Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/1FtI6pUEqJSTP6lYG9R4fOqdYC4.roa
File: 1FtI6pUEqJSTP6lYG9R4fOqdYC4.roa (raw, json)
Hash identifier: N304xa8IaTGCNqjA9A4ZNpGs7sq/qWvBE9suoR5xsXU=
Subject key identifier: D4:5B:48:EA:95:04:A8:94:93:3F:A9:58:1B:D4:78:7C:EA:9D:60:2E
Certificate issuer: /CN=4ee843a85dd664e9dc0310892bd7dd9ce52591c7
Certificate serial: 019E26D7CA002C0219F81577E8514BECE7BE
Authority key identifier: 4E:E8:43:A8:5D:D6:64:E9:DC:03:10:89:2B:D7:DD:9C:E5:25:91:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TuhDqF3WZOncAxCJK9fdnOUlkcc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/1FtI6pUEqJSTP6lYG9R4fOqdYC4.roa
Signing time: Thu 14 May 2026 14:15:36 +0000
ROA not before: Thu 14 May 2026 14:15:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 25160
IP address blocks: 5.10.144.0/20 maxlen: 20
31.28.65.0/24 maxlen: 24
31.28.67.0/24 maxlen: 24
31.28.68.0/24 maxlen: 24
31.28.70.0/24 maxlen: 24
31.28.72.0/24 maxlen: 24
31.28.75.0/24 maxlen: 24
31.28.80.0/22 maxlen: 22
31.28.84.0/23 maxlen: 23
31.28.86.0/24 maxlen: 24
37.157.32.0/21 maxlen: 21
45.88.112.0/22 maxlen: 22
82.163.112.0/21 maxlen: 21
82.163.124.0/22 maxlen: 22
82.163.192.0/19 maxlen: 24
82.163.205.0/24 maxlen: 24
91.238.221.0/24 maxlen: 24
94.126.43.0/24 maxlen: 24
94.126.47.0/24 maxlen: 24
158.41.64.0/18 maxlen: 18
165.65.0.0/17 maxlen: 17
165.65.224.0/19 maxlen: 19
178.18.116.0/23 maxlen: 23
178.18.119.0/24 maxlen: 24
185.28.240.0/22 maxlen: 22
185.53.224.0/22 maxlen: 22
185.120.204.0/22 maxlen: 22
185.121.76.0/22 maxlen: 22
185.135.164.0/22 maxlen: 22
185.237.48.0/22 maxlen: 22
193.0.176.0/23 maxlen: 23
193.221.128.0/19 maxlen: 19
194.8.254.0/23 maxlen: 23
195.250.16.0/22 maxlen: 22
206.245.192.0/18 maxlen: 24
2a00:e340::/29 maxlen: 29
2a01:a220::/29 maxlen: 30
2a10:d700::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/TuhDqF3WZOncAxCJK9fdnOUlkcc.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/TuhDqF3WZOncAxCJK9fdnOUlkcc.mft
rsync://rpki.ripe.net/repository/DEFAULT/TuhDqF3WZOncAxCJK9fdnOUlkcc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jun 2026 15:55:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:26:d7:ca:00:2c:02:19:f8:15:77:e8:51:4b:ec:e7:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ee843a85dd664e9dc0310892bd7dd9ce52591c7
Validity
Not Before: May 14 14:15:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d45b48ea9504a894933fa9581bd4787cea9d602e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:2b:ed:23:ab:7c:2e:29:ee:1f:d9:81:3f:01:
18:63:36:1b:6a:cc:2f:3e:32:73:09:47:b7:34:6b:
f7:62:49:8e:c1:37:ba:0f:8e:a4:1c:13:12:5a:a3:
d2:f4:6d:43:bb:68:03:a9:80:90:f1:28:f1:87:0e:
c4:20:a8:47:c1:c0:8c:56:9b:f2:07:cb:a4:a6:2c:
f1:c2:f4:c6:33:89:dd:04:8b:c3:34:aa:9a:6e:91:
40:62:53:f0:b1:ad:d4:e2:84:b2:4d:fa:9b:f8:46:
7d:03:07:38:7f:65:3e:c0:5e:18:1a:a1:a2:22:11:
84:6d:f2:f4:07:68:df:00:d9:ec:96:97:6a:76:2d:
eb:8b:3d:c1:a3:5d:3e:d6:5e:6d:4e:ab:dd:40:b9:
ca:f7:ac:44:1d:3e:27:91:dc:71:8c:4e:de:28:15:
63:8f:6d:bb:7f:93:18:6b:d5:38:dd:82:9e:89:be:
bf:6a:e3:57:f5:94:6e:54:68:6c:29:79:7d:ec:6c:
79:39:df:0c:4c:32:65:ca:8c:84:c8:df:b4:a4:0a:
e8:80:11:23:1c:72:df:68:8a:b7:91:9b:3e:85:bb:
8b:9d:13:31:35:b3:a6:02:34:2a:22:83:2a:0e:0e:
c2:21:93:69:b4:92:67:54:ce:34:e4:d8:da:f6:bd:
ea:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:5B:48:EA:95:04:A8:94:93:3F:A9:58:1B:D4:78:7C:EA:9D:60:2E
X509v3 Authority Key Identifier:
keyid:4E:E8:43:A8:5D:D6:64:E9:DC:03:10:89:2B:D7:DD:9C:E5:25:91:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TuhDqF3WZOncAxCJK9fdnOUlkcc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/1FtI6pUEqJSTP6lYG9R4fOqdYC4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/TuhDqF3WZOncAxCJK9fdnOUlkcc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.144.0/20
31.28.65.0/24
31.28.67.0-31.28.68.255
31.28.70.0/24
31.28.72.0/24
31.28.75.0/24
31.28.80.0-31.28.86.255
37.157.32.0/21
45.88.112.0/22
82.163.112.0/21
82.163.124.0/22
82.163.192.0/19
91.238.221.0/24
94.126.43.0/24
94.126.47.0/24
158.41.64.0/18
165.65.0.0/17
165.65.224.0/19
178.18.116.0/23
178.18.119.0/24
185.28.240.0/22
185.53.224.0/22
185.120.204.0/22
185.121.76.0/22
185.135.164.0/22
185.237.48.0/22
193.0.176.0/23
193.221.128.0/19
194.8.254.0/23
195.250.16.0/22
206.245.192.0/18
IPv6:
2a00:e340::/29
2a01:a220::/29
2a10:d700::/29
Signature Algorithm: sha256WithRSAEncryption
a1:cc:9f:de:1d:fb:20:95:15:33:d5:49:17:46:fa:b9:98:53:
d8:dd:e0:1f:93:f9:7b:18:15:a7:c7:9c:2b:62:11:2a:05:bf:
f8:18:58:69:5a:d4:d7:c9:d8:e1:6d:2d:eb:e7:eb:d1:e0:1d:
c6:4f:4e:79:42:83:a4:bc:ce:e5:8a:65:4a:ce:10:4b:1e:d5:
cd:72:79:a1:64:73:66:3b:f9:18:1a:33:49:05:77:ac:ab:7d:
71:62:7d:4b:db:5a:12:aa:e7:7b:c4:5a:19:15:0c:6e:59:07:
72:1b:3c:e7:be:ca:bc:40:c3:5d:29:3f:58:78:e7:e1:10:6e:
46:7e:60:26:81:b2:87:85:a0:a2:8e:ff:0f:e3:d8:94:8c:b1:
5c:60:0d:ab:51:f1:6c:df:ea:7d:03:8b:40:3e:82:ce:6b:19:
c2:e6:f5:f1:e7:20:02:bb:73:ac:30:1e:ef:ce:db:ba:c5:97:
49:55:a1:b8:67:23:18:64:0d:65:76:fb:49:f0:bd:85:17:13:
1b:f8:d2:1d:29:7d:17:80:6f:a5:93:f4:ad:79:2c:2e:11:a8:
1b:08:73:42:ad:42:78:07:dc:17:50:26:aa:04:33:cd:c4:24:
a0:70:81:33:72:92:e8:f2:d8:45:3c:c8:ec:47:d2:bc:66:60:
6a:9d:60:b5
-----BEGIN CERTIFICATE-----
MIIF5DCCBMygAwIBAgISAZ4m18oALAIZ+BV36FFL7Oe+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlZTg0M2E4NWRkNjY0ZTlkYzAzMTA4OTJiZDdkZDljZTUy
NTkxYzcwHhcNMjYwNTE0MTQxNTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDViNDhlYTk1MDRhODk0OTMzZmE5NTgxYmQ0Nzg3Y2VhOWQ2MDJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxivtI6t8LinuH9mBPwEYYzYbaswv
PjJzCUe3NGv3YkmOwTe6D46kHBMSWqPS9G1Du2gDqYCQ8Sjxhw7EIKhHwcCMVpvy
B8ukpizxwvTGM4ndBIvDNKqabpFAYlPwsa3U4oSyTfqb+EZ9Awc4f2U+wF4YGqGi
IhGEbfL0B2jfANnslpdqdi3riz3Bo10+1l5tTqvdQLnK96xEHT4nkdxxjE7eKBVj
j227f5MYa9U43YKeib6/auNX9ZRuVGhsKXl97Gx5Od8MTDJlyoyEyN+0pArogBEj
HHLfaIq3kZs+hbuLnRMxNbOmAjQqIoMqDg7CIZNptJJnVM405Nja9r3qhwIDAQAB
o4IC8DCCAuwwHQYDVR0OBBYEFNRbSOqVBKiUkz+pWBvUeHzqnWAuMB8GA1UdIwQY
MBaAFE7oQ6hd1mTp3AMQiSvX3ZzlJZHHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHVoRHFGM1daT25jQXhDSks5ZmRuT1Vsa2NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9hZGFkMjAtYzUxMi00ZmIwLWExMjct
NDhjZjQxMmIzODdiLzEvMUZ0STZwVUVxSlNUUDZsWUc5UjRmT3FkWUM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9hZGFkMjAtYzUxMi00ZmIwLWExMjctNDhjZjQxMmIzODdi
LzEvVHVoRHFGM1daT25jQXhDSks5ZmRuT1Vsa2NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBBAYIKwYBBQUHAQcBAf8EgfQwgfEwgdEEAgABMIHKAwQE
BQqQAwQAHxxBMAwDBAAfHEMDBAAfHEQDBAAfHEYDBAAfHEgDBAAfHEswDAMEBB8c
UAMEAB8cVgMEAyWdIAMEAi1YcAMEA1KjcAMEAlKjfAMEBVKjwAMEAFvu3QMEAF5+
KwMEAF5+LwMEBp4pQAMEB6VBAAMEBaVB4AMEAbISdAMEALISdwMEArkc8AMEArk1
4AMEArl4zAMEArl5TAMEArmHpAMEArntMAMEAcEAsAMEBcHdgAMEAcII/gMEAsP6
EAMEBs71wDAbBAIAAjAVAwUDKgDjQAMFAyoBoiADBQMqENcAMA0GCSqGSIb3DQEB
CwUAA4IBAQChzJ/eHfsglRUz1UkXRvq5mFPY3eAfk/l7GBWnx5wrYhEqBb/4GFhp
WtTXydjhbS3r5+vR4B3GT055QoOkvM7limVKzhBLHtXNcnmhZHNmO/kYGjNJBXes
q31xYn1L21oSqud7xFoZFQxuWQdyGzznvsq8QMNdKT9YeOfhEG5GfmAmgbKHhaCi
jv8P49iUjLFcYA2rUfFs3+p9A4tAPoLOaxnC5vXx5yACu3OsMB7vztu6xZdJVaG4
ZyMYZA1ldvtJ8L2FFxMb+NIdKX0XgG+lk/SteSwuEagbCHNCrUJ4B9wXUCaqBDPN
xCSgcIEzcpLo8thFPMjsR9K8ZmBqnWC1
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:28:31 2026 by rpki-client