Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/iAkNETtom0gkiWbj0z3vKsuDztA.roa
File: iAkNETtom0gkiWbj0z3vKsuDztA.roa (raw, json)
Hash identifier: /d5VSCGYwuzOzlm2Sjfqn5/rynmzTJuOmpsqSFsv5AM=
Subject key identifier: 88:09:0D:11:3B:68:9B:48:24:89:66:E3:D3:3D:EF:2A:CB:83:CE:D0
Certificate issuer: /CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Certificate serial: 019CE3A1B42479A319AF55C416362A8EA3F8
Authority key identifier: 48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/iAkNETtom0gkiWbj0z3vKsuDztA.roa
Signing time: Thu 12 Mar 2026 19:59:11 +0000
ROA not before: Thu 12 Mar 2026 19:59:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 48678
IP address blocks: 5.180.105.0/24 maxlen: 24
5.180.106.0/24 maxlen: 24
5.180.107.0/24 maxlen: 24
45.74.242.0/24 maxlen: 24
45.131.0.0/24 maxlen: 24
45.131.1.0/24 maxlen: 24
45.131.2.0/24 maxlen: 24
45.131.3.0/24 maxlen: 24
45.136.4.0/24 maxlen: 24
45.141.149.0/24 maxlen: 24
77.83.200.0/24 maxlen: 24
77.83.201.0/24 maxlen: 24
77.83.202.0/24 maxlen: 24
91.208.204.0/24 maxlen: 24
194.116.237.0/24 maxlen: 24
2a09:8780::/29 maxlen: 29
2a0f:b700::/29 maxlen: 29
2a0f:e900::/29 maxlen: 29
2a0f:eb00::/29 maxlen: 29
2a0f:eb05::/32 maxlen: 32
2a0f:eb07::/32 maxlen: 32
2a0f:ed00::/29 maxlen: 29
2a0f:ed03::/32 maxlen: 32
2a0f:f900::/29 maxlen: 29
2a13:a440:7::/48 maxlen: 48
2a13:a441::/32 maxlen: 32
2a13:a442::/32 maxlen: 32
2a13:a445::/32 maxlen: 32
2a13:a447::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.mft
rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 13 Mar 2026 19:59:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:e3:a1:b4:24:79:a3:19:af:55:c4:16:36:2a:8e:a3:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Validity
Not Before: Mar 12 19:59:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=88090d113b689b48248966e3d33def2acb83ced0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:ff:24:e5:7c:a2:87:0f:d8:48:a2:8a:ea:48:
53:0d:0a:a2:39:70:fb:a9:bf:25:69:66:42:21:9f:
c8:02:99:68:ac:a7:51:80:7c:45:95:ce:1d:1b:18:
b2:de:95:d5:2d:74:23:39:8e:3e:60:c4:20:dc:3b:
96:1f:68:e3:64:bc:4f:5f:34:b2:4b:96:92:8e:17:
3e:73:9d:73:98:c2:c5:d0:96:ca:29:48:55:85:43:
9d:86:0c:d3:34:ae:3e:f1:22:6d:05:5a:9d:b5:39:
53:06:c2:dc:30:97:b7:da:b4:50:8a:14:ac:b6:ae:
57:9f:ba:b2:a0:d9:57:28:78:03:8c:0f:46:4a:ae:
7f:98:2d:96:05:31:7b:3c:0d:b5:ad:98:3f:1c:12:
f3:bc:d2:e2:85:ad:7b:bc:89:7b:ae:2f:90:e9:d4:
d2:2e:dd:7b:a1:1d:41:e4:cb:c7:c7:a5:c5:e4:07:
e9:9d:b3:91:10:2b:de:e8:3d:d6:d7:90:c3:5a:d7:
a2:c2:20:e8:22:ca:39:9c:e5:72:08:79:45:88:97:
8f:89:5d:d8:0f:61:72:a6:d0:f0:bd:b8:ba:7d:0a:
b3:3c:57:28:f2:de:e7:ad:ba:26:eb:e3:c3:8a:2f:
0a:99:cb:71:06:86:a1:ba:01:0a:e1:78:38:23:70:
22:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:09:0D:11:3B:68:9B:48:24:89:66:E3:D3:3D:EF:2A:CB:83:CE:D0
X509v3 Authority Key Identifier:
keyid:48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/iAkNETtom0gkiWbj0z3vKsuDztA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.105.0-5.180.107.255
45.74.242.0/24
45.131.0.0/22
45.136.4.0/24
45.141.149.0/24
77.83.200.0-77.83.202.255
91.208.204.0/24
194.116.237.0/24
IPv6:
2a09:8780::/29
2a0f:b700::/29
2a0f:e900::/29
2a0f:eb00::/29
2a0f:ed00::/29
2a0f:f900::/29
2a13:a440:7::/48
2a13:a441::-2a13:a442:ffff:ffff:ffff:ffff:ffff:ffff
2a13:a445::/32
2a13:a447::/32
Signature Algorithm: sha256WithRSAEncryption
75:5a:c2:01:2f:49:dd:eb:77:4e:20:8e:4a:f9:de:e0:75:b4:
d4:b9:36:86:8d:7e:ba:b8:54:64:d2:ad:9b:66:bf:38:8a:8b:
96:85:17:96:01:cd:64:3f:63:51:1a:59:c0:6f:a3:9b:bd:13:
8c:bf:4c:52:56:90:7e:d8:5f:10:88:d6:e7:d1:26:3d:7b:b5:
56:d3:af:0b:ae:6b:72:4a:4e:ab:81:ea:57:27:80:54:0e:58:
a4:8e:53:8c:0c:9c:00:f0:2c:79:d2:d9:c9:0b:4d:57:aa:c8:
1d:aa:d6:73:51:a8:6a:0a:0c:47:e5:93:11:d8:4b:63:b7:75:
ed:88:8b:1f:72:59:f6:a3:54:25:71:39:b4:6b:fc:65:8b:04:
46:67:eb:2f:45:72:f5:d8:97:15:b7:dc:25:88:6c:bf:04:33:
8a:69:a9:e2:ba:9b:79:70:4f:13:7d:a2:5d:1c:1b:eb:61:7e:
34:32:fb:e9:6a:89:b3:4a:b0:95:10:86:57:4d:2c:12:d1:3a:
a6:5f:0a:9a:51:32:92:8c:0a:f6:cb:a1:a1:52:6b:6a:75:97:
e7:ad:7d:47:44:20:97:02:91:99:89:1d:5a:ac:4b:8b:c2:cd:
3d:af:d1:3a:b8:fa:43:c6:87:fc:f0:61:c6:cf:39:db:f0:e5:
da:7f:d7:d0
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgISAZzjobQkeaMZr1XEFjYqjqP4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MDVmMTdjMmQ3MTMzZDJkYWQzYThkZjdlMzUzMTVlMzdl
ZjVkYWYwHhcNMjYwMzEyMTk1OTExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODA5MGQxMTNiNjg5YjQ4MjQ4OTY2ZTNkMzNkZWYyYWNiODNjZWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu/8k5Xyihw/YSKKK6khTDQqiOXD7
qb8laWZCIZ/IAplorKdRgHxFlc4dGxiy3pXVLXQjOY4+YMQg3DuWH2jjZLxPXzSy
S5aSjhc+c51zmMLF0JbKKUhVhUOdhgzTNK4+8SJtBVqdtTlTBsLcMJe32rRQihSs
tq5Xn7qyoNlXKHgDjA9GSq5/mC2WBTF7PA21rZg/HBLzvNLiha17vIl7ri+Q6dTS
Lt17oR1B5MvHx6XF5AfpnbORECve6D3W15DDWteiwiDoIso5nOVyCHlFiJePiV3Y
D2FyptDwvbi6fQqzPFco8t7nrbom6+PDii8KmctxBoahugEK4Xg4I3AiUwIDAQAB
o4ICnzCCApswHQYDVR0OBBYEFIgJDRE7aJtIJIlm49M97yrLg87QMB8GA1UdIwQY
MBaAFEgF8XwtcTPS2tOo3341MV43712vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUt
NWRkNmUyMmViYWIwLzEvaUFrTkVUdG9tMGdraVdiajB6M3ZLc3VEenRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUtNWRkNmUyMmViYWIw
LzEvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG0BggrBgEFBQcBBwEB/wSBpDCBoTBGBAIAATBAMAwDBAAF
tGkDBAIFtGgDBAAtSvIDBAItgwADBAAtiAQDBAAtjZUwDAMEA01TyAMEAE1TygME
AFvQzAMEAMJ07TBXBAIAAjBRAwUDKgmHgAMFAyoPtwADBQMqD+kAAwUDKg/rAAMF
AyoP7QADBQMqD/kAAwcAKhOkQAAHMA4DBQAqE6RBAwUAKhOkQgMFACoTpEUDBQAq
E6RHMA0GCSqGSIb3DQEBCwUAA4IBAQB1WsIBL0nd63dOII5K+d7gdbTUuTaGjX66
uFRk0q2bZr84iouWhReWAc1kP2NRGlnAb6ObvROMv0xSVpB+2F8QiNbn0SY9e7VW
068LrmtySk6rgepXJ4BUDlikjlOMDJwA8Cx50tnJC01XqsgdqtZzUahqCgxH5ZMR
2Etjt3XtiIsfcln2o1QlcTm0a/xliwRGZ+svRXL12JcVt9wliGy/BDOKaaniupt5
cE8TfaJdHBvrYX40MvvpaomzSrCVEIZXTSwS0TqmXwqaUTKSjAr2y6GhUmtqdZfn
rX1HRCCXApGZiR1arEuLws09r9E6uPpDxof88GHGzznb8OXaf9fQ
-----END CERTIFICATE-----
Generated at Fri Mar 13 03:25:47 2026 by rpki-client