Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/fd8c01-7b71-442c-9adb-ecd2965cb7e7/1/5U8f9LogiqESUTajoI4ApxQS82I.roa
File: 5U8f9LogiqESUTajoI4ApxQS82I.roa (raw, json)
Hash identifier: 7A8hUU7qh9Z0FffZaQfnDh8e9ymTMgXdrKWZsiScww4=
Subject key identifier: E5:4F:1F:F4:BA:20:8A:A1:12:51:36:A3:A0:8E:00:A7:14:12:F3:62
Certificate issuer: /CN=20e425a32b62d39818c4cbb0081075686fc4c8e8
Certificate serial: 019CE17405502AC2B4B3629DA570A7B798BA
Authority key identifier: 20:E4:25:A3:2B:62:D3:98:18:C4:CB:B0:08:10:75:68:6F:C4:C8:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IOQloyti05gYxMuwCBB1aG_EyOg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/fd8c01-7b71-442c-9adb-ecd2965cb7e7/1/5U8f9LogiqESUTajoI4ApxQS82I.roa
Signing time: Thu 12 Mar 2026 09:50:03 +0000
ROA not before: Thu 12 Mar 2026 09:50:03 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 95.170.12.0/24 maxlen: 24
95.170.18.0/24 maxlen: 24
95.170.20.0/24 maxlen: 24
95.170.27.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2e/fd8c01-7b71-442c-9adb-ecd2965cb7e7/1/IOQloyti05gYxMuwCBB1aG_EyOg.crl
rsync://rpki.ripe.net/repository/DEFAULT/2e/fd8c01-7b71-442c-9adb-ecd2965cb7e7/1/IOQloyti05gYxMuwCBB1aG_EyOg.mft
rsync://rpki.ripe.net/repository/DEFAULT/IOQloyti05gYxMuwCBB1aG_EyOg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Mar 2026 00:01:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:e1:74:05:50:2a:c2:b4:b3:62:9d:a5:70:a7:b7:98:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20e425a32b62d39818c4cbb0081075686fc4c8e8
Validity
Not Before: Mar 12 09:50:03 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e54f1ff4ba208aa1125136a3a08e00a71412f362
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:5f:e8:d2:91:0b:d7:8e:94:1f:53:b9:39:ff:
84:18:63:f8:92:89:97:7d:34:02:83:46:10:73:a6:
00:c5:25:98:b7:88:5e:53:81:8c:79:80:5d:d7:34:
b0:7a:20:d9:07:26:ae:91:69:4b:a9:43:3c:2d:b7:
73:d1:60:fd:75:f3:72:c5:c6:55:41:ba:37:14:a5:
57:70:4f:74:2a:07:fd:1e:36:7e:92:4e:1f:85:f1:
e0:87:d7:4f:a7:07:ae:dc:76:0d:57:9c:71:84:f2:
10:c9:01:60:64:6e:97:69:77:5f:e3:3d:42:09:bd:
c6:d4:a0:7b:61:d6:9f:e4:33:62:78:55:ee:2a:d3:
8b:05:ba:f5:61:c5:57:49:01:35:a8:6e:67:e9:5d:
df:c0:49:e0:d3:c1:fb:8d:b3:37:fd:2e:c3:51:da:
7c:1a:68:b0:94:f3:6b:1d:9b:79:12:4c:d3:5d:0f:
f7:55:0c:d6:68:6b:83:0d:f9:1d:e2:bd:34:32:be:
1b:e8:0b:3a:d7:6f:a9:68:05:70:7d:45:6d:a9:0e:
eb:86:d8:dd:e0:f3:4c:dc:e3:5e:37:e3:e4:d4:d7:
d5:99:14:92:ff:3e:c2:7e:10:4a:1e:74:f0:f3:9a:
7e:ef:c2:8f:d9:d9:a0:76:f8:a8:be:e6:ec:1f:45:
00:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:4F:1F:F4:BA:20:8A:A1:12:51:36:A3:A0:8E:00:A7:14:12:F3:62
X509v3 Authority Key Identifier:
keyid:20:E4:25:A3:2B:62:D3:98:18:C4:CB:B0:08:10:75:68:6F:C4:C8:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IOQloyti05gYxMuwCBB1aG_EyOg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/fd8c01-7b71-442c-9adb-ecd2965cb7e7/1/5U8f9LogiqESUTajoI4ApxQS82I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/fd8c01-7b71-442c-9adb-ecd2965cb7e7/1/IOQloyti05gYxMuwCBB1aG_EyOg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.170.12.0/24
95.170.18.0/24
95.170.20.0/24
95.170.27.0/24
Signature Algorithm: sha256WithRSAEncryption
27:a5:d7:86:4d:11:cf:37:fd:de:73:1d:2a:7a:29:70:5b:fc:
4b:e3:38:04:7f:6b:5d:09:a4:61:39:38:15:af:08:f1:f6:3f:
24:72:cd:9a:5e:ee:55:77:5d:f1:a4:2c:35:fb:92:c5:78:74:
cc:f6:08:4d:a8:5e:5c:67:30:05:40:1f:29:e2:bc:ec:34:c0:
1c:e4:2f:41:b8:e4:f3:43:97:01:75:53:11:cc:f2:da:ab:1d:
d6:7b:a7:3a:68:2c:d1:a0:52:8f:96:60:3a:a4:dd:6b:16:a3:
83:2a:97:37:b0:d6:28:ee:00:a1:ba:d8:01:99:0a:e4:0b:3f:
f4:4f:2c:ce:f6:67:83:95:c9:d5:ff:dc:be:fc:f5:c1:f8:8e:
24:48:9f:6f:dc:9e:cf:1b:18:8b:62:58:08:6a:78:40:04:c7:
1c:f0:15:ed:68:b2:f8:5b:80:31:1c:0f:4e:be:1a:23:9a:23:
ee:a0:fa:3c:6b:ee:71:23:ce:4b:39:ed:63:48:0d:d5:36:58:
bd:02:b3:06:3c:ac:46:33:97:56:c6:31:e2:c5:1e:a4:fc:34:
bb:5c:50:40:73:6d:f6:0a:7c:95:1a:a4:7b:5b:db:54:35:9a:
54:ec:d8:d8:a4:78:41:b1:ef:73:2e:e5:8c:93:e8:27:1e:8a:
e3:68:7b:cc
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZzhdAVQKsK0s2KdpXCnt5i6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwZTQyNWEzMmI2MmQzOTgxOGM0Y2JiMDA4MTA3NTY4NmZj
NGM4ZTgwHhcNMjYwMzEyMDk1MDAzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTRmMWZmNGJhMjA4YWExMTI1MTM2YTNhMDhlMDBhNzE0MTJmMzYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkV/o0pEL146UH1O5Of+EGGP4komX
fTQCg0YQc6YAxSWYt4heU4GMeYBd1zSweiDZByaukWlLqUM8Lbdz0WD9dfNyxcZV
Qbo3FKVXcE90Kgf9HjZ+kk4fhfHgh9dPpweu3HYNV5xxhPIQyQFgZG6XaXdf4z1C
Cb3G1KB7Ydaf5DNieFXuKtOLBbr1YcVXSQE1qG5n6V3fwEng08H7jbM3/S7DUdp8
GmiwlPNrHZt5EkzTXQ/3VQzWaGuDDfkd4r00Mr4b6As612+paAVwfUVtqQ7rhtjd
4PNM3ONeN+Pk1NfVmRSS/z7CfhBKHnTw85p+78KP2dmgdviovubsH0UA1wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOVPH/S6IIqhElE2o6COAKcUEvNiMB8GA1UdIwQY
MBaAFCDkJaMrYtOYGMTLsAgQdWhvxMjoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSU9RbG95dGkwNWdZeE11d0NCQjFhR19FeU9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9mZDhjMDEtN2I3MS00NDJjLTlhZGIt
ZWNkMjk2NWNiN2U3LzEvNVU4ZjlMb2dpcUVTVVRham9JNEFweFFTODJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9mZDhjMDEtN2I3MS00NDJjLTlhZGItZWNkMjk2NWNiN2U3
LzEvSU9RbG95dGkwNWdZeE11d0NCQjFhR19FeU9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAX6oMAwQA
X6oSAwQAX6oUAwQAX6obMA0GCSqGSIb3DQEBCwUAA4IBAQAnpdeGTRHPN/3ecx0q
eilwW/xL4zgEf2tdCaRhOTgVrwjx9j8kcs2aXu5Vd13xpCw1+5LFeHTM9ghNqF5c
ZzAFQB8p4rzsNMAc5C9BuOTzQ5cBdVMRzPLaqx3We6c6aCzRoFKPlmA6pN1rFqOD
Kpc3sNYo7gChutgBmQrkCz/0TyzO9meDlcnV/9y+/PXB+I4kSJ9v3J7PGxiLYlgI
anhABMcc8BXtaLL4W4AxHA9OvhojmiPuoPo8a+5xI85LOe1jSA3VNli9ArMGPKxG
M5dWxjHixR6k/DS7XFBAc232CnyVGqR7W9tUNZpU7NjYpHhBse9zLuWMk+gnHorj
aHvM
-----END CERTIFICATE-----
Generated at Sat Mar 21 09:17:03 2026 by rpki-client