Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/f4f897-82a7-4a27-b1f1-784db9b1da2b/1/5EKQPrPNwyvCBR3SFmiV77L19bE.roa
File: 5EKQPrPNwyvCBR3SFmiV77L19bE.roa (raw, json)
Hash identifier: 7kjfjqomqFD/efQnWdT+7ek8PZzhOejx7JJd6FEa/kA=
Subject key identifier: E4:42:90:3E:B3:CD:C3:2B:C2:05:1D:D2:16:68:95:EF:B2:F5:F5:B1
Certificate issuer: /CN=6fedf0b7615290aefacc5f6aa6b41d9d1843f1b6
Certificate serial: 019E81E40D34CA15227091E9FCCE99035A2B
Authority key identifier: 6F:ED:F0:B7:61:52:90:AE:FA:CC:5F:6A:A6:B4:1D:9D:18:43:F1:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b-3wt2FSkK76zF9qprQdnRhD8bY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/f4f897-82a7-4a27-b1f1-784db9b1da2b/1/5EKQPrPNwyvCBR3SFmiV77L19bE.roa
Signing time: Mon 01 Jun 2026 06:34:26 +0000
ROA not before: Mon 01 Jun 2026 06:34:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 51132
IP address blocks: 62.108.192.0/20 maxlen: 24
62.108.208.0/21 maxlen: 24
83.68.224.0/19 maxlen: 24
91.145.0.0/19 maxlen: 24
91.145.0.0/20 maxlen: 24
91.145.16.0/20 maxlen: 24
185.95.160.0/22 maxlen: 24
2a02:eb8::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/f4f897-82a7-4a27-b1f1-784db9b1da2b/1/b-3wt2FSkK76zF9qprQdnRhD8bY.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/f4f897-82a7-4a27-b1f1-784db9b1da2b/1/b-3wt2FSkK76zF9qprQdnRhD8bY.mft
rsync://rpki.ripe.net/repository/DEFAULT/b-3wt2FSkK76zF9qprQdnRhD8bY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 13:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:81:e4:0d:34:ca:15:22:70:91:e9:fc:ce:99:03:5a:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6fedf0b7615290aefacc5f6aa6b41d9d1843f1b6
Validity
Not Before: Jun 1 06:34:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e442903eb3cdc32bc2051dd2166895efb2f5f5b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:ec:d3:1f:c4:c3:c3:e1:ad:cb:e5:b0:67:20:
f3:87:23:4e:ea:74:11:74:24:08:c9:27:3a:38:11:
b6:be:ce:8a:93:a1:9d:be:32:2f:e2:60:ab:fe:1a:
3c:b5:7a:14:cf:0d:f0:f2:35:e3:a2:c6:dd:af:20:
b0:77:ef:2c:62:bb:32:72:85:c2:ad:9d:89:5f:3c:
77:02:d6:b8:cb:61:93:15:10:7d:96:fc:aa:99:bf:
cb:f6:f8:aa:1a:2c:47:81:c7:5e:2f:b8:80:79:06:
94:17:ac:2b:f9:c2:4b:f8:a0:2c:90:fb:91:14:ef:
79:82:5f:87:47:ba:3c:c4:ec:09:b3:79:06:cd:fd:
e2:0f:73:3e:a2:54:29:57:35:17:6d:31:d2:61:78:
46:54:75:0f:fc:fb:82:4d:c1:df:e3:20:69:fb:02:
0b:d4:f8:c6:ab:25:c3:20:4a:97:07:27:c5:69:9f:
32:55:ca:e6:6d:1a:2e:8c:75:ca:35:8d:de:50:48:
d7:85:5e:d8:10:fb:61:f5:54:19:0c:aa:95:e0:bc:
12:fc:be:f8:a3:8f:6a:41:b0:79:7c:41:d9:fc:82:
b0:b9:13:08:2e:e2:e2:41:0c:9b:26:53:e4:94:85:
40:f5:8b:7d:db:54:63:53:df:59:d0:12:e4:02:04:
87:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:42:90:3E:B3:CD:C3:2B:C2:05:1D:D2:16:68:95:EF:B2:F5:F5:B1
X509v3 Authority Key Identifier:
keyid:6F:ED:F0:B7:61:52:90:AE:FA:CC:5F:6A:A6:B4:1D:9D:18:43:F1:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b-3wt2FSkK76zF9qprQdnRhD8bY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/f4f897-82a7-4a27-b1f1-784db9b1da2b/1/5EKQPrPNwyvCBR3SFmiV77L19bE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/f4f897-82a7-4a27-b1f1-784db9b1da2b/1/b-3wt2FSkK76zF9qprQdnRhD8bY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.108.192.0-62.108.215.255
83.68.224.0/19
91.145.0.0/19
185.95.160.0/22
IPv6:
2a02:eb8::/29
Signature Algorithm: sha256WithRSAEncryption
0d:ea:fb:5c:89:ec:fd:06:6d:ab:e8:9c:24:5a:43:ff:98:71:
c0:2a:da:32:aa:03:cb:a8:48:ae:0c:32:65:d4:29:21:8f:62:
d5:91:7b:d8:38:e9:24:73:a3:ed:8f:2a:30:d4:a5:5d:41:54:
80:e5:80:cf:9b:41:8a:53:9d:a3:c7:0e:02:a0:bf:71:57:ea:
4f:4a:6b:70:4c:57:2b:7a:1f:87:6c:ad:ff:cb:62:30:11:aa:
57:bb:da:80:c4:1a:96:bc:0b:09:42:bc:e4:5c:5b:35:4b:15:
44:6e:10:8d:4b:b0:39:dd:77:bd:45:ac:9c:60:bc:e9:84:a2:
92:b4:92:8a:f2:2e:54:4b:49:ae:fb:45:ab:55:35:68:95:ea:
af:dd:02:09:38:28:d6:14:61:12:ef:fc:fd:f1:06:a2:a0:4d:
26:43:50:ab:42:09:cb:f6:4e:82:d8:26:fc:b2:28:ef:6b:2b:
d6:6b:22:85:87:ce:cc:f1:f8:a5:3d:e6:b5:4f:d2:0d:fa:96:
a4:6f:ad:6b:83:ea:39:f9:6e:6e:58:1c:1a:f8:87:f1:1c:47:
ab:1c:92:ce:23:42:20:f1:d5:d8:22:87:03:67:3e:78:ca:73:
0b:f3:65:a5:40:f9:40:24:ba:38:f0:21:cd:07:fa:97:71:5f:
d0:45:ee:38
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZ6B5A00yhUicJHp/M6ZA1orMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmZWRmMGI3NjE1MjkwYWVmYWNjNWY2YWE2YjQxZDlkMTg0
M2YxYjYwHhcNMjYwNjAxMDYzNDI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDQyOTAzZWIzY2RjMzJiYzIwNTFkZDIxNjY4OTVlZmIyZjVmNWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnezTH8TDw+Gty+WwZyDzhyNO6nQR
dCQIySc6OBG2vs6Kk6GdvjIv4mCr/ho8tXoUzw3w8jXjosbdryCwd+8sYrsycoXC
rZ2JXzx3Ata4y2GTFRB9lvyqmb/L9viqGixHgcdeL7iAeQaUF6wr+cJL+KAskPuR
FO95gl+HR7o8xOwJs3kGzf3iD3M+olQpVzUXbTHSYXhGVHUP/PuCTcHf4yBp+wIL
1PjGqyXDIEqXByfFaZ8yVcrmbRoujHXKNY3eUEjXhV7YEPth9VQZDKqV4LwS/L74
o49qQbB5fEHZ/IKwuRMILuLiQQybJlPklIVA9Yt921RjU99Z0BLkAgSHaQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFORCkD6zzcMrwgUd0hZole+y9fWxMB8GA1UdIwQY
MBaAFG/t8LdhUpCu+sxfaqa0HZ0YQ/G2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYi0zd3QyRlNrSzc2ekY5cXByUWRuUmhEOGJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi9mNGY4OTctODJhNy00YTI3LWIxZjEt
Nzg0ZGI5YjFkYTJiLzEvNUVLUVByUE53eXZDQlIzU0ZtaVY3N0wxOWJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi9mNGY4OTctODJhNy00YTI3LWIxZjEtNzg0ZGI5YjFkYTJi
LzEvYi0zd3QyRlNrSzc2ekY5cXByUWRuUmhEOGJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgMAwDBAY+bMAD
BAM+bNADBAVTROADBAVbkQADBAK5X6AwDQQCAAIwBwMFAyoCDrgwDQYJKoZIhvcN
AQELBQADggEBAA3q+1yJ7P0GbavonCRaQ/+YccAq2jKqA8uoSK4MMmXUKSGPYtWR
e9g46SRzo+2PKjDUpV1BVIDlgM+bQYpTnaPHDgKgv3FX6k9Ka3BMVyt6H4dsrf/L
YjARqle72oDEGpa8CwlCvORcWzVLFURuEI1LsDndd71FrJxgvOmEopK0koryLlRL
Sa77RatVNWiV6q/dAgk4KNYUYRLv/P3xBqKgTSZDUKtCCcv2ToLYJvyyKO9rK9Zr
IoWHzszx+KU95rVP0g36lqRvrWuD6jn5bm5YHBr4h/EcR6scks4jQiDx1dgihwNn
PnjKcwvzZaVA+UAkujjwIc0H+pdxX9BF7jg=
-----END CERTIFICATE-----
Generated at Thu Jun 11 16:26:14 2026 by rpki-client