Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/e744bd-f6d9-4f74-8c01-8c4bc45927a3/1/fFzk5cKxt8SVRD4CpuEpqRTkCus.roa
File: fFzk5cKxt8SVRD4CpuEpqRTkCus.roa (raw, json)
Hash identifier: TsRhx9ef8e8wT+fG2UvsQ8gwg6pDgyIQobLuuWXWPak=
Subject key identifier: 7C:5C:E4:E5:C2:B1:B7:C4:95:44:3E:02:A6:E1:29:A9:14:E4:0A:EB
Certificate issuer: /CN=5dd7336fa915721ce3bfee217f4e99164db9532b
Certificate serial: 019DDD1E622C095DBBDD124E2437F5A9DC61
Authority key identifier: 5D:D7:33:6F:A9:15:72:1C:E3:BF:EE:21:7F:4E:99:16:4D:B9:53:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xdczb6kVchzjv-4hf06ZFk25Uys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/e744bd-f6d9-4f74-8c01-8c4bc45927a3/1/fFzk5cKxt8SVRD4CpuEpqRTkCus.roa
Signing time: Thu 30 Apr 2026 06:40:49 +0000
ROA not before: Thu 30 Apr 2026 06:40:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 137409
IP address blocks: 5.62.16.0/24 maxlen: 24
5.62.18.0/24 maxlen: 24
5.62.19.0/24 maxlen: 24
5.62.20.0/24 maxlen: 24
5.62.22.0/24 maxlen: 24
5.62.23.0/24 maxlen: 24
5.62.24.0/24 maxlen: 24
5.62.33.0/24 maxlen: 24
5.62.34.0/24 maxlen: 24
5.62.35.0/24 maxlen: 24
5.62.49.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/e744bd-f6d9-4f74-8c01-8c4bc45927a3/1/Xdczb6kVchzjv-4hf06ZFk25Uys.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/e744bd-f6d9-4f74-8c01-8c4bc45927a3/1/Xdczb6kVchzjv-4hf06ZFk25Uys.mft
rsync://rpki.ripe.net/repository/DEFAULT/Xdczb6kVchzjv-4hf06ZFk25Uys.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 May 2026 18:48:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:dd:1e:62:2c:09:5d:bb:dd:12:4e:24:37:f5:a9:dc:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dd7336fa915721ce3bfee217f4e99164db9532b
Validity
Not Before: Apr 30 06:40:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7c5ce4e5c2b1b7c495443e02a6e129a914e40aeb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:f4:4d:5d:64:1b:09:81:28:37:88:9c:f7:0c:
b6:c2:7f:71:c1:17:86:e0:88:d0:3e:7e:30:29:3c:
44:03:b8:ca:0e:75:02:fe:ee:b3:d8:d9:8f:6f:a1:
6c:ea:23:33:8b:c5:fe:32:ba:43:96:b3:57:49:cf:
4b:0f:a8:de:0a:06:e4:6b:c7:ae:fa:03:f6:24:9c:
1b:2f:78:7c:15:51:78:1f:fa:80:26:5b:2b:b1:32:
ec:ce:a4:20:49:6c:8d:3b:be:cc:a4:ad:77:5e:67:
20:39:32:d3:45:bd:26:e3:c5:3d:90:e6:cc:ce:f5:
b5:96:09:5f:91:ef:11:18:4f:44:db:3c:9c:d2:ec:
cb:e8:1d:de:3c:cb:17:83:dc:b9:6b:57:1f:54:4b:
72:a5:3e:2b:9f:ab:0b:2c:7f:9e:88:72:77:ad:72:
b6:42:a4:7f:9d:b2:a1:c9:04:fc:e3:25:2e:5d:d9:
52:b4:8f:a2:19:f6:bb:16:90:9f:9e:17:fe:f9:c5:
c5:3b:cd:6e:0e:21:ab:6c:61:07:a7:d9:eb:0e:f9:
79:1b:99:42:87:b4:43:f7:73:63:11:34:6e:2f:d8:
8c:72:84:e0:3f:be:23:2a:97:68:06:c5:66:50:10:
38:97:dc:69:59:af:75:0b:0b:08:3c:ac:42:f7:dc:
ae:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:5C:E4:E5:C2:B1:B7:C4:95:44:3E:02:A6:E1:29:A9:14:E4:0A:EB
X509v3 Authority Key Identifier:
keyid:5D:D7:33:6F:A9:15:72:1C:E3:BF:EE:21:7F:4E:99:16:4D:B9:53:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xdczb6kVchzjv-4hf06ZFk25Uys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/e744bd-f6d9-4f74-8c01-8c4bc45927a3/1/fFzk5cKxt8SVRD4CpuEpqRTkCus.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/e744bd-f6d9-4f74-8c01-8c4bc45927a3/1/Xdczb6kVchzjv-4hf06ZFk25Uys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.62.16.0/24
5.62.18.0-5.62.20.255
5.62.22.0-5.62.24.255
5.62.33.0-5.62.35.255
5.62.49.0/24
Signature Algorithm: sha256WithRSAEncryption
83:4e:95:e2:e6:c5:95:71:95:4d:08:f3:c3:fb:17:55:ce:8a:
f6:70:a4:3e:8c:a8:1b:28:86:e3:ee:6b:1b:a6:84:1c:59:fa:
bf:58:cf:82:0f:0c:71:b2:b6:09:95:4e:fc:e1:6a:79:9a:4c:
1b:af:d1:f9:6e:bd:06:0c:40:64:80:50:f4:bd:f3:90:8d:3d:
23:d6:5b:0a:71:98:a7:3b:63:73:3a:d9:82:84:cb:0c:b0:44:
38:21:26:c6:a0:ec:95:f3:ca:90:38:66:df:58:b5:88:85:5f:
4d:2f:cf:e8:62:93:9a:ab:05:a5:79:9c:ca:78:5d:5e:d4:75:
73:3a:25:ab:16:4d:4d:50:09:d0:18:6e:70:e3:03:21:a1:d7:
bb:9f:ac:97:23:e6:e7:c1:e3:d9:6f:4d:74:bf:2c:d5:98:24:
ee:2f:79:ce:f6:03:64:e7:79:4e:c9:5d:96:71:40:ec:ce:8f:
15:3a:48:ab:8e:78:06:a3:0b:f7:6f:17:e3:75:88:b0:0d:99:
9f:24:d9:2c:1f:2e:e0:52:e6:6f:8c:27:e7:3a:cf:e2:0e:ca:
27:a1:1b:a9:ff:f0:da:e2:ee:98:ec:66:6d:55:79:bb:17:0c:
a5:a4:c9:bf:2e:43:07:9b:36:c9:93:19:c4:26:d8:6d:80:a5:
48:f7:66:a9
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZ3dHmIsCV273RJOJDf1qdxhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZDczMzZmYTkxNTcyMWNlM2JmZWUyMTdmNGU5OTE2NGRi
OTUzMmIwHhcNMjYwNDMwMDY0MDQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzVjZTRlNWMyYjFiN2M0OTU0NDNlMDJhNmUxMjlhOTE0ZTQwYWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5/RNXWQbCYEoN4ic9wy2wn9xwReG
4IjQPn4wKTxEA7jKDnUC/u6z2NmPb6Fs6iMzi8X+MrpDlrNXSc9LD6jeCgbka8eu
+gP2JJwbL3h8FVF4H/qAJlsrsTLszqQgSWyNO77MpK13XmcgOTLTRb0m48U9kObM
zvW1lglfke8RGE9E2zyc0uzL6B3ePMsXg9y5a1cfVEtypT4rn6sLLH+eiHJ3rXK2
QqR/nbKhyQT84yUuXdlStI+iGfa7FpCfnhf++cXFO81uDiGrbGEHp9nrDvl5G5lC
h7RD93NjETRuL9iMcoTgP74jKpdoBsVmUBA4l9xpWa91CwsIPKxC99yu1wIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFHxc5OXCsbfElUQ+AqbhKakU5ArrMB8GA1UdIwQY
MBaAFF3XM2+pFXIc47/uIX9OmRZNuVMrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGRjemI2a1ZjaHpqdi00aGYwNlpGazI1VXlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi9lNzQ0YmQtZjZkOS00Zjc0LThjMDEt
OGM0YmM0NTkyN2EzLzEvZkZ6azVjS3h0OFNWUkQ0Q3B1RXBxUlRrQ3VzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi9lNzQ0YmQtZjZkOS00Zjc0LThjMDEtOGM0YmM0NTkyN2Ez
LzEvWGRjemI2a1ZjaHpqdi00aGYwNlpGazI1VXlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQABT4QMAwD
BAEFPhIDBAAFPhQwDAMEAQU+FgMEAAU+GDAMAwQABT4hAwQCBT4gAwQABT4xMA0G
CSqGSIb3DQEBCwUAA4IBAQCDTpXi5sWVcZVNCPPD+xdVzor2cKQ+jKgbKIbj7msb
poQcWfq/WM+CDwxxsrYJlU784Wp5mkwbr9H5br0GDEBkgFD0vfOQjT0j1lsKcZin
O2NzOtmChMsMsEQ4ISbGoOyV88qQOGbfWLWIhV9NL8/oYpOaqwWleZzKeF1e1HVz
OiWrFk1NUAnQGG5w4wMhode7n6yXI+bnwePZb010vyzVmCTuL3nO9gNk53lOyV2W
cUDszo8VOkirjngGowv3bxfjdYiwDZmfJNksHy7gUuZvjCfnOs/iDsonoRup//Da
4u6Y7GZtVXm7FwylpMm/LkMHmzbJkxnEJthtgKVI92ap
-----END CERTIFICATE-----
Generated at Wed May 6 04:17:13 2026 by rpki-client