Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/df7944-2589-47cb-ab56-5358401fb796/1/kKLGgE3fyTVxx91dU2mQiyqGm10.roa
File: kKLGgE3fyTVxx91dU2mQiyqGm10.roa (raw, json)
Hash identifier: ZqNmuP4152Y5l4OYoFJ5inMC8KhvOltpWeQnsy5c5So=
Subject key identifier: 90:A2:C6:80:4D:DF:C9:35:71:C7:DD:5D:53:69:90:8B:2A:86:9B:5D
Certificate issuer: /CN=70bf553042f1a43827dc034500bbd1068a7297ca
Certificate serial: 019E8277767853C702B53ED77138A5CA4EF7
Authority key identifier: 70:BF:55:30:42:F1:A4:38:27:DC:03:45:00:BB:D1:06:8A:72:97:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cL9VMELxpDgn3ANFALvRBopyl8o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/df7944-2589-47cb-ab56-5358401fb796/1/kKLGgE3fyTVxx91dU2mQiyqGm10.roa
Signing time: Mon 01 Jun 2026 09:15:27 +0000
ROA not before: Mon 01 Jun 2026 09:15:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 207137
IP address blocks: 185.135.45.0/24 maxlen: 24
186.247.163.0/24 maxlen: 24
186.247.191.0/24 maxlen: 24
187.13.0.0/24 maxlen: 24
187.13.1.0/24 maxlen: 24
187.13.7.0/24 maxlen: 24
187.13.8.0/24 maxlen: 24
187.13.9.0/24 maxlen: 24
187.13.132.0/24 maxlen: 24
187.13.133.0/24 maxlen: 24
187.13.184.0/24 maxlen: 24
187.13.185.0/24 maxlen: 24
187.14.81.0/24 maxlen: 24
187.14.82.0/24 maxlen: 24
187.14.83.0/24 maxlen: 24
187.14.84.0/24 maxlen: 24
187.14.85.0/24 maxlen: 24
187.14.99.0/24 maxlen: 24
187.14.100.0/24 maxlen: 24
187.14.101.0/24 maxlen: 24
187.15.123.0/24 maxlen: 24
187.15.126.0/24 maxlen: 24
187.40.49.0/24 maxlen: 24
187.40.53.0/24 maxlen: 24
187.40.54.0/24 maxlen: 24
187.40.55.0/24 maxlen: 24
187.40.56.0/24 maxlen: 24
187.40.57.0/24 maxlen: 24
187.40.58.0/24 maxlen: 24
187.40.61.0/24 maxlen: 24
187.40.62.0/24 maxlen: 24
187.40.63.0/24 maxlen: 24
2a13:240::/48 maxlen: 48
2a13:240:1::/48 maxlen: 48
2a13:240:2::/48 maxlen: 48
2a13:240:3::/48 maxlen: 48
2a13:240:4::/48 maxlen: 48
2a13:240:5::/48 maxlen: 48
2a13:240:6::/48 maxlen: 48
2a13:240:7::/48 maxlen: 48
2a13:240:8::/48 maxlen: 48
2a13:240:9::/48 maxlen: 48
2a13:240:a::/48 maxlen: 48
2a13:240:b::/48 maxlen: 48
2a13:240:c::/48 maxlen: 48
2a13:240:d::/48 maxlen: 48
2a13:240:e::/48 maxlen: 48
2a13:240:f::/48 maxlen: 48
2a13:240:10::/48 maxlen: 48
2a13:240:4200::/40 maxlen: 40
2a13:240:4300::/40 maxlen: 40
2a13:240:4400::/40 maxlen: 40
2a13:240:4500::/40 maxlen: 40
2a13:240:4600::/40 maxlen: 40
2a13:240:4700::/40 maxlen: 40
2a13:240:4800::/40 maxlen: 40
2a13:240:4900::/40 maxlen: 40
2a13:240:4a00::/40 maxlen: 40
2a13:240:4b00::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/df7944-2589-47cb-ab56-5358401fb796/1/cL9VMELxpDgn3ANFALvRBopyl8o.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/df7944-2589-47cb-ab56-5358401fb796/1/cL9VMELxpDgn3ANFALvRBopyl8o.mft
rsync://rpki.ripe.net/repository/DEFAULT/cL9VMELxpDgn3ANFALvRBopyl8o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 20:26:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:82:77:76:78:53:c7:02:b5:3e:d7:71:38:a5:ca:4e:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70bf553042f1a43827dc034500bbd1068a7297ca
Validity
Not Before: Jun 1 09:15:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=90a2c6804ddfc93571c7dd5d5369908b2a869b5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:b5:ec:d2:34:cf:33:b3:5b:12:21:f2:53:ef:
91:7d:c4:8d:c7:30:e5:c8:da:7f:4d:3c:98:5a:a3:
a7:d6:36:ef:3c:c7:1f:7e:07:1c:39:3b:92:8a:3f:
a5:07:88:c2:da:c0:6e:4f:65:9c:83:13:67:11:a0:
95:6e:4b:e4:64:b2:4f:ba:f1:9f:8a:f5:ff:16:4a:
55:28:f4:c3:2b:74:5f:f8:c0:de:18:c1:fa:5b:c6:
98:52:87:cb:4b:93:5e:f3:3c:46:d7:63:d3:c7:aa:
ee:e5:86:f5:c0:76:b0:61:0a:e4:e2:d0:0c:9d:13:
09:00:8a:07:ae:97:60:e7:c3:2c:57:86:c1:76:85:
cf:30:32:ce:02:0c:e2:25:a5:8a:cc:0e:88:d2:67:
c0:6e:d2:f0:62:14:33:b9:cc:67:4a:6d:2d:84:d5:
82:53:50:b7:ef:dd:43:ad:34:ec:7f:2a:54:30:1f:
a3:18:ea:d3:46:51:0e:26:7d:7c:89:bf:d3:d3:2a:
1a:a7:3e:23:63:25:ec:d4:b4:7f:6e:f6:eb:8d:01:
17:4f:31:f4:16:b9:e6:78:dc:7a:63:60:fd:58:7d:
b0:f8:d6:f4:d6:0d:9f:e6:fe:e8:3a:53:37:06:7d:
39:52:9b:2c:04:84:51:17:0b:c6:3d:32:de:a4:c4:
92:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:A2:C6:80:4D:DF:C9:35:71:C7:DD:5D:53:69:90:8B:2A:86:9B:5D
X509v3 Authority Key Identifier:
keyid:70:BF:55:30:42:F1:A4:38:27:DC:03:45:00:BB:D1:06:8A:72:97:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cL9VMELxpDgn3ANFALvRBopyl8o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/df7944-2589-47cb-ab56-5358401fb796/1/kKLGgE3fyTVxx91dU2mQiyqGm10.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/df7944-2589-47cb-ab56-5358401fb796/1/cL9VMELxpDgn3ANFALvRBopyl8o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.135.45.0/24
186.247.163.0/24
186.247.191.0/24
187.13.0.0/23
187.13.7.0-187.13.9.255
187.13.132.0/23
187.13.184.0/23
187.14.81.0-187.14.85.255
187.14.99.0-187.14.101.255
187.15.123.0/24
187.15.126.0/24
187.40.49.0/24
187.40.53.0-187.40.58.255
187.40.61.0-187.40.63.255
IPv6:
2a13:240::-2a13:240:10:ffff:ffff:ffff:ffff:ffff
2a13:240:4200::-2a13:240:4bff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
da:a9:3e:90:f5:fd:84:ab:c8:00:16:87:db:25:50:19:33:0c:
4d:62:4b:23:c6:58:30:9a:03:4a:74:c5:fe:9a:5d:4d:5f:d1:
81:a6:13:eb:9c:d0:bb:97:cd:06:02:ae:9c:e3:1a:cf:23:f6:
1b:3a:20:e0:6b:13:35:2c:05:ea:d7:dd:03:3f:57:1b:c8:b8:
92:f1:45:9e:0e:8b:e0:9d:5d:fd:08:92:9d:f8:57:02:f0:f6:
9d:04:e5:87:35:a2:b5:b7:f9:63:bd:bb:04:1b:7e:de:7a:85:
9b:7e:6d:e8:70:cb:a7:6a:04:57:12:76:80:7e:f2:2b:da:2a:
33:21:c6:e6:71:55:53:3b:cd:c2:62:ec:3f:8a:eb:2f:eb:8c:
1a:1c:82:e0:9d:2f:97:b9:c3:d0:e4:fd:7d:8a:64:7b:bc:85:
5c:8e:27:be:e7:56:4e:43:e4:b1:2a:2a:72:6a:3b:ad:e4:fb:
6f:0f:bc:2e:75:3e:ac:17:3a:45:5e:ae:f7:02:20:a2:12:85:
65:2d:79:b4:85:f9:5d:53:d9:c9:51:9b:c1:9d:a0:2d:6b:fb:
10:fd:04:3f:8c:51:de:75:0e:a6:df:3b:ea:f5:35:16:f1:de:
c0:20:37:f3:11:44:40:96:a6:f9:b8:4b:85:40:09:db:89:20:
63:11:0c:3f
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZ6Cd3Z4U8cCtT7XcTilyk73MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwYmY1NTMwNDJmMWE0MzgyN2RjMDM0NTAwYmJkMTA2OGE3
Mjk3Y2EwHhcNMjYwNjAxMDkxNTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGEyYzY4MDRkZGZjOTM1NzFjN2RkNWQ1MzY5OTA4YjJhODY5YjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3rXs0jTPM7NbEiHyU++RfcSNxzDl
yNp/TTyYWqOn1jbvPMcffgccOTuSij+lB4jC2sBuT2WcgxNnEaCVbkvkZLJPuvGf
ivX/FkpVKPTDK3Rf+MDeGMH6W8aYUofLS5Ne8zxG12PTx6ru5Yb1wHawYQrk4tAM
nRMJAIoHrpdg58MsV4bBdoXPMDLOAgziJaWKzA6I0mfAbtLwYhQzucxnSm0thNWC
U1C3791DrTTsfypUMB+jGOrTRlEOJn18ib/T0yoapz4jYyXs1LR/bvbrjQEXTzH0
FrnmeNx6Y2D9WH2w+Nb01g2f5v7oOlM3Bn05UpssBIRRFwvGPTLepMSSrwIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFJCixoBN38k1ccfdXVNpkIsqhptdMB8GA1UdIwQY
MBaAFHC/VTBC8aQ4J9wDRQC70QaKcpfKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0w5Vk1FTHhwRGduM0FORkFMdlJCb3B5bDhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9kZjc5NDQtMjU4OS00N2NiLWFiNTYt
NTM1ODQwMWZiNzk2LzEva0tMR2dFM2Z5VFZ4eDkxZFUybVFpeXFHbTEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9kZjc5NDQtMjU4OS00N2NiLWFiNTYtNTM1ODQwMWZiNzk2
LzEvY0w5Vk1FTHhwRGduM0FORkFMdlJCb3B5bDhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHEBggrBgEFBQcBBwEB/wSBtDCBsTCBggQCAAEwfAMEALmH
LQMEALr3owMEALr3vwMEAbsNADAMAwQAuw0HAwQBuw0IAwQBuw2EAwQBuw24MAwD
BAC7DlEDBAG7DlQwDAMEALsOYwMEAbsOZAMEALsPewMEALsPfgMEALsoMTAMAwQA
uyg1AwQAuyg6MAwDBAC7KD0DBAa7KAAwKgQCAAIwJDAQAwUGKhMCQAMHACoTAkAA
EDAQAwYBKhMCQEIDBgIqEwJASDANBgkqhkiG9w0BAQsFAAOCAQEA2qk+kPX9hKvI
ABaH2yVQGTMMTWJLI8ZYMJoDSnTF/ppdTV/RgaYT65zQu5fNBgKunOMazyP2Gzog
4GsTNSwF6tfdAz9XG8i4kvFFng6L4J1d/QiSnfhXAvD2nQTlhzWitbf5Y727BBt+
3nqFm35t6HDLp2oEVxJ2gH7yK9oqMyHG5nFVUzvNwmLsP4rrL+uMGhyC4J0vl7nD
0OT9fYpke7yFXI4nvudWTkPksSoqcmo7reT7bw+8LnU+rBc6RV6u9wIgohKFZS15
tIX5XVPZyVGbwZ2gLWv7EP0EP4xR3nUOpt876vU1FvHewCA38xFEQJam+bhLhUAJ
24kgYxEMPw==
-----END CERTIFICATE-----
Generated at Fri Jun 12 03:36:09 2026 by rpki-client