
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/6a3215-6b62-4363-9abc-7a54db59ec2d/1/0X-5PKZtZ7slARK8e40z1bnoMFw.roa
File: 0X-5PKZtZ7slARK8e40z1bnoMFw.roa (raw, json)
Hash identifier: FSNo1Xv7gSywiq56rw1Ts4EOsLlsS5zybrQAx4E58hY=
Subject key identifier: D1:7F:B9:3C:A6:6D:67:BB:25:01:12:BC:7B:8D:33:D5:B9:E8:30:5C
Certificate issuer: /CN=46bb8215b2266da3c0f6ca55cc7ba800e9ade2a2
Certificate serial: 019EC9C5EBC2099C361DE2B963FBEB307409
Authority key identifier: 46:BB:82:15:B2:26:6D:A3:C0:F6:CA:55:CC:7B:A8:00:E9:AD:E2:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RruCFbImbaPA9spVzHuoAOmt4qI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/6a3215-6b62-4363-9abc-7a54db59ec2d/1/0X-5PKZtZ7slARK8e40z1bnoMFw.roa
Signing time: Mon 15 Jun 2026 05:34:11 +0000
ROA not before: Mon 15 Jun 2026 05:34:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 29695
IP address blocks: 5.152.136.0/21 maxlen: 21
5.172.182.0/24 maxlen: 24
45.14.52.0/22 maxlen: 22
79.160.0.0/15 maxlen: 24
80.203.0.0/17 maxlen: 17
81.166.0.0/15 maxlen: 24
84.234.128.0/17 maxlen: 24
89.11.128.0/17 maxlen: 17
92.220.0.0/15 maxlen: 21
109.247.0.0/16 maxlen: 21
141.0.64.0/18 maxlen: 18
213.167.96.0/19 maxlen: 19
2a01:798::/29 maxlen: 32
2a11:5100::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/6a3215-6b62-4363-9abc-7a54db59ec2d/1/RruCFbImbaPA9spVzHuoAOmt4qI.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/6a3215-6b62-4363-9abc-7a54db59ec2d/1/RruCFbImbaPA9spVzHuoAOmt4qI.mft
rsync://rpki.ripe.net/repository/DEFAULT/RruCFbImbaPA9spVzHuoAOmt4qI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 Jul 2026 20:30:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:c9:c5:eb:c2:09:9c:36:1d:e2:b9:63:fb:eb:30:74:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46bb8215b2266da3c0f6ca55cc7ba800e9ade2a2
Validity
Not Before: Jun 15 05:34:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d17fb93ca66d67bb250112bc7b8d33d5b9e8305c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:96:07:f9:4f:f0:48:9e:31:a1:d7:37:36:3f:
59:3b:6e:e5:02:ff:44:0a:8a:23:de:48:44:24:8b:
1f:f0:85:f7:0e:ee:e6:8b:df:61:07:01:3d:77:ab:
98:b6:48:2b:cb:e1:87:ed:94:d3:b0:98:d9:d1:ae:
8c:89:bf:e9:e9:6a:2e:10:c6:6d:31:54:fa:03:12:
dc:28:01:3a:27:6b:25:c8:6e:f7:8c:d2:8d:45:d9:
1d:26:b2:5f:47:90:98:20:b3:a5:45:ec:85:cf:b2:
d3:bb:5a:94:f8:60:f3:4f:09:51:5d:40:a3:82:f1:
39:d7:f7:d3:06:e6:52:7e:3c:eb:0d:85:ba:1e:76:
4d:ce:05:10:71:34:67:e7:ee:9a:24:93:07:05:71:
67:02:f4:11:14:fb:e1:d4:3b:db:e9:91:99:d6:31:
c3:87:b5:c9:76:97:f3:df:43:b8:83:9f:4e:ff:07:
43:d5:b7:4e:fe:f4:34:34:96:a5:7e:e5:5c:6a:fa:
10:ac:82:65:80:8b:06:9c:6c:ec:4f:29:ff:2d:e1:
0f:ec:69:ec:d9:af:76:09:40:2e:51:68:a0:e9:3c:
2f:78:24:af:ae:25:81:83:5d:6e:21:f3:59:f6:26:
26:e5:3b:d3:cd:03:3e:b7:a9:3d:7e:53:2c:7b:6c:
34:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:7F:B9:3C:A6:6D:67:BB:25:01:12:BC:7B:8D:33:D5:B9:E8:30:5C
X509v3 Authority Key Identifier:
keyid:46:BB:82:15:B2:26:6D:A3:C0:F6:CA:55:CC:7B:A8:00:E9:AD:E2:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RruCFbImbaPA9spVzHuoAOmt4qI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/6a3215-6b62-4363-9abc-7a54db59ec2d/1/0X-5PKZtZ7slARK8e40z1bnoMFw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/6a3215-6b62-4363-9abc-7a54db59ec2d/1/RruCFbImbaPA9spVzHuoAOmt4qI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.152.136.0/21
5.172.182.0/24
45.14.52.0/22
79.160.0.0/15
80.203.0.0/17
81.166.0.0/15
84.234.128.0/17
89.11.128.0/17
92.220.0.0/15
109.247.0.0/16
141.0.64.0/18
213.167.96.0/19
IPv6:
2a01:798::/29
2a11:5100::/29
Signature Algorithm: sha256WithRSAEncryption
98:fe:38:a8:55:91:5c:d3:68:87:15:f5:b3:ab:cf:ec:10:5e:
c6:3b:6c:ee:88:b4:35:09:53:64:f2:04:41:1c:12:8e:48:92:
93:30:1e:ce:47:d6:e4:45:38:95:f8:7c:3f:4e:80:a9:28:17:
0e:cc:53:6e:9b:6b:41:0d:29:9f:04:a7:67:71:71:83:79:f4:
41:5d:c8:9e:28:1a:e3:a8:f5:96:46:f9:95:29:73:6f:5f:9d:
b7:85:bb:94:53:71:2c:93:1e:ff:bd:d2:9a:08:74:a3:2c:f8:
3c:a5:e6:ad:b1:e9:bd:ba:d4:3d:fd:8d:5b:7d:26:d2:64:c3:
5c:c8:65:62:03:3b:0a:63:7c:9a:19:c7:42:42:e2:45:36:01:
6c:d1:a2:7e:59:75:0c:ee:04:99:57:82:5d:ae:2e:36:e2:cf:
10:4b:15:fb:ff:70:b0:18:b5:8e:0f:ff:4c:5d:a9:63:01:db:
e2:28:68:ee:a2:5f:68:77:c0:82:dd:b1:ac:4c:f1:17:2d:8d:
04:8c:8d:67:88:41:82:db:ea:9f:87:74:e1:a5:4d:70:0d:aa:
b3:06:6d:79:30:92:27:cf:a1:a7:47:cc:f8:54:73:ca:35:64:
b8:74:a2:60:13:28:bc:ec:94:98:57:15:3e:48:f7:e8:53:c4:
b7:ff:01:98
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAZ7JxevCCZw2HeK5Y/vrMHQJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2YmI4MjE1YjIyNjZkYTNjMGY2Y2E1NWNjN2JhODAwZTlh
ZGUyYTIwHhcNMjYwNjE1MDUzNDExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTdmYjkzY2E2NmQ2N2JiMjUwMTEyYmM3YjhkMzNkNWI5ZTgzMDVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ZYH+U/wSJ4xodc3Nj9ZO27lAv9E
Cooj3khEJIsf8IX3Du7mi99hBwE9d6uYtkgry+GH7ZTTsJjZ0a6Mib/p6WouEMZt
MVT6AxLcKAE6J2slyG73jNKNRdkdJrJfR5CYILOlReyFz7LTu1qU+GDzTwlRXUCj
gvE51/fTBuZSfjzrDYW6HnZNzgUQcTRn5+6aJJMHBXFnAvQRFPvh1Dvb6ZGZ1jHD
h7XJdpfz30O4g59O/wdD1bdO/vQ0NJalfuVcavoQrIJlgIsGnGzsTyn/LeEP7Gns
2a92CUAuUWig6TwveCSvriWBg11uIfNZ9iYm5TvTzQM+t6k9flMse2w0bwIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFNF/uTymbWe7JQESvHuNM9W56DBcMB8GA1UdIwQY
MBaAFEa7ghWyJm2jwPbKVcx7qADpreKiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnJ1Q0ZiSW1iYVBBOXNwVnpIdW9BT210NHFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny82YTMyMTUtNmI2Mi00MzYzLTlhYmMt
N2E1NGRiNTllYzJkLzEvMFgtNVBLWnRaN3NsQVJLOGU0MHoxYm5vTUZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny82YTMyMTUtNmI2Mi00MzYzLTlhYmMtN2E1NGRiNTllYzJk
LzEvUnJ1Q0ZiSW1iYVBBOXNwVnpIdW9BT210NHFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBKBAIAATBEAwQDBZiIAwQA
Bay2AwQCLQ40AwMBT6ADBAdQywADAwFRpgMEB1TqgAMEB1kLgAMDAVzcAwMAbfcD
BAaNAEADBAXVp2AwFAQCAAIwDgMFAyoBB5gDBQMqEVEAMA0GCSqGSIb3DQEBCwUA
A4IBAQCY/jioVZFc02iHFfWzq8/sEF7GO2zuiLQ1CVNk8gRBHBKOSJKTMB7OR9bk
RTiV+Hw/ToCpKBcOzFNum2tBDSmfBKdncXGDefRBXcieKBrjqPWWRvmVKXNvX523
hbuUU3Eskx7/vdKaCHSjLPg8peatsem9utQ9/Y1bfSbSZMNcyGViAzsKY3yaGcdC
QuJFNgFs0aJ+WXUM7gSZV4Jdri424s8QSxX7/3CwGLWOD/9MXaljAdviKGjuol9o
d8CC3bGsTPEXLY0EjI1niEGC2+qfh3ThpU1wDaqzBm15MJInz6GnR8z4VHPKNWS4
dKJgEyi87JSYVxU+SPfoU8S3/wGY
-----END CERTIFICATE-----
Generated at Wed Jul 1 01:34:32 2026 by rpki-client