Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/KMCOEHYpazO7T6bWY0LaX2m-j7w.roa
File: KMCOEHYpazO7T6bWY0LaX2m-j7w.roa (raw, json)
Hash identifier: 20b0Fc3/XITArGiqFeYU955jlc5muGkhCh5/TsR/5ig=
Subject key identifier: 28:C0:8E:10:76:29:6B:33:BB:4F:A6:D6:63:42:DA:5F:69:BE:8F:BC
Certificate issuer: /CN=5fbe65ae23f207fa695255f55a907ac1608be094
Certificate serial: 019DC8C59C798DEEE3390AD5EB81DEECF042
Authority key identifier: 5F:BE:65:AE:23:F2:07:FA:69:52:55:F5:5A:90:7A:C1:60:8B:E0:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X75lriPyB_ppUlX1WpB6wWCL4JQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/KMCOEHYpazO7T6bWY0LaX2m-j7w.roa
Signing time: Sun 26 Apr 2026 07:51:26 +0000
ROA not before: Sun 26 Apr 2026 07:51:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 215272
IP address blocks: 5.44.44.0/24 maxlen: 24
45.129.186.0/24 maxlen: 24
153.80.244.0/24 maxlen: 24
193.47.42.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/X75lriPyB_ppUlX1WpB6wWCL4JQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/X75lriPyB_ppUlX1WpB6wWCL4JQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/X75lriPyB_ppUlX1WpB6wWCL4JQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 08:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:c8:c5:9c:79:8d:ee:e3:39:0a:d5:eb:81:de:ec:f0:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5fbe65ae23f207fa695255f55a907ac1608be094
Validity
Not Before: Apr 26 07:51:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=28c08e1076296b33bb4fa6d66342da5f69be8fbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:6a:8a:ba:40:c7:4e:c1:9f:e9:cd:c6:e6:54:
1d:0c:29:91:f4:f9:62:09:16:d1:30:dc:72:1c:27:
a0:2c:74:86:c0:4c:f8:8c:c8:73:e3:e0:7f:9e:25:
e5:5b:92:77:76:ff:53:e7:88:4f:de:d6:02:51:93:
b9:d3:20:c0:84:17:a1:e5:be:c2:f7:6f:db:da:ec:
f9:ce:7a:f8:26:56:f7:9d:db:9a:dc:20:16:97:80:
e8:57:f6:dc:19:c2:3d:8f:50:25:6e:4f:cb:e7:b1:
8f:12:2e:3c:27:32:38:ca:ef:51:9f:58:72:69:a1:
f9:23:15:65:b5:7e:fb:bf:35:2e:f0:77:12:8a:77:
13:0c:b4:fc:17:c2:4f:ee:6a:e3:24:04:51:27:46:
10:91:08:0a:ce:fa:85:a8:09:02:ef:97:a8:d3:18:
a0:a8:28:f9:e7:3d:d7:85:6b:10:4d:18:01:2f:43:
46:26:8f:3a:a1:3e:1d:96:e1:02:24:ab:83:9f:1c:
d3:25:ff:f6:dd:ce:7f:e7:f6:e9:d8:b2:63:bc:4c:
dd:6c:89:5c:a4:60:9d:d0:11:7e:9a:14:cb:48:96:
af:ea:c4:80:13:84:df:a0:1d:4f:e3:07:2b:5d:7f:
fc:62:b2:0d:1d:89:bf:c9:95:2c:79:72:43:91:d8:
7f:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:C0:8E:10:76:29:6B:33:BB:4F:A6:D6:63:42:DA:5F:69:BE:8F:BC
X509v3 Authority Key Identifier:
keyid:5F:BE:65:AE:23:F2:07:FA:69:52:55:F5:5A:90:7A:C1:60:8B:E0:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X75lriPyB_ppUlX1WpB6wWCL4JQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/KMCOEHYpazO7T6bWY0LaX2m-j7w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/X75lriPyB_ppUlX1WpB6wWCL4JQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.44.0/24
45.129.186.0/24
153.80.244.0/24
193.47.42.0/24
Signature Algorithm: sha256WithRSAEncryption
93:da:c8:d8:47:b6:37:41:ed:15:1b:c3:0c:1f:7b:ef:71:2e:
ee:2a:55:6a:f0:99:73:cb:b0:fe:3a:e3:98:02:08:b3:d7:d2:
4b:75:3b:86:13:72:2b:39:fd:a6:80:ac:25:15:a0:57:af:42:
ac:a1:8b:85:1d:96:bc:79:ac:61:d3:22:4c:9a:48:a4:7e:0a:
87:0f:28:ae:8c:0b:e7:98:aa:32:8b:1a:bf:1f:29:76:36:7e:
d6:62:74:00:3c:e8:42:ae:83:59:6c:ca:52:9b:94:51:b1:c3:
10:b8:71:db:42:92:5d:d8:71:d1:d7:7a:a6:20:58:60:88:72:
98:1e:e8:83:ad:b3:e8:17:41:ee:1d:37:72:79:bf:f1:47:f1:
b2:78:09:2a:15:25:53:91:07:4b:4c:10:e0:ca:f0:98:96:8f:
dd:78:aa:2f:93:48:16:76:e0:cf:26:87:15:c3:46:77:3d:72:
57:1a:84:63:5e:0a:82:f5:4b:31:5d:8d:b7:c4:0a:0b:3a:6b:
47:4e:92:16:04:62:3a:e4:72:e8:50:38:65:4a:31:37:2f:c3:
25:9c:97:b5:71:45:32:43:6c:5c:04:51:b5:85:fd:5a:f4:5a:
f1:aa:e1:de:5b:0b:d4:25:5f:bb:11:f7:58:e2:4b:62:f4:25:
13:f2:b5:b7
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ3IxZx5je7jOQrV64He7PBCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmYmU2NWFlMjNmMjA3ZmE2OTUyNTVmNTVhOTA3YWMxNjA4
YmUwOTQwHhcNMjYwNDI2MDc1MTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGMwOGUxMDc2Mjk2YjMzYmI0ZmE2ZDY2MzQyZGE1ZjY5YmU4ZmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnWqKukDHTsGf6c3G5lQdDCmR9Pli
CRbRMNxyHCegLHSGwEz4jMhz4+B/niXlW5J3dv9T54hP3tYCUZO50yDAhBeh5b7C
92/b2uz5znr4Jlb3ndua3CAWl4DoV/bcGcI9j1Albk/L57GPEi48JzI4yu9Rn1hy
aaH5IxVltX77vzUu8HcSincTDLT8F8JP7mrjJARRJ0YQkQgKzvqFqAkC75eo0xig
qCj55z3XhWsQTRgBL0NGJo86oT4dluECJKuDnxzTJf/23c5/5/bp2LJjvEzdbIlc
pGCd0BF+mhTLSJav6sSAE4TfoB1P4wcrXX/8YrINHYm/yZUseXJDkdh/YwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCjAjhB2KWszu0+m1mNC2l9pvo+8MB8GA1UdIwQY
MBaAFF++Za4j8gf6aVJV9VqQesFgi+CUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDc1bHJpUHlCX3BwVWxYMVdwQjZ3V0NMNEpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9mNDMxOWYtM2RmYi00MmVhLWJhOTUt
NDkyYWIzNzI2ODlkLzEvS01DT0VIWXBhek83VDZiV1kwTGFYMm0tajd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9mNDMxOWYtM2RmYi00MmVhLWJhOTUtNDkyYWIzNzI2ODlk
LzEvWDc1bHJpUHlCX3BwVWxYMVdwQjZ3V0NMNEpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABSwsAwQA
LYG6AwQAmVD0AwQAwS8qMA0GCSqGSIb3DQEBCwUAA4IBAQCT2sjYR7Y3Qe0VG8MM
H3vvcS7uKlVq8Jlzy7D+OuOYAgiz19JLdTuGE3IrOf2mgKwlFaBXr0KsoYuFHZa8
eaxh0yJMmkikfgqHDyiujAvnmKoyixq/Hyl2Nn7WYnQAPOhCroNZbMpSm5RRscMQ
uHHbQpJd2HHR13qmIFhgiHKYHuiDrbPoF0HuHTdyeb/xR/GyeAkqFSVTkQdLTBDg
yvCYlo/deKovk0gWduDPJocVw0Z3PXJXGoRjXgqC9UsxXY23xAoLOmtHTpIWBGI6
5HLoUDhlSjE3L8MlnJe1cUUyQ2xcBFG1hf1a9FrxquHeWwvUJV+7EfdY4kti9CUT
8rW3
-----END CERTIFICATE-----
Generated at Mon Apr 27 13:58:30 2026 by rpki-client