Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/4d4kIEppzAYUTxhzBSxEzSjFUFI.roa
File: 4d4kIEppzAYUTxhzBSxEzSjFUFI.roa (raw, json)
Hash identifier: 8GlBh6IGpfcUC/+N+Zrk9RSJpNm0YSRw0n+AvbP7eiQ=
Subject key identifier: E1:DE:24:20:4A:69:CC:06:14:4F:18:73:05:2C:44:CD:28:C5:50:52
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 019E9613F3FD2FD9F49DFBB396EB603487B4
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/4d4kIEppzAYUTxhzBSxEzSjFUFI.roa
Signing time: Fri 05 Jun 2026 04:39:10 +0000
ROA not before: Fri 05 Jun 2026 04:39:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 42610
IP address blocks: 5.228.0.0/16 maxlen: 16
5.228.80.0/23 maxlen: 23
5.228.82.0/23 maxlen: 23
5.228.112.0/23 maxlen: 23
5.228.114.0/23 maxlen: 23
5.228.116.0/23 maxlen: 23
5.228.118.0/23 maxlen: 23
37.110.0.0/17 maxlen: 17
37.110.128.0/19 maxlen: 19
37.204.0.0/16 maxlen: 16
46.242.0.0/17 maxlen: 17
46.242.8.0/22 maxlen: 22
46.242.12.0/22 maxlen: 22
77.37.128.0/17 maxlen: 17
83.166.227.0/24 maxlen: 24
84.253.64.0/18 maxlen: 18
85.30.192.0/18 maxlen: 18
85.172.171.0/24 maxlen: 24
90.154.64.0/18 maxlen: 18
90.154.70.0/23 maxlen: 23
90.154.72.0/23 maxlen: 23
90.156.172.0/22 maxlen: 22
94.25.55.0/24 maxlen: 24
95.84.128.0/18 maxlen: 18
95.84.192.0/18 maxlen: 18
109.173.0.0/17 maxlen: 17
178.140.0.0/16 maxlen: 16
185.19.20.0/22 maxlen: 22
188.32.0.0/16 maxlen: 16
188.255.0.0/17 maxlen: 17
217.12.41.0/24 maxlen: 24
2a02:2168::/29 maxlen: 29
2a02:2168::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 15:01:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:96:13:f3:fd:2f:d9:f4:9d:fb:b3:96:eb:60:34:87:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Jun 5 04:39:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e1de24204a69cc06144f1873052c44cd28c55052
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:68:14:73:71:ac:84:92:37:f1:10:cc:fc:7d:
37:2c:45:92:e7:b8:cb:32:90:00:a5:45:d4:d7:2f:
4e:76:5a:ad:25:03:bb:ec:6f:53:10:b5:9a:ae:78:
27:c9:4b:9c:99:05:d2:0a:b7:3a:8f:e8:10:56:d6:
b1:b2:3e:91:09:f0:1f:0e:2e:75:46:e8:23:f4:ee:
75:c1:12:03:67:a7:b2:c2:6a:b0:90:b7:42:71:3c:
89:92:ba:7c:f1:43:9d:4f:8d:b1:d6:ca:f7:3a:07:
64:74:b0:c6:0e:2d:15:32:41:c0:c1:3d:ef:3d:78:
22:e1:8c:e1:40:ed:90:d8:e4:70:0f:40:fa:8e:2e:
36:a3:21:aa:9f:eb:d7:db:6e:2a:ab:c9:fb:e8:47:
89:69:30:73:29:0a:db:68:11:57:d8:b7:3d:79:8a:
21:70:00:54:9c:29:92:8a:40:38:1b:2e:da:53:02:
23:46:a2:28:09:ae:43:7c:04:06:53:4f:d0:55:37:
bd:ec:d2:78:a4:d4:13:36:5d:cb:55:2b:79:3c:ac:
5b:1e:4e:03:5b:65:cc:09:30:20:a5:1b:55:28:32:
05:98:9a:97:8a:65:d0:22:6b:b6:94:e2:53:40:13:
4c:0e:42:f8:3f:c3:a6:f9:98:8a:22:3e:82:14:a5:
9f:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:DE:24:20:4A:69:CC:06:14:4F:18:73:05:2C:44:CD:28:C5:50:52
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/4d4kIEppzAYUTxhzBSxEzSjFUFI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.228.0.0/16
37.110.0.0-37.110.159.255
37.204.0.0/16
46.242.0.0/17
77.37.128.0/17
83.166.227.0/24
84.253.64.0/18
85.30.192.0/18
85.172.171.0/24
90.154.64.0/18
90.156.172.0/22
94.25.55.0/24
95.84.128.0/17
109.173.0.0/17
178.140.0.0/16
185.19.20.0/22
188.32.0.0/16
188.255.0.0/17
217.12.41.0/24
IPv6:
2a02:2168::/29
Signature Algorithm: sha256WithRSAEncryption
12:be:57:8a:3c:da:6d:72:96:5c:7a:6d:01:25:56:75:45:56:
66:62:5b:c7:f3:2a:a0:b5:b9:52:de:cf:75:c5:e6:2a:2f:31:
b0:98:6e:fc:07:da:a8:23:ea:19:e4:ce:01:0b:45:16:17:c9:
dd:b7:8f:66:55:3c:b4:c4:f5:74:9c:81:aa:2a:1b:20:6a:c7:
6a:75:a6:14:73:e8:d3:07:f8:77:c7:2f:ac:59:73:94:87:42:
f4:c4:9a:af:73:f7:97:cb:19:fd:68:d7:18:3c:3c:36:dd:f6:
4a:b6:c5:9c:3e:b6:51:19:ca:88:d2:36:d5:3c:7e:1b:8c:d0:
d0:ff:ad:ab:97:16:52:2a:b3:16:b1:27:59:46:a7:50:90:4f:
9c:8f:86:79:ac:5c:cf:10:a9:24:75:ec:a6:3b:af:6d:b3:7a:
1a:a9:4b:8f:45:db:5a:82:6d:93:bd:64:d7:3f:a2:40:9a:e8:
1b:00:02:71:8d:88:53:dd:9f:6b:7c:b4:3d:1e:2f:19:af:a0:
3e:fa:89:57:59:ba:64:7f:da:41:7e:a3:04:b7:b0:77:76:f2:
cd:ec:2d:bd:b3:4c:fe:93:bd:70:bf:b8:b1:12:c1:d9:fd:68:
6e:fa:a1:b9:a3:a7:59:6a:8a:2f:ba:db:c4:6e:24:4d:1d:e1:
26:b7:b9:8c
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgISAZ6WE/P9L9n0nfuzlutgNIe0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjYwNjA1MDQzOTEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWRlMjQyMDRhNjljYzA2MTQ0ZjE4NzMwNTJjNDRjZDI4YzU1MDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsGgUc3GshJI38RDM/H03LEWS57jL
MpAApUXU1y9OdlqtJQO77G9TELWarngnyUucmQXSCrc6j+gQVtaxsj6RCfAfDi51
Rugj9O51wRIDZ6eywmqwkLdCcTyJkrp88UOdT42x1sr3OgdkdLDGDi0VMkHAwT3v
PXgi4YzhQO2Q2ORwD0D6ji42oyGqn+vX224qq8n76EeJaTBzKQrbaBFX2Lc9eYoh
cABUnCmSikA4Gy7aUwIjRqIoCa5DfAQGU0/QVTe97NJ4pNQTNl3LVSt5PKxbHk4D
W2XMCTAgpRtVKDIFmJqXimXQImu2lOJTQBNMDkL4P8Om+ZiKIj6CFKWffwIDAQAB
o4ICijCCAoYwHQYDVR0OBBYEFOHeJCBKacwGFE8YcwUsRM0oxVBSMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvNGQ0a0lFcHB6QVlVVHhoekJTeEV6U2pGVUZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGfBggrBgEFBQcBBwEB/wSBjzCBjDB7BAIAATB1AwMABeQw
CwMDASVuAwQFJW6AAwMAJcwDBAcu8gADBAdNJYADBABTpuMDBAZU/UADBAZVHsAD
BABVrKsDBAZamkADBAJanKwDBABeGTcDBAdfVIADBAdtrQADAwCyjAMEArkTFAMD
ALwgAwQHvP8AAwQA2QwpMA0EAgACMAcDBQMqAiFoMA0GCSqGSIb3DQEBCwUAA4IB
AQASvleKPNptcpZcem0BJVZ1RVZmYlvH8yqgtblS3s91xeYqLzGwmG78B9qoI+oZ
5M4BC0UWF8ndt49mVTy0xPV0nIGqKhsgasdqdaYUc+jTB/h3xy+sWXOUh0L0xJqv
c/eXyxn9aNcYPDw23fZKtsWcPrZRGcqI0jbVPH4bjNDQ/62rlxZSKrMWsSdZRqdQ
kE+cj4Z5rFzPEKkkdeymO69ts3oaqUuPRdtagm2TvWTXP6JAmugbAAJxjYhT3Z9r
fLQ9Hi8Zr6A++olXWbpkf9pBfqMEt7B3dvLN7C29s0z+k71wv7ixEsHZ/Whu+qG5
o6dZaoovutvEbiRNHeEmt7mM
-----END CERTIFICATE-----
Generated at Fri Jun 12 01:01:06 2026 by rpki-client