Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/rsc7VPHSq_XAKLxYhJNYLjlHEPc.roa
File: rsc7VPHSq_XAKLxYhJNYLjlHEPc.roa (raw, json)
Hash identifier: zTeFj+eOWhywpRdMNFUtN0niUX4d515i3KLlOrhomd0=
Subject key identifier: AE:C7:3B:54:F1:D2:AB:F5:C0:28:BC:58:84:93:58:2E:39:47:10:F7
Certificate issuer: /CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Certificate serial: 019E81ED358F6FCED7919E956DF6E8EAEE0C
Authority key identifier: F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/rsc7VPHSq_XAKLxYhJNYLjlHEPc.roa
Signing time: Mon 01 Jun 2026 06:44:27 +0000
ROA not before: Mon 01 Jun 2026 06:44:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 204104
IP address blocks: 5.57.33.0/24 maxlen: 24
37.32.43.0/24 maxlen: 24
185.26.32.0/24 maxlen: 24
185.212.49.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 19:01:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:81:ed:35:8f:6f:ce:d7:91:9e:95:6d:f6:e8:ea:ee:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Validity
Not Before: Jun 1 06:44:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=aec73b54f1d2abf5c028bc588493582e394710f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:b0:e5:ee:65:e9:22:b9:47:67:a2:7f:b6:69:
06:eb:87:9b:a2:b3:30:0c:3d:32:1c:fe:a9:be:f6:
75:fe:44:8e:8e:84:e9:a3:81:54:68:9d:58:51:6f:
7e:2e:f0:3e:1a:31:b6:b5:97:b6:f5:44:7a:fb:ab:
25:4d:3e:be:e9:98:8d:5d:b3:e8:40:16:98:b4:89:
9d:e3:92:e5:9a:fd:7c:90:1b:ac:45:ab:a2:26:73:
d5:39:52:56:0b:10:10:e9:02:b0:54:9b:23:71:ef:
ce:2d:c4:78:60:02:76:b5:e7:5d:5e:69:be:9f:8e:
aa:fa:1a:08:b8:e4:8b:3c:4d:54:4a:9b:a3:a8:9a:
32:43:48:05:10:1d:d5:a6:ab:2b:d0:d0:69:57:e8:
3c:af:45:2a:2d:ef:b8:cc:dd:22:9b:89:c8:3f:e0:
4a:49:76:6c:de:32:27:2b:ae:1f:0e:5b:02:c3:a8:
87:4e:4f:b8:fa:12:fe:27:2a:d2:65:01:ba:92:e3:
82:b2:9d:44:49:e6:e1:55:1d:76:f8:88:53:84:91:
50:59:c9:78:f7:30:f3:b0:5b:cc:6e:19:61:d7:ea:
e9:c7:17:ed:65:b7:29:4a:a8:5c:7b:4e:59:01:d8:
c9:8b:ba:0b:e4:8f:03:e3:d0:9f:a0:ab:ca:23:1d:
13:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:C7:3B:54:F1:D2:AB:F5:C0:28:BC:58:84:93:58:2E:39:47:10:F7
X509v3 Authority Key Identifier:
keyid:F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/rsc7VPHSq_XAKLxYhJNYLjlHEPc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.33.0/24
37.32.43.0/24
185.26.32.0/24
185.212.49.0/24
Signature Algorithm: sha256WithRSAEncryption
28:ca:17:18:fc:05:1f:f5:93:07:dc:d9:40:c1:14:e3:ef:30:
63:6e:ee:44:d7:83:62:9b:fe:0a:0a:ea:14:96:ea:c6:14:0f:
1e:5c:98:51:f0:b3:bf:1f:69:8e:0d:1a:35:0a:5f:f9:44:de:
68:a9:e7:2b:26:5c:fe:97:7b:b9:4b:08:79:a6:67:23:40:2b:
18:c5:b8:8e:d2:9c:3b:5a:12:ec:c6:83:2c:0a:ac:e9:23:51:
3f:dd:3b:84:6f:12:0c:f4:40:55:b6:62:1c:c1:c3:96:18:f8:
b3:b8:07:c8:20:42:a7:42:06:b7:05:16:07:35:b6:9a:5a:ee:
ef:bf:f3:de:38:7b:12:eb:30:a9:a4:2d:44:24:33:ef:a6:95:
7f:27:05:a1:97:87:31:68:6a:76:f7:a2:b1:24:ce:1e:1b:69:
f8:d1:fe:3c:17:6e:74:44:a1:47:85:6a:da:bf:a8:1b:d2:4f:
1f:91:39:6e:44:fc:a4:40:02:b4:e6:08:29:e6:3c:c5:b3:bc:
d8:e7:a6:a3:29:5c:16:fc:0f:da:0a:b0:c6:d2:34:f4:f4:78:
fc:27:82:e7:9e:ff:5e:4f:27:91:c0:d6:ee:e0:f6:e5:31:21:
82:b6:1f:7c:97:38:48:57:c9:7d:da:ed:18:99:17:a7:42:dc:
63:8c:2a:f3
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ6B7TWPb87XkZ6Vbfbo6u4MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMzUzMzM5OWY1NWViNTJlNmIyMjAwYzdjYWU0MjcyYjc0
ZDY0NjQwHhcNMjYwNjAxMDY0NDI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWM3M2I1NGYxZDJhYmY1YzAyOGJjNTg4NDkzNTgyZTM5NDcxMGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqbDl7mXpIrlHZ6J/tmkG64eborMw
DD0yHP6pvvZ1/kSOjoTpo4FUaJ1YUW9+LvA+GjG2tZe29UR6+6slTT6+6ZiNXbPo
QBaYtImd45Llmv18kBusRauiJnPVOVJWCxAQ6QKwVJsjce/OLcR4YAJ2teddXmm+
n46q+hoIuOSLPE1USpujqJoyQ0gFEB3Vpqsr0NBpV+g8r0UqLe+4zN0im4nIP+BK
SXZs3jInK64fDlsCw6iHTk+4+hL+JyrSZQG6kuOCsp1ESebhVR12+IhThJFQWcl4
9zDzsFvMbhlh1+rpxxftZbcpSqhce05ZAdjJi7oL5I8D49CfoKvKIx0TgQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFK7HO1Tx0qv1wCi8WISTWC45RxD3MB8GA1UdIwQY
MBaAFPE1MzmfVetS5rIgDHyuQnK3TWRkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEt
OTg5MTY2ODgxOTY5LzEvcnNjN1ZQSFNxX1hBS0x4WWhKTllMamxIRVBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEtOTg5MTY2ODgxOTY5
LzEvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABTkhAwQA
JSArAwQAuRogAwQAudQxMA0GCSqGSIb3DQEBCwUAA4IBAQAoyhcY/AUf9ZMH3NlA
wRTj7zBjbu5E14Nim/4KCuoUlurGFA8eXJhR8LO/H2mODRo1Cl/5RN5oqecrJlz+
l3u5Swh5pmcjQCsYxbiO0pw7WhLsxoMsCqzpI1E/3TuEbxIM9EBVtmIcwcOWGPiz
uAfIIEKnQga3BRYHNbaaWu7vv/PeOHsS6zCppC1EJDPvppV/JwWhl4cxaGp296Kx
JM4eG2n40f48F250RKFHhWrav6gb0k8fkTluRPykQAK05ggp5jzFs7zY56ajKVwW
/A/aCrDG0jT09Hj8J4Lnnv9eTyeRwNbu4PblMSGCth98lzhIV8l92u0YmRenQtxj
jCrz
-----END CERTIFICATE-----
Generated at Fri Jun 12 02:07:03 2026 by rpki-client