Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/c27fa6-b2b0-4dcb-a899-1030cdbe6bd4/1/j1fC-ufOAC7oOJku5qsLvIYWsaE.roa
File: j1fC-ufOAC7oOJku5qsLvIYWsaE.roa (raw, json)
Hash identifier: YKVNlcKJyfLyyNhEBW3xeNfrQ98q3rWK+jVABNHHPE4=
Subject key identifier: 8F:57:C2:FA:E7:CE:00:2E:E8:38:99:2E:E6:AB:0B:BC:86:16:B1:A1
Certificate issuer: /CN=43015654082578c4946cd27be1e89a3dd7562fa4
Certificate serial: 019E2B9B45ADD83F93167C87BDFBCF61E0BE
Authority key identifier: 43:01:56:54:08:25:78:C4:94:6C:D2:7B:E1:E8:9A:3D:D7:56:2F:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwFWVAgleMSUbNJ74eiaPddWL6Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/c27fa6-b2b0-4dcb-a899-1030cdbe6bd4/1/j1fC-ufOAC7oOJku5qsLvIYWsaE.roa
Signing time: Fri 15 May 2026 12:27:36 +0000
ROA not before: Fri 15 May 2026 12:27:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 8315
IP address blocks: 5.100.224.0/21 maxlen: 24
79.99.184.0/21 maxlen: 24
83.98.128.0/19 maxlen: 19
83.98.166.0/23 maxlen: 23
83.98.168.0/21 maxlen: 24
83.98.176.0/20 maxlen: 20
83.98.208.0/20 maxlen: 20
85.92.128.0/19 maxlen: 24
85.92.128.0/20 maxlen: 20
85.92.144.0/22 maxlen: 22
85.158.160.0/21 maxlen: 24
85.222.192.0/21 maxlen: 24
89.18.160.0/22 maxlen: 22
89.18.168.0/21 maxlen: 24
89.18.180.0/22 maxlen: 22
89.30.128.0/18 maxlen: 24
91.200.48.0/23 maxlen: 24
91.200.51.0/24 maxlen: 24
91.216.113.0/24 maxlen: 24
91.216.141.0/24 maxlen: 24
93.175.176.0/20 maxlen: 24
94.198.24.0/21 maxlen: 24
134.0.88.0/21 maxlen: 24
162.248.196.0/22 maxlen: 24
162.251.32.0/21 maxlen: 24
176.62.192.0/21 maxlen: 24
178.251.192.0/21 maxlen: 24
185.12.132.0/22 maxlen: 24
185.30.236.0/22 maxlen: 24
185.38.156.0/22 maxlen: 24
185.74.76.0/24 maxlen: 24
185.74.77.0/24 maxlen: 24
185.77.120.0/22 maxlen: 24
185.113.52.0/22 maxlen: 24
185.113.196.0/22 maxlen: 24
185.113.224.0/22 maxlen: 24
185.116.72.0/22 maxlen: 24
193.34.150.0/23 maxlen: 24
194.105.128.0/23 maxlen: 24
194.165.34.0/24 maxlen: 24
195.234.173.0/24 maxlen: 24
213.171.128.0/19 maxlen: 24
213.171.144.0/20 maxlen: 20
213.189.0.0/21 maxlen: 21
213.189.16.0/20 maxlen: 24
213.214.96.0/19 maxlen: 24
213.247.32.0/19 maxlen: 24
217.195.112.0/20 maxlen: 24
2001:16f8::/32 maxlen: 48
2a00:1bd8::/32 maxlen: 48
2a01:40e0::/32 maxlen: 48
2a02:20b0::/32 maxlen: 32
2a02:20b1::/32 maxlen: 32
2a02:2858::/29 maxlen: 48
2a02:2858:200::/40 maxlen: 40
2a02:2858:300::/40 maxlen: 40
2a02:2858:400::/40 maxlen: 40
2a02:2858:500::/40 maxlen: 40
2a03:5500::/31 maxlen: 48
2a0d:5040::/29 maxlen: 29
2a0d:5040::/32 maxlen: 32
2a0d:5041::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/c27fa6-b2b0-4dcb-a899-1030cdbe6bd4/1/QwFWVAgleMSUbNJ74eiaPddWL6Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/c27fa6-b2b0-4dcb-a899-1030cdbe6bd4/1/QwFWVAgleMSUbNJ74eiaPddWL6Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/QwFWVAgleMSUbNJ74eiaPddWL6Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 17 May 2026 12:40:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:2b:9b:45:ad:d8:3f:93:16:7c:87:bd:fb:cf:61:e0:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43015654082578c4946cd27be1e89a3dd7562fa4
Validity
Not Before: May 15 12:27:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8f57c2fae7ce002ee838992ee6ab0bbc8616b1a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:4c:76:8d:d7:2e:66:40:55:79:e5:d0:32:21:
34:ea:9a:ff:9c:e9:bb:79:d7:a0:96:e3:5e:64:3b:
54:f6:a9:20:6e:bc:67:10:b2:d1:fb:5f:b3:99:8f:
21:64:75:da:82:4d:02:83:bb:80:db:b3:25:de:85:
c0:38:14:92:80:b8:94:c7:e1:e5:5b:bb:6d:9a:58:
6f:bc:58:34:d4:81:ac:92:30:cb:a8:58:4b:60:1a:
c0:c5:17:56:fc:ef:93:83:1d:6b:da:b5:a6:7d:82:
bb:77:ed:55:41:c0:03:4e:eb:e6:cf:b2:d0:0e:26:
35:c1:94:0d:85:12:71:76:57:28:75:92:fc:e5:e2:
80:11:87:be:8b:37:42:78:a6:33:5a:4f:57:bd:4f:
1d:da:63:5e:72:43:f2:54:14:d0:97:43:46:c8:94:
40:20:bc:e6:87:52:01:b1:85:2a:e0:76:4c:e7:eb:
c2:b0:44:d7:2c:d3:36:82:4a:08:59:a9:71:49:55:
3b:2d:d0:ca:f9:f3:5d:ab:81:30:ed:0c:2f:b1:97:
af:0a:6c:e0:dd:23:6c:ec:69:d4:34:05:9f:fc:58:
d2:1b:28:d9:1f:35:7a:32:36:57:26:fe:7f:31:c3:
63:35:11:86:a1:0d:84:1b:ac:17:f3:3d:49:e2:ac:
d1:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:57:C2:FA:E7:CE:00:2E:E8:38:99:2E:E6:AB:0B:BC:86:16:B1:A1
X509v3 Authority Key Identifier:
keyid:43:01:56:54:08:25:78:C4:94:6C:D2:7B:E1:E8:9A:3D:D7:56:2F:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwFWVAgleMSUbNJ74eiaPddWL6Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/c27fa6-b2b0-4dcb-a899-1030cdbe6bd4/1/j1fC-ufOAC7oOJku5qsLvIYWsaE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/c27fa6-b2b0-4dcb-a899-1030cdbe6bd4/1/QwFWVAgleMSUbNJ74eiaPddWL6Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.100.224.0/21
79.99.184.0/21
83.98.128.0/19
83.98.166.0-83.98.191.255
83.98.208.0/20
85.92.128.0/19
85.158.160.0/21
85.222.192.0/21
89.18.160.0/22
89.18.168.0/21
89.18.180.0/22
89.30.128.0/18
91.200.48.0/23
91.200.51.0/24
91.216.113.0/24
91.216.141.0/24
93.175.176.0/20
94.198.24.0/21
134.0.88.0/21
162.248.196.0/22
162.251.32.0/21
176.62.192.0/21
178.251.192.0/21
185.12.132.0/22
185.30.236.0/22
185.38.156.0/22
185.74.76.0/23
185.77.120.0/22
185.113.52.0/22
185.113.196.0/22
185.113.224.0/22
185.116.72.0/22
193.34.150.0/23
194.105.128.0/23
194.165.34.0/24
195.234.173.0/24
213.171.128.0/19
213.189.0.0/21
213.189.16.0/20
213.214.96.0/19
213.247.32.0/19
217.195.112.0/20
IPv6:
2001:16f8::/32
2a00:1bd8::/32
2a01:40e0::/32
2a02:20b0::/31
2a02:2858::/29
2a03:5500::/31
2a0d:5040::/29
Signature Algorithm: sha256WithRSAEncryption
a2:c4:60:74:6b:8e:7f:7e:c4:67:cb:ad:c1:1f:d8:8d:31:10:
81:2e:e1:6f:ea:03:a7:bc:24:50:9f:8b:f7:3b:1a:23:47:63:
12:4d:be:0c:55:84:c2:26:b8:39:f9:50:84:23:11:84:9f:e0:
0e:66:c3:ca:12:49:86:bf:41:32:5b:4d:32:87:5e:b9:f1:06:
6e:53:d5:11:bd:8a:af:b3:a5:17:20:86:c8:7f:74:7b:5a:8c:
8d:78:4f:9a:19:2a:49:c2:d9:45:9c:bd:a8:65:8c:b6:9e:f9:
a6:61:ac:51:f8:71:a0:bd:ff:95:2f:de:20:b7:06:cb:c7:1b:
a1:0a:eb:b2:8c:ec:f4:c2:01:72:09:fe:c6:df:f5:c3:fa:c3:
82:18:34:b8:be:45:5f:34:a1:67:d4:6d:1b:9d:c7:89:d3:12:
33:40:f6:92:84:c3:32:66:8b:99:32:5a:d8:ac:3f:41:45:f7:
a3:f7:a7:b1:09:ad:5b:e1:73:e5:5a:ad:d7:34:65:ce:2a:45:
49:45:20:36:26:8b:e9:86:65:d1:0a:8b:04:00:84:e6:71:8a:
7b:20:f4:13:f5:96:84:4d:61:bf:f6:45:9e:f2:46:40:99:d8:
18:c2:56:58:30:dc:13:e0:e4:8e:db:5d:f8:06:48:55:9f:f5:
ec:5b:46:d7
-----BEGIN CERTIFICATE-----
MIIGPjCCBSagAwIBAgISAZ4rm0Wt2D+TFnyHvfvPYeC+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDE1NjU0MDgyNTc4YzQ5NDZjZDI3YmUxZTg5YTNkZDc1
NjJmYTQwHhcNMjYwNTE1MTIyNzM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjU3YzJmYWU3Y2UwMDJlZTgzODk5MmVlNmFiMGJiYzg2MTZiMWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArUx2jdcuZkBVeeXQMiE06pr/nOm7
edegluNeZDtU9qkgbrxnELLR+1+zmY8hZHXagk0Cg7uA27Ml3oXAOBSSgLiUx+Hl
W7ttmlhvvFg01IGskjDLqFhLYBrAxRdW/O+Tgx1r2rWmfYK7d+1VQcADTuvmz7LQ
DiY1wZQNhRJxdlcodZL85eKAEYe+izdCeKYzWk9XvU8d2mNeckPyVBTQl0NGyJRA
ILzmh1IBsYUq4HZM5+vCsETXLNM2gkoIWalxSVU7LdDK+fNdq4Ew7QwvsZevCmzg
3SNs7GnUNAWf/FjSGyjZHzV6MjZXJv5/McNjNRGGoQ2EG6wX8z1J4qzRhQIDAQAB
o4IDSjCCA0YwHQYDVR0OBBYEFI9XwvrnzgAu6DiZLuarC7yGFrGhMB8GA1UdIwQY
MBaAFEMBVlQIJXjElGzSe+Homj3XVi+kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdGV1ZBZ2xlTVNVYk5KNzRlaWFQZGRXTDZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9jMjdmYTYtYjJiMC00ZGNiLWE4OTkt
MTAzMGNkYmU2YmQ0LzEvajFmQy11Zk9BQzdvT0prdTVxc0x2SVlXc2FFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9jMjdmYTYtYjJiMC00ZGNiLWE4OTktMTAzMGNkYmU2YmQ0
LzEvUXdGV1ZBZ2xlTVNVYk5KNzRlaWFQZGRXTDZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBXgYIKwYBBQUHAQcBAf8EggFNMIIBSTCCAQwEAgABMIIB
BAMEAwVk4AMEA09juAMEBVNigDAMAwQBU2KmAwQGU2KAAwQEU2LQAwQFVVyAAwQD
VZ6gAwQDVd7AAwQCWRKgAwQDWRKoAwQCWRK0AwQGWR6AAwQBW8gwAwQAW8gzAwQA
W9hxAwQAW9iNAwQEXa+wAwQDXsYYAwQDhgBYAwQCovjEAwQDovsgAwQDsD7AAwQD
svvAAwQCuQyEAwQCuR7sAwQCuSacAwQBuUpMAwQCuU14AwQCuXE0AwQCuXHEAwQC
uXHgAwQCuXRIAwQBwSKWAwQBwmmAAwQAwqUiAwQAw+qtAwQF1auAAwQD1b0AAwQE
1b0QAwQF1dZgAwQF1fcgAwQE2cNwMDcEAgACMDEDBQAgARb4AwUAKgAb2AMFACoB
QOADBQEqAiCwAwUDKgIoWAMFASoDVQADBQMqDVBAMA0GCSqGSIb3DQEBCwUAA4IB
AQCixGB0a45/fsRny63BH9iNMRCBLuFv6gOnvCRQn4v3OxojR2MSTb4MVYTCJrg5
+VCEIxGEn+AOZsPKEkmGv0EyW00yh1658QZuU9URvYqvs6UXIIbIf3R7WoyNeE+a
GSpJwtlFnL2oZYy2nvmmYaxR+HGgvf+VL94gtwbLxxuhCuuyjOz0wgFyCf7G3/XD
+sOCGDS4vkVfNKFn1G0bnceJ0xIzQPaShMMyZouZMlrYrD9BRfej96exCa1b4XPl
Wq3XNGXOKkVJRSA2JovphmXRCosEAITmcYp7IPQT9ZaETWG/9kWe8kZAmdgYwlZY
MNwT4OSO2134BkhVn/XsW0bX
-----END CERTIFICATE-----
Generated at Sat May 16 18:37:06 2026 by rpki-client