Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/8fd6e7-496f-47cf-80fb-5468b2cf0a77/1/kwUHvF8K5DKPpyHMUkx411cQrSQ.roa
File: kwUHvF8K5DKPpyHMUkx411cQrSQ.roa (raw, json)
Hash identifier: BqDwnwYRUU7AFepo3iOTkaJL9CkTmsePW0u1PWVooCE=
Subject key identifier: 93:05:07:BC:5F:0A:E4:32:8F:A7:21:CC:52:4C:78:D7:57:10:AD:24
Certificate issuer: /CN=b155daddb871b9d6a53cd6b47f776250837f7774
Certificate serial: 019EEF576C680FA3EA0544FC397844BEC9A4
Authority key identifier: B1:55:DA:DD:B8:71:B9:D6:A5:3C:D6:B4:7F:77:62:50:83:7F:77:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVXa3bhxudalPNa0f3diUIN_d3Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/8fd6e7-496f-47cf-80fb-5468b2cf0a77/1/kwUHvF8K5DKPpyHMUkx411cQrSQ.roa
Signing time: Mon 22 Jun 2026 12:39:04 +0000
ROA not before: Mon 22 Jun 2026 12:39:04 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 9145
IP address blocks: 31.150.0.0/16 maxlen: 24
31.184.0.0/18 maxlen: 24
31.187.112.0/20 maxlen: 24
37.138.0.0/16 maxlen: 24
62.89.160.0/19 maxlen: 24
80.66.0.0/19 maxlen: 24
80.228.0.0/16 maxlen: 24
82.149.160.0/19 maxlen: 24
85.8.64.0/18 maxlen: 24
85.16.0.0/16 maxlen: 24
87.245.0.0/18 maxlen: 24
89.166.128.0/17 maxlen: 24
89.233.64.0/19 maxlen: 24
90.153.0.0/17 maxlen: 24
91.96.0.0/15 maxlen: 24
91.248.0.0/15 maxlen: 24
92.252.0.0/17 maxlen: 24
95.33.0.0/16 maxlen: 24
178.142.0.0/16 maxlen: 24
188.118.128.0/18 maxlen: 24
212.6.64.0/18 maxlen: 24
212.68.64.0/19 maxlen: 24
212.95.96.0/19 maxlen: 24
213.168.192.0/19 maxlen: 24
213.170.160.0/19 maxlen: 24
213.182.96.0/19 maxlen: 24
213.183.160.0/19 maxlen: 24
213.252.128.0/18 maxlen: 24
2a00:1470::/32 maxlen: 48
2a01:ac00::/32 maxlen: 48
2a02:8020::/30 maxlen: 48
2a02:8200::/27 maxlen: 48
2a02:8200:1:4001::/64 maxlen: 64
2a02:8200:1:4002::/64 maxlen: 64
2a02:8200:1:4003::/64 maxlen: 64
2a02:8200:1:4004::/64 maxlen: 64
2a02:8200:1:4005::/64 maxlen: 64
2a02:8200:1:4006::/64 maxlen: 64
2a02:8200:1:4007::/64 maxlen: 64
2a02:8200:1:4008::/64 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/8fd6e7-496f-47cf-80fb-5468b2cf0a77/1/sVXa3bhxudalPNa0f3diUIN_d3Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/8fd6e7-496f-47cf-80fb-5468b2cf0a77/1/sVXa3bhxudalPNa0f3diUIN_d3Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/sVXa3bhxudalPNa0f3diUIN_d3Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Jun 2026 06:01:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:ef:57:6c:68:0f:a3:ea:05:44:fc:39:78:44:be:c9:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155daddb871b9d6a53cd6b47f776250837f7774
Validity
Not Before: Jun 22 12:39:04 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=930507bc5f0ae4328fa721cc524c78d75710ad24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:bf:82:55:d6:c6:12:94:eb:f6:38:19:74:39:
13:38:d6:19:29:60:d5:2c:a4:9d:d0:eb:9f:64:69:
e3:8c:96:93:14:ae:a8:c1:0c:33:b5:36:58:8e:f5:
85:7c:09:7b:8a:20:a4:31:b8:16:49:25:69:e2:7e:
d9:b5:35:28:e0:5a:fd:96:68:be:15:03:19:03:c5:
e9:f1:35:ef:c1:2b:4e:63:38:05:f1:a1:cb:a1:1a:
e9:f8:6d:43:91:b5:2b:44:73:c4:27:8f:93:2a:9a:
a8:66:67:5e:37:e4:7f:42:4f:ad:74:b5:11:0d:e4:
29:12:38:2a:7c:05:1b:c2:85:73:f4:42:b9:f1:2c:
62:fa:b7:f4:00:4d:f2:c7:4b:f6:71:1d:80:a4:13:
b0:6c:47:b3:1a:ca:3a:66:cb:1e:b7:c9:bc:45:85:
bf:77:07:da:6d:f5:f9:ff:1c:a9:20:2c:d4:48:50:
97:9a:45:85:0d:50:24:79:78:d1:da:4b:52:27:64:
c1:b8:5a:40:e3:09:9b:0d:b9:c2:be:98:fb:f0:8f:
94:ba:43:89:ad:28:98:4c:e9:91:68:c0:05:c9:4c:
8f:62:95:45:96:89:ef:28:0e:c1:a9:b8:e4:4f:53:
85:69:12:d1:67:58:37:d1:26:65:63:c3:81:af:58:
8f:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:05:07:BC:5F:0A:E4:32:8F:A7:21:CC:52:4C:78:D7:57:10:AD:24
X509v3 Authority Key Identifier:
keyid:B1:55:DA:DD:B8:71:B9:D6:A5:3C:D6:B4:7F:77:62:50:83:7F:77:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVXa3bhxudalPNa0f3diUIN_d3Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/8fd6e7-496f-47cf-80fb-5468b2cf0a77/1/kwUHvF8K5DKPpyHMUkx411cQrSQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/8fd6e7-496f-47cf-80fb-5468b2cf0a77/1/sVXa3bhxudalPNa0f3diUIN_d3Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.150.0.0/16
31.184.0.0/18
31.187.112.0/20
37.138.0.0/16
62.89.160.0/19
80.66.0.0/19
80.228.0.0/16
82.149.160.0/19
85.8.64.0/18
85.16.0.0/16
87.245.0.0/18
89.166.128.0/17
89.233.64.0/19
90.153.0.0/17
91.96.0.0/15
91.248.0.0/15
92.252.0.0/17
95.33.0.0/16
178.142.0.0/16
188.118.128.0/18
212.6.64.0/18
212.68.64.0/19
212.95.96.0/19
213.168.192.0/19
213.170.160.0/19
213.182.96.0/19
213.183.160.0/19
213.252.128.0/18
IPv6:
2a00:1470::/32
2a01:ac00::/32
2a02:8020::/30
2a02:8200::/27
Signature Algorithm: sha256WithRSAEncryption
4a:c1:da:e7:0c:83:70:3e:34:41:cf:28:d9:52:c6:ad:13:d2:
51:db:40:8b:5d:4b:92:d5:ab:58:5b:3d:09:1f:77:07:fa:a1:
a1:b6:e9:c5:22:62:44:bc:12:73:68:29:25:77:79:41:00:ce:
1a:79:b0:2d:82:48:43:45:e8:bf:87:f3:a5:c3:8e:9e:6e:c2:
07:f0:7c:db:14:a7:c7:d7:49:78:3f:96:2f:36:a2:62:ab:66:
a5:48:7f:1a:77:45:31:68:b7:28:84:13:1c:1b:05:4b:38:cf:
1d:1c:0f:7f:f2:85:9b:be:ae:ed:9d:3c:b9:71:51:a2:28:c9:
fe:7d:e8:67:8a:38:7f:64:85:cd:d4:55:1a:f5:d6:4b:94:42:
bb:f2:79:49:78:9c:f6:10:46:07:77:fe:1c:3e:0a:27:28:c8:
d4:74:48:81:26:a7:b4:af:8a:11:9c:48:48:bf:af:3b:3f:0c:
b3:5c:83:a6:73:91:22:ea:95:92:31:cd:0f:98:be:03:5a:8f:
5e:08:4b:a8:f6:c6:a9:73:16:88:13:24:3b:01:d9:bf:61:78:
65:8d:3e:30:02:bc:bb:f8:cf:27:e2:79:a8:28:ed:9d:e2:13:
ff:cb:a0:3c:43:e3:8e:fe:fb:ec:10:58:f1:22:7f:1c:e2:8f:
97:b1:67:a5
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgISAZ7vV2xoD6PqBUT8OXhEvsmkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTVkYWRkYjg3MWI5ZDZhNTNjZDZiNDdmNzc2MjUwODM3
Zjc3NzQwHhcNMjYwNjIyMTIzOTA0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzA1MDdiYzVmMGFlNDMyOGZhNzIxY2M1MjRjNzhkNzU3MTBhZDI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyL+CVdbGEpTr9jgZdDkTONYZKWDV
LKSd0OufZGnjjJaTFK6owQwztTZYjvWFfAl7iiCkMbgWSSVp4n7ZtTUo4Fr9lmi+
FQMZA8Xp8TXvwStOYzgF8aHLoRrp+G1DkbUrRHPEJ4+TKpqoZmdeN+R/Qk+tdLUR
DeQpEjgqfAUbwoVz9EK58Sxi+rf0AE3yx0v2cR2ApBOwbEezGso6Zsset8m8RYW/
dwfabfX5/xypICzUSFCXmkWFDVAkeXjR2ktSJ2TBuFpA4wmbDbnCvpj78I+UukOJ
rSiYTOmRaMAFyUyPYpVFlonvKA7BqbjkT1OFaRLRZ1g30SZlY8OBr1iPWQIDAQAB
o4ICzDCCAsgwHQYDVR0OBBYEFJMFB7xfCuQyj6chzFJMeNdXEK0kMB8GA1UdIwQY
MBaAFLFV2t24cbnWpTzWtH93YlCDf3d0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZYYTNiaHh1ZGFsUE5hMGYzZGlVSU5fZDNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS84ZmQ2ZTctNDk2Zi00N2NmLTgwZmIt
NTQ2OGIyY2YwYTc3LzEva3dVSHZGOEs1REtQcHlITVVreDQxMWNRclNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS84ZmQ2ZTctNDk2Zi00N2NmLTgwZmItNTQ2OGIyY2YwYTc3
LzEvc1ZYYTNiaHh1ZGFsUE5hMGYzZGlVSU5fZDNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHhBggrBgEFBQcBBwEB/wSB0TCBzjCBpwQCAAEwgaADAwAf
lgMEBh+4AAMEBB+7cAMDACWKAwQFPlmgAwQFUEIAAwMAUOQDBAVSlaADBAZVCEAD
AwBVEAMEBlf1AAMEB1mmgAMEBVnpQAMEB1qZAAMDAVtgAwMBW/gDBAdc/AADAwBf
IQMDALKOAwQGvHaAAwQG1AZAAwQF1ERAAwQF1F9gAwQF1ajAAwQF1aqgAwQF1bZg
AwQF1begAwQG1fyAMCIEAgACMBwDBQAqABRwAwUAKgGsAAMFAioCgCADBQUqAoIA
MA0GCSqGSIb3DQEBCwUAA4IBAQBKwdrnDINwPjRBzyjZUsatE9JR20CLXUuS1atY
Wz0JH3cH+qGhtunFImJEvBJzaCkld3lBAM4aebAtgkhDRei/h/Olw46ebsIH8Hzb
FKfH10l4P5YvNqJiq2alSH8ad0UxaLcohBMcGwVLOM8dHA9/8oWbvq7tnTy5cVGi
KMn+fehnijh/ZIXN1FUa9dZLlEK78nlJeJz2EEYHd/4cPgonKMjUdEiBJqe0r4oR
nEhIv687PwyzXIOmc5Ei6pWSMc0PmL4DWo9eCEuo9sapcxaIEyQ7Adm/YXhljT4w
Ary7+M8n4nmoKO2d4hP/y6A8Q+OO/vvsEFjxIn8c4o+XsWel
-----END CERTIFICATE-----
Generated at Mon Jun 29 13:37:49 2026 by rpki-client