Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/5pRQZzbHbiHkZmXjFL2E4UNZuHs.roa
File: 5pRQZzbHbiHkZmXjFL2E4UNZuHs.roa (raw, json)
Hash identifier: P9CNCo8EST5TtceaZZg3nqTZTM5Raj/p9KTR1TGLwio=
Subject key identifier: E6:94:50:67:36:C7:6E:21:E4:66:65:E3:14:BD:84:E1:43:59:B8:7B
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 019E35374C37AF56F53F8F8483BC9A2BB0BD
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/5pRQZzbHbiHkZmXjFL2E4UNZuHs.roa
Signing time: Sun 17 May 2026 09:14:36 +0000
ROA not before: Sun 17 May 2026 09:14:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 44208
IP address blocks: 31.170.48.0/23 maxlen: 23
31.170.50.0/23 maxlen: 23
31.170.52.0/23 maxlen: 23
31.170.54.0/24 maxlen: 24
31.170.55.0/24 maxlen: 24
31.170.56.0/23 maxlen: 23
31.170.58.0/23 maxlen: 23
31.170.60.0/22 maxlen: 22
37.49.148.0/24 maxlen: 24
94.74.128.0/23 maxlen: 23
94.74.128.0/24 maxlen: 24
94.74.129.0/24 maxlen: 24
94.74.130.0/23 maxlen: 23
94.74.132.0/22 maxlen: 22
94.74.136.0/24 maxlen: 24
94.74.138.0/23 maxlen: 23
94.74.141.0/24 maxlen: 24
94.74.142.0/23 maxlen: 23
94.74.144.0/24 maxlen: 24
94.74.146.0/24 maxlen: 24
94.74.148.0/23 maxlen: 23
94.74.150.0/23 maxlen: 23
94.74.152.0/22 maxlen: 22
94.74.160.0/22 maxlen: 22
94.74.165.0/24 maxlen: 24
94.74.166.0/23 maxlen: 23
94.74.168.0/23 maxlen: 24
94.74.170.0/24 maxlen: 24
94.74.172.0/24 maxlen: 24
94.74.174.0/23 maxlen: 23
94.74.176.0/22 maxlen: 22
94.74.180.0/23 maxlen: 23
94.74.182.0/23 maxlen: 23
94.74.186.0/23 maxlen: 23
94.74.188.0/23 maxlen: 23
94.74.190.0/23 maxlen: 23
94.74.191.0/24 maxlen: 24
176.46.134.0/24 maxlen: 24
176.46.138.0/23 maxlen: 23
176.46.141.0/24 maxlen: 24
176.46.144.0/24 maxlen: 24
176.46.147.0/24 maxlen: 24
176.46.148.0/23 maxlen: 23
176.46.152.0/22 maxlen: 22
176.46.156.0/23 maxlen: 23
176.46.158.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.mft
rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Jun 2026 13:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:35:37:4c:37:af:56:f5:3f:8f:84:83:bc:9a:2b:b0:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: May 17 09:14:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e694506736c76e21e46665e314bd84e14359b87b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:ae:94:35:dc:c4:c6:96:a9:4d:0c:b9:c6:9a:
94:16:73:e1:16:28:94:8d:7e:d1:98:80:ca:e1:62:
f1:f5:aa:43:d3:f7:f6:0c:e7:8f:53:da:4e:67:2d:
bc:46:ba:6e:8a:49:9f:51:bc:59:b0:fb:54:d4:9d:
bd:8b:15:0b:5d:14:ab:3e:45:5a:97:c6:c3:80:f6:
37:d8:c9:64:75:32:5c:3f:c1:13:4b:0d:6b:22:cb:
6d:4a:3a:e5:e4:43:58:cc:ac:e3:05:94:1a:d3:92:
0f:ec:2c:ac:f3:12:32:e6:6b:dc:8e:2f:eb:9c:b3:
1e:7f:74:16:aa:e3:84:2a:7a:dc:87:fc:08:32:71:
f0:bf:cf:9a:79:83:c1:13:a5:7c:56:ee:68:61:77:
52:16:d6:68:68:10:75:73:38:d7:58:49:0b:c3:65:
29:a5:e0:83:01:92:20:2a:f4:dc:c6:97:70:aa:cb:
69:a2:f2:1a:e7:f2:8c:a6:16:6e:45:66:35:f1:c4:
cd:87:6b:50:2f:bf:3a:63:85:c9:57:bb:d3:e6:5f:
08:05:98:2f:55:fb:94:0c:63:bd:98:33:b8:18:3b:
22:1a:58:d8:57:98:15:f8:01:19:88:6f:fb:9a:0e:
78:5d:87:e1:02:30:74:f9:f5:00:97:84:c1:97:e2:
83:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:94:50:67:36:C7:6E:21:E4:66:65:E3:14:BD:84:E1:43:59:B8:7B
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/5pRQZzbHbiHkZmXjFL2E4UNZuHs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.48.0/20
37.49.148.0/24
94.74.128.0-94.74.136.255
94.74.138.0/23
94.74.141.0-94.74.144.255
94.74.146.0/24
94.74.148.0-94.74.155.255
94.74.160.0/22
94.74.165.0-94.74.170.255
94.74.172.0/24
94.74.174.0-94.74.183.255
94.74.186.0-94.74.191.255
176.46.134.0/24
176.46.138.0/23
176.46.141.0/24
176.46.144.0/24
176.46.147.0-176.46.149.255
176.46.152.0-176.46.158.255
Signature Algorithm: sha256WithRSAEncryption
94:59:66:0e:0b:d4:f9:45:59:5e:59:b8:ab:61:1a:52:59:eb:
eb:74:3b:1f:42:a2:aa:ee:fb:bf:1e:93:d8:63:39:6b:cf:73:
a0:3f:66:75:9a:08:0d:c1:12:fc:22:f3:b0:e9:e1:e4:b6:4b:
bb:dd:53:af:40:c0:0c:ec:43:02:3b:b0:be:58:e0:b5:60:83:
0d:fe:af:2d:a8:1e:c5:8c:42:71:23:ac:40:52:0a:f6:47:37:
e5:df:46:50:77:51:5e:fd:c6:2b:ba:c6:16:1b:4f:e9:6b:b8:
93:ca:4d:c6:dd:2f:64:6a:80:83:9a:da:ad:17:31:2e:bb:24:
50:4f:b4:0c:12:49:2f:77:a4:18:f6:38:f8:4f:a5:38:77:78:
f8:ca:9e:a8:83:c8:ee:ea:ad:44:be:85:21:eb:15:fe:e4:a7:
45:96:93:ea:6b:29:c3:dc:25:1b:53:e1:c5:a5:fa:cc:32:df:
a0:bd:0b:36:6b:e3:a4:d0:5c:b1:c7:57:99:63:28:25:51:01:
be:02:4b:b4:cf:8e:34:6c:b2:c7:62:a4:75:17:4a:cb:53:85:
14:df:49:34:e1:d1:32:3d:f6:84:1d:50:04:5f:70:a7:5d:df:
1c:64:59:59:ba:74:d4:f3:28:b1:68:ca:d8:3e:a2:48:04:13:
8a:06:d8:93
-----BEGIN CERTIFICATE-----
MIIFqDCCBJCgAwIBAgISAZ41N0w3r1b1P4+Eg7yaK7C9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjYwNTE3MDkxNDM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjk0NTA2NzM2Yzc2ZTIxZTQ2NjY1ZTMxNGJkODRlMTQzNTliODdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApK6UNdzExpapTQy5xpqUFnPhFiiU
jX7RmIDK4WLx9apD0/f2DOePU9pOZy28RrpuikmfUbxZsPtU1J29ixULXRSrPkVa
l8bDgPY32MlkdTJcP8ETSw1rIsttSjrl5ENYzKzjBZQa05IP7Cys8xIy5mvcji/r
nLMef3QWquOEKnrch/wIMnHwv8+aeYPBE6V8Vu5oYXdSFtZoaBB1czjXWEkLw2Up
peCDAZIgKvTcxpdwqstpovIa5/KMphZuRWY18cTNh2tQL786Y4XJV7vT5l8IBZgv
VfuUDGO9mDO4GDsiGljYV5gV+AEZiG/7mg54XYfhAjB0+fUAl4TBl+KDcwIDAQAB
o4ICtDCCArAwHQYDVR0OBBYEFOaUUGc2x24h5GZl4xS9hOFDWbh7MB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvNXBSUVp6YkhiaUhrWm1YakZMMkU0VU5adUhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHJBggrBgEFBQcBBwEB/wSBuTCBtjCBswQCAAEwgawDBAQf
qjADBAAlMZQwDAMEB15KgAMEAF5KiAMEAV5KijAMAwQAXkqNAwQAXkqQAwQAXkqS
MAwDBAJeSpQDBAJeSpgDBAJeSqAwDAMEAF5KpQMEAF5KqgMEAF5KrDAMAwQBXkqu
AwQDXkqwMAwDBAFeSroDBAZeSoADBACwLoYDBAGwLooDBACwLo0DBACwLpAwDAME
ALAukwMEAbAulDAMAwQDsC6YAwQAsC6eMA0GCSqGSIb3DQEBCwUAA4IBAQCUWWYO
C9T5RVleWbirYRpSWevrdDsfQqKq7vu/HpPYYzlrz3OgP2Z1mggNwRL8IvOw6eHk
tku73VOvQMAM7EMCO7C+WOC1YIMN/q8tqB7FjEJxI6xAUgr2Rzfl30ZQd1Fe/cYr
usYWG0/pa7iTyk3G3S9kaoCDmtqtFzEuuyRQT7QMEkkvd6QY9jj4T6U4d3j4yp6o
g8ju6q1EvoUh6xX+5KdFlpPqaynD3CUbU+HFpfrMMt+gvQs2a+Ok0Fyxx1eZYygl
UQG+Aku0z440bLLHYqR1F0rLU4UU30k04dEyPfaEHVAEX3CnXd8cZFlZunTU8yix
aMrYPqJIBBOKBtiT
-----END CERTIFICATE-----
Generated at Sat Jun 6 21:54:52 2026 by rpki-client