Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/Jj0i-faSpDo8V2svQ6SBq-ceoZw.roa
File: Jj0i-faSpDo8V2svQ6SBq-ceoZw.roa (raw, json)
Hash identifier: CUq3mOmHl94bKR8Bk5sup5jNhPSmJ161pRlUK91Eoz8=
Subject key identifier: 26:3D:22:F9:F6:92:A4:3A:3C:57:6B:2F:43:A4:81:AB:E7:1E:A1:9C
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 019EDA7395D06C6D6008BB989061825C9E3A
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/Jj0i-faSpDo8V2svQ6SBq-ceoZw.roa
Signing time: Thu 18 Jun 2026 11:17:48 +0000
ROA not before: Thu 18 Jun 2026 11:17:48 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 62206
IP address blocks: 5.181.84.0/24 maxlen: 24
5.181.87.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
45.13.189.0/24 maxlen: 24
45.13.190.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
45.94.170.0/24 maxlen: 24
45.94.171.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
146.19.125.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
193.30.241.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
194.242.96.0/24 maxlen: 24
194.242.98.0/24 maxlen: 24
194.242.99.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
195.211.188.0/24 maxlen: 24
195.211.189.0/24 maxlen: 24
195.211.190.0/24 maxlen: 24
195.211.191.0/24 maxlen: 24
2a01:7120::/32 maxlen: 32
2a01:7120:7::/48 maxlen: 48
2a07:9200::/29 maxlen: 29
2a0c:a580::/29 maxlen: 32
2a0c:a580::/32 maxlen: 32
2a0c:a581::/32 maxlen: 32
2a0c:a584::/32 maxlen: 32
2a0c:a586::/32 maxlen: 32
2a11:2a80::/32 maxlen: 32
2a12:9f00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 20 Jun 2026 19:57:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:da:73:95:d0:6c:6d:60:08:bb:98:90:61:82:5c:9e:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jun 18 11:17:48 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=263d22f9f692a43a3c576b2f43a481abe71ea19c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:3f:70:dc:87:3b:6a:d5:e2:db:6e:d1:06:d4:
74:5a:3d:f5:84:9d:84:95:13:67:2c:ab:63:a2:4a:
be:c8:ee:67:ee:a7:56:e9:f4:9d:14:eb:f2:f9:78:
a8:e7:d4:58:fd:df:fc:55:94:e2:af:7c:34:0f:3a:
18:d5:11:f7:5d:ca:2a:03:ef:48:eb:fb:8a:2f:0f:
39:79:d4:8d:cd:81:2f:e8:c7:96:7c:5c:68:40:9d:
6d:ab:f0:33:ea:6a:a0:e5:1d:23:2f:52:33:3f:bd:
a0:85:0e:53:39:ac:c8:b6:68:2a:a0:52:cf:1a:ba:
72:09:cd:96:c9:36:5c:1f:4d:bd:93:11:4f:76:58:
7a:24:22:5e:65:19:41:df:76:fc:d4:22:f5:78:31:
ed:ae:ea:a1:a8:36:21:08:bb:67:d5:ff:fa:48:c9:
11:6d:85:eb:fd:0e:b3:3a:4b:0a:54:09:48:6e:0b:
65:09:98:f4:cd:15:75:b3:5c:fb:e7:76:81:a1:fe:
0f:f1:e1:d9:fe:1e:69:f1:11:82:20:7e:1c:5a:7b:
49:0d:69:db:6c:55:d9:c8:77:3f:b9:af:33:92:9b:
6d:d4:90:a9:d2:4a:47:b7:07:fd:b2:e8:22:06:95:
e7:ab:95:00:85:87:34:8a:01:db:f9:ed:0f:48:62:
12:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:3D:22:F9:F6:92:A4:3A:3C:57:6B:2F:43:A4:81:AB:E7:1E:A1:9C
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/Jj0i-faSpDo8V2svQ6SBq-ceoZw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.84.0/24
5.181.87.0/24
45.9.29.0/24
45.13.189.0-45.13.190.255
45.88.136.0/24
45.94.170.0/23
45.132.182.0/23
146.19.125.0/24
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/22
193.57.43.0/24
194.242.96.0/24
194.242.98.0/23
195.177.92.0/24
195.177.94.0/23
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a11:2a80::/32
2a12:9f00::/32
Signature Algorithm: sha256WithRSAEncryption
24:44:3f:a9:40:15:6a:90:2e:d8:2c:d6:9f:db:78:59:09:84:
4f:ac:23:89:b0:d2:13:61:b1:a1:91:65:4c:a7:7c:71:cf:05:
2f:e8:ea:e0:7a:74:80:9d:5c:09:9a:5c:2b:44:32:f1:5b:df:
83:bd:7d:65:a6:dc:26:0e:63:47:2b:6f:c7:f8:19:ce:02:2d:
86:c0:9c:e8:c3:72:62:d2:03:d6:95:db:df:21:f0:4a:29:e2:
df:40:d3:ce:47:a3:58:59:3b:ee:42:1b:43:bb:10:9b:23:ea:
2f:2a:2f:fc:05:a1:99:a6:22:7e:17:22:71:e5:bd:7d:a9:dc:
be:71:34:f9:80:c2:b8:e6:e5:9d:b2:c0:18:bc:6f:f4:35:2a:
d4:f4:2f:03:cf:71:08:fd:a6:18:f6:bb:7a:b0:7f:9c:c0:6c:
e2:24:79:61:d4:f3:d6:86:df:77:6b:39:c3:b6:86:bd:7c:b4:
77:60:fa:8d:25:0d:49:45:9b:ac:3c:90:b7:44:c8:cc:15:5f:
b3:94:f0:b8:be:de:c3:bf:b3:c4:66:f2:0f:cb:1b:e6:83:e7:
0b:f4:93:0c:b0:42:ab:8a:73:f2:f9:e8:d8:57:de:3a:30:9b:
94:cc:ae:d5:4c:78:8b:bd:f2:24:51:2d:0d:f6:85:3e:13:65:
fe:f0:ab:9f
-----BEGIN CERTIFICATE-----
MIIFmTCCBIGgAwIBAgISAZ7ac5XQbG1gCLuYkGGCXJ46MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjYwNjE4MTExNzQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjNkMjJmOWY2OTJhNDNhM2M1NzZiMmY0M2E0ODFhYmU3MWVhMTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwT9w3Ic7atXi227RBtR0Wj31hJ2E
lRNnLKtjokq+yO5n7qdW6fSdFOvy+Xio59RY/d/8VZTir3w0DzoY1RH3XcoqA+9I
6/uKLw85edSNzYEv6MeWfFxoQJ1tq/Az6mqg5R0jL1IzP72ghQ5TOazItmgqoFLP
GrpyCc2WyTZcH029kxFPdlh6JCJeZRlB33b81CL1eDHtruqhqDYhCLtn1f/6SMkR
bYXr/Q6zOksKVAlIbgtlCZj0zRV1s1z753aBof4P8eHZ/h5p8RGCIH4cWntJDWnb
bFXZyHc/ua8zkptt1JCp0kpHtwf9sugiBpXnq5UAhYc0igHb+e0PSGISrQIDAQAB
o4ICpTCCAqEwHQYDVR0OBBYEFCY9Ivn2kqQ6PFdrL0OkgavnHqGcMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvSmowaS1mYVNwRG84VjJzdlE2U0JxLWNlb1p3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG6BggrBgEFBQcBBwEB/wSBqjCBpzB6BAIAATB0AwQABbVU
AwQABbVXAwQALQkdMAwDBAAtDb0DBAAtDb4DBAAtWIgDBAEtXqoDBAEthLYDBACS
E30DBAG5K/gDBAC5K/sDBAG5yD4DBALBHvADBADBOSsDBADC8mADBAHC8mIDBADD
sVwDBAHDsV4DBALD07wwKQQCAAIwIwMFACoBcSADBQMqB5IAAwUDKgylgAMFACoR
KoADBQAqEp8AMA0GCSqGSIb3DQEBCwUAA4IBAQAkRD+pQBVqkC7YLNaf23hZCYRP
rCOJsNITYbGhkWVMp3xxzwUv6OrgenSAnVwJmlwrRDLxW9+DvX1lptwmDmNHK2/H
+BnOAi2GwJzow3Ji0gPWldvfIfBKKeLfQNPOR6NYWTvuQhtDuxCbI+ovKi/8BaGZ
piJ+FyJx5b19qdy+cTT5gMK45uWdssAYvG/0NSrU9C8Dz3EI/aYY9rt6sH+cwGzi
JHlh1PPWht93aznDtoa9fLR3YPqNJQ1JRZusPJC3RMjMFV+zlPC4vt7Dv7PEZvIP
yxvmg+cL9JMMsEKrinPy+ejYV946MJuUzK7VTHiLvfIkUS0N9oU+E2X+8Kuf
-----END CERTIFICATE-----
Generated at Sat Jun 20 05:05:23 2026 by rpki-client