Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/1a3d98-c14f-4d06-a466-d985394e3c10/1/A2yTP0lhhFqNva3nkV1odyS6nwE.roa
File: A2yTP0lhhFqNva3nkV1odyS6nwE.roa (raw, json)
Hash identifier: hsckG++ZXCzFReA5qOo98hpc0d00fMoMGiw+xttmqVs=
Subject key identifier: 03:6C:93:3F:49:61:84:5A:8D:BD:AD:E7:91:5D:68:77:24:BA:9F:01
Certificate issuer: /CN=38bc794c5fbaac632a7ffb43db14f739cd53b2c4
Certificate serial: 019E5EBF513ED145B1C15D0EAA06F883F3AE
Authority key identifier: 38:BC:79:4C:5F:BA:AC:63:2A:7F:FB:43:DB:14:F7:39:CD:53:B2:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OLx5TF-6rGMqf_tD2xT3Oc1TssQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/1a3d98-c14f-4d06-a466-d985394e3c10/1/A2yTP0lhhFqNva3nkV1odyS6nwE.roa
Signing time: Mon 25 May 2026 10:47:36 +0000
ROA not before: Mon 25 May 2026 10:47:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 35617
IP address blocks: 5.133.96.0/22 maxlen: 24
91.214.60.0/22 maxlen: 24
185.97.120.0/22 maxlen: 24
193.168.164.0/24 maxlen: 24
2a06:5c0::/29 maxlen: 32
2a09:6e00::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ef/1a3d98-c14f-4d06-a466-d985394e3c10/1/OLx5TF-6rGMqf_tD2xT3Oc1TssQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/ef/1a3d98-c14f-4d06-a466-d985394e3c10/1/OLx5TF-6rGMqf_tD2xT3Oc1TssQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/OLx5TF-6rGMqf_tD2xT3Oc1TssQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 01:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:5e:bf:51:3e:d1:45:b1:c1:5d:0e:aa:06:f8:83:f3:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38bc794c5fbaac632a7ffb43db14f739cd53b2c4
Validity
Not Before: May 25 10:47:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=036c933f4961845a8dbdade7915d687724ba9f01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:6c:7b:7e:12:c6:98:53:f5:c1:bf:f0:2b:98:
8d:db:cb:2d:80:dc:7c:f6:42:c8:50:66:c5:56:16:
bf:1d:12:e4:57:6d:19:34:a3:be:42:78:d7:85:d3:
0c:01:0f:79:e6:76:d2:ef:71:46:6f:5a:17:ae:9c:
aa:a1:5a:0d:e1:f9:06:10:08:25:e8:89:51:a2:1c:
8f:87:76:28:59:47:10:88:21:8a:00:26:ab:26:19:
a7:df:e2:7c:21:01:0a:04:23:06:99:8f:b3:1b:f6:
fd:eb:2b:d8:a2:1d:24:64:96:e0:10:0a:0a:36:20:
7c:a2:f3:ed:66:18:22:87:24:57:82:a9:68:ef:90:
b5:08:b8:1f:28:2e:86:50:a1:61:33:b8:8a:63:48:
2e:d9:67:c3:f5:fc:1b:fa:41:f1:e5:fa:b1:92:9e:
66:e8:0d:1e:aa:62:d1:92:d7:11:63:c6:c6:51:fc:
b4:ff:90:d8:8e:e9:02:c0:23:db:96:9f:9e:a6:26:
43:6c:db:39:d4:37:75:44:9e:e4:50:f0:51:f7:2d:
6e:b6:89:7f:66:9d:60:6c:43:f1:ab:69:3c:d7:3b:
4e:0d:cf:9e:ff:4c:4e:de:b9:3b:f6:8d:53:ff:5a:
51:09:e0:71:0c:36:90:3e:52:68:a2:2a:e2:c8:38:
1d:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:6C:93:3F:49:61:84:5A:8D:BD:AD:E7:91:5D:68:77:24:BA:9F:01
X509v3 Authority Key Identifier:
keyid:38:BC:79:4C:5F:BA:AC:63:2A:7F:FB:43:DB:14:F7:39:CD:53:B2:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLx5TF-6rGMqf_tD2xT3Oc1TssQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/1a3d98-c14f-4d06-a466-d985394e3c10/1/A2yTP0lhhFqNva3nkV1odyS6nwE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/1a3d98-c14f-4d06-a466-d985394e3c10/1/OLx5TF-6rGMqf_tD2xT3Oc1TssQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.96.0/22
91.214.60.0/22
185.97.120.0/22
193.168.164.0/24
IPv6:
2a06:5c0::/29
2a09:6e00::/29
Signature Algorithm: sha256WithRSAEncryption
a7:d6:93:a2:f3:70:17:59:35:6f:11:1b:12:d3:97:eb:1b:50:
89:f1:77:02:ed:64:4c:64:f8:56:c1:61:a4:6f:5b:78:35:96:
d9:c4:31:23:dc:41:85:c8:aa:87:e2:9b:a9:dc:de:e8:f7:34:
71:25:95:05:9e:40:a0:d6:42:3a:6b:52:0f:ce:60:17:cc:b0:
34:81:8c:1c:2e:d9:33:80:7b:11:f7:14:36:0a:6d:67:0f:31:
02:cb:a1:26:b9:92:ff:00:00:23:7d:db:62:b7:36:79:26:01:
b8:2b:36:48:86:e3:83:75:c9:c4:f3:c8:b6:d1:d5:ab:ac:fd:
c6:20:49:d7:fc:cd:b0:b6:5c:3e:9c:7e:7d:ac:c5:c1:94:63:
bc:e0:57:5c:21:b6:37:ef:b9:ee:c2:97:3e:73:47:b5:d7:0d:
a3:a3:d5:ae:2b:c5:e9:e8:ce:0a:39:d3:6c:c5:eb:0e:85:d8:
9a:b9:97:52:6c:91:8e:3b:55:77:0b:6a:c8:7a:64:94:08:16:
57:86:3e:ce:35:04:47:82:72:fb:99:78:1d:43:9d:d3:75:8f:
63:6a:cb:63:4e:29:dc:ae:a5:4d:9f:b6:1b:7a:5c:ea:d6:f4:
53:c9:fd:19:9c:db:2f:78:d3:25:01:d0:2f:d0:32:8e:29:24:
ed:d0:9f:65
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZ5ev1E+0UWxwV0Oqgb4g/OuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YmM3OTRjNWZiYWFjNjMyYTdmZmI0M2RiMTRmNzM5Y2Q1
M2IyYzQwHhcNMjYwNTI1MTA0NzM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzZjOTMzZjQ5NjE4NDVhOGRiZGFkZTc5MTVkNjg3NzI0YmE5ZjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtmx7fhLGmFP1wb/wK5iN28stgNx8
9kLIUGbFVha/HRLkV20ZNKO+QnjXhdMMAQ955nbS73FGb1oXrpyqoVoN4fkGEAgl
6IlRohyPh3YoWUcQiCGKACarJhmn3+J8IQEKBCMGmY+zG/b96yvYoh0kZJbgEAoK
NiB8ovPtZhgihyRXgqlo75C1CLgfKC6GUKFhM7iKY0gu2WfD9fwb+kHx5fqxkp5m
6A0eqmLRktcRY8bGUfy0/5DYjukCwCPblp+epiZDbNs51Dd1RJ7kUPBR9y1utol/
Zp1gbEPxq2k81ztODc+e/0xO3rk79o1T/1pRCeBxDDaQPlJooiriyDgd4wIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFANskz9JYYRajb2t55FdaHckup8BMB8GA1UdIwQY
MBaAFDi8eUxfuqxjKn/7Q9sU9znNU7LEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0x4NVRGLTZyR01xZl90RDJ4VDNPYzFUc3NRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi8xYTNkOTgtYzE0Zi00ZDA2LWE0NjYt
ZDk4NTM5NGUzYzEwLzEvQTJ5VFAwbGhoRnFOdmEzbmtWMW9keVM2bndFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi8xYTNkOTgtYzE0Zi00ZDA2LWE0NjYtZDk4NTM5NGUzYzEw
LzEvT0x4NVRGLTZyR01xZl90RDJ4VDNPYzFUc3NRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQCBYVgAwQC
W9Y8AwQCuWF4AwQAwaikMBQEAgACMA4DBQMqBgXAAwUDKgluADANBgkqhkiG9w0B
AQsFAAOCAQEAp9aTovNwF1k1bxEbEtOX6xtQifF3Au1kTGT4VsFhpG9beDWW2cQx
I9xBhciqh+Kbqdze6Pc0cSWVBZ5AoNZCOmtSD85gF8ywNIGMHC7ZM4B7EfcUNgpt
Zw8xAsuhJrmS/wAAI33bYrc2eSYBuCs2SIbjg3XJxPPIttHVq6z9xiBJ1/zNsLZc
Ppx+fazFwZRjvOBXXCG2N++57sKXPnNHtdcNo6PVrivF6ejOCjnTbMXrDoXYmrmX
UmyRjjtVdwtqyHpklAgWV4Y+zjUER4Jy+5l4HUOd03WPY2rLY04p3K6lTZ+2G3pc
6tb0U8n9GZzbL3jTJQHQL9Ayjikk7dCfZQ==
-----END CERTIFICATE-----
Generated at Fri Jun 12 08:43:03 2026 by rpki-client