Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/Kg06NaGezROeWtBK1qTOADXp_pQ.roa
File: Kg06NaGezROeWtBK1qTOADXp_pQ.roa (raw, json)
Hash identifier: wmDFJ/5sVQtr4RNwEITHDUmCB7Qq4hdLVGdv9QNDX30=
Subject key identifier: 2A:0D:3A:35:A1:9E:CD:13:9E:5A:D0:4A:D6:A4:CE:00:35:E9:FE:94
Certificate issuer: /CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Certificate serial: 019E349629665910A45BAE4DB8664A7BE6B7
Authority key identifier: 9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/Kg06NaGezROeWtBK1qTOADXp_pQ.roa
Signing time: Sun 17 May 2026 06:18:36 +0000
ROA not before: Sun 17 May 2026 06:18:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 201150
IP address blocks: 5.202.0.0/19 maxlen: 19
5.202.16.0/20 maxlen: 20
5.202.18.0/23 maxlen: 23
5.202.18.0/24 maxlen: 24
5.202.19.0/24 maxlen: 24
5.202.20.0/23 maxlen: 23
5.202.20.0/24 maxlen: 24
5.202.21.0/24 maxlen: 24
5.202.24.0/22 maxlen: 22
5.202.28.0/22 maxlen: 22
5.202.28.0/24 maxlen: 24
5.202.29.0/24 maxlen: 24
5.202.30.0/24 maxlen: 24
5.202.31.0/24 maxlen: 24
5.202.58.0/23 maxlen: 23
5.202.60.0/22 maxlen: 22
5.202.62.0/23 maxlen: 23
5.202.64.0/23 maxlen: 23
5.202.96.0/22 maxlen: 22
5.202.132.0/22 maxlen: 22
185.103.128.0/22 maxlen: 22
185.169.20.0/22 maxlen: 22
185.169.36.0/22 maxlen: 22
185.180.52.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.mft
rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 20:26:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:34:96:29:66:59:10:a4:5b:ae:4d:b8:66:4a:7b:e6:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Validity
Not Before: May 17 06:18:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2a0d3a35a19ecd139e5ad04ad6a4ce0035e9fe94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:0c:46:ec:ad:76:ae:6d:3b:9c:fa:84:58:2c:
7d:42:fa:7c:f8:fd:55:6c:cd:77:c3:f0:d7:e6:e7:
82:3d:ef:13:73:f0:4a:63:62:03:91:90:ec:b4:60:
8b:78:ea:4b:2d:6f:11:45:58:86:34:29:05:5c:50:
e0:2b:0a:26:eb:05:49:20:68:f3:73:a8:32:ab:ef:
f3:c5:88:c9:3b:53:9b:b5:00:13:64:3f:f7:e9:ed:
17:a7:5c:19:0f:af:45:f1:6c:33:09:03:19:5c:30:
9d:ed:11:1f:f2:d1:f0:ec:eb:ab:72:62:8e:0c:d9:
8f:f9:b6:5d:5f:27:69:92:94:86:05:ec:fa:7b:fe:
5f:66:d0:4d:bd:2a:6f:d1:da:b8:9f:a1:8f:16:7e:
f4:db:b4:5c:4c:b5:95:af:2e:fb:5c:48:89:77:6d:
01:e5:b2:cd:01:6d:ae:ef:d7:ba:f6:a4:3e:cc:4e:
b3:9c:ed:28:ce:40:4b:3a:1d:17:f0:f0:3d:9f:bd:
46:31:7a:ab:65:f5:34:58:36:7a:96:17:92:55:ef:
7f:9c:5c:e0:d4:40:63:02:99:8f:cb:25:af:35:1a:
79:a2:90:d2:92:45:b4:93:ef:fe:09:02:fa:df:b8:
01:30:c4:34:b7:47:77:d1:73:09:f4:ed:5f:d6:3e:
d2:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:0D:3A:35:A1:9E:CD:13:9E:5A:D0:4A:D6:A4:CE:00:35:E9:FE:94
X509v3 Authority Key Identifier:
keyid:9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/Kg06NaGezROeWtBK1qTOADXp_pQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.202.0.0/19
5.202.58.0-5.202.65.255
5.202.96.0/22
5.202.132.0/22
185.103.128.0/22
185.169.20.0/22
185.169.36.0/22
185.180.52.0/22
Signature Algorithm: sha256WithRSAEncryption
00:9e:13:83:11:71:89:50:f4:64:b0:b2:c5:72:57:fc:43:a8:
34:d6:4b:e5:87:ea:eb:ab:42:23:0b:0b:fa:0e:3b:b6:44:ce:
da:b5:ed:36:94:78:8f:c2:51:5d:a1:c6:f8:13:61:b1:4d:89:
e1:40:e1:f1:4b:be:d7:6b:c4:9b:e6:49:89:06:25:72:25:53:
84:bc:91:1f:ea:6c:fe:a7:dc:8e:b8:80:4a:6f:6e:00:94:d9:
e3:79:f6:1a:c0:05:29:53:7e:c4:f3:3c:d2:bc:d9:f4:11:bc:
d3:f5:4a:85:18:00:ce:1c:72:a3:25:d9:96:a7:68:a0:1d:23:
59:68:91:c6:1e:41:f1:05:5c:01:36:b1:7f:dc:76:ea:7b:2a:
3f:7d:d8:a9:5d:20:87:b3:c4:7b:33:d2:cb:8a:75:bf:3d:5c:
5a:ae:50:b2:83:00:43:60:d6:4b:f6:f6:ff:d3:8f:77:e3:4d:
9d:26:b0:f1:98:fb:db:b6:25:ee:f1:e6:18:06:ca:57:07:16:
b9:34:94:85:4d:60:fd:1f:00:e0:1a:e7:03:bd:ec:69:e1:58:
16:15:c2:e7:c7:4d:b3:3a:32:0e:61:1d:69:6a:48:d8:a7:5b:
eb:8c:15:2e:81:a1:70:93:4e:b7:63:82:a4:ee:00:92:fb:3e:
9b:06:09:84
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZ40lilmWRCkW65NuGZKe+a3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMWU2OTM2OGFiZDM0NTM4ZmU3N2RkYWFiY2RjODM1YWY1
OTVlYmEwHhcNMjYwNTE3MDYxODM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTBkM2EzNWExOWVjZDEzOWU1YWQwNGFkNmE0Y2UwMDM1ZTlmZTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjQxG7K12rm07nPqEWCx9Qvp8+P1V
bM13w/DX5ueCPe8Tc/BKY2IDkZDstGCLeOpLLW8RRViGNCkFXFDgKwom6wVJIGjz
c6gyq+/zxYjJO1ObtQATZD/36e0Xp1wZD69F8WwzCQMZXDCd7REf8tHw7OurcmKO
DNmP+bZdXydpkpSGBez6e/5fZtBNvSpv0dq4n6GPFn7027RcTLWVry77XEiJd20B
5bLNAW2u79e69qQ+zE6znO0ozkBLOh0X8PA9n71GMXqrZfU0WDZ6lheSVe9/nFzg
1EBjApmPyyWvNRp5opDSkkW0k+/+CQL637gBMMQ0t0d30XMJ9O1f1j7SWQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFCoNOjWhns0TnlrQStakzgA16f6UMB8GA1UdIwQY
MBaAFJoeaTaKvTRTj+d92qvNyDWvWV66MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjIt
MTA5ODJlMDQwZDUzLzEvS2cwNk5hR2V6Uk9lV3RCSzFxVE9BRFhwX3BRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjItMTA5ODJlMDQwZDUz
LzEvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQFBcoAMAwD
BAEFyjoDBAEFykADBAIFymADBAIFyoQDBAK5Z4ADBAK5qRQDBAK5qSQDBAK5tDQw
DQYJKoZIhvcNAQELBQADggEBAACeE4MRcYlQ9GSwssVyV/xDqDTWS+WH6uurQiML
C/oOO7ZEztq17TaUeI/CUV2hxvgTYbFNieFA4fFLvtdrxJvmSYkGJXIlU4S8kR/q
bP6n3I64gEpvbgCU2eN59hrABSlTfsTzPNK82fQRvNP1SoUYAM4ccqMl2ZanaKAd
I1lokcYeQfEFXAE2sX/cdup7Kj992KldIIezxHsz0suKdb89XFquULKDAENg1kv2
9v/Tj3fjTZ0msPGY+9u2Je7x5hgGylcHFrk0lIVNYP0fAOAa5wO97GnhWBYVwufH
TbM6Mg5hHWlqSNinW+uMFS6BoXCTTrdjgqTuAJL7PpsGCYQ=
-----END CERTIFICATE-----
Generated at Fri Jun 12 05:13:50 2026 by rpki-client