Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/c27fa6-b2b0-4dcb-a899-1030cdbe6bd4/1/KjPW_UmYIXSdNHqdseZl-NM7DDA.roa
File: KjPW_UmYIXSdNHqdseZl-NM7DDA.roa (raw, json)
Hash identifier: m7WeXlGnoRBcKg0EX7B3sn9WI45zdfZvUjQohB/JWSo=
Subject key identifier: 2A:33:D6:FD:49:98:21:74:9D:34:7A:9D:B1:E6:65:F8:D3:3B:0C:30
Certificate issuer: /CN=43015654082578c4946cd27be1e89a3dd7562fa4
Certificate serial: 019E6952617004E448B98E7B5294E9FB7CF4
Authority key identifier: 43:01:56:54:08:25:78:C4:94:6C:D2:7B:E1:E8:9A:3D:D7:56:2F:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwFWVAgleMSUbNJ74eiaPddWL6Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/c27fa6-b2b0-4dcb-a899-1030cdbe6bd4/1/KjPW_UmYIXSdNHqdseZl-NM7DDA.roa
Signing time: Wed 27 May 2026 12:04:26 +0000
ROA not before: Wed 27 May 2026 12:04:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 8315
IP address blocks: 5.100.224.0/21 maxlen: 24
79.99.184.0/21 maxlen: 24
83.98.128.0/19 maxlen: 24
83.98.166.0/23 maxlen: 24
83.98.168.0/21 maxlen: 24
83.98.176.0/20 maxlen: 24
83.98.200.0/22 maxlen: 24
83.98.208.0/20 maxlen: 24
85.92.128.0/19 maxlen: 24
85.92.128.0/20 maxlen: 24
85.92.144.0/22 maxlen: 24
85.158.160.0/21 maxlen: 24
85.222.192.0/21 maxlen: 24
89.18.160.0/22 maxlen: 24
89.18.168.0/21 maxlen: 24
89.18.180.0/22 maxlen: 24
89.30.128.0/18 maxlen: 24
89.30.192.0/19 maxlen: 24
89.30.208.0/20 maxlen: 24
89.30.224.0/21 maxlen: 24
91.200.48.0/23 maxlen: 24
91.200.51.0/24 maxlen: 24
91.216.113.0/24 maxlen: 24
91.216.141.0/24 maxlen: 24
93.175.176.0/20 maxlen: 24
94.198.24.0/21 maxlen: 24
134.0.88.0/21 maxlen: 24
162.248.196.0/22 maxlen: 24
162.251.32.0/21 maxlen: 24
176.62.192.0/21 maxlen: 24
178.251.192.0/21 maxlen: 24
185.12.132.0/22 maxlen: 24
185.30.236.0/22 maxlen: 24
185.38.156.0/22 maxlen: 24
185.74.76.0/24 maxlen: 24
185.74.77.0/24 maxlen: 24
185.77.120.0/22 maxlen: 24
185.113.52.0/22 maxlen: 24
185.113.196.0/22 maxlen: 24
185.113.224.0/22 maxlen: 24
185.116.72.0/22 maxlen: 24
193.34.150.0/23 maxlen: 24
194.105.128.0/23 maxlen: 24
194.165.34.0/24 maxlen: 24
195.234.173.0/24 maxlen: 24
213.171.128.0/19 maxlen: 24
213.171.144.0/20 maxlen: 24
213.189.0.0/21 maxlen: 24
213.189.16.0/20 maxlen: 24
213.214.96.0/19 maxlen: 24
213.247.32.0/19 maxlen: 24
217.195.112.0/20 maxlen: 24
2001:16f8::/32 maxlen: 48
2a00:1bd8::/32 maxlen: 48
2a01:40e0::/32 maxlen: 48
2a02:20b0::/32 maxlen: 32
2a02:20b1::/32 maxlen: 32
2a02:2858::/29 maxlen: 48
2a02:2858:200::/40 maxlen: 40
2a02:2858:300::/40 maxlen: 40
2a02:2858:400::/40 maxlen: 40
2a02:2858:500::/40 maxlen: 40
2a03:5500::/31 maxlen: 48
2a0d:5040::/29 maxlen: 29
2a0d:5040::/32 maxlen: 32
2a0d:5041::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/c27fa6-b2b0-4dcb-a899-1030cdbe6bd4/1/QwFWVAgleMSUbNJ74eiaPddWL6Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/c27fa6-b2b0-4dcb-a899-1030cdbe6bd4/1/QwFWVAgleMSUbNJ74eiaPddWL6Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/QwFWVAgleMSUbNJ74eiaPddWL6Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 20:26:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:69:52:61:70:04:e4:48:b9:8e:7b:52:94:e9:fb:7c:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43015654082578c4946cd27be1e89a3dd7562fa4
Validity
Not Before: May 27 12:04:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2a33d6fd499821749d347a9db1e665f8d33b0c30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:50:e1:0d:c7:c1:b6:72:d1:71:3d:ef:aa:af:
dd:f9:bb:4b:ea:ca:3b:fd:09:d0:52:3d:4e:d9:56:
fd:94:37:64:b9:5c:2e:6e:65:d0:a8:0e:fc:62:dd:
1b:e3:aa:4a:78:74:d3:fc:b2:c8:57:1e:7d:d9:39:
f6:24:11:9c:9a:99:c4:4f:89:dd:84:18:65:72:59:
40:1c:29:57:3b:ce:55:1d:f5:81:4b:9b:87:34:3d:
d5:e9:5e:35:fd:02:a0:d1:1c:27:07:27:c2:4c:24:
d8:c8:f6:57:b1:36:39:51:98:ce:1f:f4:c1:cf:91:
21:1c:9c:80:7a:c3:64:a1:22:77:f3:2a:21:d4:5e:
8d:eb:99:18:32:5c:c2:63:99:3f:98:08:94:5b:df:
c3:cd:ad:05:34:7b:ce:a2:15:a5:b4:b8:ba:87:79:
bc:dc:e7:f6:a0:21:19:6a:43:3c:7a:cf:d1:e0:43:
70:cc:b8:28:d7:d5:5d:99:07:bf:bf:d2:5d:1e:27:
8e:48:15:90:fa:1c:6b:2e:1e:07:6f:34:77:5f:95:
eb:cf:06:6c:07:86:02:d3:a2:5c:ff:d8:d1:d2:e3:
28:23:93:36:6d:ac:ca:9a:91:d7:97:37:ce:1b:93:
3d:0f:f0:73:f0:9b:fc:1c:2f:7f:4c:71:ef:17:39:
ff:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:33:D6:FD:49:98:21:74:9D:34:7A:9D:B1:E6:65:F8:D3:3B:0C:30
X509v3 Authority Key Identifier:
keyid:43:01:56:54:08:25:78:C4:94:6C:D2:7B:E1:E8:9A:3D:D7:56:2F:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwFWVAgleMSUbNJ74eiaPddWL6Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/c27fa6-b2b0-4dcb-a899-1030cdbe6bd4/1/KjPW_UmYIXSdNHqdseZl-NM7DDA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/c27fa6-b2b0-4dcb-a899-1030cdbe6bd4/1/QwFWVAgleMSUbNJ74eiaPddWL6Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.100.224.0/21
79.99.184.0/21
83.98.128.0/19
83.98.166.0-83.98.191.255
83.98.200.0/22
83.98.208.0/20
85.92.128.0/19
85.158.160.0/21
85.222.192.0/21
89.18.160.0/22
89.18.168.0/21
89.18.180.0/22
89.30.128.0-89.30.231.255
91.200.48.0/23
91.200.51.0/24
91.216.113.0/24
91.216.141.0/24
93.175.176.0/20
94.198.24.0/21
134.0.88.0/21
162.248.196.0/22
162.251.32.0/21
176.62.192.0/21
178.251.192.0/21
185.12.132.0/22
185.30.236.0/22
185.38.156.0/22
185.74.76.0/23
185.77.120.0/22
185.113.52.0/22
185.113.196.0/22
185.113.224.0/22
185.116.72.0/22
193.34.150.0/23
194.105.128.0/23
194.165.34.0/24
195.234.173.0/24
213.171.128.0/19
213.189.0.0/21
213.189.16.0/20
213.214.96.0/19
213.247.32.0/19
217.195.112.0/20
IPv6:
2001:16f8::/32
2a00:1bd8::/32
2a01:40e0::/32
2a02:20b0::/31
2a02:2858::/29
2a03:5500::/31
2a0d:5040::/29
Signature Algorithm: sha256WithRSAEncryption
19:02:e3:88:8b:e8:c2:2e:a3:86:a5:38:e3:31:ed:01:40:fe:
16:e4:e7:2c:21:a0:1b:08:ee:ff:81:b4:64:03:d6:e8:b7:80:
a4:73:88:e0:a5:76:1d:5c:85:05:40:9d:15:e9:13:fb:fa:d3:
9e:fe:51:e1:1e:b8:01:13:25:ef:9e:cd:6d:c6:11:bc:7d:23:
51:aa:ee:d9:5f:d5:31:fc:47:2b:6c:94:16:07:cc:4a:33:17:
e9:2c:98:7c:b2:1e:fa:d3:f4:d3:6f:8e:9a:af:6a:90:76:2f:
3a:6b:1d:c5:15:74:a7:e7:28:91:a9:50:38:e6:df:6a:92:4c:
f8:e9:cc:d8:01:62:ea:01:ed:10:c1:b8:53:da:c0:94:05:6f:
e7:37:4d:2a:92:e7:e9:eb:ae:75:43:bd:3f:86:6d:14:bc:78:
aa:1c:d1:a4:4c:d4:1f:95:65:cb:0f:90:33:6c:be:f5:0b:32:
c4:4a:9f:11:6c:d1:67:12:5e:62:5c:58:77:86:7d:8e:7a:41:
47:4f:4d:08:ce:94:0a:b5:8d:7b:ca:61:e4:27:83:12:f2:9e:
34:2a:74:52:99:af:69:12:df:ea:e9:12:bf:d3:b6:f3:22:6f:
a6:38:22:06:6d:4d:81:a6:10:af:4b:25:31:8e:38:c5:0b:66:
71:95:cf:78
-----BEGIN CERTIFICATE-----
MIIGTDCCBTSgAwIBAgISAZ5pUmFwBORIuY57UpTp+3z0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDE1NjU0MDgyNTc4YzQ5NDZjZDI3YmUxZTg5YTNkZDc1
NjJmYTQwHhcNMjYwNTI3MTIwNDI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTMzZDZmZDQ5OTgyMTc0OWQzNDdhOWRiMWU2NjVmOGQzM2IwYzMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvlDhDcfBtnLRcT3vqq/d+btL6so7
/QnQUj1O2Vb9lDdkuVwubmXQqA78Yt0b46pKeHTT/LLIVx592Tn2JBGcmpnET4nd
hBhlcllAHClXO85VHfWBS5uHND3V6V41/QKg0RwnByfCTCTYyPZXsTY5UZjOH/TB
z5EhHJyAesNkoSJ38yoh1F6N65kYMlzCY5k/mAiUW9/Dza0FNHvOohWltLi6h3m8
3Of2oCEZakM8es/R4ENwzLgo19VdmQe/v9JdHieOSBWQ+hxrLh4HbzR3X5XrzwZs
B4YC06Jc/9jR0uMoI5M2bazKmpHXlzfOG5M9D/Bz8Jv8HC9/THHvFzn/lQIDAQAB
o4IDWDCCA1QwHQYDVR0OBBYEFCoz1v1JmCF0nTR6nbHmZfjTOwwwMB8GA1UdIwQY
MBaAFEMBVlQIJXjElGzSe+Homj3XVi+kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdGV1ZBZ2xlTVNVYk5KNzRlaWFQZGRXTDZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9jMjdmYTYtYjJiMC00ZGNiLWE4OTkt
MTAzMGNkYmU2YmQ0LzEvS2pQV19VbVlJWFNkTkhxZHNlWmwtTk03RERBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9jMjdmYTYtYjJiMC00ZGNiLWE4OTktMTAzMGNkYmU2YmQ0
LzEvUXdGV1ZBZ2xlTVNVYk5KNzRlaWFQZGRXTDZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBbAYIKwYBBQUHAQcBAf8EggFbMIIBVzCCARoEAgABMIIB
EgMEAwVk4AMEA09juAMEBVNigDAMAwQBU2KmAwQGU2KAAwQCU2LIAwQEU2LQAwQF
VVyAAwQDVZ6gAwQDVd7AAwQCWRKgAwQDWRKoAwQCWRK0MAwDBAdZHoADBANZHuAD
BAFbyDADBABbyDMDBABb2HEDBABb2I0DBARdr7ADBANexhgDBAOGAFgDBAKi+MQD
BAOi+yADBAOwPsADBAOy+8ADBAK5DIQDBAK5HuwDBAK5JpwDBAG5SkwDBAK5TXgD
BAK5cTQDBAK5ccQDBAK5ceADBAK5dEgDBAHBIpYDBAHCaYADBADCpSIDBADD6q0D
BAXVq4ADBAPVvQADBATVvRADBAXV1mADBAXV9yADBATZw3AwNwQCAAIwMQMFACAB
FvgDBQAqABvYAwUAKgFA4AMFASoCILADBQMqAihYAwUBKgNVAAMFAyoNUEAwDQYJ
KoZIhvcNAQELBQADggEBABkC44iL6MIuo4alOOMx7QFA/hbk5ywhoBsI7v+BtGQD
1ui3gKRziOCldh1chQVAnRXpE/v6057+UeEeuAETJe+ezW3GEbx9I1Gq7tlf1TH8
RytslBYHzEozF+ksmHyyHvrT9NNvjpqvapB2LzprHcUVdKfnKJGpUDjm32qSTPjp
zNgBYuoB7RDBuFPawJQFb+c3TSqS5+nrrnVDvT+GbRS8eKoc0aRM1B+VZcsPkDNs
vvULMsRKnxFs0WcSXmJcWHeGfY56QUdPTQjOlAq1jXvKYeQngxLynjQqdFKZr2kS
3+rpEr/TtvMib6Y4IgZtTYGmEK9LJTGOOMULZnGVz3g=
-----END CERTIFICATE-----
Generated at Fri Jun 12 04:04:20 2026 by rpki-client