Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/asMbjhi5n7R-4d1-brs9UkGUZm8.roa
File: asMbjhi5n7R-4d1-brs9UkGUZm8.roa (raw, json)
Hash identifier: cmHCUp+gfJvKd0Y0CWwhr4SU5hBfJ/pd//G9MmHNJ9M=
Subject key identifier: 6A:C3:1B:8E:18:B9:9F:B4:7E:E1:DD:7E:6E:BB:3D:52:41:94:66:6F
Certificate issuer: /CN=622ecc6cc5903aea0db61200f4ccd4f824cdd54f
Certificate serial: 019ED51BC8498E283E9C79D8B2BC62D4DC70
Authority key identifier: 62:2E:CC:6C:C5:90:3A:EA:0D:B6:12:00:F4:CC:D4:F8:24:CD:D5:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yi7MbMWQOuoNthIA9MzU-CTN1U8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/asMbjhi5n7R-4d1-brs9UkGUZm8.roa
Signing time: Wed 17 Jun 2026 10:23:48 +0000
ROA not before: Wed 17 Jun 2026 10:23:48 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 43519
IP address blocks: 149.20.120.0/24 maxlen: 24
149.20.121.0/24 maxlen: 24
149.20.122.0/24 maxlen: 24
149.20.123.0/24 maxlen: 24
213.248.197.0/24 maxlen: 24
213.248.198.0/24 maxlen: 24
213.248.199.0/24 maxlen: 24
213.248.200.0/24 maxlen: 24
213.248.201.0/24 maxlen: 24
213.248.202.0/24 maxlen: 24
213.248.203.0/24 maxlen: 24
213.248.204.0/24 maxlen: 24
213.248.205.0/24 maxlen: 24
213.248.216.0/24 maxlen: 24
213.248.217.0/24 maxlen: 24
213.248.218.0/24 maxlen: 24
213.248.219.0/24 maxlen: 24
213.248.220.0/24 maxlen: 24
213.248.221.0/24 maxlen: 24
213.248.222.0/24 maxlen: 24
213.248.223.0/24 maxlen: 24
213.248.224.0/24 maxlen: 24
213.248.225.0/24 maxlen: 24
213.248.226.0/24 maxlen: 24
213.248.227.0/24 maxlen: 24
213.248.254.0/24 maxlen: 24
2a01:618:200::/48 maxlen: 48
2a01:618:201::/48 maxlen: 48
2a01:618:202::/48 maxlen: 48
2a01:618:203::/48 maxlen: 48
2a01:618:400::/48 maxlen: 48
2a01:618:401::/48 maxlen: 48
2a01:618:402::/48 maxlen: 48
2a01:618:403::/48 maxlen: 48
2a01:618:404::/48 maxlen: 48
2a01:618:405::/48 maxlen: 48
2a01:618:406::/48 maxlen: 48
2a01:618:407::/48 maxlen: 48
2a01:618:408::/48 maxlen: 48
2a01:618:409::/48 maxlen: 48
2a01:61e:1::/48 maxlen: 48
2a01:61e:2::/48 maxlen: 48
2a01:61e:3::/48 maxlen: 48
2a01:61e:4::/48 maxlen: 48
2a01:61e:5::/48 maxlen: 48
2a01:61e:6::/48 maxlen: 48
2a01:61e:7::/48 maxlen: 48
2a01:61e:8::/48 maxlen: 48
2a01:61e:9::/48 maxlen: 48
2a01:61e:ffff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/Yi7MbMWQOuoNthIA9MzU-CTN1U8.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/Yi7MbMWQOuoNthIA9MzU-CTN1U8.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yi7MbMWQOuoNthIA9MzU-CTN1U8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Jun 2026 10:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:d5:1b:c8:49:8e:28:3e:9c:79:d8:b2:bc:62:d4:dc:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=622ecc6cc5903aea0db61200f4ccd4f824cdd54f
Validity
Not Before: Jun 17 10:23:48 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6ac31b8e18b99fb47ee1dd7e6ebb3d524194666f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:ae:a8:7d:35:7d:cb:bf:66:80:4c:fa:92:c1:
a1:3e:f9:8e:36:36:95:c1:38:6f:3a:e7:41:6f:83:
87:32:d1:aa:e9:45:d7:8a:96:3f:f4:09:7a:37:2a:
8f:c1:7f:8d:76:83:7e:aa:86:2b:2a:b1:b3:17:60:
1c:72:08:39:9b:d3:0f:b0:12:ee:5a:cd:b7:d7:0d:
f1:a6:4b:fc:c3:a3:a3:84:7b:85:34:5e:fc:bd:74:
c1:65:1f:b1:b9:58:09:9c:d1:bb:7a:9c:42:55:fd:
f1:d3:37:66:53:7c:a1:3c:d9:e7:fc:9e:6c:77:d9:
31:30:de:9d:a7:6e:cb:ba:c1:99:f1:8c:e2:f2:0f:
43:70:46:95:aa:27:9b:30:9e:5a:2f:ad:4d:b6:6c:
1a:3a:4f:0a:3d:f0:3b:27:73:ce:db:fa:9a:f4:74:
e8:ec:ef:a7:26:9d:ab:33:90:c5:a4:92:8f:b5:45:
ed:09:de:1e:b6:a8:1b:76:1c:5e:59:6a:f0:46:d8:
ec:17:ac:93:0e:17:d8:27:5b:d4:ca:cb:11:8e:81:
ab:27:c7:de:15:ea:5f:40:28:bf:76:d8:d4:db:d2:
e2:2c:b6:40:26:9a:c3:92:cd:65:d8:82:6a:84:c8:
0f:fe:bc:b0:97:8b:ad:69:bb:46:4d:b6:f2:75:d6:
7f:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:C3:1B:8E:18:B9:9F:B4:7E:E1:DD:7E:6E:BB:3D:52:41:94:66:6F
X509v3 Authority Key Identifier:
keyid:62:2E:CC:6C:C5:90:3A:EA:0D:B6:12:00:F4:CC:D4:F8:24:CD:D5:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yi7MbMWQOuoNthIA9MzU-CTN1U8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/asMbjhi5n7R-4d1-brs9UkGUZm8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/Yi7MbMWQOuoNthIA9MzU-CTN1U8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.20.120.0/22
213.248.197.0-213.248.205.255
213.248.216.0-213.248.227.255
213.248.254.0/24
IPv6:
2a01:618:200::/46
2a01:618:400::-2a01:618:409:ffff:ffff:ffff:ffff:ffff
2a01:61e:1::-2a01:61e:9:ffff:ffff:ffff:ffff:ffff
2a01:61e:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
7c:ce:4e:ac:9a:08:00:2a:1d:e2:c9:2b:11:22:34:a9:a3:94:
18:3b:3a:10:42:5b:d4:7f:c9:ea:98:0a:af:e4:cf:13:51:d2:
f5:f5:2d:93:73:a2:0c:21:53:c9:15:1b:20:14:28:3f:04:10:
81:7b:c3:33:f0:c4:23:42:85:6b:ca:ff:04:d7:e4:e2:26:42:
8e:25:f6:de:d7:78:21:ea:42:f1:9a:9f:06:78:36:2b:53:79:
25:2d:a7:51:94:f1:2a:d0:2d:69:a3:cb:23:e2:25:bc:3e:35:
1f:93:3c:3e:81:b4:2b:8c:b5:9f:35:3f:c2:63:1e:34:8b:59:
30:21:4b:e7:51:d3:0c:9b:ef:82:75:9a:f5:72:65:8d:30:e1:
8c:b1:1e:b5:b8:2b:d3:15:c4:1c:af:1e:21:38:a9:17:cf:7c:
9d:ba:d6:3d:ff:e7:c3:5c:e1:8a:40:ed:3e:aa:38:7c:52:f8:
88:16:9f:70:4e:4f:04:10:81:c6:28:e0:8c:52:0f:8b:24:a2:
81:7b:15:af:9c:d0:2d:32:ce:62:e5:23:08:b8:26:88:7e:99:
d1:3f:d2:59:d6:8f:5c:6e:9a:10:9d:76:2f:5d:06:92:9f:17:
b8:23:1b:80:1c:14:e7:ef:e6:0f:de:dc:b6:92:e4:e5:7f:25:
96:04:f1:4d
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgISAZ7VG8hJjig+nHnYsrxi1NxwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMmVjYzZjYzU5MDNhZWEwZGI2MTIwMGY0Y2NkNGY4MjRj
ZGQ1NGYwHhcNMjYwNjE3MTAyMzQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWMzMWI4ZTE4Yjk5ZmI0N2VlMWRkN2U2ZWJiM2Q1MjQxOTQ2NjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApK6ofTV9y79mgEz6ksGhPvmONjaV
wThvOudBb4OHMtGq6UXXipY/9Al6NyqPwX+NdoN+qoYrKrGzF2Accgg5m9MPsBLu
Ws231w3xpkv8w6OjhHuFNF78vXTBZR+xuVgJnNG7epxCVf3x0zdmU3yhPNnn/J5s
d9kxMN6dp27LusGZ8Yzi8g9DcEaVqiebMJ5aL61NtmwaOk8KPfA7J3PO2/qa9HTo
7O+nJp2rM5DFpJKPtUXtCd4etqgbdhxeWWrwRtjsF6yTDhfYJ1vUyssRjoGrJ8fe
FepfQCi/dtjU29LiLLZAJprDks1l2IJqhMgP/rywl4utabtGTbbyddZ/TwIDAQAB
o4ICbTCCAmkwHQYDVR0OBBYEFGrDG44YuZ+0fuHdfm67PVJBlGZvMB8GA1UdIwQY
MBaAFGIuzGzFkDrqDbYSAPTM1PgkzdVPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWk3TWJNV1FPdW9OdGhJQTlNelUtQ1ROMVU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8yNjJhNGItYzcwMS00OGRjLTlhZTUt
MzQ2MzY4ODI3ZTY4LzEvYXNNYmpoaTVuN1ItNGQxLWJyczlVa0dVWm04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8yNjJhNGItYzcwMS00OGRjLTlhZTUtMzQ2MzY4ODI3ZTY4
LzEvWWk3TWJNV1FPdW9OdGhJQTlNelUtQ1ROMVU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGCBggrBgEFBQcBBwEB/wRzMHEwLgQCAAEwKAMEApUUeDAM
AwQA1fjFAwQB1fjMMAwDBAPV+NgDBALV+OADBADV+P4wPwQCAAIwOQMHAioBBhgC
ADARAwYCKgEGGAQDBwEqAQYYBAgwEgMHACoBBh4AAQMHASoBBh4ACAMHACoBBh7/
/zANBgkqhkiG9w0BAQsFAAOCAQEAfM5OrJoIACod4skrESI0qaOUGDs6EEJb1H/J
6pgKr+TPE1HS9fUtk3OiDCFTyRUbIBQoPwQQgXvDM/DEI0KFa8r/BNfk4iZCjiX2
3td4IepC8ZqfBng2K1N5JS2nUZTxKtAtaaPLI+IlvD41H5M8PoG0K4y1nzU/wmMe
NItZMCFL51HTDJvvgnWa9XJljTDhjLEetbgr0xXEHK8eITipF898nbrWPf/nw1zh
ikDtPqo4fFL4iBafcE5PBBCBxijgjFIPiySigXsVr5zQLTLOYuUjCLgmiH6Z0T/S
WdaPXG6aEJ12L10Gkp8XuCMbgBwU5+/mD97ctpLk5X8llgTxTQ==
-----END CERTIFICATE-----
Generated at Mon Jun 29 14:35:45 2026 by rpki-client