Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/NprRZMAs3BgaKg8Fi6OrUo__TyI.roa
File: NprRZMAs3BgaKg8Fi6OrUo__TyI.roa (raw, json)
Hash identifier: JtKvo6MJwFFbimq3tJ3jqzeGPTYEjRd+pYvUQL6EnZA=
Subject key identifier: 36:9A:D1:64:C0:2C:DC:18:1A:2A:0F:05:8B:A3:AB:52:8F:FF:4F:22
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 019EB1D90C347C6259466B5A43BEACCC1B5F
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/NprRZMAs3BgaKg8Fi6OrUo__TyI.roa
Signing time: Wed 10 Jun 2026 14:04:12 +0000
ROA not before: Wed 10 Jun 2026 14:04:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 2914
IP address blocks: 5.182.28.0/22 maxlen: 22
45.67.117.0/24 maxlen: 24
45.145.176.0/22 maxlen: 22
62.106.83.0/24 maxlen: 24
89.40.161.0/24 maxlen: 24
91.242.70.0/24 maxlen: 24
91.242.74.0/24 maxlen: 24
91.242.105.0/24 maxlen: 24
146.19.228.0/24 maxlen: 24
147.78.22.0/24 maxlen: 24
185.180.145.0/24 maxlen: 24
185.212.11.0/24 maxlen: 24
185.218.184.0/24 maxlen: 24
185.252.193.0/24 maxlen: 24
193.84.26.0/24 maxlen: 24
193.109.82.0/24 maxlen: 24
194.50.200.0/24 maxlen: 24
194.50.201.0/24 maxlen: 24
194.50.206.0/23 maxlen: 24
194.50.206.0/24 maxlen: 24
195.88.147.0/24 maxlen: 24
195.138.103.0/24 maxlen: 24
195.138.104.0/22 maxlen: 24
195.138.107.0/24 maxlen: 24
195.138.111.0/24 maxlen: 24
195.138.114.0/24 maxlen: 24
195.138.120.0/24 maxlen: 24
195.211.48.0/24 maxlen: 24
195.216.248.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.mft
rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 20:26:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:b1:d9:0c:34:7c:62:59:46:6b:5a:43:be:ac:cc:1b:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jun 10 14:04:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=369ad164c02cdc181a2a0f058ba3ab528fff4f22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:92:b2:33:76:f0:da:a9:fb:01:e8:50:a8:24:
3a:96:58:0e:55:fa:c5:ad:d7:c4:07:d4:78:ec:86:
b9:62:6a:50:91:c8:2e:bb:3b:88:1f:1d:80:21:33:
37:dd:d1:67:38:c2:46:0e:bf:d4:92:a3:b4:3e:9e:
60:7d:7d:b9:5a:b5:37:13:ef:ab:9a:12:6c:e5:a5:
cf:ea:45:04:ae:a8:5e:2b:07:61:50:d1:b3:f1:4d:
56:38:81:d7:14:a2:2b:a2:e9:7d:ae:1e:bd:1a:70:
a7:e6:e2:0f:45:79:7c:9e:93:7f:14:bb:48:ed:ed:
8d:df:73:7a:f2:c2:0b:49:00:92:fb:59:b6:72:34:
7d:51:62:6a:6c:3c:ad:9a:dc:a0:74:3b:3a:60:95:
66:f3:a5:38:12:5d:fa:e2:01:e3:4b:bb:09:af:d1:
a4:74:2c:96:bb:28:25:98:12:d0:53:2e:39:4b:b3:
22:ec:9d:a9:14:ce:a9:a4:ad:49:59:02:8f:5e:3f:
97:66:c1:d7:67:de:b6:a8:37:0b:db:f1:d7:ac:49:
32:c0:c8:43:41:d3:68:c8:8c:4d:7d:42:e5:a0:81:
ee:73:5d:d9:d8:ac:1c:eb:eb:be:cb:0f:19:01:e9:
5b:bf:66:4b:39:ae:07:23:9e:6a:76:37:5c:b9:37:
41:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:9A:D1:64:C0:2C:DC:18:1A:2A:0F:05:8B:A3:AB:52:8F:FF:4F:22
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/NprRZMAs3BgaKg8Fi6OrUo__TyI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.28.0/22
45.67.117.0/24
45.145.176.0/22
62.106.83.0/24
89.40.161.0/24
91.242.70.0/24
91.242.74.0/24
91.242.105.0/24
146.19.228.0/24
147.78.22.0/24
185.180.145.0/24
185.212.11.0/24
185.218.184.0/24
185.252.193.0/24
193.84.26.0/24
193.109.82.0/24
194.50.200.0/23
194.50.206.0/23
195.88.147.0/24
195.138.103.0-195.138.107.255
195.138.111.0/24
195.138.114.0/24
195.138.120.0/24
195.211.48.0/24
195.216.248.0/24
Signature Algorithm: sha256WithRSAEncryption
62:1a:d8:1b:a7:0f:18:de:0a:fb:1e:f8:38:ce:63:2e:03:28:
3b:89:ac:d5:06:e8:a0:99:10:a6:4c:62:0a:1a:cc:28:7e:4d:
b7:bb:0c:2a:20:61:8a:55:4f:f1:99:dc:15:9e:8d:68:14:7e:
f4:59:89:e7:f3:25:10:dd:c6:66:7c:5c:0e:c0:46:76:3b:b5:
82:db:e7:94:59:53:29:26:c1:15:93:9a:dd:00:36:81:44:92:
ab:d5:d5:fb:98:69:bc:cf:a8:4e:a7:a7:d5:7e:e0:f8:c7:13:
7f:ad:95:a4:f6:3d:66:78:5e:cc:2e:e1:1c:24:39:91:db:80:
1b:2f:21:cc:14:cd:b2:fa:77:a0:29:77:95:22:14:9a:90:40:
bc:88:40:8f:97:a7:2b:4e:48:46:6f:15:16:f0:2e:47:eb:b7:
cf:51:9d:22:a5:28:c4:a5:67:5c:fb:4f:85:c3:4d:12:4f:8d:
95:8a:aa:30:c0:63:00:d0:b9:0c:00:f0:ab:f1:c4:f3:c5:6e:
ec:5f:78:15:2b:90:1a:0b:a4:95:ba:0f:c2:ca:61:1c:87:8b:
fe:ba:f3:f2:8d:f0:b3:92:0c:d5:fe:81:4a:2f:fa:5a:11:4f:
1a:67:e0:2e:70:43:e1:24:7e:98:03:2b:2e:b6:77:4e:9c:14:
d4:19:6e:f8
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgISAZ6x2Qw0fGJZRmtaQ76szBtfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjYwNjEwMTQwNDEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjlhZDE2NGMwMmNkYzE4MWEyYTBmMDU4YmEzYWI1MjhmZmY0ZjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2JKyM3bw2qn7AehQqCQ6llgOVfrF
rdfEB9R47Ia5YmpQkcguuzuIHx2AITM33dFnOMJGDr/UkqO0Pp5gfX25WrU3E++r
mhJs5aXP6kUErqheKwdhUNGz8U1WOIHXFKIroul9rh69GnCn5uIPRXl8npN/FLtI
7e2N33N68sILSQCS+1m2cjR9UWJqbDytmtygdDs6YJVm86U4El364gHjS7sJr9Gk
dCyWuyglmBLQUy45S7Mi7J2pFM6ppK1JWQKPXj+XZsHXZ962qDcL2/HXrEkywMhD
QdNoyIxNfULloIHuc13Z2Kwc6+u+yw8ZAelbv2ZLOa4HI55qdjdcuTdBIQIDAQAB
o4ICpjCCAqIwHQYDVR0OBBYEFDaa0WTALNwYGioPBYujq1KP/08iMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvTnByUlpNQXMzQmdhS2c4Rmk2T3JVb19fVHlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG7BggrBgEFBQcBBwEB/wSBqzCBqDCBpQQCAAEwgZ4DBAIF
thwDBAAtQ3UDBAItkbADBAA+alMDBABZKKEDBABb8kYDBABb8koDBABb8mkDBACS
E+QDBACTThYDBAC5tJEDBAC51AsDBAC52rgDBAC5/MEDBADBVBoDBADBbVIDBAHC
MsgDBAHCMs4DBADDWJMwDAMEAMOKZwMEAsOKaAMEAMOKbwMEAMOKcgMEAMOKeAME
AMPTMAMEAMPY+DANBgkqhkiG9w0BAQsFAAOCAQEAYhrYG6cPGN4K+x74OM5jLgMo
O4ms1QbooJkQpkxiChrMKH5Nt7sMKiBhilVP8ZncFZ6NaBR+9FmJ5/MlEN3GZnxc
DsBGdju1gtvnlFlTKSbBFZOa3QA2gUSSq9XV+5hpvM+oTqen1X7g+McTf62VpPY9
ZnhezC7hHCQ5kduAGy8hzBTNsvp3oCl3lSIUmpBAvIhAj5enK05IRm8VFvAuR+u3
z1GdIqUoxKVnXPtPhcNNEk+NlYqqMMBjANC5DADwq/HE88Vu7F94FSuQGguklboP
wsphHIeL/rrz8o3ws5IM1f6BSi/6WhFPGmfgLnBD4SR+mAMrLrZ3TpwU1Blu+A==
-----END CERTIFICATE-----
Generated at Fri Jun 12 00:05:38 2026 by rpki-client