Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/33EVdXQvPaXauAFZcDKums6H9vY.roa
File: 33EVdXQvPaXauAFZcDKums6H9vY.roa (raw, json)
Hash identifier: xCPovjoI+86GTyyA5R+sYFTBaNp+ZLuB66MOwXojLaE=
Subject key identifier: DF:71:15:75:74:2F:3D:A5:DA:B8:01:59:70:32:AE:9A:CE:87:F6:F6
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 019E878F2AAAE0EAB219606A4122F3897B85
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/33EVdXQvPaXauAFZcDKums6H9vY.roa
Signing time: Tue 02 Jun 2026 08:59:27 +0000
ROA not before: Tue 02 Jun 2026 08:59:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 62206
IP address blocks: 5.181.84.0/24 maxlen: 24
5.181.87.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
45.13.189.0/24 maxlen: 24
45.13.190.0/24 maxlen: 24
45.81.112.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
45.94.170.0/24 maxlen: 24
45.94.171.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
146.19.125.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
193.30.241.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
194.242.96.0/24 maxlen: 24
194.242.98.0/24 maxlen: 24
194.242.99.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
195.211.188.0/24 maxlen: 24
195.211.189.0/24 maxlen: 24
195.211.190.0/24 maxlen: 24
195.211.191.0/24 maxlen: 24
2a01:7120::/32 maxlen: 32
2a01:7120:7::/48 maxlen: 48
2a07:9200::/29 maxlen: 29
2a0c:a580::/29 maxlen: 32
2a0c:a580::/32 maxlen: 32
2a0c:a581::/32 maxlen: 32
2a0c:a584::/32 maxlen: 32
2a0c:a586::/32 maxlen: 32
2a11:2a80::/32 maxlen: 32
2a12:9f00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 05 Jun 2026 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:87:8f:2a:aa:e0:ea:b2:19:60:6a:41:22:f3:89:7b:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jun 2 08:59:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=df711575742f3da5dab801597032ae9ace87f6f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:34:19:cc:9c:6d:bb:69:27:98:ca:d2:74:09:
7b:c6:5a:64:56:16:0d:cf:da:02:6f:6a:57:22:39:
f0:69:d3:80:78:17:2e:0d:8f:3e:4a:72:45:d3:25:
0f:eb:8d:2d:df:e3:b1:2d:78:9c:8f:88:50:b9:74:
72:51:03:31:60:b5:9f:b7:b6:dd:36:e9:61:c3:c1:
96:3c:95:d8:7f:2a:30:29:a0:63:be:8e:5b:f4:4b:
ce:e1:1b:d2:d4:26:d8:65:76:dc:d2:3c:1c:9d:b1:
60:31:76:60:aa:7f:1c:7e:df:21:49:f9:a5:84:a7:
f1:d0:de:69:88:df:5a:79:76:ad:b7:a0:a8:b5:6f:
ad:a2:a9:0b:0c:39:ad:ba:d3:9c:f3:87:f2:df:06:
f5:76:e9:30:ee:2e:0b:e4:e0:8c:a6:92:1c:bb:9a:
2c:dc:b7:f4:17:65:62:4f:98:92:e7:09:58:60:5a:
8d:58:ec:fa:08:c4:90:00:86:78:55:9a:fa:5e:e3:
93:82:42:7d:5a:14:db:8c:66:3c:69:79:00:48:09:
dc:61:53:eb:14:98:80:48:a0:eb:cf:aa:5e:78:8b:
d2:43:20:24:65:23:d1:c3:53:58:ab:ed:4e:91:44:
26:3b:ab:78:4f:29:a1:76:63:a6:a2:2f:4e:6f:9d:
b1:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:71:15:75:74:2F:3D:A5:DA:B8:01:59:70:32:AE:9A:CE:87:F6:F6
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/33EVdXQvPaXauAFZcDKums6H9vY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.84.0/24
5.181.87.0/24
45.9.29.0/24
45.13.189.0-45.13.190.255
45.81.112.0/24
45.88.136.0/24
45.94.170.0/23
45.132.182.0/23
146.19.125.0/24
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/22
193.57.43.0/24
194.242.96.0/24
194.242.98.0/23
195.177.92.0/24
195.177.94.0/23
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a11:2a80::/32
2a12:9f00::/32
Signature Algorithm: sha256WithRSAEncryption
bf:91:04:c8:b1:d0:26:1e:7a:57:9f:b0:c2:8e:64:c9:fc:72:
2f:67:15:38:41:7c:95:af:c5:ed:cf:ad:ff:65:3e:eb:a7:b1:
0d:9c:81:2a:e4:b8:92:66:f9:a2:14:8b:19:12:8f:71:16:98:
1c:53:b7:27:a5:ef:13:59:ff:61:66:c5:0d:b2:83:52:65:df:
87:fc:00:84:94:29:ed:df:dd:35:9b:f3:03:3a:1e:0e:e6:42:
fb:96:27:a1:05:f8:0a:d9:7a:d7:2f:cd:2e:05:70:57:24:85:
49:dd:76:ef:5b:5d:59:ff:57:46:16:68:22:f1:a3:60:ab:82:
3b:82:11:07:42:0c:1b:67:a6:2a:b2:77:bf:25:76:2b:e1:e5:
25:91:07:36:45:2d:eb:05:0f:99:01:d3:d5:e2:c7:e1:97:f5:
ef:cd:b7:b9:be:c3:00:4c:73:f4:8f:bc:27:38:0e:12:a1:b3:
95:20:7d:58:18:82:c2:85:b7:d8:81:90:19:b6:fa:54:88:75:
4f:2e:84:d2:6d:3e:11:50:45:65:18:fb:42:55:d0:fd:8f:fd:
15:58:a3:fb:f7:84:b4:0a:e1:e8:10:a2:ab:9d:a1:9b:0b:44:
e4:9b:54:a7:50:09:6b:67:22:cd:71:b3:98:cf:7d:43:a6:9e:
3f:5d:ec:61
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgISAZ6Hjyqq4OqyGWBqQSLziXuFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjYwNjAyMDg1OTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjcxMTU3NTc0MmYzZGE1ZGFiODAxNTk3MDMyYWU5YWNlODdmNmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtzQZzJxtu2knmMrSdAl7xlpkVhYN
z9oCb2pXIjnwadOAeBcuDY8+SnJF0yUP640t3+OxLXicj4hQuXRyUQMxYLWft7bd
Nulhw8GWPJXYfyowKaBjvo5b9EvO4RvS1CbYZXbc0jwcnbFgMXZgqn8cft8hSfml
hKfx0N5piN9aeXatt6CotW+toqkLDDmtutOc84fy3wb1dukw7i4L5OCMppIcu5os
3Lf0F2ViT5iS5wlYYFqNWOz6CMSQAIZ4VZr6XuOTgkJ9WhTbjGY8aXkASAncYVPr
FJiASKDrz6peeIvSQyAkZSPRw1NYq+1OkUQmO6t4TymhdmOmoi9Ob52xIQIDAQAB
o4ICrDCCAqgwHQYDVR0OBBYEFN9xFXV0Lz2l2rgBWXAyrprOh/b2MB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvMzNFVmRYUXZQYVhhdUFGWmNES3VtczZIOXZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHBBggrBgEFBQcBBwEB/wSBsTCBrjCBgAQCAAEwegMEAAW1
VAMEAAW1VwMEAC0JHTAMAwQALQ29AwQALQ2+AwQALVFwAwQALViIAwQBLV6qAwQB
LYS2AwQAkhN9AwQBuSv4AwQAuSv7AwQBucg+AwQCwR7wAwQAwTkrAwQAwvJgAwQB
wvJiAwQAw7FcAwQBw7FeAwQCw9O8MCkEAgACMCMDBQAqAXEgAwUDKgeSAAMFAyoM
pYADBQAqESqAAwUAKhKfADANBgkqhkiG9w0BAQsFAAOCAQEAv5EEyLHQJh56V5+w
wo5kyfxyL2cVOEF8la/F7c+t/2U+66exDZyBKuS4kmb5ohSLGRKPcRaYHFO3J6Xv
E1n/YWbFDbKDUmXfh/wAhJQp7d/dNZvzAzoeDuZC+5YnoQX4Ctl61y/NLgVwVySF
Sd1271tdWf9XRhZoIvGjYKuCO4IRB0IMG2emKrJ3vyV2K+HlJZEHNkUt6wUPmQHT
1eLH4Zf17823ub7DAExz9I+8JzgOEqGzlSB9WBiCwoW32IGQGbb6VIh1Ty6E0m0+
EVBFZRj7QlXQ/Y/9FVij+/eEtArh6BCiq52hmwtE5JtUp1AJa2cizXGzmM99Q6ae
P13sYQ==
-----END CERTIFICATE-----
Generated at Fri Jun 5 02:01:46 2026 by rpki-client