Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/5df262-2e0b-4fb7-b0d3-5d0e09a0204f/1/z9el3Pn-CpyrzO9Vpc8qFS83Pew.roa
File: z9el3Pn-CpyrzO9Vpc8qFS83Pew.roa (raw, json)
Hash identifier: TxiEHGj0MKgQ69SIev2O5ouEAGP38IAOU0+l3e8LjrI=
Subject key identifier: CF:D7:A5:DC:F9:FE:0A:9C:AB:CC:EF:55:A5:CF:2A:15:2F:37:3D:EC
Certificate issuer: /CN=822f5a6c0b95647f070350e6524e1220fba47fa3
Certificate serial: 019D2F9C2D3FA5368F12848ADE17A829849A
Authority key identifier: 82:2F:5A:6C:0B:95:64:7F:07:03:50:E6:52:4E:12:20:FB:A4:7F:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gi9abAuVZH8HA1DmUk4SIPukf6M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/5df262-2e0b-4fb7-b0d3-5d0e09a0204f/1/z9el3Pn-CpyrzO9Vpc8qFS83Pew.roa
Signing time: Fri 27 Mar 2026 14:04:17 +0000
ROA not before: Fri 27 Mar 2026 14:04:17 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 209042
IP address blocks: 5.182.248.0/22 maxlen: 24
5.182.249.0/24 maxlen: 24
5.182.250.0/24 maxlen: 24
5.182.251.0/24 maxlen: 24
2a0e:a400::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/5df262-2e0b-4fb7-b0d3-5d0e09a0204f/1/gi9abAuVZH8HA1DmUk4SIPukf6M.crl
rsync://rpki.ripe.net/repository/DEFAULT/d2/5df262-2e0b-4fb7-b0d3-5d0e09a0204f/1/gi9abAuVZH8HA1DmUk4SIPukf6M.mft
rsync://rpki.ripe.net/repository/DEFAULT/gi9abAuVZH8HA1DmUk4SIPukf6M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2f:9c:2d:3f:a5:36:8f:12:84:8a:de:17:a8:29:84:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=822f5a6c0b95647f070350e6524e1220fba47fa3
Validity
Not Before: Mar 27 14:04:17 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=cfd7a5dcf9fe0a9cabccef55a5cf2a152f373dec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:c3:18:dd:e2:3d:ce:05:1a:3e:0c:62:b2:08:
fe:75:bc:01:06:2d:40:4a:89:83:cd:fa:69:a7:61:
11:91:16:ad:b7:33:9d:f6:06:72:c6:ed:52:d1:ff:
3f:4b:55:8b:6a:27:94:ca:8e:d1:4b:08:82:4e:c7:
66:76:bc:15:3f:73:6c:5c:e3:e8:04:f9:1b:16:92:
6c:28:06:f4:32:84:9b:31:75:b6:d4:8d:21:93:07:
4f:d8:09:42:3b:67:f6:92:4e:6c:52:33:d2:96:d4:
04:9e:b7:13:a4:19:68:43:ab:7f:9c:3a:7f:77:3f:
ce:55:17:45:83:df:87:c9:64:38:9f:a6:33:3d:81:
8e:83:8d:66:7c:d2:9f:1f:c7:27:3f:9c:c3:9a:8c:
a3:0d:87:92:1a:bb:5d:d9:52:c1:f4:25:6a:0b:ae:
e7:40:2c:4b:bc:34:10:13:3a:90:95:87:87:69:dc:
e4:4c:d4:cf:7d:c5:85:8f:00:50:25:10:65:ff:a3:
cf:37:43:24:c1:11:ad:db:9a:04:e0:f8:f2:80:2e:
a2:27:85:1e:d5:47:72:f4:6e:66:b6:96:27:d7:8a:
33:71:09:80:0a:16:cd:be:73:a5:b6:45:f9:3e:99:
5f:f0:9c:50:4b:3d:e4:c6:b7:a0:94:d3:46:87:3e:
00:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:D7:A5:DC:F9:FE:0A:9C:AB:CC:EF:55:A5:CF:2A:15:2F:37:3D:EC
X509v3 Authority Key Identifier:
keyid:82:2F:5A:6C:0B:95:64:7F:07:03:50:E6:52:4E:12:20:FB:A4:7F:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gi9abAuVZH8HA1DmUk4SIPukf6M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/5df262-2e0b-4fb7-b0d3-5d0e09a0204f/1/z9el3Pn-CpyrzO9Vpc8qFS83Pew.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/5df262-2e0b-4fb7-b0d3-5d0e09a0204f/1/gi9abAuVZH8HA1DmUk4SIPukf6M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.248.0/22
IPv6:
2a0e:a400::/29
Signature Algorithm: sha256WithRSAEncryption
59:15:92:70:fa:7a:b8:89:b3:6b:27:f9:d4:bb:21:ac:b9:94:
98:0a:b6:f7:72:87:89:6b:bf:19:ee:d5:2f:4a:0e:32:45:65:
c8:c4:c2:1b:e0:40:ac:6a:51:27:2b:20:43:a1:85:cb:44:d1:
a8:03:8f:63:a4:0f:06:00:c3:64:8a:ee:2a:ef:9c:94:18:81:
2d:54:a5:cb:da:93:a3:9a:0a:d8:15:1d:c1:a0:35:12:7e:77:
1d:09:7e:ff:89:da:3e:bb:7c:44:aa:70:52:aa:2b:ac:22:3a:
fa:cb:e5:02:4d:fc:a4:07:c6:bc:ff:86:ac:8f:b1:29:18:d2:
a9:49:7f:e7:20:56:6a:97:90:34:4d:21:12:56:60:94:ec:af:
ab:2b:cc:01:a9:9b:52:d4:da:15:de:4e:eb:75:81:f6:4f:6a:
d5:7d:ac:80:2f:25:65:3a:fc:02:b3:f2:bb:72:c0:53:1d:55:
df:d7:81:e1:8f:f9:fa:82:7e:ad:a8:8f:16:17:f4:b0:46:01:
08:9e:82:20:1f:4c:a4:f4:18:32:55:32:e6:05:8b:09:74:b3:
f4:66:08:34:09:82:60:98:7a:ed:97:d1:85:22:0a:4a:1c:1a:
49:d4:3b:94:01:90:72:a2:c0:d0:3a:ca:d7:d6:5e:b6:60:2e:
ea:cb:0b:e4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZ0vnC0/pTaPEoSK3heoKYSaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMmY1YTZjMGI5NTY0N2YwNzAzNTBlNjUyNGUxMjIwZmJh
NDdmYTMwHhcNMjYwMzI3MTQwNDE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmQ3YTVkY2Y5ZmUwYTljYWJjY2VmNTVhNWNmMmExNTJmMzczZGVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAksMY3eI9zgUaPgxisgj+dbwBBi1A
SomDzfppp2ERkRattzOd9gZyxu1S0f8/S1WLaieUyo7RSwiCTsdmdrwVP3NsXOPo
BPkbFpJsKAb0MoSbMXW21I0hkwdP2AlCO2f2kk5sUjPSltQEnrcTpBloQ6t/nDp/
dz/OVRdFg9+HyWQ4n6YzPYGOg41mfNKfH8cnP5zDmoyjDYeSGrtd2VLB9CVqC67n
QCxLvDQQEzqQlYeHadzkTNTPfcWFjwBQJRBl/6PPN0MkwRGt25oE4PjygC6iJ4Ue
1Udy9G5mtpYn14ozcQmAChbNvnOltkX5Pplf8JxQSz3kxreglNNGhz4AWwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFM/Xpdz5/gqcq8zvVaXPKhUvNz3sMB8GA1UdIwQY
MBaAFIIvWmwLlWR/BwNQ5lJOEiD7pH+jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2k5YWJBdVZaSDhIQTFEbVVrNFNJUHVrZjZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi81ZGYyNjItMmUwYi00ZmI3LWIwZDMt
NWQwZTA5YTAyMDRmLzEvejllbDNQbi1DcHlyek85VnBjOHFGUzgzUGV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi81ZGYyNjItMmUwYi00ZmI3LWIwZDMtNWQwZTA5YTAyMDRm
LzEvZ2k5YWJBdVZaSDhIQTFEbVVrNFNJUHVrZjZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCBbb4MA0E
AgACMAcDBQMqDqQAMA0GCSqGSIb3DQEBCwUAA4IBAQBZFZJw+nq4ibNrJ/nUuyGs
uZSYCrb3coeJa78Z7tUvSg4yRWXIxMIb4ECsalEnKyBDoYXLRNGoA49jpA8GAMNk
iu4q75yUGIEtVKXL2pOjmgrYFR3BoDUSfncdCX7/ido+u3xEqnBSqiusIjr6y+UC
TfykB8a8/4asj7EpGNKpSX/nIFZql5A0TSESVmCU7K+rK8wBqZtS1NoV3k7rdYH2
T2rVfayALyVlOvwCs/K7csBTHVXf14Hhj/n6gn6tqI8WF/SwRgEInoIgH0yk9Bgy
VTLmBYsJdLP0Zgg0CYJgmHrtl9GFIgpKHBpJ1DuUAZByosDQOsrX1l62YC7qywvk
-----END CERTIFICATE-----
Generated at Sun Mar 29 16:20:43 2026 by rpki-client