Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/PNuKcy4iRJzy65GTDq-YOBpaHh0.roa
File: PNuKcy4iRJzy65GTDq-YOBpaHh0.roa (raw, json)
Hash identifier: CIrJJaIQuSxjRT+asmciZYp5CFUyZl1nwNWC5fd4Vj0=
Subject key identifier: 3C:DB:8A:73:2E:22:44:9C:F2:EB:91:93:0E:AF:98:38:1A:5A:1E:1D
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 019EB50348A1DE48B1E7C9F03DA3AE3E85F7
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/PNuKcy4iRJzy65GTDq-YOBpaHh0.roa
Signing time: Thu 11 Jun 2026 04:49:11 +0000
ROA not before: Thu 11 Jun 2026 04:49:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 35346
IP address blocks: 45.67.116.0/24 maxlen: 24
91.242.78.0/23 maxlen: 23
91.242.84.0/23 maxlen: 23
91.242.97.0/24 maxlen: 24
91.242.99.0/24 maxlen: 24
91.242.102.0/24 maxlen: 24
91.242.112.0/20 maxlen: 20
91.242.112.0/24 maxlen: 24
91.242.113.0/24 maxlen: 24
91.242.114.0/24 maxlen: 24
91.242.115.0/24 maxlen: 24
91.242.116.0/24 maxlen: 24
91.242.117.0/24 maxlen: 24
91.242.118.0/24 maxlen: 24
91.242.119.0/24 maxlen: 24
91.242.120.0/24 maxlen: 24
91.242.121.0/24 maxlen: 24
91.242.122.0/24 maxlen: 24
178.175.176.0/22 maxlen: 24
194.114.144.0/24 maxlen: 25
194.114.144.128/27 maxlen: 27
195.138.108.0/24 maxlen: 24
2a07:5540::/29 maxlen: 29
2a07:c040::/29 maxlen: 29
2a09:700::/29 maxlen: 29
2a09:15c0::/29 maxlen: 29
2a09:3ac0::/29 maxlen: 29
2a09:4440::/29 maxlen: 29
2a09:4c40::/29 maxlen: 29
2a09:63c0::/29 maxlen: 29
2a09:7640::/29 maxlen: 29
2a09:7b40::/29 maxlen: 29
2a09:7f00::/29 maxlen: 29
2a09:a480::/29 maxlen: 29
2a09:bdc0::/29 maxlen: 29
2a09:ca40::/29 maxlen: 29
2a09:e400::/29 maxlen: 29
2a09:f6c0::/29 maxlen: 29
2a09:f940::/29 maxlen: 29
2a09:fdc0::/29 maxlen: 29
2a0a:3700::/29 maxlen: 29
2a0a:3780::/29 maxlen: 29
2a0a:6000::/29 maxlen: 29
2a0a:ef00::/29 maxlen: 29
2a0b:280::/29 maxlen: 29
2a0b:5d00::/29 maxlen: 29
2a0c:380::/29 maxlen: 29
2a0c:3600::/32 maxlen: 32
2a0c:3780::/29 maxlen: 29
2a0c:57c0::/29 maxlen: 29
2a0c:ae00::/29 maxlen: 29
2a0d:1a00::/29 maxlen: 29
2a0d:dac0::/29 maxlen: 29
2a0d:fb00::/29 maxlen: 29
2a0e:f80::/29 maxlen: 29
2a0e:2080::/29 maxlen: 29
2a0e:2500::/29 maxlen: 29
2a0e:3380::/29 maxlen: 29
2a0e:3540::/29 maxlen: 29
2a0e:3c40::/29 maxlen: 29
2a0e:7880::/29 maxlen: 29
2a0e:b000::/29 maxlen: 29
2a0e:c3c0::/29 maxlen: 29
2a0e:c700::/29 maxlen: 29
2a0e:c800::/29 maxlen: 29
2a0e:d180::/29 maxlen: 29
2a0e:d880::/29 maxlen: 29
2a0e:e540::/29 maxlen: 29
2a0e:e8c0::/29 maxlen: 29
2a0e:e940::/29 maxlen: 29
2a0e:f540::/29 maxlen: 29
2a0f:740::/29 maxlen: 29
2a0f:1b40::/29 maxlen: 29
2a0f:3900::/29 maxlen: 29
2a0f:4840::/29 maxlen: 29
2a0f:6200::/29 maxlen: 29
2a0f:82c0::/29 maxlen: 29
2a0f:9380::/29 maxlen: 29
2a0f:b200::/29 maxlen: 29
2a0f:da00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.mft
rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 20:26:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:b5:03:48:a1:de:48:b1:e7:c9:f0:3d:a3:ae:3e:85:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jun 11 04:49:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3cdb8a732e22449cf2eb91930eaf98381a5a1e1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:7f:41:46:5f:d1:8b:e8:0a:a7:32:40:55:66:
44:1d:ba:40:92:49:65:2c:24:74:ea:ab:22:4b:7b:
86:04:7e:b3:93:78:c4:21:ee:21:69:6a:40:7d:bb:
7a:48:cc:72:ae:c5:cd:67:86:01:19:3d:21:aa:c7:
90:d3:74:91:ae:db:52:11:88:96:b1:c8:1b:88:e2:
96:94:7d:a6:15:b4:73:45:e5:35:bf:9c:ae:e6:0f:
c9:8e:97:08:c2:6e:b4:3c:42:e7:a1:54:37:a8:9f:
32:cf:3f:da:78:74:91:9e:7f:3d:59:cb:89:8e:8b:
94:72:20:76:68:49:78:c3:3b:2a:3d:97:c7:02:4c:
bc:56:6c:55:17:44:5f:71:ac:3c:65:9e:bc:8a:91:
0f:c2:77:e2:18:48:22:30:ab:75:12:fb:89:1b:2b:
32:44:03:cd:04:8f:45:0b:1f:b2:56:69:1f:39:ed:
78:b0:46:08:a7:52:ce:f6:4c:5b:27:23:5d:9a:0d:
84:4c:1d:e6:b5:83:be:b5:89:ba:45:ac:e8:63:fd:
e5:39:15:cf:97:62:1e:8f:04:8c:28:08:f3:5e:e8:
cb:c6:4e:56:11:9c:44:40:a9:9e:eb:9f:7a:12:12:
b4:aa:50:94:5d:5a:5a:e3:7f:34:55:82:61:b5:b6:
1d:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:DB:8A:73:2E:22:44:9C:F2:EB:91:93:0E:AF:98:38:1A:5A:1E:1D
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/PNuKcy4iRJzy65GTDq-YOBpaHh0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.116.0/24
91.242.78.0/23
91.242.84.0/23
91.242.97.0/24
91.242.99.0/24
91.242.102.0/24
91.242.112.0/20
178.175.176.0/22
194.114.144.0/24
195.138.108.0/24
IPv6:
2a07:5540::/29
2a07:c040::/29
2a09:700::/29
2a09:15c0::/29
2a09:3ac0::/29
2a09:4440::/29
2a09:4c40::/29
2a09:63c0::/29
2a09:7640::/29
2a09:7b40::/29
2a09:7f00::/29
2a09:a480::/29
2a09:bdc0::/29
2a09:ca40::/29
2a09:e400::/29
2a09:f6c0::/29
2a09:f940::/29
2a09:fdc0::/29
2a0a:3700::/29
2a0a:3780::/29
2a0a:6000::/29
2a0a:ef00::/29
2a0b:280::/29
2a0b:5d00::/29
2a0c:380::/29
2a0c:3600::/32
2a0c:3780::/29
2a0c:57c0::/29
2a0c:ae00::/29
2a0d:1a00::/29
2a0d:dac0::/29
2a0d:fb00::/29
2a0e:f80::/29
2a0e:2080::/29
2a0e:2500::/29
2a0e:3380::/29
2a0e:3540::/29
2a0e:3c40::/29
2a0e:7880::/29
2a0e:b000::/29
2a0e:c3c0::/29
2a0e:c700::/29
2a0e:c800::/29
2a0e:d180::/29
2a0e:d880::/29
2a0e:e540::/29
2a0e:e8c0::/29
2a0e:e940::/29
2a0e:f540::/29
2a0f:740::/29
2a0f:1b40::/29
2a0f:3900::/29
2a0f:4840::/29
2a0f:6200::/29
2a0f:82c0::/29
2a0f:9380::/29
2a0f:b200::/29
2a0f:da00::/29
Signature Algorithm: sha256WithRSAEncryption
65:e3:76:c3:0e:1d:82:61:da:a5:0b:4e:7d:be:d6:d7:ad:76:
4a:c3:3c:fa:ee:04:fa:9c:91:c5:91:3d:21:16:b1:65:c3:5d:
f8:8b:98:6f:5f:75:e7:2e:fd:f5:9c:38:66:08:76:c6:67:82:
5f:fe:22:a9:ae:b6:44:c7:00:04:17:0d:eb:b4:07:76:49:fd:
64:ff:86:96:99:03:04:b5:4d:52:e6:1f:64:d9:6a:65:36:48:
7e:d8:1f:16:29:c7:76:d6:b6:5d:de:46:69:68:b4:3b:ce:dc:
c4:9f:6d:ac:6f:93:cf:37:6d:02:24:91:a2:d9:68:ad:f5:82:
57:c7:e7:30:22:93:8e:01:79:f4:ab:8f:98:a2:81:ef:9e:e5:
88:73:0c:0f:5a:97:31:c6:b5:f3:e6:cc:21:6a:c2:e6:9a:c9:
dd:4a:06:70:36:cc:19:9b:e7:33:65:00:ed:0a:5a:04:89:e8:
b2:4f:bc:6f:73:97:45:ed:da:e1:30:2f:c0:af:09:7a:f7:f8:
be:20:5b:2d:58:27:1f:06:0e:36:d8:56:a7:b0:73:09:c7:00:
d5:44:1d:33:6e:60:2d:4d:a6:c8:ad:2f:7d:b7:57:91:a2:7f:
70:65:f2:62:d2:5e:00:b4:14:75:14:81:43:f5:5b:9f:db:7c:
bf:24:80:5b
-----BEGIN CERTIFICATE-----
MIIG2zCCBcOgAwIBAgISAZ61A0ih3kix58nwPaOuPoX3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjYwNjExMDQ0OTExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2RiOGE3MzJlMjI0NDljZjJlYjkxOTMwZWFmOTgzODFhNWExZTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx39BRl/Ri+gKpzJAVWZEHbpAkkll
LCR06qsiS3uGBH6zk3jEIe4haWpAfbt6SMxyrsXNZ4YBGT0hqseQ03SRrttSEYiW
scgbiOKWlH2mFbRzReU1v5yu5g/JjpcIwm60PELnoVQ3qJ8yzz/aeHSRnn89WcuJ
jouUciB2aEl4wzsqPZfHAky8VmxVF0Rfcaw8ZZ68ipEPwnfiGEgiMKt1EvuJGysy
RAPNBI9FCx+yVmkfOe14sEYIp1LO9kxbJyNdmg2ETB3mtYO+tYm6RazoY/3lORXP
l2IejwSMKAjzXujLxk5WEZxEQKme6596EhK0qlCUXVpa4380VYJhtbYd5QIDAQAB
o4ID5zCCA+MwHQYDVR0OBBYEFDzbinMuIkSc8uuRkw6vmDgaWh4dMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvUE51S2N5NGlSSnp5NjVHVERxLVlPQnBhSGgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIB+wYIKwYBBQUHAQcBAf8EggHqMIIB5jBCBAIAATA8AwQA
LUN0AwQBW/JOAwQBW/JUAwQAW/JhAwQAW/JjAwQAW/JmAwQEW/JwAwQCsq+wAwQA
wnKQAwQAw4psMIIBngQCAAIwggGWAwUDKgdVQAMFAyoHwEADBQMqCQcAAwUDKgkV
wAMFAyoJOsADBQMqCURAAwUDKglMQAMFAyoJY8ADBQMqCXZAAwUDKgl7QAMFAyoJ
fwADBQMqCaSAAwUDKgm9wAMFAyoJykADBQMqCeQAAwUDKgn2wAMFAyoJ+UADBQMq
Cf3AAwUDKgo3AAMFAyoKN4ADBQMqCmAAAwUDKgrvAAMFAyoLAoADBQMqC10AAwUD
KgwDgAMFACoMNgADBQMqDDeAAwUDKgxXwAMFAyoMrgADBQMqDRoAAwUDKg3awAMF
AyoN+wADBQMqDg+AAwUDKg4ggAMFAyoOJQADBQMqDjOAAwUDKg41QAMFAyoOPEAD
BQMqDniAAwUDKg6wAAMFAyoOw8ADBQMqDscAAwUDKg7IAAMFAyoO0YADBQMqDtiA
AwUDKg7lQAMFAyoO6MADBQMqDulAAwUDKg71QAMFAyoPB0ADBQMqDxtAAwUDKg85
AAMFAyoPSEADBQMqD2IAAwUDKg+CwAMFAyoPk4ADBQMqD7IAAwUDKg/aADANBgkq
hkiG9w0BAQsFAAOCAQEAZeN2ww4dgmHapQtOfb7W1612SsM8+u4E+pyRxZE9IRax
ZcNd+IuYb1915y799Zw4Zgh2xmeCX/4iqa62RMcABBcN67QHdkn9ZP+GlpkDBLVN
UuYfZNlqZTZIftgfFinHdta2Xd5GaWi0O87cxJ9trG+TzzdtAiSRotlorfWCV8fn
MCKTjgF59KuPmKKB757liHMMD1qXMca18+bMIWrC5prJ3UoGcDbMGZvnM2UA7Qpa
BInosk+8b3OXRe3a4TAvwK8Jevf4viBbLVgnHwYONthWp7BzCccA1UQdM25gLU2m
yK0vfbdXkaJ/cGXyYtJeALQUdRSBQ/Vbn9t8vySAWw==
-----END CERTIFICATE-----
Generated at Fri Jun 12 00:05:52 2026 by rpki-client