:8b:24:48:ea:7c:ff:3c:64:39:36:67:0b:e5:dc:e3:ee:c6:
98:35:fa:2a:a4:52:1f:60:14:a4:b9:b5:1b:dd:fb:0f:0a:3a:
35:86:56:88:c6:91:12:13:21:86:2f:47:5b:67:93:c2:ea:f0:
01:92:72:82:5e:5a:f7:55:ef:76:69:f6:58:66:21:1b:7f:a8:
5c:0b:fb:43:81:34:c5:d6:b4:87:5c:63:06:82:9c:c3:84:ad:
07:cb:94:f1:9c:ca:91:06:40:96:77:2e:c3:66:2b:78:1d:cf:
fb:af:3d:c0:16:2f:01:ed:1a:1c:45:b8:b0:f5:b5:51:0a:55:
27:cf:5a:d9:f8:ee:5c:40:dd:fd:0d:ec:1d:ef:a4:97:de:ca:
6f:13:9e:33:38:19:46:35:8b:53:2d:c1:50:3e:f5:57:82:95:
37:57:ef:c2:b6:62:4a:ab:72:e0:0e:26:b9:47:f4:37:5f:3e:
00:2e:5c:1f:f4:87:01:d1:01:a1:ed:98:90:a9:dd:67:40:16:
ff:54:a4:87:87:3f:e2:ab:53:8d:81:54:43:ba:8b:5d:8a:cd:
0a:1c:46:05
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZy6fbgk/75FIc2M5BOCGAlFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjYwMzA0MjAxNTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTQ2OGM0YWRmZmMwZDcxMjM5NWUyNTg4ZTllZWNhYWViYjdlZmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnmhy5gFZZ4LjYSNBGWKpIwekdM0I
ZDyU0JbI3zM0BwaUOc41tTiOx1c7yIGUITpUgp99FvXCdICeaEghE4husoFOG0Q2
01NPusEax2zU3uIOI3NAEr4kyXE2DmhW/F2rvelZ9dRVJlCDTcDyJxXVsXY/SQpQ
RTl+e5m9Per6UKPTY66ATnzhtBfU+Ym9PtwbyZByOi/Dr9fPsWU4eHI3VDjKBTpM
WTY/BUjQXhENR/drWbIU+kx6VKcPaAq82v/W7a8mFDE3y/pfUgkarhz+G078JjRd
nXj7+kVbS4HtpdEA6DUsDi05Bs3/4RXP2n4edlqk/nNcK/Rt4WhFrDI+4wIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFOVGjErf/A1xI5XiWI6e7Krrt+/zMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvNVVhTVN0XzhEWEVqbGVKWWpwN3NxdXUzN19NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQBAjhsAwQA
LQkeAwQALVFxAwQALVFzAwQALViIAwQALViLAwQALV6qAwQALYS1AwQAVdF4AwQA
wTkpAwQAwg80MA0GCSqGSIb3DQEBCwUAA4IBAQCkt/eLbLryRpqe6X/uAUbqFy62
FPukAI4jJJCpwPJ/ZU/g2Ef1iyRI6nz/PGQ5NmcL5dzj7saYNfoqpFIfYBSkubUb
3fsPCjo1hlaIxpESEyGGL0dbZ5PC6vABknKCXlr3Ve92afZYZiEbf6hcC/tDgTTF
1rSHXGMGgpzDhK0Hy5TxnMqRBkCWdy7DZit4Hc/7rz3AFi8B7RocRbiw9bVRClUn
z1rZ+O5cQN39Dewd76SX3spvE54zOBlGNYtTLcFQPvVXgpU3V+/CtmJKq3LgDia5
R/Q3Xz4ALlwf9IcB0QGh7ZiQqd1nQBb/VKSHhz/iq1ONgVRDuotdis0KHEYF
-----END CERTIFICATE-----
Generated at Thu Mar 5 02:52:59 2026 by rpki-client