Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/u_iH0hsKvHsDEAkIEjMt-T_ishQ.roa
File: u_iH0hsKvHsDEAkIEjMt-T_ishQ.roa (raw, json)
Hash identifier: U+qkCSRfc7NN/+azevaN2Q42WuEXfLc0ceYNbCHDC90=
Subject key identifier: BB:F8:87:D2:1B:0A:BC:7B:03:10:09:08:12:33:2D:F9:3F:E2:B2:14
Certificate issuer: /CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Certificate serial: 019CE3A1B501165803FB31E51FD330011861
Authority key identifier: 48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/u_iH0hsKvHsDEAkIEjMt-T_ishQ.roa
Signing time: Thu 12 Mar 2026 19:59:11 +0000
ROA not before: Thu 12 Mar 2026 19:59:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 209737
IP address blocks: 5.180.104.0/24 maxlen: 24
5.180.105.0/24 maxlen: 24
5.180.106.0/24 maxlen: 24
5.180.107.0/24 maxlen: 24
45.74.242.0/24 maxlen: 24
45.74.244.0/24 maxlen: 24
45.74.247.0/24 maxlen: 24
45.131.0.0/24 maxlen: 24
45.131.1.0/24 maxlen: 24
45.136.4.0/24 maxlen: 24
45.136.5.0/24 maxlen: 24
77.83.200.0/24 maxlen: 24
77.83.201.0/24 maxlen: 24
77.83.202.0/24 maxlen: 24
77.83.203.0/24 maxlen: 24
91.208.204.0/24 maxlen: 24
194.116.237.0/24 maxlen: 24
2a09:8780::/29 maxlen: 29
2a0f:b700::/29 maxlen: 29
2a0f:e900::/29 maxlen: 29
2a0f:eb00::/29 maxlen: 29
2a0f:eb00::/32 maxlen: 32
2a0f:eb07::/32 maxlen: 32
2a0f:ed00::/29 maxlen: 29
2a0f:ed03::/32 maxlen: 32
2a0f:f900::/29 maxlen: 29
2a13:a440::/48 maxlen: 48
2a13:a440:1::/48 maxlen: 48
2a13:a440:2::/48 maxlen: 48
2a13:a440:3::/48 maxlen: 48
2a13:a440:4::/48 maxlen: 48
2a13:a440:5::/48 maxlen: 48
2a13:a440:7::/48 maxlen: 48
2a13:a441::/32 maxlen: 32
2a13:a442::/32 maxlen: 32
2a13:a445::/32 maxlen: 32
2a13:a447::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.mft
rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 13 Mar 2026 19:59:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:e3:a1:b5:01:16:58:03:fb:31:e5:1f:d3:30:01:18:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Validity
Not Before: Mar 12 19:59:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=bbf887d21b0abc7b0310090812332df93fe2b214
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:4c:e9:47:5d:93:3c:20:3c:42:07:ef:38:fe:
aa:6e:f0:a1:6f:d5:50:a7:d2:78:4a:62:d8:07:dd:
62:7b:27:59:3b:e7:11:8f:19:c2:c9:bb:3a:b4:06:
d6:10:ea:5b:51:b9:1a:3f:d4:7c:d5:c9:d7:e7:dd:
c6:a3:37:45:72:fc:4a:bd:83:39:4c:ed:4b:ca:35:
5f:06:a0:47:d5:ec:f8:e3:07:ab:4a:f6:36:e8:80:
fa:4f:ae:92:cc:53:54:b6:31:0e:5d:84:26:0e:82:
4f:d4:36:c2:78:f4:a8:f0:66:71:2c:70:ae:8e:06:
5f:0c:25:4b:04:6b:2e:c0:f8:09:22:ae:cc:7f:e4:
bd:98:1a:6a:d0:ee:91:45:fc:e1:c3:20:9a:c4:16:
8e:72:a4:2f:b4:7c:00:f8:d6:82:3c:ba:53:24:3e:
b4:ee:40:ee:cb:a1:2f:28:18:99:d9:6a:35:d8:16:
aa:00:16:21:da:4c:27:49:b7:f7:ad:8f:90:e5:8d:
4e:c5:f8:eb:60:1d:12:39:65:1d:20:d4:42:12:a3:
fe:55:6d:9d:bf:17:93:8d:52:d2:ea:15:50:5a:e1:
83:c6:52:89:45:ca:34:dd:c4:36:e2:8a:c3:ea:67:
0c:fd:7b:0f:c3:da:28:f1:a2:9a:57:e5:0c:3c:81:
00:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:F8:87:D2:1B:0A:BC:7B:03:10:09:08:12:33:2D:F9:3F:E2:B2:14
X509v3 Authority Key Identifier:
keyid:48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/u_iH0hsKvHsDEAkIEjMt-T_ishQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.104.0/22
45.74.242.0/24
45.74.244.0/24
45.74.247.0/24
45.131.0.0/23
45.136.4.0/23
77.83.200.0/22
91.208.204.0/24
194.116.237.0/24
IPv6:
2a09:8780::/29
2a0f:b700::/29
2a0f:e900::/29
2a0f:eb00::/29
2a0f:ed00::/29
2a0f:f900::/29
2a13:a440::-2a13:a440:5:ffff:ffff:ffff:ffff:ffff
2a13:a440:7::/48
2a13:a441::-2a13:a442:ffff:ffff:ffff:ffff:ffff:ffff
2a13:a445::/32
2a13:a447::/32
Signature Algorithm: sha256WithRSAEncryption
97:ec:d0:ec:68:5c:73:96:14:4d:7b:f3:c9:11:0b:11:d5:c7:
da:56:5a:b3:aa:37:0b:c9:1a:fb:cc:98:4b:38:a2:0d:de:d4:
69:d0:b5:65:cb:2b:63:14:4a:c3:e0:c3:17:57:aa:99:fb:80:
9d:5d:bd:cd:e0:ff:2d:87:01:35:c2:69:b6:db:6f:45:1c:04:
da:5d:d8:fb:16:aa:94:c2:1e:0e:ec:a9:9b:79:9b:9a:13:97:
dc:c7:7a:ba:e5:7f:c1:71:30:05:17:fa:c3:24:94:5e:cd:9b:
17:90:73:ba:b5:72:71:c0:6a:cb:4a:c3:80:86:dd:20:01:d2:
8d:ea:37:e0:be:b5:c2:c9:5c:66:c8:b4:78:ea:a3:9a:cd:bb:
33:77:70:e6:cb:99:76:7e:b4:d2:1d:d6:4f:4f:b3:32:80:1d:
34:b3:68:82:c6:aa:e2:48:c4:a4:ca:6f:b1:ed:62:49:83:cf:
e3:94:cb:f6:fd:a8:8b:28:58:70:e2:1f:ea:68:e1:fc:70:f0:
1d:7a:91:3d:3a:c0:fb:6c:a8:14:99:79:40:7f:9c:b0:aa:54:
74:6f:44:72:67:d3:9d:5b:41:ab:f7:d9:87:6a:c0:0f:89:8c:
a3:cd:d0:1b:f0:29:c0:15:ea:47:57:ec:1d:5a:a4:9f:af:44:
1e:07:f6:83
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgISAZzjobUBFlgD+zHlH9MwARhhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MDVmMTdjMmQ3MTMzZDJkYWQzYThkZjdlMzUzMTVlMzdl
ZjVkYWYwHhcNMjYwMzEyMTk1OTExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmY4ODdkMjFiMGFiYzdiMDMxMDA5MDgxMjMzMmRmOTNmZTJiMjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs0zpR12TPCA8QgfvOP6qbvChb9VQ
p9J4SmLYB91ieydZO+cRjxnCybs6tAbWEOpbUbkaP9R81cnX593GozdFcvxKvYM5
TO1LyjVfBqBH1ez44werSvY26ID6T66SzFNUtjEOXYQmDoJP1DbCePSo8GZxLHCu
jgZfDCVLBGsuwPgJIq7Mf+S9mBpq0O6RRfzhwyCaxBaOcqQvtHwA+NaCPLpTJD60
7kDuy6EvKBiZ2Wo12BaqABYh2kwnSbf3rY+Q5Y1OxfjrYB0SOWUdINRCEqP+VW2d
vxeTjVLS6hVQWuGDxlKJRco03cQ24orD6mcM/XsPw9oo8aKaV+UMPIEAoQIDAQAB
o4ICpzCCAqMwHQYDVR0OBBYEFLv4h9IbCrx7AxAJCBIzLfk/4rIUMB8GA1UdIwQY
MBaAFEgF8XwtcTPS2tOo3341MV43712vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUt
NWRkNmUyMmViYWIwLzEvdV9pSDBoc0t2SHNERUFrSUVqTXQtVF9pc2hRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUtNWRkNmUyMmViYWIw
LzEvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG8BggrBgEFBQcBBwEB/wSBrDCBqTA8BAIAATA2AwQCBbRo
AwQALUryAwQALUr0AwQALUr3AwQBLYMAAwQBLYgEAwQCTVPIAwQAW9DMAwQAwnTt
MGkEAgACMGMDBQMqCYeAAwUDKg+3AAMFAyoP6QADBQMqD+sAAwUDKg/tAAMFAyoP
+QAwEAMFBioTpEADBwEqE6RAAAQDBwAqE6RAAAcwDgMFACoTpEEDBQAqE6RCAwUA
KhOkRQMFACoTpEcwDQYJKoZIhvcNAQELBQADggEBAJfs0OxoXHOWFE1788kRCxHV
x9pWWrOqNwvJGvvMmEs4og3e1GnQtWXLK2MUSsPgwxdXqpn7gJ1dvc3g/y2HATXC
abbbb0UcBNpd2PsWqpTCHg7sqZt5m5oTl9zHerrlf8FxMAUX+sMklF7NmxeQc7q1
cnHAastKw4CG3SAB0o3qN+C+tcLJXGbItHjqo5rNuzN3cObLmXZ+tNId1k9PszKA
HTSzaILGquJIxKTKb7HtYkmDz+OUy/b9qIsoWHDiH+po4fxw8B16kT06wPtsqBSZ
eUB/nLCqVHRvRHJn051bQav32YdqwA+JjKPN0BvwKcAV6kdX7B1apJ+vRB4H9oM=
-----END CERTIFICATE-----
Generated at Fri Mar 13 03:25:47 2026 by rpki-client