Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/SR8e0zkhLcatb9iy_5fX_nOimTE.roa
File: SR8e0zkhLcatb9iy_5fX_nOimTE.roa (raw, json)
Hash identifier: hKr65ed/gpKdtS3v1EI34oZI27mlo6VgRr8DWLDyqIw=
Subject key identifier: 49:1F:1E:D3:39:21:2D:C6:AD:6F:D8:B2:FF:97:D7:FE:73:A2:99:31
Certificate issuer: /CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Certificate serial: 019DAE961DB387ED0143A500722916AECB85
Authority key identifier: 11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/SR8e0zkhLcatb9iy_5fX_nOimTE.roa
Signing time: Tue 21 Apr 2026 05:49:26 +0000
ROA not before: Tue 21 Apr 2026 05:49:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 209847
IP address blocks: 5.182.36.0/24 maxlen: 24
5.182.37.0/24 maxlen: 24
5.182.38.0/24 maxlen: 24
5.182.39.0/24 maxlen: 24
45.8.144.0/24 maxlen: 24
45.8.145.0/24 maxlen: 24
45.8.146.0/24 maxlen: 24
45.8.147.0/24 maxlen: 24
45.67.34.0/24 maxlen: 24
45.67.35.0/24 maxlen: 24
45.84.0.0/24 maxlen: 24
45.87.152.0/24 maxlen: 24
45.87.153.0/24 maxlen: 24
45.87.154.0/24 maxlen: 24
45.87.155.0/24 maxlen: 24
45.89.52.0/24 maxlen: 24
45.89.53.0/24 maxlen: 24
45.89.54.0/24 maxlen: 24
45.89.55.0/24 maxlen: 24
45.93.10.0/24 maxlen: 24
45.93.11.0/24 maxlen: 24
45.159.248.0/24 maxlen: 24
45.159.249.0/24 maxlen: 24
45.159.250.0/24 maxlen: 24
45.159.251.0/24 maxlen: 24
93.185.166.0/24 maxlen: 24
141.98.168.0/24 maxlen: 24
141.98.169.0/24 maxlen: 24
141.98.170.0/24 maxlen: 24
185.231.204.0/24 maxlen: 24
185.231.205.0/24 maxlen: 24
185.231.206.0/24 maxlen: 24
185.231.207.0/24 maxlen: 24
188.119.123.0/24 maxlen: 24
193.43.146.0/24 maxlen: 24
193.43.147.0/24 maxlen: 24
193.46.56.0/24 maxlen: 24
193.46.57.0/24 maxlen: 24
193.57.136.0/24 maxlen: 24
193.57.137.0/24 maxlen: 24
193.57.138.0/24 maxlen: 24
193.57.139.0/24 maxlen: 24
193.178.210.0/24 maxlen: 24
194.4.48.0/24 maxlen: 24
194.4.49.0/24 maxlen: 24
194.4.50.0/24 maxlen: 24
194.4.51.0/24 maxlen: 24
194.31.109.0/24 maxlen: 24
194.116.172.0/24 maxlen: 24
194.116.173.0/24 maxlen: 24
194.116.190.0/24 maxlen: 24
194.116.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.mft
rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 Apr 2026 14:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:ae:96:1d:b3:87:ed:01:43:a5:00:72:29:16:ae:cb:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Validity
Not Before: Apr 21 05:49:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=491f1ed339212dc6ad6fd8b2ff97d7fe73a29931
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:72:65:af:a7:fc:c3:32:97:4c:d5:22:ec:b5:
88:cc:2c:ad:34:8f:13:26:bf:92:ce:35:35:a5:31:
29:40:0f:33:73:70:9f:d1:be:c1:f5:2c:15:d7:89:
9b:7a:34:83:6e:ab:27:4a:bf:67:e3:ed:56:92:90:
72:56:59:cc:93:37:32:01:80:5c:28:e1:d6:61:fd:
38:7b:a6:c5:f0:23:50:27:46:59:1f:1b:4c:02:3d:
ad:68:2c:17:e9:80:2a:47:95:34:91:a7:fe:a9:79:
38:86:df:57:1b:c6:7d:08:06:e2:35:67:4b:60:c8:
58:4b:3f:51:bf:c3:ac:3d:1d:5e:36:fe:fe:8d:c0:
09:35:6b:e1:ec:0e:5d:60:61:c1:9d:9c:23:39:7d:
72:05:62:9d:7c:69:d3:ba:10:dc:7d:6e:d4:6e:a8:
a4:82:35:90:83:94:58:20:f9:e4:5c:b7:f0:2c:91:
75:27:37:c7:33:d4:f6:77:6e:00:fc:5a:4d:86:62:
fb:d4:04:94:ad:87:d6:75:b9:ea:56:2f:37:df:6d:
0a:8a:10:dd:22:3b:2d:7f:4a:fe:5a:7f:14:97:72:
e2:22:fa:19:d7:3e:91:e5:b4:fa:6b:d1:48:10:e0:
9a:ff:a3:6b:a8:db:aa:c1:39:fc:85:ba:c3:c7:36:
1f:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:1F:1E:D3:39:21:2D:C6:AD:6F:D8:B2:FF:97:D7:FE:73:A2:99:31
X509v3 Authority Key Identifier:
keyid:11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/SR8e0zkhLcatb9iy_5fX_nOimTE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.36.0/22
45.8.144.0/22
45.67.34.0/23
45.84.0.0/24
45.87.152.0/22
45.89.52.0/22
45.93.10.0/23
45.159.248.0/22
93.185.166.0/24
141.98.168.0-141.98.170.255
185.231.204.0/22
188.119.123.0/24
193.43.146.0/23
193.46.56.0/23
193.57.136.0/22
193.178.210.0/24
194.4.48.0/22
194.31.109.0/24
194.116.172.0/23
194.116.190.0/23
Signature Algorithm: sha256WithRSAEncryption
66:e8:a5:c0:21:da:11:51:db:cd:25:cb:1b:e7:76:80:0a:30:
4c:ce:81:54:41:9e:57:ef:46:f7:e0:1c:d7:31:2a:b6:f3:39:
61:17:5d:28:f9:8e:23:4c:af:1b:20:42:02:f7:82:c5:b6:fe:
98:3b:6f:48:b6:6b:93:6c:84:a4:a5:85:91:a1:e6:0d:b2:f9:
4c:b3:26:f4:a7:75:48:1e:fa:5c:c6:3f:38:ec:2a:53:b3:39:
7e:7f:65:eb:23:ec:2a:4c:06:68:61:71:28:ee:95:f0:7b:92:
b9:52:45:07:86:7f:db:fd:cd:7d:cf:25:ef:3b:0b:16:d6:b8:
c9:92:62:96:3d:e2:3d:60:58:81:7a:b5:42:f4:46:93:61:c0:
9c:0d:02:d3:99:4e:cf:6a:4c:24:5a:30:38:78:fa:b4:e1:a2:
f3:dc:2c:3b:f6:09:f1:34:64:99:69:62:69:01:45:68:e0:e3:
e4:d1:5b:e1:0d:4d:6b:f0:92:cb:93:23:c3:84:4c:d8:e3:f3:
93:03:60:fc:8b:12:d9:ed:96:d1:96:49:a7:53:7c:6d:16:76:
66:aa:cf:fb:92:14:22:f6:19:b8:2f:0f:a8:12:77:39:f5:0d:
09:bc:51:c0:9d:9d:74:80:40:27:65:1d:8b:0c:0c:5b:1b:df:
7d:04:24:49
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgISAZ2ulh2zh+0BQ6UAcikWrsuFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTAxMGY4N2EwNDliNmUyMWFiZWQ5YjQwOTgzYjA0ZjNm
MWM3ZTgwHhcNMjYwNDIxMDU0OTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTFmMWVkMzM5MjEyZGM2YWQ2ZmQ4YjJmZjk3ZDdmZTczYTI5OTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw3Jlr6f8wzKXTNUi7LWIzCytNI8T
Jr+SzjU1pTEpQA8zc3Cf0b7B9SwV14mbejSDbqsnSr9n4+1WkpByVlnMkzcyAYBc
KOHWYf04e6bF8CNQJ0ZZHxtMAj2taCwX6YAqR5U0kaf+qXk4ht9XG8Z9CAbiNWdL
YMhYSz9Rv8OsPR1eNv7+jcAJNWvh7A5dYGHBnZwjOX1yBWKdfGnTuhDcfW7Ubqik
gjWQg5RYIPnkXLfwLJF1JzfHM9T2d24A/FpNhmL71ASUrYfWdbnqVi83320KihDd
Ijstf0r+Wn8Ul3LiIvoZ1z6R5bT6a9FIEOCa/6NrqNuqwTn8hbrDxzYf8QIDAQAB
o4ICiDCCAoQwHQYDVR0OBBYEFEkfHtM5IS3GrW/Ysv+X1/5zopkxMB8GA1UdIwQY
MBaAFBGgEPh6BJtuIavtm0CYOwTz8cfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUt
ZWU3NDY1NzU0ZmY2LzEvU1I4ZTB6a2hMY2F0YjlpeV81Zlhfbk9pbVRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUtZWU3NDY1NzU0ZmY2
LzEvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGdBggrBgEFBQcBBwEB/wSBjTCBijCBhwQCAAEwgYADBAIF
tiQDBAItCJADBAEtQyIDBAAtVAADBAItV5gDBAItWTQDBAEtXQoDBAItn/gDBABd
uaYwDAMEA41iqAMEAI1iqgMEArnnzAMEALx3ewMEAcErkgMEAcEuOAMEAsE5iAME
AMGy0gMEAsIEMAMEAMIfbQMEAcJ0rAMEAcJ0vjANBgkqhkiG9w0BAQsFAAOCAQEA
ZuilwCHaEVHbzSXLG+d2gAowTM6BVEGeV+9G9+Ac1zEqtvM5YRddKPmOI0yvGyBC
AveCxbb+mDtvSLZrk2yEpKWFkaHmDbL5TLMm9Kd1SB76XMY/OOwqU7M5fn9l6yPs
KkwGaGFxKO6V8HuSuVJFB4Z/2/3Nfc8l7zsLFta4yZJilj3iPWBYgXq1QvRGk2HA
nA0C05lOz2pMJFowOHj6tOGi89wsO/YJ8TRkmWliaQFFaODj5NFb4Q1Na/CSy5Mj
w4RM2OPzkwNg/IsS2e2W0ZZJp1N8bRZ2ZqrP+5IUIvYZuC8PqBJ3OfUNCbxRwJ2d
dIBAJ2UdiwwMWxvffQQkSQ==
-----END CERTIFICATE-----
Generated at Tue Apr 21 19:40:19 2026 by rpki-client