Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/N_jsupufyQKmOIb-ZLf5qWLkurY.roa
File: N_jsupufyQKmOIb-ZLf5qWLkurY.roa (raw, json)
Hash identifier: ISV8VmTpCv1AzGmjwJfxFbCXuLOiH9fVhbg2esV16ko=
Subject key identifier: 37:F8:EC:BA:9B:9F:C9:02:A6:38:86:FE:64:B7:F9:A9:62:E4:BA:B6
Certificate issuer: /CN=21021b252222997bfe33b7e4b315ac8d5e067954
Certificate serial: 019CBE13FDBB6261F8DE7A117D77C416456C
Authority key identifier: 21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/N_jsupufyQKmOIb-ZLf5qWLkurY.roa
Signing time: Thu 05 Mar 2026 12:58:27 +0000
ROA not before: Thu 05 Mar 2026 12:58:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212238
IP address blocks: 45.117.53.0/24 maxlen: 24
45.123.145.0/24 maxlen: 24
72.63.110.0/23 maxlen: 23
203.78.166.0/23 maxlen: 23
205.188.4.0/23 maxlen: 23
205.188.12.0/22 maxlen: 22
205.188.24.0/22 maxlen: 22
205.188.28.0/22 maxlen: 22
205.188.32.0/22 maxlen: 22
205.188.36.0/22 maxlen: 22
205.188.40.0/22 maxlen: 22
205.188.48.0/22 maxlen: 22
205.188.56.0/22 maxlen: 22
205.188.64.0/22 maxlen: 22
205.188.68.0/22 maxlen: 22
205.188.72.0/22 maxlen: 22
205.188.76.0/23 maxlen: 23
205.188.78.0/23 maxlen: 23
205.188.84.0/22 maxlen: 22
205.188.88.0/22 maxlen: 22
205.188.94.0/23 maxlen: 23
205.188.214.0/23 maxlen: 23
205.188.240.0/22 maxlen: 22
205.188.252.0/22 maxlen: 22
2a0d:3900::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 12 Mar 2026 00:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:be:13:fd:bb:62:61:f8:de:7a:11:7d:77:c4:16:45:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21021b252222997bfe33b7e4b315ac8d5e067954
Validity
Not Before: Mar 5 12:58:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=37f8ecba9b9fc902a63886fe64b7f9a962e4bab6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:8b:c3:24:8f:6b:24:a6:66:13:36:1a:34:cc:
c9:ac:bb:3a:2e:4a:ba:1f:23:df:91:b4:5d:c7:51:
e7:3e:8b:f6:52:b5:f0:a1:5d:1a:2a:1e:7b:71:e9:
39:5d:5a:82:1e:6a:70:61:91:5e:17:57:2e:d3:1d:
3d:24:63:58:ee:ff:63:9a:83:a0:b8:6b:8b:c1:ef:
f2:50:1b:15:ee:53:19:ea:9d:20:90:9b:34:5b:4e:
e0:47:a4:b4:46:18:e3:4c:a0:86:ed:eb:e7:92:52:
7d:dd:94:56:90:5d:9b:c0:85:b9:87:f5:0b:ea:90:
37:80:81:95:c0:77:03:0b:86:3b:ef:f2:5b:b2:85:
8f:4f:68:bc:ae:ab:63:65:82:f0:f6:24:a6:5a:83:
58:c2:a1:05:04:79:19:5c:e7:6d:f6:af:8f:2d:d4:
17:f3:8d:1e:14:58:28:0c:0b:d1:ae:92:bf:79:da:
a8:3f:b7:ce:bd:b2:c1:96:95:c6:c7:4c:05:bd:ff:
9e:a2:a1:ea:ff:99:0a:18:ab:28:29:a3:c9:41:c3:
bd:e8:be:74:8a:b1:f0:99:9c:0d:fe:e7:a9:c9:61:
dd:4b:1f:e6:70:8e:62:cb:f3:03:33:a0:87:58:14:
42:49:e1:09:95:78:d1:2d:9d:de:9f:7b:a8:fb:47:
2a:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:F8:EC:BA:9B:9F:C9:02:A6:38:86:FE:64:B7:F9:A9:62:E4:BA:B6
X509v3 Authority Key Identifier:
keyid:21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/N_jsupufyQKmOIb-ZLf5qWLkurY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.117.53.0/24
45.123.145.0/24
72.63.110.0/23
203.78.166.0/23
205.188.4.0/23
205.188.12.0/22
205.188.24.0-205.188.43.255
205.188.48.0/22
205.188.56.0/22
205.188.64.0/20
205.188.84.0-205.188.91.255
205.188.94.0/23
205.188.214.0/23
205.188.240.0/22
205.188.252.0/22
IPv6:
2a0d:3900::/29
Signature Algorithm: sha256WithRSAEncryption
24:d3:28:6b:1d:93:52:ad:0a:b0:f1:cc:91:4b:be:18:9d:fe:
95:09:f8:9b:85:36:50:7b:e4:c3:f9:0b:73:d4:45:9d:0d:9c:
a6:40:55:4d:b3:da:a8:39:d0:f7:d4:f7:ea:b2:cb:ba:6d:1b:
3f:8c:f3:9e:86:b3:fb:c8:98:fd:65:46:16:9d:05:31:21:91:
4e:1b:aa:e5:cd:5c:fe:dc:27:76:b7:e9:7b:6c:f1:2a:80:b0:
2e:d0:26:b0:6c:ff:59:86:82:42:6c:7c:d6:f5:90:a1:a0:83:
9a:16:63:8e:f6:d3:58:f9:9e:64:b1:e6:99:06:2b:f7:f7:79:
f9:6c:94:5b:a5:16:34:ae:e6:15:a7:bb:45:a1:76:08:41:07:
c9:29:1e:a4:82:2d:51:87:c9:82:dd:12:ba:98:a8:7d:0d:f1:
bd:bb:58:61:1f:92:39:ef:6e:f5:6d:0d:a8:10:d6:1e:c7:d1:
ac:6c:68:10:70:40:99:0f:e2:aa:4f:95:31:da:f4:49:38:50:
bf:d3:e9:8c:22:bf:a4:21:a1:20:53:81:e2:51:e5:b8:f4:fe:
7b:dd:19:ec:16:f8:a9:ff:0a:25:f3:d7:a4:ef:f1:93:b8:fe:
be:c3:ec:f9:89:54:58:5c:dd:93:0f:cd:68:1e:11:7d:c8:8f:
23:00:77:b2
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZy+E/27YmH43noRfXfEFkVsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMDIxYjI1MjIyMjk5N2JmZTMzYjdlNGIzMTVhYzhkNWUw
Njc5NTQwHhcNMjYwMzA1MTI1ODI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2Y4ZWNiYTliOWZjOTAyYTYzODg2ZmU2NGI3ZjlhOTYyZTRiYWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj4vDJI9rJKZmEzYaNMzJrLs6Lkq6
HyPfkbRdx1HnPov2UrXwoV0aKh57cek5XVqCHmpwYZFeF1cu0x09JGNY7v9jmoOg
uGuLwe/yUBsV7lMZ6p0gkJs0W07gR6S0RhjjTKCG7evnklJ93ZRWkF2bwIW5h/UL
6pA3gIGVwHcDC4Y77/JbsoWPT2i8rqtjZYLw9iSmWoNYwqEFBHkZXOdt9q+PLdQX
840eFFgoDAvRrpK/edqoP7fOvbLBlpXGx0wFvf+eoqHq/5kKGKsoKaPJQcO96L50
irHwmZwN/uepyWHdSx/mcI5iy/MDM6CHWBRCSeEJlXjRLZ3en3uo+0cqDQIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFDf47Lqbn8kCpjiG/mS3+ali5Lq2MB8GA1UdIwQY
MBaAFCECGyUiIpl7/jO35LMVrI1eBnlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMt
NmVhYzYyZTYwZGY3LzEvTl9qc3VwdWZ5UUttT0liLVpMZjVxV0xrdXJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMtNmVhYzYyZTYwZGY3
LzEvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGUBggrBgEFBQcBBwEB/wSBhDCBgTBwBAIAATBqAwQALXU1
AwQALXuRAwQBSD9uAwQBy06mAwQBzbwEAwQCzbwMMAwDBAPNvBgDBALNvCgDBALN
vDADBALNvDgDBATNvEAwDAMEAs28VAMEAs28WAMEAc28XgMEAc281gMEAs288AME
As28/DANBAIAAjAHAwUDKg05ADANBgkqhkiG9w0BAQsFAAOCAQEAJNMoax2TUq0K
sPHMkUu+GJ3+lQn4m4U2UHvkw/kLc9RFnQ2cpkBVTbPaqDnQ99T36rLLum0bP4zz
noaz+8iY/WVGFp0FMSGRThuq5c1c/twndrfpe2zxKoCwLtAmsGz/WYaCQmx81vWQ
oaCDmhZjjvbTWPmeZLHmmQYr9/d5+WyUW6UWNK7mFae7RaF2CEEHySkepIItUYfJ
gt0SupiofQ3xvbtYYR+SOe9u9W0NqBDWHsfRrGxoEHBAmQ/iqk+VMdr0SThQv9Pp
jCK/pCGhIFOB4lHluPT+e90Z7Bb4qf8KJfPXpO/xk7j+vsPs+YlUWFzdkw/NaB4R
fciPIwB3sg==
-----END CERTIFICATE-----
Generated at Wed Mar 11 06:46:49 2026 by rpki-client