Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/2d54f2-ed3f-4c23-991b-403f634c7006/1/VlDvPryAuk2PGBFGwuY-gCe_F5A.roa
File: VlDvPryAuk2PGBFGwuY-gCe_F5A.roa (raw, json)
Hash identifier: TJR1bUgs/pW0JpJ4B506N0MthyLFTUA8QuoRDNEKpko=
Subject key identifier: 56:50:EF:3E:BC:80:BA:4D:8F:18:11:46:C2:E6:3E:80:27:BF:17:90
Certificate issuer: /CN=50109cea348a09d390170b2b50fd4f2f4fa0c071
Certificate serial: 019E209688788F72500406AE50BCA41DD7B3
Authority key identifier: 50:10:9C:EA:34:8A:09:D3:90:17:0B:2B:50:FD:4F:2F:4F:A0:C0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UBCc6jSKCdOQFwsrUP1PL0-gwHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/2d54f2-ed3f-4c23-991b-403f634c7006/1/VlDvPryAuk2PGBFGwuY-gCe_F5A.roa
Signing time: Wed 13 May 2026 09:06:36 +0000
ROA not before: Wed 13 May 2026 09:06:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 2611
IP address blocks: 5.149.143.0/24 maxlen: 24
77.246.241.0/24 maxlen: 24
109.69.223.0/24 maxlen: 24
193.53.34.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c9/2d54f2-ed3f-4c23-991b-403f634c7006/1/UBCc6jSKCdOQFwsrUP1PL0-gwHE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c9/2d54f2-ed3f-4c23-991b-403f634c7006/1/UBCc6jSKCdOQFwsrUP1PL0-gwHE.mft
rsync://rpki.ripe.net/repository/DEFAULT/UBCc6jSKCdOQFwsrUP1PL0-gwHE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 07:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:20:96:88:78:8f:72:50:04:06:ae:50:bc:a4:1d:d7:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50109cea348a09d390170b2b50fd4f2f4fa0c071
Validity
Not Before: May 13 09:06:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5650ef3ebc80ba4d8f181146c2e63e8027bf1790
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:3a:94:07:bf:bc:4a:cf:56:fa:df:7b:7a:b4:
67:99:fa:ee:79:00:6a:9f:21:4d:26:c4:c0:64:cb:
5b:5f:b7:60:d2:28:ea:86:8a:a8:0a:2e:68:53:23:
5a:a5:64:9e:60:fc:d0:06:8f:8b:e6:d9:f3:c7:d2:
5e:00:79:fc:cb:9d:11:5b:ee:18:03:ce:83:f1:36:
bf:c0:43:99:60:70:be:71:cd:fd:8c:30:6b:9e:64:
cd:5c:a9:3c:39:30:b4:f7:9d:23:cb:f0:df:94:ed:
20:09:f8:59:0d:c4:8b:03:4f:d5:24:25:4a:2c:df:
ed:e9:60:48:2a:06:60:ee:af:fa:ce:4a:a5:71:0b:
72:af:5b:a2:62:6d:58:7a:aa:32:5c:26:1d:31:fc:
41:8b:39:3d:87:49:20:b0:81:35:59:8c:16:3b:95:
04:bf:94:8a:07:49:c9:4d:31:62:eb:7c:59:f1:46:
a7:3c:95:f3:9a:f0:b4:cc:36:31:46:20:f1:df:46:
75:72:be:3a:f3:0e:55:85:56:ae:4f:86:28:8d:5a:
f9:24:ef:ea:a4:ab:6f:d4:aa:93:22:13:fe:37:8c:
8c:af:99:07:b7:e4:11:20:3a:30:04:cd:d4:b3:fe:
59:9d:4f:10:d8:ec:fa:19:f0:f3:c2:5b:47:ce:40:
06:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:50:EF:3E:BC:80:BA:4D:8F:18:11:46:C2:E6:3E:80:27:BF:17:90
X509v3 Authority Key Identifier:
keyid:50:10:9C:EA:34:8A:09:D3:90:17:0B:2B:50:FD:4F:2F:4F:A0:C0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UBCc6jSKCdOQFwsrUP1PL0-gwHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/2d54f2-ed3f-4c23-991b-403f634c7006/1/VlDvPryAuk2PGBFGwuY-gCe_F5A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/2d54f2-ed3f-4c23-991b-403f634c7006/1/UBCc6jSKCdOQFwsrUP1PL0-gwHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.143.0/24
77.246.241.0/24
109.69.223.0/24
193.53.34.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:9d:e9:ab:72:59:e5:2a:93:8d:82:a7:2b:29:79:c1:2b:b2:
a6:58:e5:3f:db:91:ca:18:b6:75:24:2a:b4:c0:df:dc:80:11:
c2:5e:41:14:21:df:9d:17:04:e1:43:6b:b8:e9:73:48:d3:11:
e2:bf:41:1d:73:d9:a2:b3:47:93:7f:a1:55:a0:f8:99:67:30:
ca:9b:77:7c:da:9f:e8:79:fd:dc:20:ab:94:c2:2a:76:5b:f7:
7a:7b:6e:88:aa:8e:cb:f6:4e:d1:ed:a6:a3:eb:66:50:5d:e8:
6a:b3:53:8e:a8:4c:5a:5a:d6:af:e4:80:32:f4:64:a0:59:b0:
00:02:70:a1:ed:9d:b8:5d:78:93:4c:69:3e:0c:21:95:9f:b5:
4a:26:b7:67:c6:bd:dd:0c:95:6c:25:2d:cc:43:5f:e6:c4:35:
0b:4d:b3:bd:9a:5d:80:11:0a:e7:db:de:af:60:f9:25:a9:ed:
90:ea:ce:a1:67:bf:7e:19:c1:be:68:6e:50:2b:51:6d:bb:82:
e0:57:1f:1f:d2:cb:6b:1b:a7:21:e7:d7:80:e8:2d:c0:8f:c7:
8e:a7:46:38:4b:91:db:1b:e9:be:b7:2f:eb:a5:e3:ea:2f:4a:
bc:f8:21:45:d4:61:be:a4:f7:7f:d5:93:86:6c:50:62:b0:d5:
85:bf:c8:f7
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ4gloh4j3JQBAauULykHdezMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwMTA5Y2VhMzQ4YTA5ZDM5MDE3MGIyYjUwZmQ0ZjJmNGZh
MGMwNzEwHhcNMjYwNTEzMDkwNjM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjUwZWYzZWJjODBiYTRkOGYxODExNDZjMmU2M2U4MDI3YmYxNzkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtzqUB7+8Ss9W+t97erRnmfrueQBq
nyFNJsTAZMtbX7dg0ijqhoqoCi5oUyNapWSeYPzQBo+L5tnzx9JeAHn8y50RW+4Y
A86D8Ta/wEOZYHC+cc39jDBrnmTNXKk8OTC0950jy/DflO0gCfhZDcSLA0/VJCVK
LN/t6WBIKgZg7q/6zkqlcQtyr1uiYm1YeqoyXCYdMfxBizk9h0kgsIE1WYwWO5UE
v5SKB0nJTTFi63xZ8UanPJXzmvC0zDYxRiDx30Z1cr468w5VhVauT4YojVr5JO/q
pKtv1KqTIhP+N4yMr5kHt+QRIDowBM3Us/5ZnU8Q2Oz6GfDzwltHzkAG4QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFZQ7z68gLpNjxgRRsLmPoAnvxeQMB8GA1UdIwQY
MBaAFFAQnOo0ignTkBcLK1D9Ty9PoMBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUJDYzZqU0tDZE9RRndzclVQMVBMMC1nd0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS8yZDU0ZjItZWQzZi00YzIzLTk5MWIt
NDAzZjYzNGM3MDA2LzEvVmxEdlByeUF1azJQR0JGR3d1WS1nQ2VfRjVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS8yZDU0ZjItZWQzZi00YzIzLTk5MWItNDAzZjYzNGM3MDA2
LzEvVUJDYzZqU0tDZE9RRndzclVQMVBMMC1nd0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABZWPAwQA
TfbxAwQAbUXfAwQAwTUiMA0GCSqGSIb3DQEBCwUAA4IBAQCcnemrclnlKpONgqcr
KXnBK7KmWOU/25HKGLZ1JCq0wN/cgBHCXkEUId+dFwThQ2u46XNI0xHiv0Edc9mi
s0eTf6FVoPiZZzDKm3d82p/oef3cIKuUwip2W/d6e26Iqo7L9k7R7aaj62ZQXehq
s1OOqExaWtav5IAy9GSgWbAAAnCh7Z24XXiTTGk+DCGVn7VKJrdnxr3dDJVsJS3M
Q1/mxDULTbO9ml2AEQrn296vYPklqe2Q6s6hZ79+GcG+aG5QK1Ftu4LgVx8f0str
G6ch59eA6C3Aj8eOp0Y4S5HbG+m+ty/rpePqL0q8+CFF1GG+pPd/1ZOGbFBisNWF
v8j3
-----END CERTIFICATE-----
Generated at Fri Jun 12 12:17:25 2026 by rpki-client