Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/2iRk_iV6Xgta7E3a1qM3KtIcijg.roa
File: 2iRk_iV6Xgta7E3a1qM3KtIcijg.roa (raw, json)
Hash identifier: lVV5oMj3mQE48D0rcAiSm+NHpohnjzlZnVC0yy/73tM=
Subject key identifier: DA:24:64:FE:25:7A:5E:0B:5A:EC:4D:DA:D6:A3:37:2A:D2:1C:8A:38
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 019DDF57D846BB80B8AD258F3CE6B0CE8080
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/2iRk_iV6Xgta7E3a1qM3KtIcijg.roa
Signing time: Thu 30 Apr 2026 17:02:49 +0000
ROA not before: Thu 30 Apr 2026 17:02:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 2856
IP address blocks: 5.35.192.0/21 maxlen: 24
79.139.52.0/22 maxlen: 24
85.204.160.0/22 maxlen: 24
89.39.172.0/23 maxlen: 24
94.26.64.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 01 May 2026 14:07:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:df:57:d8:46:bb:80:b8:ad:25:8f:3c:e6:b0:ce:80:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: Apr 30 17:02:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=da2464fe257a5e0b5aec4ddad6a3372ad21c8a38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:a6:86:1c:2c:e8:1c:d2:47:09:c1:85:02:2e:
2b:7a:6a:83:15:97:e5:29:51:e4:c9:f7:75:bb:80:
87:03:cc:43:d4:d4:48:4e:fa:8c:82:1e:b2:2c:f1:
a3:b6:cd:19:ed:a4:70:e9:46:6b:1c:51:13:9e:28:
86:43:b7:4c:87:a9:29:d8:a6:6c:9d:48:e0:51:1b:
56:c8:8c:21:86:ee:33:74:16:86:7d:aa:54:7c:e0:
42:5d:ae:7a:9f:c2:ba:c0:c0:61:04:fe:f2:7f:f2:
90:50:d7:36:dd:2b:e4:60:f9:9e:b0:02:b6:de:37:
d1:aa:bd:ed:96:48:06:fe:50:a0:ee:09:2e:45:d0:
32:cc:d5:eb:13:d5:89:65:ce:00:cc:f8:85:ef:96:
ef:67:38:e0:7d:86:25:35:3f:14:17:00:da:5a:b8:
33:40:56:d1:fe:8f:90:26:9a:23:0d:06:bf:84:34:
d4:94:8b:5c:3a:38:1f:42:ef:74:37:e4:41:b0:85:
70:d7:b4:f9:50:e2:12:ed:50:86:f1:fe:3b:22:11:
18:ff:ca:6a:38:33:b1:43:07:2e:e0:4c:88:eb:d8:
1a:90:f2:82:ca:30:f9:f1:c7:6a:35:bb:12:2f:4b:
b4:c7:dd:36:7c:89:25:1e:37:7a:a0:70:c1:ee:cd:
2b:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:24:64:FE:25:7A:5E:0B:5A:EC:4D:DA:D6:A3:37:2A:D2:1C:8A:38
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/2iRk_iV6Xgta7E3a1qM3KtIcijg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.192.0/21
79.139.52.0/22
85.204.160.0/22
89.39.172.0/23
94.26.64.0/23
Signature Algorithm: sha256WithRSAEncryption
23:34:99:0f:b0:7d:fe:12:25:20:ae:aa:23:76:76:74:29:60:
0c:78:99:b7:1c:75:9a:7f:88:90:88:d3:82:6a:0e:c0:93:0d:
de:6f:ea:50:a0:5b:f0:86:af:cc:c0:39:dc:10:aa:19:6f:d9:
99:bc:55:7b:3f:af:35:b8:36:66:5e:83:5e:8f:72:eb:e6:eb:
94:8c:63:5a:68:47:84:c1:b7:2a:b8:bc:f2:54:ba:19:95:4f:
4b:94:3e:90:ca:66:e9:93:f8:f5:3f:2b:e4:ed:b4:95:99:8b:
05:71:f9:9c:3c:9b:c3:34:c0:ae:1f:1d:b2:b4:3d:c6:a1:75:
de:33:e9:66:85:41:3d:29:e1:92:41:65:20:91:63:7a:da:10:
db:21:33:78:7b:45:98:38:ba:ab:8d:83:f9:3a:95:5a:0b:68:
7f:9d:da:92:34:5d:58:85:66:92:57:78:3f:92:2d:d3:5b:c0:
7f:9c:a5:87:9d:da:80:61:a3:7a:cf:d7:ab:b8:8f:53:d5:02:
3a:f8:53:f0:96:32:ea:c1:b0:48:ef:2a:89:92:d0:89:90:17:
50:7c:6f:43:93:0d:bc:5e:69:85:f6:9c:4e:29:ac:9c:b6:82:
70:74:49:b2:b2:b5:5c:80:44:76:2d:3d:30:5c:d8:4b:f1:4e:
ef:fb:c3:88
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZ3fV9hGu4C4rSWPPOawzoCAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjYwNDMwMTcwMjQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTI0NjRmZTI1N2E1ZTBiNWFlYzRkZGFkNmEzMzcyYWQyMWM4YTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqKaGHCzoHNJHCcGFAi4remqDFZfl
KVHkyfd1u4CHA8xD1NRITvqMgh6yLPGjts0Z7aRw6UZrHFETniiGQ7dMh6kp2KZs
nUjgURtWyIwhhu4zdBaGfapUfOBCXa56n8K6wMBhBP7yf/KQUNc23SvkYPmesAK2
3jfRqr3tlkgG/lCg7gkuRdAyzNXrE9WJZc4AzPiF75bvZzjgfYYlNT8UFwDaWrgz
QFbR/o+QJpojDQa/hDTUlItcOjgfQu90N+RBsIVw17T5UOIS7VCG8f47IhEY/8pq
ODOxQwcu4EyI69gakPKCyjD58cdqNbsSL0u0x902fIklHjd6oHDB7s0rrwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNokZP4lel4LWuxN2tajNyrSHIo4MB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvMmlSa19pVjZYZ3RhN0UzYTFxTTNLdEljaWpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDBSPAAwQC
T4s0AwQCVcygAwQBWSesAwQBXhpAMA0GCSqGSIb3DQEBCwUAA4IBAQAjNJkPsH3+
EiUgrqojdnZ0KWAMeJm3HHWaf4iQiNOCag7Akw3eb+pQoFvwhq/MwDncEKoZb9mZ
vFV7P681uDZmXoNej3Lr5uuUjGNaaEeEwbcquLzyVLoZlU9LlD6Qymbpk/j1Pyvk
7bSVmYsFcfmcPJvDNMCuHx2ytD3GoXXeM+lmhUE9KeGSQWUgkWN62hDbITN4e0WY
OLqrjYP5OpVaC2h/ndqSNF1YhWaSV3g/ki3TW8B/nKWHndqAYaN6z9eruI9T1QI6
+FPwljLqwbBI7yqJktCJkBdQfG9Dkw28XmmF9pxOKayctoJwdEmysrVcgER2LT0w
XNhL8U7v+8OI
-----END CERTIFICATE-----
Generated at Fri May 1 00:29:39 2026 by rpki-client