Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/b8ed2d-3545-4599-97e5-1523803fadaf/1/cc1TTqmdRs97AUGnV9VmDxVcmEY.roa
File: cc1TTqmdRs97AUGnV9VmDxVcmEY.roa (raw, json)
Hash identifier: 0frevua5I/QSYlx9nukpKBzsUYerNRu+NzKXQNZQtFQ=
Subject key identifier: 71:CD:53:4E:A9:9D:46:CF:7B:01:41:A7:57:D5:66:0F:15:5C:98:46
Certificate issuer: /CN=a18164d9961a16d2eff773f5027821e9d2bd3740
Certificate serial: 019ED46792C9F02BF3A708B91F0EB9C3C739
Authority key identifier: A1:81:64:D9:96:1A:16:D2:EF:F7:73:F5:02:78:21:E9:D2:BD:37:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oYFk2ZYaFtLv93P1Angh6dK9N0A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/b8ed2d-3545-4599-97e5-1523803fadaf/1/cc1TTqmdRs97AUGnV9VmDxVcmEY.roa
Signing time: Wed 17 Jun 2026 07:06:57 +0000
ROA not before: Wed 17 Jun 2026 07:06:57 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 42652
IP address blocks: 5.45.0.0/21 maxlen: 21
5.100.128.0/20 maxlen: 20
37.157.40.0/21 maxlen: 21
46.165.128.0/18 maxlen: 18
77.244.96.0/20 maxlen: 20
80.74.48.0/20 maxlen: 22
89.21.96.0/19 maxlen: 19
109.75.208.0/20 maxlen: 20
128.0.96.0/21 maxlen: 21
128.0.100.0/22 maxlen: 22
131.117.144.0/20 maxlen: 20
131.117.152.0/22 maxlen: 22
156.67.128.0/20 maxlen: 20
156.67.128.0/22 maxlen: 22
156.67.132.0/22 maxlen: 22
156.67.136.0/22 maxlen: 22
156.67.140.0/22 maxlen: 22
178.76.128.0/18 maxlen: 18
185.7.208.0/22 maxlen: 22
185.18.128.0/22 maxlen: 22
185.74.180.0/22 maxlen: 22
188.210.0.0/18 maxlen: 18
188.210.44.0/24 maxlen: 24
188.210.56.0/22 maxlen: 22
188.210.60.0/22 maxlen: 22
212.43.64.0/19 maxlen: 19
2a01:5c0::/32 maxlen: 32
2a01:5c0:64::/48 maxlen: 48
2a02:6d40::/32 maxlen: 32
2a03:4920::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/b8ed2d-3545-4599-97e5-1523803fadaf/1/oYFk2ZYaFtLv93P1Angh6dK9N0A.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/b8ed2d-3545-4599-97e5-1523803fadaf/1/oYFk2ZYaFtLv93P1Angh6dK9N0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/oYFk2ZYaFtLv93P1Angh6dK9N0A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Jun 2026 02:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:d4:67:92:c9:f0:2b:f3:a7:08:b9:1f:0e:b9:c3:c7:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a18164d9961a16d2eff773f5027821e9d2bd3740
Validity
Not Before: Jun 17 07:06:57 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=71cd534ea99d46cf7b0141a757d5660f155c9846
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:a3:ab:7f:e4:72:75:67:0f:85:e2:e0:98:1b:
ff:d7:8b:64:4b:a1:38:57:75:cf:02:00:8a:37:23:
96:26:2f:7b:94:00:59:1b:4f:09:34:d7:08:d1:84:
05:05:00:e4:44:e9:9a:9c:a2:67:c0:f2:0f:b1:3c:
22:94:8e:42:71:97:c2:53:39:8f:35:95:e0:3a:13:
5d:06:15:7b:91:7f:03:59:83:2e:18:36:b7:66:da:
72:12:ff:d8:46:cb:ab:46:1a:c0:0d:38:00:f5:64:
5a:1c:9a:3c:f1:df:3b:02:90:bf:ed:1c:29:11:49:
39:1c:b5:44:c7:a3:97:b7:cd:eb:02:fb:db:d0:7a:
9a:36:23:c3:74:91:58:75:61:85:59:22:01:ee:0c:
ad:1a:85:4b:d4:68:94:e0:2a:8b:29:ef:ff:98:1b:
e5:ee:e5:4c:98:58:83:ba:94:c0:a0:fd:40:82:a5:
8e:d8:ad:82:3b:19:39:55:ed:2e:2d:d3:50:4b:4b:
5c:6b:82:83:f8:dd:15:9d:4b:ab:fc:06:66:39:66:
8e:ef:64:ed:aa:10:8c:62:35:86:8c:d0:3a:1b:2d:
f8:86:84:67:14:96:65:29:f1:57:b5:aa:8e:55:e3:
42:93:71:af:ad:a4:69:1e:6e:3c:7b:77:d0:b3:9d:
99:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:CD:53:4E:A9:9D:46:CF:7B:01:41:A7:57:D5:66:0F:15:5C:98:46
X509v3 Authority Key Identifier:
keyid:A1:81:64:D9:96:1A:16:D2:EF:F7:73:F5:02:78:21:E9:D2:BD:37:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oYFk2ZYaFtLv93P1Angh6dK9N0A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/b8ed2d-3545-4599-97e5-1523803fadaf/1/cc1TTqmdRs97AUGnV9VmDxVcmEY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/b8ed2d-3545-4599-97e5-1523803fadaf/1/oYFk2ZYaFtLv93P1Angh6dK9N0A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.45.0.0/21
5.100.128.0/20
37.157.40.0/21
46.165.128.0/18
77.244.96.0/20
80.74.48.0/20
89.21.96.0/19
109.75.208.0/20
128.0.96.0/21
131.117.144.0/20
156.67.128.0/20
178.76.128.0/18
185.7.208.0/22
185.18.128.0/22
185.74.180.0/22
188.210.0.0/18
212.43.64.0/19
IPv6:
2a01:5c0::/32
2a02:6d40::/32
2a03:4920::/32
Signature Algorithm: sha256WithRSAEncryption
60:b6:02:40:45:28:63:88:cb:46:09:77:ed:25:68:24:58:d9:
9b:f6:b1:24:71:1f:24:d3:78:95:f7:56:d3:43:bf:d2:c4:6c:
50:58:62:38:bf:ee:2e:3c:8d:41:ff:68:74:67:9c:c9:a9:3d:
db:3c:9e:13:13:4f:25:d7:d5:2c:3a:6b:61:48:4a:2d:f4:25:
32:8e:52:7a:51:b3:fc:f3:3f:91:e6:88:d2:c7:94:c5:d9:86:
01:dc:dc:6f:f0:fd:51:37:14:9d:32:37:05:f5:25:68:95:b6:
7f:7d:44:61:2a:a2:5e:5f:ca:a4:1f:4f:7d:ce:c9:26:7b:54:
46:10:bb:47:ae:50:3a:ba:34:b4:88:b3:58:a7:43:92:d2:9f:
71:00:46:53:db:b5:7e:3d:8a:ca:d6:54:f3:7d:85:f5:58:61:
66:5b:69:18:ef:bd:51:2d:85:5f:ba:04:2c:5e:0b:e1:e2:ca:
e9:b9:42:54:55:fc:9a:a2:88:77:ff:ae:11:07:d0:fd:60:d9:
4f:0a:ff:a0:38:c6:a8:83:16:52:63:15:52:60:f3:d5:de:03:
4d:0d:8e:84:7d:89:21:74:42:18:a8:4a:eb:17:9a:06:57:78:
a4:06:96:9d:27:e3:71:38:c4:7a:bc:66:fe:46:5b:c2:35:59:
8d:9d:d8:2b
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgISAZ7UZ5LJ8Cvzpwi5Hw65w8c5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExODE2NGQ5OTYxYTE2ZDJlZmY3NzNmNTAyNzgyMWU5ZDJi
ZDM3NDAwHhcNMjYwNjE3MDcwNjU3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWNkNTM0ZWE5OWQ0NmNmN2IwMTQxYTc1N2Q1NjYwZjE1NWM5ODQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsaOrf+RydWcPheLgmBv/14tkS6E4
V3XPAgCKNyOWJi97lABZG08JNNcI0YQFBQDkROmanKJnwPIPsTwilI5CcZfCUzmP
NZXgOhNdBhV7kX8DWYMuGDa3ZtpyEv/YRsurRhrADTgA9WRaHJo88d87ApC/7Rwp
EUk5HLVEx6OXt83rAvvb0HqaNiPDdJFYdWGFWSIB7gytGoVL1GiU4CqLKe//mBvl
7uVMmFiDupTAoP1AgqWO2K2COxk5Ve0uLdNQS0tca4KD+N0VnUur/AZmOWaO72Tt
qhCMYjWGjNA6Gy34hoRnFJZlKfFXtaqOVeNCk3GvraRpHm48e3fQs52ZJQIDAQAB
o4ICiTCCAoUwHQYDVR0OBBYEFHHNU06pnUbPewFBp1fVZg8VXJhGMB8GA1UdIwQY
MBaAFKGBZNmWGhbS7/dz9QJ4IenSvTdAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1lGazJaWWFGdEx2OTNQMUFuZ2g2ZEs5TjBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9iOGVkMmQtMzU0NS00NTk5LTk3ZTUt
MTUyMzgwM2ZhZGFmLzEvY2MxVFRxbWRSczk3QVVHblY5Vm1EeFZjbUVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9iOGVkMmQtMzU0NS00NTk5LTk3ZTUtMTUyMzgwM2ZhZGFm
LzEvb1lGazJaWWFGdEx2OTNQMUFuZ2g2ZEs5TjBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGeBggrBgEFBQcBBwEB/wSBjjCBizBsBAIAATBmAwQDBS0A
AwQEBWSAAwQDJZ0oAwQGLqWAAwQETfRgAwQEUEowAwQFWRVgAwQEbUvQAwQDgABg
AwQEg3WQAwQEnEOAAwQGskyAAwQCuQfQAwQCuRKAAwQCuUq0AwQGvNIAAwQF1CtA
MBsEAgACMBUDBQAqAQXAAwUAKgJtQAMFACoDSSAwDQYJKoZIhvcNAQELBQADggEB
AGC2AkBFKGOIy0YJd+0laCRY2Zv2sSRxHyTTeJX3VtNDv9LEbFBYYji/7i48jUH/
aHRnnMmpPds8nhMTTyXX1Sw6a2FISi30JTKOUnpRs/zzP5HmiNLHlMXZhgHc3G/w
/VE3FJ0yNwX1JWiVtn99RGEqol5fyqQfT33OySZ7VEYQu0euUDq6NLSIs1inQ5LS
n3EARlPbtX49isrWVPN9hfVYYWZbaRjvvVEthV+6BCxeC+Hiyum5QlRV/JqiiHf/
rhEH0P1g2U8K/6A4xqiDFlJjFVJg89XeA00NjoR9iSF0QhioSusXmgZXeKQGlp0n
43E4xHq8Zv5GW8I1WY2d2Cs=
-----END CERTIFICATE-----
Generated at Mon Jun 29 10:35:36 2026 by rpki-client