Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/VK5e9DK0DhgaKQI3LHdm3wAeqeY.roa
File: VK5e9DK0DhgaKQI3LHdm3wAeqeY.roa (raw, json)
Hash identifier: 2cMavweMxJunrSTqXoVWNxU6MdLsPVxfOvpx18sF5Wc=
Subject key identifier: 54:AE:5E:F4:32:B4:0E:18:1A:29:02:37:2C:77:66:DF:00:1E:A9:E6
Certificate issuer: /CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Certificate serial: 019CB83DDAA891CBB6DB2E524FC6BFE6B29B
Authority key identifier: 48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/VK5e9DK0DhgaKQI3LHdm3wAeqeY.roa
Signing time: Wed 04 Mar 2026 09:46:27 +0000
ROA not before: Wed 04 Mar 2026 09:46:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 209737
IP address blocks: 5.180.104.0/24 maxlen: 24
5.180.105.0/24 maxlen: 24
5.180.106.0/24 maxlen: 24
5.180.107.0/24 maxlen: 24
45.74.242.0/24 maxlen: 24
45.74.243.0/24 maxlen: 24
45.74.244.0/24 maxlen: 24
45.74.247.0/24 maxlen: 24
45.131.0.0/24 maxlen: 24
45.131.1.0/24 maxlen: 24
45.136.4.0/24 maxlen: 24
45.136.5.0/24 maxlen: 24
77.83.200.0/24 maxlen: 24
77.83.201.0/24 maxlen: 24
77.83.202.0/24 maxlen: 24
77.83.203.0/24 maxlen: 24
91.208.204.0/24 maxlen: 24
194.116.237.0/24 maxlen: 24
2a09:8780::/29 maxlen: 29
2a0f:b700::/29 maxlen: 29
2a0f:e900::/29 maxlen: 29
2a0f:eb00::/29 maxlen: 29
2a0f:eb00::/32 maxlen: 32
2a0f:eb07::/32 maxlen: 32
2a0f:ed00::/29 maxlen: 29
2a0f:ed03::/32 maxlen: 32
2a0f:f900::/29 maxlen: 29
2a13:a440::/48 maxlen: 48
2a13:a440:1::/48 maxlen: 48
2a13:a440:2::/48 maxlen: 48
2a13:a440:3::/48 maxlen: 48
2a13:a440:4::/48 maxlen: 48
2a13:a440:5::/48 maxlen: 48
2a13:a440:7::/48 maxlen: 48
2a13:a441::/32 maxlen: 32
2a13:a442::/32 maxlen: 32
2a13:a445::/32 maxlen: 32
2a13:a447::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.mft
rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Mar 2026 18:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:b8:3d:da:a8:91:cb:b6:db:2e:52:4f:c6:bf:e6:b2:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Validity
Not Before: Mar 4 09:46:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=54ae5ef432b40e181a2902372c7766df001ea9e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:31:ca:48:ef:73:16:e2:44:f0:10:67:fd:8c:
fb:b3:fe:71:20:be:55:9b:a5:70:97:f0:11:5b:ed:
37:cb:2a:1d:1e:e6:93:33:f6:99:bf:3f:83:de:60:
f7:98:70:87:fb:da:a5:91:fb:22:71:3f:d0:9b:1e:
10:04:06:fd:cd:5a:44:31:c9:c6:e1:e1:e5:91:20:
17:27:07:a3:e0:8d:65:bf:0b:91:0d:6a:b2:08:7a:
e5:7a:31:17:ee:b2:d3:08:60:22:20:30:3b:04:27:
6d:a1:3a:6e:18:f4:0a:9e:7d:ca:26:d4:72:a7:b8:
9e:04:e3:15:3c:88:ed:d1:27:a1:62:f9:a3:84:f9:
d9:39:86:20:12:17:b2:11:d1:14:7b:2a:1f:56:bf:
07:ac:6b:3d:0c:10:bb:ec:92:f7:20:c8:f2:ab:ec:
c9:37:19:f1:60:01:af:4b:97:23:a4:7f:5d:b6:88:
0d:5c:72:8e:75:36:b4:93:15:f1:79:7a:de:b5:f9:
ef:f8:fc:5b:8f:e7:b4:81:fe:ef:8d:f3:00:a9:f1:
be:d1:fb:59:67:4f:d5:fa:d2:75:f7:a7:5d:0d:bc:
e0:f8:0a:9c:ca:e5:c5:81:9d:7e:08:b9:f5:ec:82:
94:ab:b3:b4:cf:a1:c4:0d:3b:60:05:6e:f8:0a:e8:
ef:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:AE:5E:F4:32:B4:0E:18:1A:29:02:37:2C:77:66:DF:00:1E:A9:E6
X509v3 Authority Key Identifier:
keyid:48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/VK5e9DK0DhgaKQI3LHdm3wAeqeY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.104.0/22
45.74.242.0-45.74.244.255
45.74.247.0/24
45.131.0.0/23
45.136.4.0/23
77.83.200.0/22
91.208.204.0/24
194.116.237.0/24
IPv6:
2a09:8780::/29
2a0f:b700::/29
2a0f:e900::/29
2a0f:eb00::/29
2a0f:ed00::/29
2a0f:f900::/29
2a13:a440::-2a13:a440:5:ffff:ffff:ffff:ffff:ffff
2a13:a440:7::/48
2a13:a441::-2a13:a442:ffff:ffff:ffff:ffff:ffff:ffff
2a13:a445::/32
2a13:a447::/32
Signature Algorithm: sha256WithRSAEncryption
83:5c:6f:47:82:57:af:0c:df:92:26:d7:5d:1d:4d:13:a4:28:
87:1e:88:a0:4c:f1:1e:50:24:b0:5b:4c:a6:bd:47:e2:91:08:
54:e3:7b:19:d6:19:72:7b:e1:2d:ec:8d:79:c1:62:42:37:e6:
d7:d3:fd:89:6f:e7:b8:d3:e9:03:b4:26:b3:2c:c0:ee:e6:da:
b4:7a:02:af:71:cf:b2:f5:43:0c:82:11:e1:3f:2b:1d:3f:18:
36:ec:36:15:bf:8c:46:41:92:3f:76:fc:0b:f0:d2:fa:6e:77:
38:92:d7:4d:6e:e9:45:28:67:eb:92:e1:e6:ac:85:e9:ff:f1:
82:dd:b9:82:4d:88:54:22:a2:4b:73:13:c3:88:de:66:c3:34:
6b:50:cd:3c:91:44:04:d0:9f:b0:9f:20:ed:01:61:63:61:44:
55:d1:05:16:e8:66:e6:ad:08:68:c5:2a:d2:e3:b6:f7:f9:e5:
71:96:0a:e2:e8:0c:96:6f:7f:a7:5d:90:c8:3d:95:ae:9e:e3:
6b:e6:bc:44:a3:cc:3f:ee:b2:14:81:07:29:35:c9:bf:f6:49:
33:1a:a4:2a:14:98:73:5d:90:1f:4f:a0:50:6f:a9:a0:e0:2f:
4d:a2:73:0b:a3:6b:d6:4d:f9:af:8b:1c:b5:87:49:1b:b9:4d:
80:06:1f:59
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgISAZy4Pdqokcu22y5ST8a/5rKbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MDVmMTdjMmQ3MTMzZDJkYWQzYThkZjdlMzUzMTVlMzdl
ZjVkYWYwHhcNMjYwMzA0MDk0NjI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NGFlNWVmNDMyYjQwZTE4MWEyOTAyMzcyYzc3NjZkZjAwMWVhOWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtTHKSO9zFuJE8BBn/Yz7s/5xIL5V
m6Vwl/ARW+03yyodHuaTM/aZvz+D3mD3mHCH+9qlkfsicT/Qmx4QBAb9zVpEMcnG
4eHlkSAXJwej4I1lvwuRDWqyCHrlejEX7rLTCGAiIDA7BCdtoTpuGPQKnn3KJtRy
p7ieBOMVPIjt0SehYvmjhPnZOYYgEheyEdEUeyofVr8HrGs9DBC77JL3IMjyq+zJ
NxnxYAGvS5cjpH9dtogNXHKOdTa0kxXxeXretfnv+Pxbj+e0gf7vjfMAqfG+0ftZ
Z0/V+tJ196ddDbzg+AqcyuXFgZ1+CLn17IKUq7O0z6HEDTtgBW74CujvFwIDAQAB
o4ICqTCCAqUwHQYDVR0OBBYEFFSuXvQytA4YGikCNyx3Zt8AHqnmMB8GA1UdIwQY
MBaAFEgF8XwtcTPS2tOo3341MV43712vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUt
NWRkNmUyMmViYWIwLzEvVks1ZTlESzBEaGdhS1FJM0xIZG0zd0FlcWVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUtNWRkNmUyMmViYWIw
LzEvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG+BggrBgEFBQcBBwEB/wSBrjCBqzA+BAIAATA4AwQCBbRo
MAwDBAEtSvIDBAAtSvQDBAAtSvcDBAEtgwADBAEtiAQDBAJNU8gDBABb0MwDBADC
dO0waQQCAAIwYwMFAyoJh4ADBQMqD7cAAwUDKg/pAAMFAyoP6wADBQMqD+0AAwUD
Kg/5ADAQAwUGKhOkQAMHASoTpEAABAMHACoTpEAABzAOAwUAKhOkQQMFACoTpEID
BQAqE6RFAwUAKhOkRzANBgkqhkiG9w0BAQsFAAOCAQEAg1xvR4JXrwzfkibXXR1N
E6Qohx6IoEzxHlAksFtMpr1H4pEIVON7GdYZcnvhLeyNecFiQjfm19P9iW/nuNPp
A7QmsyzA7ubatHoCr3HPsvVDDIIR4T8rHT8YNuw2Fb+MRkGSP3b8C/DS+m53OJLX
TW7pRShn65Lh5qyF6f/xgt25gk2IVCKiS3MTw4jeZsM0a1DNPJFEBNCfsJ8g7QFh
Y2FEVdEFFuhm5q0IaMUq0uO29/nlcZYK4ugMlm9/p12QyD2Vrp7ja+a8RKPMP+6y
FIEHKTXJv/ZJMxqkKhSYc12QH0+gUG+poOAvTaJzC6Nr1k35r4sctYdJG7lNgAYf
WQ==
-----END CERTIFICATE-----
Generated at Sun Mar 8 00:13:12 2026 by rpki-client