Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/2InaMK0sPiulmUhZSlOLWfOhPzk.roa
File: 2InaMK0sPiulmUhZSlOLWfOhPzk.roa (raw, json)
Hash identifier: Hfa85J2uejBy7HDxas9trS510l30x2j1suqkH6CtDt4=
Subject key identifier: D8:89:DA:30:AD:2C:3E:2B:A5:99:48:59:4A:53:8B:59:F3:A1:3F:39
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 019CB957D638AFD10F8120242B20DBAED8EE
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/2InaMK0sPiulmUhZSlOLWfOhPzk.roa
Signing time: Wed 04 Mar 2026 14:54:27 +0000
ROA not before: Wed 04 Mar 2026 14:54:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 214833
IP address blocks: 5.42.211.0/24 maxlen: 24
45.131.163.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Mar 2026 14:13:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:b9:57:d6:38:af:d1:0f:81:20:24:2b:20:db:ae:d8:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Mar 4 14:54:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d889da30ad2c3e2ba59948594a538b59f3a13f39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:c1:1a:cd:cf:91:d7:10:44:98:8d:78:14:c6:
f4:fb:6b:6b:2f:25:a8:a8:f3:cb:65:90:54:85:f1:
1c:9d:aa:66:0f:ad:75:32:c0:2b:00:37:cb:2e:50:
62:ba:ce:dc:2e:06:f6:1b:04:29:dd:4f:6c:64:10:
07:86:73:e0:f0:74:ef:33:f5:a4:59:59:67:e1:05:
79:68:38:37:4c:f3:3e:78:f0:91:92:2a:c4:16:a5:
97:1b:df:0d:d7:a7:3e:83:28:52:88:0b:ac:06:ae:
b3:4c:3a:86:f0:80:10:d7:77:38:92:26:63:34:25:
16:05:ae:ce:c1:4a:39:88:7a:12:8c:36:68:db:fd:
17:3c:8e:35:7e:c2:30:43:10:19:53:8b:aa:49:2b:
4f:6a:4c:19:41:1a:d6:e7:ca:80:4e:62:a8:b7:3e:
d2:91:e6:50:a1:34:9e:20:e3:d1:9d:da:be:14:dc:
e5:8b:fa:96:04:fd:d2:d3:c7:ed:28:e2:dc:ea:b3:
87:01:2c:7c:41:ae:ea:f6:54:8f:78:bd:61:cb:94:
2d:67:5a:8a:24:f1:d4:79:80:36:f8:4c:3e:d0:7d:
b6:b9:43:a0:a6:dc:58:7a:be:80:05:80:17:1a:f9:
c0:78:37:3b:43:b3:71:a0:ac:79:44:ca:90:3c:a8:
99:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:89:DA:30:AD:2C:3E:2B:A5:99:48:59:4A:53:8B:59:F3:A1:3F:39
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/2InaMK0sPiulmUhZSlOLWfOhPzk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.211.0/24
45.131.163.0/24
Signature Algorithm: sha256WithRSAEncryption
35:7d:50:f0:06:7e:85:44:64:7a:c2:3c:e7:5b:e5:c8:c3:8c:
df:96:ea:ee:98:d3:b1:2e:e3:51:95:fd:36:9d:cd:4f:46:2c:
48:03:0a:39:85:f5:bc:17:b6:5b:f0:3b:62:71:22:a5:16:24:
eb:17:5e:8f:d4:e5:20:c2:24:7c:28:d7:92:07:fd:ab:3c:2b:
ea:08:4c:2a:46:a3:20:27:df:ee:6f:a5:8a:02:fc:d1:e3:cf:
8f:16:32:84:23:50:15:18:cf:c6:04:49:ec:cc:99:26:16:89:
0b:68:ba:a4:15:a1:df:7e:2a:54:f0:ad:ba:fa:50:d5:55:9d:
f2:8c:2c:b7:a9:0d:c8:dc:47:d8:1b:ea:ac:ef:a3:47:ea:dc:
81:ac:f9:ac:2d:02:25:d5:0b:10:b9:e3:2e:7a:13:66:58:99:
eb:1b:a3:14:bb:a7:ec:91:a0:68:59:11:11:91:b6:f4:0c:aa:
d4:2b:71:15:f7:66:70:a5:69:6c:26:21:cb:31:a2:e6:f8:69:
ca:bb:11:1e:6e:78:39:26:a2:18:46:f7:33:c3:5f:13:73:d1:
44:56:b1:d5:d0:c1:89:8c:da:a0:23:ee:ca:b1:7a:4e:51:a4:
d2:fa:c2:4d:8a:e8:58:1e:8e:70:70:9e:95:f7:c3:ec:b2:91:
a9:17:45:bd
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZy5V9Y4r9EPgSAkKyDbrtjuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjYwMzA0MTQ1NDI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODg5ZGEzMGFkMmMzZTJiYTU5OTQ4NTk0YTUzOGI1OWYzYTEzZjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArMEazc+R1xBEmI14FMb0+2trLyWo
qPPLZZBUhfEcnapmD611MsArADfLLlBius7cLgb2GwQp3U9sZBAHhnPg8HTvM/Wk
WVln4QV5aDg3TPM+ePCRkirEFqWXG98N16c+gyhSiAusBq6zTDqG8IAQ13c4kiZj
NCUWBa7OwUo5iHoSjDZo2/0XPI41fsIwQxAZU4uqSStPakwZQRrW58qATmKotz7S
keZQoTSeIOPRndq+FNzli/qWBP3S08ftKOLc6rOHASx8Qa7q9lSPeL1hy5QtZ1qK
JPHUeYA2+Ew+0H22uUOgptxYer6ABYAXGvnAeDc7Q7NxoKx5RMqQPKiZnQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNiJ2jCtLD4rpZlIWUpTi1nzoT85MB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvMkluYU1LMHNQaXVsbVVoWlNsT0xXZk9oUHprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABSrTAwQA
LYOjMA0GCSqGSIb3DQEBCwUAA4IBAQA1fVDwBn6FRGR6wjznW+XIw4zflurumNOx
LuNRlf02nc1PRixIAwo5hfW8F7Zb8DticSKlFiTrF16P1OUgwiR8KNeSB/2rPCvq
CEwqRqMgJ9/ub6WKAvzR48+PFjKEI1AVGM/GBEnszJkmFokLaLqkFaHffipU8K26
+lDVVZ3yjCy3qQ3I3EfYG+qs76NH6tyBrPmsLQIl1QsQueMuehNmWJnrG6MUu6fs
kaBoWRERkbb0DKrUK3EV92ZwpWlsJiHLMaLm+GnKuxEebng5JqIYRvczw18Tc9FE
VrHV0MGJjNqgI+7KsXpOUaTS+sJNiuhYHo5wcJ6V98PsspGpF0W9
-----END CERTIFICATE-----
Generated at Thu Mar 5 21:45:26 2026 by rpki-client