Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/df7944-2589-47cb-ab56-5358401fb796/1/8xA9g6st8q1ZO7p8fBgY7k3h940.roa
File: 8xA9g6st8q1ZO7p8fBgY7k3h940.roa (raw, json)
Hash identifier: es+n+A0JT354CmSRIsGHstM8RZuYiz9SAi6sT3RamMM=
Subject key identifier: F3:10:3D:83:AB:2D:F2:AD:59:3B:BA:7C:7C:18:18:EE:4D:E1:F7:8D
Certificate issuer: /CN=70bf553042f1a43827dc034500bbd1068a7297ca
Certificate serial: 019E82AE63FF446923056CE65CF9CF628143
Authority key identifier: 70:BF:55:30:42:F1:A4:38:27:DC:03:45:00:BB:D1:06:8A:72:97:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cL9VMELxpDgn3ANFALvRBopyl8o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/df7944-2589-47cb-ab56-5358401fb796/1/8xA9g6st8q1ZO7p8fBgY7k3h940.roa
Signing time: Mon 01 Jun 2026 10:15:27 +0000
ROA not before: Mon 01 Jun 2026 10:15:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 136787
IP address blocks: 186.247.46.0/24 maxlen: 24
186.247.75.0/24 maxlen: 24
186.247.76.0/24 maxlen: 24
186.247.77.0/24 maxlen: 24
186.247.79.0/24 maxlen: 24
186.247.160.0/24 maxlen: 24
186.247.161.0/24 maxlen: 24
186.247.162.0/24 maxlen: 24
186.247.164.0/24 maxlen: 24
186.247.165.0/24 maxlen: 24
186.247.166.0/24 maxlen: 24
186.247.167.0/24 maxlen: 24
186.247.168.0/24 maxlen: 24
186.247.171.0/24 maxlen: 24
186.247.179.0/24 maxlen: 24
186.247.180.0/24 maxlen: 24
186.247.183.0/24 maxlen: 24
186.247.188.0/24 maxlen: 24
187.13.3.0/24 maxlen: 24
187.13.4.0/24 maxlen: 24
187.13.17.0/24 maxlen: 24
187.13.20.0/24 maxlen: 24
187.13.22.0/24 maxlen: 24
187.13.23.0/24 maxlen: 24
187.13.24.0/24 maxlen: 24
187.13.25.0/24 maxlen: 24
187.13.27.0/24 maxlen: 24
187.13.29.0/24 maxlen: 24
187.13.128.0/24 maxlen: 24
187.13.130.0/24 maxlen: 24
187.13.131.0/24 maxlen: 24
187.13.134.0/24 maxlen: 24
187.13.135.0/24 maxlen: 24
187.13.136.0/24 maxlen: 24
187.13.137.0/24 maxlen: 24
187.13.138.0/24 maxlen: 24
187.13.139.0/24 maxlen: 24
187.13.140.0/24 maxlen: 24
187.13.141.0/24 maxlen: 24
187.13.142.0/24 maxlen: 24
187.13.143.0/24 maxlen: 24
187.13.176.0/24 maxlen: 24
187.13.179.0/24 maxlen: 24
187.13.180.0/24 maxlen: 24
187.13.187.0/24 maxlen: 24
187.13.188.0/24 maxlen: 24
187.13.191.0/24 maxlen: 24
187.13.192.0/24 maxlen: 24
187.13.193.0/24 maxlen: 24
187.13.194.0/24 maxlen: 24
187.13.211.0/24 maxlen: 24
187.13.212.0/24 maxlen: 24
187.13.217.0/24 maxlen: 24
187.13.218.0/24 maxlen: 24
187.13.241.0/24 maxlen: 24
187.13.242.0/24 maxlen: 24
187.13.251.0/24 maxlen: 24
187.14.48.0/24 maxlen: 24
187.14.49.0/24 maxlen: 24
187.14.50.0/24 maxlen: 24
187.14.51.0/24 maxlen: 24
187.14.53.0/24 maxlen: 24
187.14.54.0/24 maxlen: 24
187.14.96.0/24 maxlen: 24
187.14.97.0/24 maxlen: 24
187.14.98.0/24 maxlen: 24
187.14.110.0/24 maxlen: 24
187.14.111.0/24 maxlen: 24
187.14.112.0/24 maxlen: 24
187.14.113.0/24 maxlen: 24
187.14.124.0/24 maxlen: 24
187.14.125.0/24 maxlen: 24
187.14.126.0/24 maxlen: 24
187.14.226.0/24 maxlen: 24
187.14.229.0/24 maxlen: 24
187.14.236.0/24 maxlen: 24
187.14.242.0/24 maxlen: 24
187.14.243.0/24 maxlen: 24
187.14.246.0/24 maxlen: 24
187.14.247.0/24 maxlen: 24
187.15.104.0/24 maxlen: 24
187.15.106.0/24 maxlen: 24
187.15.109.0/24 maxlen: 24
187.15.111.0/24 maxlen: 24
187.15.113.0/24 maxlen: 24
187.15.114.0/24 maxlen: 24
187.15.115.0/24 maxlen: 24
187.15.120.0/24 maxlen: 24
187.15.130.0/24 maxlen: 24
187.15.137.0/24 maxlen: 24
187.15.138.0/24 maxlen: 24
187.15.145.0/24 maxlen: 24
187.15.158.0/24 maxlen: 24
187.15.163.0/24 maxlen: 24
187.15.164.0/24 maxlen: 24
187.15.165.0/24 maxlen: 24
187.15.169.0/24 maxlen: 24
187.15.172.0/24 maxlen: 24
187.15.173.0/24 maxlen: 24
187.40.37.0/24 maxlen: 24
187.40.38.0/24 maxlen: 24
187.40.40.0/24 maxlen: 24
187.40.41.0/24 maxlen: 24
187.40.42.0/24 maxlen: 24
187.40.43.0/24 maxlen: 24
187.40.44.0/24 maxlen: 24
187.40.47.0/24 maxlen: 24
187.40.48.0/24 maxlen: 24
187.40.230.0/24 maxlen: 24
187.40.244.0/24 maxlen: 24
187.40.248.0/24 maxlen: 24
187.40.249.0/24 maxlen: 24
187.40.250.0/24 maxlen: 24
187.40.251.0/24 maxlen: 24
187.40.252.0/24 maxlen: 24
187.40.253.0/24 maxlen: 24
187.40.254.0/24 maxlen: 24
187.40.255.0/24 maxlen: 24
2a13:240:8000::/40 maxlen: 40
2a13:240:8888::/48 maxlen: 48
2a13:240:9999::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/df7944-2589-47cb-ab56-5358401fb796/1/cL9VMELxpDgn3ANFALvRBopyl8o.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/df7944-2589-47cb-ab56-5358401fb796/1/cL9VMELxpDgn3ANFALvRBopyl8o.mft
rsync://rpki.ripe.net/repository/DEFAULT/cL9VMELxpDgn3ANFALvRBopyl8o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 15:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:82:ae:63:ff:44:69:23:05:6c:e6:5c:f9:cf:62:81:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70bf553042f1a43827dc034500bbd1068a7297ca
Validity
Not Before: Jun 1 10:15:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f3103d83ab2df2ad593bba7c7c1818ee4de1f78d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:22:6b:a0:29:a6:8f:e9:a8:a5:08:4a:4e:53:
41:e5:d3:ea:bb:49:54:74:3c:84:90:d8:2b:d3:2c:
10:fb:77:d2:f2:bc:2b:46:34:78:68:b5:ab:59:ad:
b2:05:0a:2e:63:a1:f6:66:a3:12:4d:e1:dd:af:2d:
67:93:24:d9:b6:db:e3:08:21:a2:aa:d9:43:41:04:
2e:55:e3:24:fd:f5:47:13:1f:5d:18:15:4f:97:c4:
90:07:bf:06:0a:7d:3c:9c:21:ce:b2:13:e2:41:33:
ef:0a:77:9b:41:dc:77:34:7c:b4:54:f5:6f:b2:97:
e9:6c:49:23:f8:eb:bc:ed:17:e4:e6:77:32:93:5c:
d5:56:4b:0b:56:61:e4:31:49:ac:30:3c:3a:19:c8:
8b:57:8e:7b:3c:cf:83:3c:df:eb:7d:04:c4:00:75:
04:12:f0:8b:5e:b7:ae:86:9d:01:04:71:27:32:72:
f6:68:55:a3:80:16:a8:28:55:3e:3f:97:e0:fd:bf:
51:44:be:53:ec:e9:b1:ee:17:b1:d4:0b:e3:b1:06:
2b:c9:3c:60:07:2b:c6:19:20:0a:30:bd:46:b2:59:
5d:ee:82:98:69:f4:24:36:fb:d7:25:15:80:00:b9:
ef:ba:d0:68:9d:95:93:3e:49:49:34:39:7c:8c:47:
c3:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:10:3D:83:AB:2D:F2:AD:59:3B:BA:7C:7C:18:18:EE:4D:E1:F7:8D
X509v3 Authority Key Identifier:
keyid:70:BF:55:30:42:F1:A4:38:27:DC:03:45:00:BB:D1:06:8A:72:97:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cL9VMELxpDgn3ANFALvRBopyl8o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/df7944-2589-47cb-ab56-5358401fb796/1/8xA9g6st8q1ZO7p8fBgY7k3h940.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/df7944-2589-47cb-ab56-5358401fb796/1/cL9VMELxpDgn3ANFALvRBopyl8o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
186.247.46.0/24
186.247.75.0-186.247.77.255
186.247.79.0/24
186.247.160.0-186.247.162.255
186.247.164.0-186.247.168.255
186.247.171.0/24
186.247.179.0-186.247.180.255
186.247.183.0/24
186.247.188.0/24
187.13.3.0-187.13.4.255
187.13.17.0/24
187.13.20.0/24
187.13.22.0-187.13.25.255
187.13.27.0/24
187.13.29.0/24
187.13.128.0/24
187.13.130.0/23
187.13.134.0-187.13.143.255
187.13.176.0/24
187.13.179.0-187.13.180.255
187.13.187.0-187.13.188.255
187.13.191.0-187.13.194.255
187.13.211.0-187.13.212.255
187.13.217.0-187.13.218.255
187.13.241.0-187.13.242.255
187.13.251.0/24
187.14.48.0/22
187.14.53.0-187.14.54.255
187.14.96.0-187.14.98.255
187.14.110.0-187.14.113.255
187.14.124.0-187.14.126.255
187.14.226.0/24
187.14.229.0/24
187.14.236.0/24
187.14.242.0/23
187.14.246.0/23
187.15.104.0/24
187.15.106.0/24
187.15.109.0/24
187.15.111.0/24
187.15.113.0-187.15.115.255
187.15.120.0/24
187.15.130.0/24
187.15.137.0-187.15.138.255
187.15.145.0/24
187.15.158.0/24
187.15.163.0-187.15.165.255
187.15.169.0/24
187.15.172.0/23
187.40.37.0-187.40.38.255
187.40.40.0-187.40.44.255
187.40.47.0-187.40.48.255
187.40.230.0/24
187.40.244.0/24
187.40.248.0/21
IPv6:
2a13:240:8000::/40
2a13:240:8888::/48
2a13:240:9999::/48
Signature Algorithm: sha256WithRSAEncryption
42:e0:8d:8a:a9:82:18:7e:6f:90:4f:e3:2c:3c:5e:3a:d5:e0:
fb:c4:85:40:a6:05:7b:71:de:b0:86:05:68:dd:a9:27:b3:5d:
fd:f1:b3:6a:47:9d:85:9d:78:05:9d:e9:7c:23:45:ec:1f:eb:
76:f9:39:79:9d:86:64:6c:d8:f3:c2:2b:c2:c1:12:08:67:55:
3e:95:3c:1b:d6:ab:71:f3:44:c2:09:16:96:1f:40:5e:1f:5e:
1d:83:05:65:9e:f7:87:6c:4c:4e:17:db:b6:b2:51:cd:9b:58:
9e:6f:ae:61:35:6f:91:de:aa:44:62:40:61:96:a9:42:ac:e2:
5f:15:45:97:71:6b:84:9c:51:b2:c7:c4:6e:83:5f:3f:e3:ef:
b6:a2:6d:96:37:03:8b:da:e3:5c:1e:80:4c:d7:9d:ce:e3:b7:
ff:d1:92:c1:a7:d8:f5:bf:ee:67:df:04:ab:88:3d:eb:26:fd:
71:d1:5d:9d:8b:53:3f:8e:41:49:5c:5d:26:d3:26:7c:c8:44:
66:f8:8c:6a:e7:83:d1:44:39:d6:5c:de:bc:92:46:67:b4:c9:
88:a0:48:72:4a:fc:ce:b7:93:39:49:5b:91:b6:27:d4:18:64:
1a:79:da:76:7a:1b:0a:e3:a9:90:82:61:c2:a2:be:96:6c:14:
eb:4c:7e:09
-----BEGIN CERTIFICATE-----
MIIHJTCCBg2gAwIBAgISAZ6CrmP/RGkjBWzmXPnPYoFDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwYmY1NTMwNDJmMWE0MzgyN2RjMDM0NTAwYmJkMTA2OGE3
Mjk3Y2EwHhcNMjYwNjAxMTAxNTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzEwM2Q4M2FiMmRmMmFkNTkzYmJhN2M3YzE4MThlZTRkZTFmNzhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6SJroCmmj+mopQhKTlNB5dPqu0lU
dDyEkNgr0ywQ+3fS8rwrRjR4aLWrWa2yBQouY6H2ZqMSTeHdry1nkyTZttvjCCGi
qtlDQQQuVeMk/fVHEx9dGBVPl8SQB78GCn08nCHOshPiQTPvCnebQdx3NHy0VPVv
spfpbEkj+Ou87Rfk5ncyk1zVVksLVmHkMUmsMDw6GciLV457PM+DPN/rfQTEAHUE
EvCLXreuhp0BBHEnMnL2aFWjgBaoKFU+P5fg/b9RRL5T7Omx7hex1AvjsQYryTxg
ByvGGSAKML1Gslld7oKYafQkNvvXJRWAALnvutBonZWTPklJNDl8jEfDEQIDAQAB
o4IEMTCCBC0wHQYDVR0OBBYEFPMQPYOrLfKtWTu6fHwYGO5N4feNMB8GA1UdIwQY
MBaAFHC/VTBC8aQ4J9wDRQC70QaKcpfKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0w5Vk1FTHhwRGduM0FORkFMdlJCb3B5bDhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9kZjc5NDQtMjU4OS00N2NiLWFiNTYt
NTM1ODQwMWZiNzk2LzEvOHhBOWc2c3Q4cTFaTzdwOGZCZ1k3azNoOTQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9kZjc5NDQtMjU4OS00N2NiLWFiNTYtNTM1ODQwMWZiNzk2
LzEvY0w5Vk1FTHhwRGduM0FORkFMdlJCb3B5bDhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICRQYIKwYBBQUHAQcBAf8EggI0MIICMDCCAgoEAgABMIIC
AgMEALr3LjAMAwQAuvdLAwQBuvdMAwQAuvdPMAwDBAW696ADBAC696IwDAMEArr3
pAMEALr3qAMEALr3qzAMAwQAuvezAwQAuve0AwQAuve3AwQAuve8MAwDBAC7DQMD
BAC7DQQDBAC7DREDBAC7DRQwDAMEAbsNFgMEAbsNGAMEALsNGwMEALsNHQMEALsN
gAMEAbsNgjAMAwQBuw2GAwQEuw2AAwQAuw2wMAwDBAC7DbMDBAC7DbQwDAMEALsN
uwMEALsNvDAMAwQAuw2/AwQAuw3CMAwDBAC7DdMDBAC7DdQwDAMEALsN2QMEALsN
2jAMAwQAuw3xAwQAuw3yAwQAuw37AwQCuw4wMAwDBAC7DjUDBAC7DjYwDAMEBbsO
YAMEALsOYjAMAwQBuw5uAwQBuw5wMAwDBAK7DnwDBAC7Dn4DBAC7DuIDBAC7DuUD
BAC7DuwDBAG7DvIDBAG7DvYDBAC7D2gDBAC7D2oDBAC7D20DBAC7D28wDAMEALsP
cQMEArsPcAMEALsPeAMEALsPgjAMAwQAuw+JAwQAuw+KAwQAuw+RAwQAuw+eMAwD
BAC7D6MDBAG7D6QDBAC7D6kDBAG7D6wwDAMEALsoJQMEALsoJjAMAwQDuygoAwQA
uygsMAwDBAC7KC8DBAC7KDADBAC7KOYDBAC7KPQDBAO7KPgwIAQCAAIwGgMGACoT
AkCAAwcAKhMCQIiIAwcAKhMCQJmZMA0GCSqGSIb3DQEBCwUAA4IBAQBC4I2KqYIY
fm+QT+MsPF461eD7xIVApgV7cd6whgVo3akns1398bNqR52FnXgFnel8I0XsH+t2
+Tl5nYZkbNjzwivCwRIIZ1U+lTwb1qtx80TCCRaWH0BeH14dgwVlnveHbExOF9u2
slHNm1ieb65hNW+R3qpEYkBhlqlCrOJfFUWXcWuEnFGyx8Rug18/4++2om2WNwOL
2uNcHoBM153O47f/0ZLBp9j1v+5n3wSriD3rJv1x0V2di1M/jkFJXF0m0yZ8yERm
+Ixq54PRRDnWXN68kkZntMmIoEhySvzOt5M5SVuRtifUGGQaedp2ehsK46mQgmHC
or6WbBTrTH4J
-----END CERTIFICATE-----
Generated at Thu Jun 11 23:49:18 2026 by rpki-client