Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/cg2x230-3Iq3Js9h5EnAAX7JARE.roa
File: cg2x230-3Iq3Js9h5EnAAX7JARE.roa (raw, json)
Hash identifier: tnyzdBnOYXcXrLiFFvC1x//NGKCuvkSWE98rCps7Sxg=
Subject key identifier: 72:0D:B1:DB:7D:3E:DC:8A:B7:26:CF:61:E4:49:C0:01:7E:C9:01:11
Certificate issuer: /CN=622ecc6cc5903aea0db61200f4ccd4f824cdd54f
Certificate serial: 019ED516498D5E42EB7B675F023703FE18AA
Authority key identifier: 62:2E:CC:6C:C5:90:3A:EA:0D:B6:12:00:F4:CC:D4:F8:24:CD:D5:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yi7MbMWQOuoNthIA9MzU-CTN1U8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/cg2x230-3Iq3Js9h5EnAAX7JARE.roa
Signing time: Wed 17 Jun 2026 10:17:48 +0000
ROA not before: Wed 17 Jun 2026 10:17:48 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 8683
IP address blocks: 149.20.96.0/22 maxlen: 22
149.20.100.0/22 maxlen: 22
149.20.104.0/22 maxlen: 22
149.20.108.0/22 maxlen: 22
213.248.228.0/23 maxlen: 23
213.248.230.0/23 maxlen: 23
213.248.232.0/21 maxlen: 21
213.248.240.0/21 maxlen: 21
213.248.249.0/24 maxlen: 24
213.248.252.0/23 maxlen: 23
2a01:618:8000::/33 maxlen: 33
2a01:618:8000::/40 maxlen: 40
2a01:61c:1000::/40 maxlen: 40
2a01:61c:1100::/40 maxlen: 40
2a01:61c:1900::/40 maxlen: 40
2a01:61c:1a00::/40 maxlen: 40
2a01:61c:1d00::/40 maxlen: 40
2a01:61c:1f00::/40 maxlen: 40
2a01:61c:2000::/40 maxlen: 40
2a01:61c:2100::/40 maxlen: 40
2a01:61c:2a00::/40 maxlen: 40
2a01:61c:2f00::/40 maxlen: 40
2a01:61c:f001::/48 maxlen: 48
2a01:61c:f002::/48 maxlen: 48
2a01:61c:ffff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/Yi7MbMWQOuoNthIA9MzU-CTN1U8.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/Yi7MbMWQOuoNthIA9MzU-CTN1U8.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yi7MbMWQOuoNthIA9MzU-CTN1U8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Jun 2026 10:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:d5:16:49:8d:5e:42:eb:7b:67:5f:02:37:03:fe:18:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=622ecc6cc5903aea0db61200f4ccd4f824cdd54f
Validity
Not Before: Jun 17 10:17:48 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=720db1db7d3edc8ab726cf61e449c0017ec90111
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:aa:07:c2:8b:c7:64:f7:60:b6:c2:24:7e:4a:
ce:96:a2:ae:ef:38:e2:93:52:bc:49:41:21:b2:96:
5c:9e:80:7d:c8:a5:94:6d:99:69:29:d4:ff:0c:f6:
13:5d:b8:62:77:58:9e:29:26:7e:85:02:ac:fc:fa:
df:f7:43:7a:03:1f:a5:32:df:b2:25:dd:fc:8c:9c:
c6:a1:2f:fb:50:73:5e:bd:2e:55:76:45:d2:a2:bf:
00:7c:8f:5a:a3:77:58:dd:40:2d:c3:52:39:60:24:
61:50:7a:e6:20:77:b1:d9:e0:1a:67:f9:58:66:49:
a2:26:0d:49:6d:a4:b3:c5:e8:70:d7:44:61:37:e9:
d3:c0:ba:13:d5:9a:e1:64:d8:ad:ba:c2:df:ec:ae:
78:52:0d:e8:a8:5c:b2:7a:76:7a:bd:ef:e6:dd:39:
92:76:61:58:79:47:d4:fb:c7:da:02:96:cf:73:10:
7f:c5:3e:66:2d:86:4b:15:5a:0a:fc:e0:59:8a:f5:
2e:e7:58:89:6c:4d:62:a4:9f:c5:48:c4:9f:95:fe:
99:26:be:72:36:71:48:42:07:be:b2:f1:45:44:25:
f7:9c:0a:b5:fe:9d:ed:25:4b:b8:82:4c:6d:f6:5b:
c8:1d:60:9d:bf:af:d7:85:79:c0:51:c3:7a:0e:8b:
26:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:0D:B1:DB:7D:3E:DC:8A:B7:26:CF:61:E4:49:C0:01:7E:C9:01:11
X509v3 Authority Key Identifier:
keyid:62:2E:CC:6C:C5:90:3A:EA:0D:B6:12:00:F4:CC:D4:F8:24:CD:D5:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yi7MbMWQOuoNthIA9MzU-CTN1U8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/cg2x230-3Iq3Js9h5EnAAX7JARE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/Yi7MbMWQOuoNthIA9MzU-CTN1U8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.20.96.0/20
213.248.228.0-213.248.247.255
213.248.249.0/24
213.248.252.0/23
IPv6:
2a01:618:8000::/33
2a01:61c:1000::/39
2a01:61c:1900::-2a01:61c:1aff:ffff:ffff:ffff:ffff:ffff
2a01:61c:1d00::/40
2a01:61c:1f00::-2a01:61c:21ff:ffff:ffff:ffff:ffff:ffff
2a01:61c:2a00::/40
2a01:61c:2f00::/40
2a01:61c:f001::-2a01:61c:f002:ffff:ffff:ffff:ffff:ffff
2a01:61c:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
69:fe:bf:b9:b2:ce:02:7f:42:cb:63:07:4b:c0:6f:46:88:11:
78:5f:7f:e6:5c:1d:86:ae:c0:af:0f:3a:9c:3d:5c:a7:93:08:
0d:ea:e3:42:72:49:8e:22:94:3b:ef:2f:ef:fc:6d:9d:26:fd:
a9:58:9f:01:3d:f2:13:12:3c:f5:5e:24:1f:48:78:7d:30:f3:
e8:ed:2e:5a:a1:f9:3c:92:ac:48:5e:32:4a:a3:83:09:48:5f:
a5:ec:1d:72:cb:b6:72:bb:78:e7:f8:98:24:84:88:3f:de:4f:
c7:d9:be:9f:d1:58:e5:01:90:9a:d1:05:84:69:0b:c7:1a:19:
3e:4e:d9:c9:49:5b:8b:10:77:87:32:20:5e:b0:3b:ca:5b:cd:
d0:42:9c:a6:55:bd:58:b6:75:c9:ba:f9:3a:43:4c:4b:f8:bf:
19:71:8c:91:af:1a:06:3c:ad:64:b0:4d:9e:39:f4:2a:2a:bc:
8c:67:b2:f6:02:7a:08:cc:09:a4:73:98:5d:66:63:7b:c1:cb:
98:d0:83:3f:46:37:6d:50:1a:c9:c1:b4:67:94:2e:87:e6:44:
8e:02:35:62:6f:5c:fc:08:c3:b1:38:95:73:e3:2b:11:e7:1e:
93:09:a3:bb:bd:ea:fc:ab:8d:ef:38:0c:4a:ef:43:b5:d7:36:
1a:fc:5d:2f
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgISAZ7VFkmNXkLre2dfAjcD/hiqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMmVjYzZjYzU5MDNhZWEwZGI2MTIwMGY0Y2NkNGY4MjRj
ZGQ1NGYwHhcNMjYwNjE3MTAxNzQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjBkYjFkYjdkM2VkYzhhYjcyNmNmNjFlNDQ5YzAwMTdlYzkwMTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApKoHwovHZPdgtsIkfkrOlqKu7zji
k1K8SUEhspZcnoB9yKWUbZlpKdT/DPYTXbhid1ieKSZ+hQKs/Prf90N6Ax+lMt+y
Jd38jJzGoS/7UHNevS5VdkXSor8AfI9ao3dY3UAtw1I5YCRhUHrmIHex2eAaZ/lY
ZkmiJg1JbaSzxehw10RhN+nTwLoT1ZrhZNitusLf7K54Ug3oqFyyenZ6ve/m3TmS
dmFYeUfU+8faApbPcxB/xT5mLYZLFVoK/OBZivUu51iJbE1ipJ/FSMSflf6ZJr5y
NnFIQge+svFFRCX3nAq1/p3tJUu4gkxt9lvIHWCdv6/XhXnAUcN6Dosm0QIDAQAB
o4IClzCCApMwHQYDVR0OBBYEFHINsdt9PtyKtybPYeRJwAF+yQERMB8GA1UdIwQY
MBaAFGIuzGzFkDrqDbYSAPTM1PgkzdVPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWk3TWJNV1FPdW9OdGhJQTlNelUtQ1ROMVU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8yNjJhNGItYzcwMS00OGRjLTlhZTUt
MzQ2MzY4ODI3ZTY4LzEvY2cyeDIzMC0zSXEzSnM5aDVFbkFBWDdKQVJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8yNjJhNGItYzcwMS00OGRjLTlhZTUtMzQ2MzY4ODI3ZTY4
LzEvWWk3TWJNV1FPdW9OdGhJQTlNelUtQ1ROMVU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGsBggrBgEFBQcBBwEB/wSBnDCBmTAmBAIAATAgAwQElRRg
MAwDBALV+OQDBAPV+PADBADV+PkDBAHV+PwwbwQCAAIwaQMGByoBBhiAAwYBKgEG
HBAwEAMGACoBBhwZAwYAKgEGHBoDBgAqAQYcHTAQAwYAKgEGHB8DBgEqAQYcIAMG
ACoBBhwqAwYAKgEGHC8wEgMHACoBBhzwAQMHACoBBhzwAgMHACoBBhz//zANBgkq
hkiG9w0BAQsFAAOCAQEAaf6/ubLOAn9Cy2MHS8BvRogReF9/5lwdhq7Arw86nD1c
p5MIDerjQnJJjiKUO+8v7/xtnSb9qVifAT3yExI89V4kH0h4fTDz6O0uWqH5PJKs
SF4ySqODCUhfpewdcsu2crt45/iYJISIP95Px9m+n9FY5QGQmtEFhGkLxxoZPk7Z
yUlbixB3hzIgXrA7ylvN0EKcplW9WLZ1ybr5OkNMS/i/GXGMka8aBjytZLBNnjn0
Kiq8jGey9gJ6CMwJpHOYXWZje8HLmNCDP0Y3bVAaycG0Z5Quh+ZEjgI1Ym9c/AjD
sTiVc+MrEecekwmju73q/KuN7zgMSu9Dtdc2GvxdLw==
-----END CERTIFICATE-----
Generated at Mon Jun 29 16:30:40 2026 by rpki-client