Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/d6d30b-0b9b-429e-8413-55a930fc0c71/1/E58PWBUn7UtEVZL4CFS_NBdEtXk.roa
File: E58PWBUn7UtEVZL4CFS_NBdEtXk.roa (raw, json)
Hash identifier: 1fq0CFgVJSOFX0KGo6OeqqqkhCNxlNXWTCFmXVDzLkA=
Subject key identifier: 13:9F:0F:58:15:27:ED:4B:44:55:92:F8:08:54:BF:34:17:44:B5:79
Certificate issuer: /CN=2f2a0fa20383332a3f414f054753a0b60b25ba10
Certificate serial: 019CE105FF9FCCE346CBDF7762F116B857F5
Authority key identifier: 2F:2A:0F:A2:03:83:33:2A:3F:41:4F:05:47:53:A0:B6:0B:25:BA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LyoPogODMyo_QU8FR1OgtgsluhA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/d6d30b-0b9b-429e-8413-55a930fc0c71/1/E58PWBUn7UtEVZL4CFS_NBdEtXk.roa
Signing time: Thu 12 Mar 2026 07:49:52 +0000
ROA not before: Thu 12 Mar 2026 07:49:52 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 5.144.154.0/24 maxlen: 24
5.144.155.0/24 maxlen: 24
78.143.252.0/24 maxlen: 24
78.143.253.0/24 maxlen: 24
79.135.100.0/23 maxlen: 23
79.135.102.0/23 maxlen: 24
194.33.150.0/24 maxlen: 24
194.33.151.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/d6d30b-0b9b-429e-8413-55a930fc0c71/1/LyoPogODMyo_QU8FR1OgtgsluhA.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/d6d30b-0b9b-429e-8413-55a930fc0c71/1/LyoPogODMyo_QU8FR1OgtgsluhA.mft
rsync://rpki.ripe.net/repository/DEFAULT/LyoPogODMyo_QU8FR1OgtgsluhA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Mar 2026 00:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:e1:05:ff:9f:cc:e3:46:cb:df:77:62:f1:16:b8:57:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f2a0fa20383332a3f414f054753a0b60b25ba10
Validity
Not Before: Mar 12 07:49:52 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=139f0f581527ed4b445592f80854bf341744b579
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:fc:1b:03:b6:2b:df:e8:49:39:78:6b:9c:15:
fd:db:21:41:88:76:ef:0b:18:35:6d:5b:84:44:23:
5c:1c:e3:38:76:3a:20:ac:98:40:a0:7a:72:8c:ff:
9e:b2:48:70:a0:1d:6e:71:10:e3:77:b1:3b:5c:cb:
94:b4:79:b0:59:57:e1:9f:1e:9d:a6:aa:6f:3f:ca:
03:b6:4d:9b:f1:d7:80:69:0e:2e:58:aa:ea:95:c3:
2b:83:3d:0e:5f:8b:67:38:70:42:15:bd:1e:17:a4:
e6:15:e5:01:b2:18:36:52:18:3c:38:19:24:3b:7c:
99:16:e0:dc:a2:76:dd:6f:85:4d:1c:38:6c:9f:d3:
08:8f:ae:65:ac:13:6a:1d:56:a9:d3:3f:2b:1e:3d:
03:3e:0d:4f:3e:bb:eb:0a:50:fb:5c:eb:34:ed:8e:
8e:67:a9:3b:4e:04:43:ae:74:dc:01:00:8d:64:9f:
24:4f:70:82:51:06:9b:54:76:5b:ba:56:9e:28:e0:
11:03:92:e8:dd:87:62:70:53:9e:7e:ec:21:a6:34:
59:10:2f:46:a0:44:7d:ce:11:61:03:32:93:be:e7:
c1:69:f1:48:23:4d:38:6b:57:b2:36:95:88:a9:ee:
5c:53:8a:29:a8:f3:de:c4:68:e0:1f:86:ec:14:9f:
9f:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:9F:0F:58:15:27:ED:4B:44:55:92:F8:08:54:BF:34:17:44:B5:79
X509v3 Authority Key Identifier:
keyid:2F:2A:0F:A2:03:83:33:2A:3F:41:4F:05:47:53:A0:B6:0B:25:BA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LyoPogODMyo_QU8FR1OgtgsluhA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/d6d30b-0b9b-429e-8413-55a930fc0c71/1/E58PWBUn7UtEVZL4CFS_NBdEtXk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/d6d30b-0b9b-429e-8413-55a930fc0c71/1/LyoPogODMyo_QU8FR1OgtgsluhA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.144.154.0/23
78.143.252.0/23
79.135.100.0/22
194.33.150.0/23
Signature Algorithm: sha256WithRSAEncryption
9e:0e:1a:cd:cd:2a:1a:e0:61:7a:f9:f7:ea:ba:4d:4a:22:ba:
9a:93:c8:9f:54:7d:7d:97:11:86:c1:74:ff:3b:ea:19:3e:a0:
fb:87:80:e4:a6:d2:fb:42:6b:4d:d7:37:22:b8:35:8b:84:ff:
d9:ad:c9:5b:63:62:e1:d8:83:24:ee:24:2e:28:8a:78:ad:c4:
9a:64:97:6c:9c:d9:f0:20:5c:35:7d:f3:58:31:6f:07:70:f6:
84:59:1e:27:84:84:f9:0f:1b:aa:48:a6:27:6b:6b:46:98:e4:
89:15:3a:ce:36:41:3d:83:d2:99:0b:36:a3:a8:62:ae:cc:b0:
59:9a:17:ea:3a:9a:8e:63:b7:bc:9c:24:2f:46:39:14:74:e4:
07:bd:19:74:12:3c:1c:25:0f:50:a8:1f:79:f8:c1:cd:44:4a:
16:dd:5e:46:16:35:7c:25:9b:c2:19:0e:39:40:a5:0f:11:68:
a5:c2:fb:8a:35:5b:b1:b7:f4:56:8e:f7:53:26:73:cf:1e:77:
d4:ff:4d:24:3b:78:df:4e:20:4b:f0:f1:50:f9:82:f4:6e:5b:
6d:8e:39:36:9c:5b:27:80:ed:3d:cd:ab:a5:29:3e:a3:b5:d5:
b0:33:e2:c4:60:cf:2b:66:ac:f2:1a:aa:97:b1:dc:80:d6:2d:
a4:6d:52:99
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZzhBf+fzONGy993YvEWuFf1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmMmEwZmEyMDM4MzMzMmEzZjQxNGYwNTQ3NTNhMGI2MGIy
NWJhMTAwHhcNMjYwMzEyMDc0OTUyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzlmMGY1ODE1MjdlZDRiNDQ1NTkyZjgwODU0YmYzNDE3NDRiNTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlvwbA7Yr3+hJOXhrnBX92yFBiHbv
Cxg1bVuERCNcHOM4djogrJhAoHpyjP+eskhwoB1ucRDjd7E7XMuUtHmwWVfhnx6d
pqpvP8oDtk2b8deAaQ4uWKrqlcMrgz0OX4tnOHBCFb0eF6TmFeUBshg2Uhg8OBkk
O3yZFuDconbdb4VNHDhsn9MIj65lrBNqHVap0z8rHj0DPg1PPrvrClD7XOs07Y6O
Z6k7TgRDrnTcAQCNZJ8kT3CCUQabVHZbulaeKOARA5Lo3YdicFOefuwhpjRZEC9G
oER9zhFhAzKTvufBafFII004a1eyNpWIqe5cU4opqPPexGjgH4bsFJ+fLQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBOfD1gVJ+1LRFWS+AhUvzQXRLV5MB8GA1UdIwQY
MBaAFC8qD6IDgzMqP0FPBUdToLYLJboQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHlvUG9nT0RNeW9fUVU4RlIxT2d0Z3NsdWhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9kNmQzMGItMGI5Yi00MjllLTg0MTMt
NTVhOTMwZmMwYzcxLzEvRTU4UFdCVW43VXRFVlpMNENGU19OQmRFdFhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9kNmQzMGItMGI5Yi00MjllLTg0MTMtNTVhOTMwZmMwYzcx
LzEvTHlvUG9nT0RNeW9fUVU4RlIxT2d0Z3NsdWhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBBZCaAwQB
To/8AwQCT4dkAwQBwiGWMA0GCSqGSIb3DQEBCwUAA4IBAQCeDhrNzSoa4GF6+ffq
uk1KIrqak8ifVH19lxGGwXT/O+oZPqD7h4DkptL7QmtN1zciuDWLhP/ZrclbY2Lh
2IMk7iQuKIp4rcSaZJdsnNnwIFw1ffNYMW8HcPaEWR4nhIT5DxuqSKYna2tGmOSJ
FTrONkE9g9KZCzajqGKuzLBZmhfqOpqOY7e8nCQvRjkUdOQHvRl0EjwcJQ9QqB95
+MHNREoW3V5GFjV8JZvCGQ45QKUPEWilwvuKNVuxt/RWjvdTJnPPHnfU/00kO3jf
TiBL8PFQ+YL0blttjjk2nFsngO09zaulKT6jtdWwM+LEYM8rZqzyGqqXsdyA1i2k
bVKZ
-----END CERTIFICATE-----
Generated at Fri Mar 13 10:13:22 2026 by rpki-client