Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/1e3KekH_6pDsdSbJKChbFqgwM64.roa
File: 1e3KekH_6pDsdSbJKChbFqgwM64.roa (raw, json)
Hash identifier: kcR5DefkrtLdhNpAqQoaiAp5NeBNbTNXuk4C29Rdnm8=
Subject key identifier: D5:ED:CA:7A:41:FF:EA:90:EC:75:26:C9:28:28:5B:16:A8:30:33:AE
Certificate issuer: /CN=5fbe65ae23f207fa695255f55a907ac1608be094
Certificate serial: 019E6D71FB375B3E48B2E9F4F5859F4C0554
Authority key identifier: 5F:BE:65:AE:23:F2:07:FA:69:52:55:F5:5A:90:7A:C1:60:8B:E0:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X75lriPyB_ppUlX1WpB6wWCL4JQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/1e3KekH_6pDsdSbJKChbFqgwM64.roa
Signing time: Thu 28 May 2026 07:17:26 +0000
ROA not before: Thu 28 May 2026 07:17:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 211183
IP address blocks: 5.35.124.0/24 maxlen: 24
5.35.125.0/24 maxlen: 24
5.35.126.0/24 maxlen: 24
5.35.127.0/24 maxlen: 24
5.253.62.0/24 maxlen: 24
37.140.241.0/24 maxlen: 24
45.128.204.0/24 maxlen: 24
79.133.181.0/24 maxlen: 24
79.133.182.0/24 maxlen: 24
79.133.183.0/24 maxlen: 24
89.191.225.0/24 maxlen: 24
91.200.84.0/24 maxlen: 24
94.154.11.0/24 maxlen: 24
130.49.128.0/24 maxlen: 24
130.49.129.0/24 maxlen: 24
130.49.140.0/24 maxlen: 24
130.49.143.0/24 maxlen: 24
130.49.146.0/24 maxlen: 24
130.49.153.0/24 maxlen: 24
138.16.224.0/24 maxlen: 24
138.16.225.0/24 maxlen: 24
153.80.184.0/24 maxlen: 24
153.80.185.0/24 maxlen: 24
153.80.245.0/24 maxlen: 24
153.80.246.0/24 maxlen: 24
153.80.247.0/24 maxlen: 24
153.80.250.0/24 maxlen: 24
153.80.251.0/24 maxlen: 24
155.212.245.0/24 maxlen: 24
155.212.246.0/24 maxlen: 24
155.212.247.0/24 maxlen: 24
157.22.172.0/24 maxlen: 24
157.22.173.0/24 maxlen: 24
157.22.174.0/24 maxlen: 24
157.22.175.0/24 maxlen: 24
157.22.230.0/24 maxlen: 24
157.22.231.0/24 maxlen: 24
157.22.252.0/24 maxlen: 24
157.22.253.0/24 maxlen: 24
185.198.152.0/24 maxlen: 24
185.219.41.0/24 maxlen: 24
185.233.185.0/24 maxlen: 24
185.239.50.0/24 maxlen: 24
185.239.51.0/24 maxlen: 24
185.240.103.0/24 maxlen: 24
185.244.51.0/24 maxlen: 24
185.250.44.0/24 maxlen: 24
185.250.46.0/24 maxlen: 24
185.250.47.0/24 maxlen: 24
193.187.96.0/24 maxlen: 24
194.5.78.0/24 maxlen: 24
194.5.79.0/24 maxlen: 24
195.93.252.0/24 maxlen: 24
217.171.146.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/X75lriPyB_ppUlX1WpB6wWCL4JQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/X75lriPyB_ppUlX1WpB6wWCL4JQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/X75lriPyB_ppUlX1WpB6wWCL4JQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 20:26:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:6d:71:fb:37:5b:3e:48:b2:e9:f4:f5:85:9f:4c:05:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5fbe65ae23f207fa695255f55a907ac1608be094
Validity
Not Before: May 28 07:17:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d5edca7a41ffea90ec7526c928285b16a83033ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:3b:6c:2b:fb:09:cb:d4:08:8e:97:72:b0:1f:
d4:65:f3:67:72:c7:07:43:c6:f5:04:46:c9:a9:84:
4a:3a:7f:c8:54:8e:36:56:48:be:b5:50:80:5a:ef:
cf:53:d1:59:0e:d2:f5:b4:1b:2c:7d:c7:14:4f:17:
3a:4a:e8:cc:7d:da:f0:35:a5:11:e6:3a:87:f2:50:
77:49:79:9f:e9:8a:b9:69:95:bf:17:2d:8b:79:ef:
6a:06:e1:8b:22:cf:30:2c:db:84:9b:8a:34:bf:dd:
02:ae:c5:63:62:92:04:82:bc:b2:7e:b6:b3:19:56:
f3:eb:98:7c:d8:c1:56:d7:cc:60:f4:15:d0:de:b1:
81:a9:5f:20:bb:45:29:9c:f2:fd:91:e7:97:0b:ab:
74:be:10:a2:cc:81:ab:2a:02:03:4f:4b:c2:99:fc:
b8:d4:e0:e2:d4:3d:ac:32:49:b4:56:39:c4:a6:b3:
5d:df:4c:c5:73:b3:7c:4c:8d:b2:9b:1a:47:ac:aa:
ed:bd:16:6d:d2:d7:70:56:2f:36:90:6a:0e:c8:f6:
00:af:25:2e:a5:3f:7d:3b:ef:26:7c:13:4c:a3:fe:
89:cc:6a:01:4d:3c:32:71:fb:f2:79:08:fe:2a:68:
82:5d:14:b7:86:63:21:0b:c2:80:5a:29:a0:03:d4:
fc:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:ED:CA:7A:41:FF:EA:90:EC:75:26:C9:28:28:5B:16:A8:30:33:AE
X509v3 Authority Key Identifier:
keyid:5F:BE:65:AE:23:F2:07:FA:69:52:55:F5:5A:90:7A:C1:60:8B:E0:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X75lriPyB_ppUlX1WpB6wWCL4JQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/1e3KekH_6pDsdSbJKChbFqgwM64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/X75lriPyB_ppUlX1WpB6wWCL4JQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.124.0/22
5.253.62.0/24
37.140.241.0/24
45.128.204.0/24
79.133.181.0-79.133.183.255
89.191.225.0/24
91.200.84.0/24
94.154.11.0/24
130.49.128.0/23
130.49.140.0/24
130.49.143.0/24
130.49.146.0/24
130.49.153.0/24
138.16.224.0/23
153.80.184.0/23
153.80.245.0-153.80.247.255
153.80.250.0/23
155.212.245.0-155.212.247.255
157.22.172.0/22
157.22.230.0/23
157.22.252.0/23
185.198.152.0/24
185.219.41.0/24
185.233.185.0/24
185.239.50.0/23
185.240.103.0/24
185.244.51.0/24
185.250.44.0/24
185.250.46.0/23
193.187.96.0/24
194.5.78.0/23
195.93.252.0/24
217.171.146.0/24
Signature Algorithm: sha256WithRSAEncryption
57:5d:2a:13:33:d1:c1:07:35:f0:8c:81:34:5c:f7:07:bb:51:
07:2e:a8:4c:4d:ab:e3:a4:1d:75:66:13:73:97:c1:63:4c:b9:
f0:d2:97:fd:1d:48:7e:95:6f:1f:e7:5a:4d:a1:38:64:e0:59:
73:03:f0:e2:4c:38:43:94:33:3f:e7:1c:ae:5b:2c:26:85:aa:
b8:19:16:a0:17:7b:75:db:22:cf:1a:fd:8c:f0:b0:77:99:0e:
d1:57:3e:45:b9:3a:a5:63:f0:83:af:35:35:61:1c:be:67:6d:
26:52:b7:a4:2c:a8:34:13:13:66:4e:58:09:bd:47:3a:7a:1d:
1a:5d:e0:b5:3d:c5:a0:fc:28:bf:9b:af:ef:b6:06:cf:4d:b6:
21:16:37:c4:94:b2:b2:22:14:57:53:35:6a:41:bc:41:9f:e2:
29:76:52:4d:8b:c8:94:be:21:df:68:ed:26:7f:69:10:51:e9:
cd:94:af:70:88:70:d9:c1:77:30:46:77:9b:77:ad:0d:42:51:
01:d2:30:28:92:57:65:bb:9e:9e:b4:b2:87:8e:c6:6f:e0:a1:
5f:34:2d:4c:b1:fe:cc:73:1c:77:4d:fe:86:96:da:61:03:73:
c6:a0:2a:91:89:eb:e2:24:98:b2:b8:46:3d:90:7d:44:f1:5f:
a0:c7:49:0c
-----BEGIN CERTIFICATE-----
MIIF2jCCBMKgAwIBAgISAZ5tcfs3Wz5Isun09YWfTAVUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmYmU2NWFlMjNmMjA3ZmE2OTUyNTVmNTVhOTA3YWMxNjA4
YmUwOTQwHhcNMjYwNTI4MDcxNzI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWVkY2E3YTQxZmZlYTkwZWM3NTI2YzkyODI4NWIxNmE4MzAzM2FlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9DtsK/sJy9QIjpdysB/UZfNncscH
Q8b1BEbJqYRKOn/IVI42Vki+tVCAWu/PU9FZDtL1tBssfccUTxc6SujMfdrwNaUR
5jqH8lB3SXmf6Yq5aZW/Fy2Lee9qBuGLIs8wLNuEm4o0v90CrsVjYpIEgryyfraz
GVbz65h82MFW18xg9BXQ3rGBqV8gu0UpnPL9keeXC6t0vhCizIGrKgIDT0vCmfy4
1ODi1D2sMkm0VjnEprNd30zFc7N8TI2ymxpHrKrtvRZt0tdwVi82kGoOyPYAryUu
pT99O+8mfBNMo/6JzGoBTTwycfvyeQj+KmiCXRS3hmMhC8KAWimgA9T81QIDAQAB
o4IC5jCCAuIwHQYDVR0OBBYEFNXtynpB/+qQ7HUmySgoWxaoMDOuMB8GA1UdIwQY
MBaAFF++Za4j8gf6aVJV9VqQesFgi+CUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDc1bHJpUHlCX3BwVWxYMVdwQjZ3V0NMNEpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9mNDMxOWYtM2RmYi00MmVhLWJhOTUt
NDkyYWIzNzI2ODlkLzEvMWUzS2VrSF82cERzZFNiSktDaGJGcWd3TTY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9mNDMxOWYtM2RmYi00MmVhLWJhOTUtNDkyYWIzNzI2ODlk
LzEvWDc1bHJpUHlCX3BwVWxYMVdwQjZ3V0NMNEpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH7BggrBgEFBQcBBwEB/wSB6zCB6DCB5QQCAAEwgd4DBAIF
I3wDBAAF/T4DBAAljPEDBAAtgMwwDAMEAE+FtQMEA0+FsAMEAFm/4QMEAFvIVAME
AF6aCwMEAYIxgAMEAIIxjAMEAIIxjwMEAIIxkgMEAIIxmQMEAYoQ4AMEAZlQuDAM
AwQAmVD1AwQDmVDwAwQBmVD6MAwDBACb1PUDBAOb1PADBAKdFqwDBAGdFuYDBAGd
FvwDBAC5xpgDBAC52ykDBAC56bkDBAG57zIDBAC58GcDBAC59DMDBAC5+iwDBAG5
+i4DBADBu2ADBAHCBU4DBADDXfwDBADZq5IwDQYJKoZIhvcNAQELBQADggEBAFdd
KhMz0cEHNfCMgTRc9we7UQcuqExNq+OkHXVmE3OXwWNMufDSl/0dSH6Vbx/nWk2h
OGTgWXMD8OJMOEOUMz/nHK5bLCaFqrgZFqAXe3XbIs8a/YzwsHeZDtFXPkW5OqVj
8IOvNTVhHL5nbSZSt6QsqDQTE2ZOWAm9Rzp6HRpd4LU9xaD8KL+br++2Bs9NtiEW
N8SUsrIiFFdTNWpBvEGf4il2Uk2LyJS+Id9o7SZ/aRBR6c2Ur3CIcNnBdzBGd5t3
rQ1CUQHSMCiSV2W7np60soeOxm/goV80LUyx/sxzHHdN/oaW2mEDc8agKpGJ6+Ik
mLK4Rj2QfUTxX6DHSQw=
-----END CERTIFICATE-----
Generated at Fri Jun 12 03:47:22 2026 by rpki-client