Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/e744bd-f6d9-4f74-8c01-8c4bc45927a3/1/NbVqiX6wU_Fr5GSOQfJ8YNe7b_w.roa
File: NbVqiX6wU_Fr5GSOQfJ8YNe7b_w.roa (raw, json)
Hash identifier: Nw5vSu+E6BX+vcoqztio2E9NJTou/UDDEAsPJgGV9fk=
Subject key identifier: 35:B5:6A:89:7E:B0:53:F1:6B:E4:64:8E:41:F2:7C:60:D7:BB:6F:FC
Certificate issuer: /CN=5dd7336fa915721ce3bfee217f4e99164db9532b
Certificate serial: 019CE155EE19F324D002448F84E00B6A5872
Authority key identifier: 5D:D7:33:6F:A9:15:72:1C:E3:BF:EE:21:7F:4E:99:16:4D:B9:53:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xdczb6kVchzjv-4hf06ZFk25Uys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/e744bd-f6d9-4f74-8c01-8c4bc45927a3/1/NbVqiX6wU_Fr5GSOQfJ8YNe7b_w.roa
Signing time: Thu 12 Mar 2026 09:17:11 +0000
ROA not before: Thu 12 Mar 2026 09:17:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 137409
IP address blocks: 5.62.16.0/24 maxlen: 24
5.62.18.0/24 maxlen: 24
5.62.19.0/24 maxlen: 24
5.62.20.0/24 maxlen: 24
5.62.22.0/24 maxlen: 24
5.62.23.0/24 maxlen: 24
5.62.33.0/24 maxlen: 24
5.62.35.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/e744bd-f6d9-4f74-8c01-8c4bc45927a3/1/Xdczb6kVchzjv-4hf06ZFk25Uys.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/e744bd-f6d9-4f74-8c01-8c4bc45927a3/1/Xdczb6kVchzjv-4hf06ZFk25Uys.mft
rsync://rpki.ripe.net/repository/DEFAULT/Xdczb6kVchzjv-4hf06ZFk25Uys.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Mar 2026 00:01:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:e1:55:ee:19:f3:24:d0:02:44:8f:84:e0:0b:6a:58:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dd7336fa915721ce3bfee217f4e99164db9532b
Validity
Not Before: Mar 12 09:17:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=35b56a897eb053f16be4648e41f27c60d7bb6ffc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:9f:88:ba:f1:5f:9a:ce:a1:2a:1e:39:f2:31:
ae:e3:28:b4:3a:03:81:4f:4c:ca:07:93:d1:64:f7:
73:56:65:b8:0a:9b:2d:2f:94:3e:71:cf:90:84:53:
cb:6b:45:cf:d8:14:0a:10:ee:24:e7:71:12:ff:ae:
41:d3:f3:0b:8f:3a:9a:34:4b:a2:77:05:5b:ac:2e:
33:81:40:f0:c0:94:4a:41:c4:db:7e:73:de:1f:94:
75:06:4d:97:32:2f:ab:e4:d4:d3:cb:4b:d9:03:ba:
49:2a:15:74:4b:b6:81:c9:69:53:3d:6b:ce:ab:b5:
23:92:14:5a:79:f0:49:34:a6:c7:1a:ae:c9:fb:3d:
69:f0:e5:da:58:72:6a:d0:c1:d2:11:67:c2:c0:af:
90:7a:d3:d5:a8:34:34:2f:a0:88:8f:fc:64:ff:e0:
8a:40:e6:39:0d:38:e3:c9:ac:0f:44:02:76:d6:9d:
41:97:92:fa:6c:68:d8:56:cd:73:97:93:19:5c:6e:
ba:84:53:18:f2:82:f5:37:66:3c:b2:dc:d7:70:21:
59:4b:4d:09:fe:eb:5a:c1:d3:f4:c3:29:7b:7b:2b:
76:fe:18:4f:9f:9a:9d:2a:4b:29:c7:e5:ae:d9:b6:
fb:7e:34:7f:5a:79:bf:bd:e1:ae:22:82:b2:1f:58:
c7:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:B5:6A:89:7E:B0:53:F1:6B:E4:64:8E:41:F2:7C:60:D7:BB:6F:FC
X509v3 Authority Key Identifier:
keyid:5D:D7:33:6F:A9:15:72:1C:E3:BF:EE:21:7F:4E:99:16:4D:B9:53:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xdczb6kVchzjv-4hf06ZFk25Uys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/e744bd-f6d9-4f74-8c01-8c4bc45927a3/1/NbVqiX6wU_Fr5GSOQfJ8YNe7b_w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/e744bd-f6d9-4f74-8c01-8c4bc45927a3/1/Xdczb6kVchzjv-4hf06ZFk25Uys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.62.16.0/24
5.62.18.0-5.62.20.255
5.62.22.0/23
5.62.33.0/24
5.62.35.0/24
Signature Algorithm: sha256WithRSAEncryption
22:0d:47:3a:e6:c1:fc:f7:f8:e3:a7:0a:0a:95:c0:22:c1:a9:
b8:ad:f3:bf:25:3f:74:66:5c:9b:51:c2:de:67:2e:6b:d4:8e:
bd:ad:ec:81:35:d0:10:1f:71:2f:96:b2:31:68:fe:8f:22:14:
ce:40:6f:8e:96:28:08:0e:50:d6:25:8e:81:6a:a8:b9:b4:46:
c5:56:a0:fd:a7:2a:9e:86:d0:82:85:4f:46:6b:51:a1:14:ee:
cc:0a:e3:04:03:f0:29:61:dd:2c:64:7b:11:58:7c:d6:24:16:
6b:a4:a8:4b:43:33:5c:a6:aa:3a:00:16:52:c1:f9:85:e0:d9:
7e:f8:05:f7:87:0c:53:7b:6f:d9:41:3d:fb:92:65:43:66:32:
ab:5b:70:c1:aa:5f:57:74:38:63:72:ab:44:29:a2:bd:16:c5:
f7:8e:93:e6:23:a2:eb:93:17:67:df:a5:a0:75:e9:a1:4d:9c:
12:f4:45:4f:05:b8:9c:62:0c:00:50:76:d1:8a:16:f0:67:b1:
ae:09:1c:3d:92:a0:44:70:31:18:2d:11:2e:e7:74:57:ae:06:
fe:83:71:f4:d7:f7:e2:ee:dd:e0:bf:39:a9:10:81:c2:af:bc:
9a:04:50:02:d7:d8:ac:90:9f:ed:cf:f2:b4:72:7e:63:7e:4d:
13:d4:71:26
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZzhVe4Z8yTQAkSPhOALalhyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZDczMzZmYTkxNTcyMWNlM2JmZWUyMTdmNGU5OTE2NGRi
OTUzMmIwHhcNMjYwMzEyMDkxNzExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWI1NmE4OTdlYjA1M2YxNmJlNDY0OGU0MWYyN2M2MGQ3YmI2ZmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0p+IuvFfms6hKh458jGu4yi0OgOB
T0zKB5PRZPdzVmW4CpstL5Q+cc+QhFPLa0XP2BQKEO4k53ES/65B0/MLjzqaNEui
dwVbrC4zgUDwwJRKQcTbfnPeH5R1Bk2XMi+r5NTTy0vZA7pJKhV0S7aByWlTPWvO
q7UjkhRaefBJNKbHGq7J+z1p8OXaWHJq0MHSEWfCwK+QetPVqDQ0L6CIj/xk/+CK
QOY5DTjjyawPRAJ21p1Bl5L6bGjYVs1zl5MZXG66hFMY8oL1N2Y8stzXcCFZS00J
/utawdP0wyl7eyt2/hhPn5qdKkspx+Wu2bb7fjR/Wnm/veGuIoKyH1jHzQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFDW1aol+sFPxa+RkjkHyfGDXu2/8MB8GA1UdIwQY
MBaAFF3XM2+pFXIc47/uIX9OmRZNuVMrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGRjemI2a1ZjaHpqdi00aGYwNlpGazI1VXlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi9lNzQ0YmQtZjZkOS00Zjc0LThjMDEt
OGM0YmM0NTkyN2EzLzEvTmJWcWlYNndVX0ZyNUdTT1FmSjhZTmU3Yl93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi9lNzQ0YmQtZjZkOS00Zjc0LThjMDEtOGM0YmM0NTkyN2Ez
LzEvWGRjemI2a1ZjaHpqdi00aGYwNlpGazI1VXlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQABT4QMAwD
BAEFPhIDBAAFPhQDBAEFPhYDBAAFPiEDBAAFPiMwDQYJKoZIhvcNAQELBQADggEB
ACINRzrmwfz3+OOnCgqVwCLBqbit878lP3RmXJtRwt5nLmvUjr2t7IE10BAfcS+W
sjFo/o8iFM5Ab46WKAgOUNYljoFqqLm0RsVWoP2nKp6G0IKFT0ZrUaEU7swK4wQD
8Clh3SxkexFYfNYkFmukqEtDM1ymqjoAFlLB+YXg2X74BfeHDFN7b9lBPfuSZUNm
MqtbcMGqX1d0OGNyq0Qpor0WxfeOk+YjouuTF2ffpaB16aFNnBL0RU8FuJxiDABQ
dtGKFvBnsa4JHD2SoERwMRgtES7ndFeuBv6DcfTX9+Lu3eC/OakQgcKvvJoEUALX
2KyQn+3P8rRyfmN+TRPUcSY=
-----END CERTIFICATE-----
Generated at Sat Mar 21 10:03:41 2026 by rpki-client