Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/293d36-9da2-4405-8de3-4afd8254ae43/1/rNKsSO-zpfbnWq5aqpChitFuUvI.roa
File: rNKsSO-zpfbnWq5aqpChitFuUvI.roa (raw, json)
Hash identifier: W75KxgLJZQW9cFoX6TRyyBfbiO/Gm51eUWquflxJOQQ=
Subject key identifier: AC:D2:AC:48:EF:B3:A5:F6:E7:5A:AE:5A:AA:90:A1:8A:D1:6E:52:F2
Certificate issuer: /CN=fae16b493d2a12897caf4757bb18a02eec2cde17
Certificate serial: 019E20CBA2017C62817507CDCD7F78A0357E
Authority key identifier: FA:E1:6B:49:3D:2A:12:89:7C:AF:47:57:BB:18:A0:2E:EC:2C:DE:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-uFrST0qEol8r0dXuxigLuws3hc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/293d36-9da2-4405-8de3-4afd8254ae43/1/rNKsSO-zpfbnWq5aqpChitFuUvI.roa
Signing time: Wed 13 May 2026 10:04:36 +0000
ROA not before: Wed 13 May 2026 10:04:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 12876
IP address blocks: 51.15.0.0/16 maxlen: 16
51.15.0.0/17 maxlen: 17
51.15.160.0/19 maxlen: 24
51.158.0.0/15 maxlen: 15
51.158.36.0/23 maxlen: 23
51.158.54.0/23 maxlen: 23
51.158.60.0/22 maxlen: 22
51.158.128.0/17 maxlen: 17
51.159.0.0/17 maxlen: 24
51.159.128.0/18 maxlen: 18
51.159.194.0/23 maxlen: 23
51.159.196.0/22 maxlen: 22
51.159.201.0/24 maxlen: 24
51.159.210.0/23 maxlen: 23
51.159.212.0/22 maxlen: 22
51.159.220.0/22 maxlen: 22
51.159.224.0/19 maxlen: 19
62.4.0.0/19 maxlen: 19
62.210.0.0/16 maxlen: 24
91.235.79.0/24 maxlen: 24
151.115.0.0/16 maxlen: 16
151.115.0.0/17 maxlen: 18
151.115.128.0/19 maxlen: 21
151.115.160.0/19 maxlen: 19
151.115.192.0/20 maxlen: 24
151.115.208.0/20 maxlen: 20
151.115.224.0/19 maxlen: 19
163.172.0.0/16 maxlen: 16
163.172.20.0/22 maxlen: 22
163.172.79.0/24 maxlen: 24
163.172.208.0/20 maxlen: 20
195.154.0.0/16 maxlen: 24
212.47.224.0/19 maxlen: 19
212.83.128.0/19 maxlen: 19
212.83.160.0/19 maxlen: 19
212.129.0.0/18 maxlen: 18
2001:bc8::/32 maxlen: 38
2001:bc8:1200::/39 maxlen: 48
2001:bc8:1201::/48 maxlen: 48
2001:bc8:1400::/38 maxlen: 38
2001:bc8:1800::/38 maxlen: 38
2001:bc8:1c00::/38 maxlen: 38
2001:bc8:2000::/35 maxlen: 48
2001:bc8:5400::/40 maxlen: 48
2001:bc8:e800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e3/293d36-9da2-4405-8de3-4afd8254ae43/1/1-uFrST0qEol8r0dXuxigLuws3hc.crl
rsync://rpki.ripe.net/repository/DEFAULT/e3/293d36-9da2-4405-8de3-4afd8254ae43/1/1-uFrST0qEol8r0dXuxigLuws3hc.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-uFrST0qEol8r0dXuxigLuws3hc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 17 May 2026 10:01:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:20:cb:a2:01:7c:62:81:75:07:cd:cd:7f:78:a0:35:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fae16b493d2a12897caf4757bb18a02eec2cde17
Validity
Not Before: May 13 10:04:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=acd2ac48efb3a5f6e75aae5aaa90a18ad16e52f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:7c:dd:b1:13:ea:8d:87:58:5e:76:11:ad:07:
18:ec:92:8b:ae:e1:33:be:26:19:59:34:1b:b9:f9:
ab:4b:7c:88:cd:ac:e9:8c:bc:4f:20:c4:ad:75:3d:
6a:2a:d8:de:cb:eb:c5:26:e6:4b:68:74:d5:88:0d:
38:25:e5:70:08:78:44:d2:a9:e0:7f:38:13:d6:72:
70:45:5e:05:21:75:c8:36:ca:96:e6:58:94:9e:1d:
87:ba:a9:82:43:60:8c:ce:d5:d8:a0:6c:3e:0e:38:
0e:aa:44:cf:3d:62:ac:49:a9:28:6f:7d:80:88:29:
d0:cf:fa:7e:fc:eb:3d:2e:c8:e9:f4:04:1c:38:3f:
d8:fa:b9:97:99:6a:9f:57:e6:80:2d:e7:7e:0e:c4:
12:b3:eb:ae:c9:93:1b:68:63:d6:0e:58:95:41:c3:
bb:fa:a6:b3:8d:de:f4:0f:fa:9a:b2:03:fc:24:90:
c6:56:dd:eb:7d:06:b5:b6:a5:19:19:9d:7f:99:93:
23:4d:40:79:e1:08:a1:4c:1d:31:d7:14:39:87:74:
86:98:9a:9e:c5:a2:2b:bd:e6:32:66:07:78:64:c6:
2f:1d:c0:37:ae:5b:c6:56:fc:11:c9:e2:65:7a:54:
fe:8a:43:08:2e:9a:bc:d0:d4:49:b0:c5:46:79:aa:
12:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:D2:AC:48:EF:B3:A5:F6:E7:5A:AE:5A:AA:90:A1:8A:D1:6E:52:F2
X509v3 Authority Key Identifier:
keyid:FA:E1:6B:49:3D:2A:12:89:7C:AF:47:57:BB:18:A0:2E:EC:2C:DE:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-uFrST0qEol8r0dXuxigLuws3hc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/293d36-9da2-4405-8de3-4afd8254ae43/1/rNKsSO-zpfbnWq5aqpChitFuUvI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/293d36-9da2-4405-8de3-4afd8254ae43/1/1-uFrST0qEol8r0dXuxigLuws3hc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.15.0.0/16
51.158.0.0/15
62.4.0.0/19
62.210.0.0/16
91.235.79.0/24
151.115.0.0/16
163.172.0.0/16
195.154.0.0/16
212.47.224.0/19
212.83.128.0/18
212.129.0.0/18
IPv6:
2001:bc8::/32
Signature Algorithm: sha256WithRSAEncryption
70:f2:cd:00:25:8b:18:bd:f3:6c:91:04:aa:c4:17:f8:ac:fa:
1e:78:9e:44:b5:08:fb:4d:cf:f4:80:1a:79:7e:f6:6e:90:4c:
65:d5:6e:47:7c:c7:70:9f:27:cc:5d:d5:34:d9:78:ca:3c:05:
87:9b:34:6e:af:78:7a:a3:20:0a:10:ed:c0:2b:8d:52:5d:ab:
51:0d:de:17:8a:ea:de:d7:fa:f2:73:99:05:ef:bc:26:be:a4:
a0:68:3a:16:db:a6:68:b6:1c:30:a6:dd:ee:d0:21:f0:cd:89:
53:42:57:bb:f4:93:ce:fa:fa:73:45:06:7f:2a:e6:7c:ef:02:
d9:66:05:98:80:b2:e8:4f:20:ac:77:32:97:f7:7e:cf:74:96:
7d:55:67:32:37:70:1e:81:0f:ad:86:a5:6a:52:13:39:94:8e:
73:60:5e:f5:38:d9:71:d4:e4:85:3a:91:08:89:de:34:83:ef:
ad:99:ba:e8:ab:57:02:1b:b0:36:09:15:ce:e3:67:29:5f:6f:
7c:fe:eb:4e:20:f5:fe:f8:c6:e1:dc:ea:94:60:7d:4c:05:2a:
e1:37:46:5a:4f:a3:c0:7f:2c:84:de:3b:b2:5e:e4:33:fa:e4:
1e:52:e1:78:45:b1:73:35:c8:8f:76:42:7b:84:ce:8a:86:50:
f5:65:0c:14
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAZ4gy6IBfGKBdQfNzX94oDV+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhZTE2YjQ5M2QyYTEyODk3Y2FmNDc1N2JiMThhMDJlZWMy
Y2RlMTcwHhcNMjYwNTEzMTAwNDM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2QyYWM0OGVmYjNhNWY2ZTc1YWFlNWFhYTkwYTE4YWQxNmU1MmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3nzdsRPqjYdYXnYRrQcY7JKLruEz
viYZWTQbufmrS3yIzazpjLxPIMStdT1qKtjey+vFJuZLaHTViA04JeVwCHhE0qng
fzgT1nJwRV4FIXXINsqW5liUnh2HuqmCQ2CMztXYoGw+DjgOqkTPPWKsSakob32A
iCnQz/p+/Os9Lsjp9AQcOD/Y+rmXmWqfV+aALed+DsQSs+uuyZMbaGPWDliVQcO7
+qazjd70D/qasgP8JJDGVt3rfQa1tqUZGZ1/mZMjTUB54QihTB0x1xQ5h3SGmJqe
xaIrveYyZgd4ZMYvHcA3rlvGVvwRyeJlelT+ikMILpq80NRJsMVGeaoSRQIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFKzSrEjvs6X251quWqqQoYrRblLyMB8GA1UdIwQY
MBaAFPrha0k9KhKJfK9HV7sYoC7sLN4XMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS11RnJTVDBxRW9sOHIwZFh1eGlnTHV3czNoYy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTMvMjkzZDM2LTlkYTItNDQwNS04ZGUz
LTRhZmQ4MjU0YWU0My8xL3JOS3NTTy16cGZibldxNWFxcENoaXRGdVV2SS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZTMvMjkzZDM2LTlkYTItNDQwNS04ZGUzLTRhZmQ4MjU0YWU0
My8xLzEtdUZyU1QwcUVvbDhyMGRYdXhpZ0x1d3MzaGMuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwZAYIKwYBBQUHAQcBAf8EVTBTMEIEAgABMDwDAwAzDwMD
ATOeAwQFPgQAAwMAPtIDBABb608DAwCXcwMDAKOsAwMAw5oDBAXUL+ADBAbUU4AD
BAbUgQAwDQQCAAIwBwMFACABC8gwDQYJKoZIhvcNAQELBQADggEBAHDyzQAlixi9
82yRBKrEF/is+h54nkS1CPtNz/SAGnl+9m6QTGXVbkd8x3CfJ8xd1TTZeMo8BYeb
NG6veHqjIAoQ7cArjVJdq1EN3heK6t7X+vJzmQXvvCa+pKBoOhbbpmi2HDCm3e7Q
IfDNiVNCV7v0k876+nNFBn8q5nzvAtlmBZiAsuhPIKx3Mpf3fs90ln1VZzI3cB6B
D62GpWpSEzmUjnNgXvU42XHU5IU6kQiJ3jSD762ZuuirVwIbsDYJFc7jZylfb3z+
604g9f74xuHc6pRgfUwFKuE3RlpPo8B/LITeO7Je5DP65B5S4XhFsXM1yI92QnuE
zoqGUPVlDBQ=
-----END CERTIFICATE-----
Generated at Sat May 16 17:10:06 2026 by rpki-client