Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/gN0jI6JpqqGM3YYpktYwG9NTkXQ.roa
File: gN0jI6JpqqGM3YYpktYwG9NTkXQ.roa (raw, json)
Hash identifier: u9BN0ns7Qnw8Gp5Wg2oMkvBpNrjAwEDdWqhXbmohKaQ=
Subject key identifier: 80:DD:23:23:A2:69:AA:A1:8C:DD:86:29:92:D6:30:1B:D3:53:91:74
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 019E5074DED51337D6B9B795022FE4434468
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/gN0jI6JpqqGM3YYpktYwG9NTkXQ.roa
Signing time: Fri 22 May 2026 16:11:36 +0000
ROA not before: Fri 22 May 2026 16:11:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 2914
IP address blocks: 5.182.28.0/22 maxlen: 22
45.67.117.0/24 maxlen: 24
45.145.176.0/22 maxlen: 22
62.106.83.0/24 maxlen: 24
89.40.161.0/24 maxlen: 24
91.242.70.0/24 maxlen: 24
91.242.74.0/24 maxlen: 24
91.242.82.0/24 maxlen: 24
91.242.105.0/24 maxlen: 24
91.242.124.0/24 maxlen: 24
92.249.25.0/24 maxlen: 24
146.19.228.0/24 maxlen: 24
147.78.20.0/24 maxlen: 24
147.78.22.0/24 maxlen: 24
185.51.120.0/24 maxlen: 24
185.147.48.0/24 maxlen: 24
185.180.145.0/24 maxlen: 24
185.212.11.0/24 maxlen: 24
185.218.184.0/24 maxlen: 24
185.252.193.0/24 maxlen: 24
193.84.26.0/24 maxlen: 24
193.109.82.0/24 maxlen: 24
194.50.200.0/24 maxlen: 24
194.50.201.0/24 maxlen: 24
194.50.206.0/23 maxlen: 24
194.50.206.0/24 maxlen: 24
195.88.147.0/24 maxlen: 24
195.138.103.0/24 maxlen: 24
195.138.104.0/22 maxlen: 24
195.138.107.0/24 maxlen: 24
195.138.111.0/24 maxlen: 24
195.138.114.0/24 maxlen: 24
195.138.120.0/24 maxlen: 24
195.211.48.0/24 maxlen: 24
195.216.248.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.mft
rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 May 2026 10:01:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:50:74:de:d5:13:37:d6:b9:b7:95:02:2f:e4:43:44:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: May 22 16:11:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=80dd2323a269aaa18cdd862992d6301bd3539174
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:9c:d2:3b:fa:5a:ee:2f:ec:df:d8:d5:cb:c1:
eb:56:41:47:1d:3c:61:7b:d0:21:33:33:fe:e8:93:
57:14:e0:55:08:b8:3b:b3:04:e8:6e:a3:a2:2e:48:
b1:f4:36:5a:2c:b8:79:ff:db:b8:3c:ff:c1:34:b8:
55:38:87:3e:56:45:35:13:ed:17:bc:1a:63:e8:14:
1b:99:3e:82:cf:3d:7b:c8:9a:8e:48:ac:11:6e:a0:
e4:1a:3f:5c:3c:27:67:c6:0f:f3:56:a7:0f:78:1b:
be:b8:0c:ef:3a:9c:be:8b:e7:79:2d:cd:cf:ba:b2:
48:06:b4:f0:a8:83:d6:98:9b:3a:06:50:5b:ae:41:
86:3f:85:e5:be:30:e8:ca:e2:d3:1d:39:ac:52:f9:
f8:90:18:e1:34:31:f2:b1:cb:21:05:98:b3:20:75:
d7:47:92:34:7d:10:cb:f3:5b:21:29:bd:80:e2:4a:
33:7c:fa:55:cc:11:71:eb:fd:a8:e1:c6:44:b1:c1:
97:32:d8:c7:49:5a:db:08:b8:d3:81:52:ca:53:28:
d4:80:d9:d6:8b:81:a3:2d:28:a2:5b:94:56:a1:19:
96:82:a6:ef:b4:35:2a:75:4f:d3:7d:b3:c8:b6:80:
3a:7a:ff:53:1b:2e:32:9e:c6:13:e6:1c:0c:8c:1a:
0d:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:DD:23:23:A2:69:AA:A1:8C:DD:86:29:92:D6:30:1B:D3:53:91:74
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/gN0jI6JpqqGM3YYpktYwG9NTkXQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.28.0/22
45.67.117.0/24
45.145.176.0/22
62.106.83.0/24
89.40.161.0/24
91.242.70.0/24
91.242.74.0/24
91.242.82.0/24
91.242.105.0/24
91.242.124.0/24
92.249.25.0/24
146.19.228.0/24
147.78.20.0/24
147.78.22.0/24
185.51.120.0/24
185.147.48.0/24
185.180.145.0/24
185.212.11.0/24
185.218.184.0/24
185.252.193.0/24
193.84.26.0/24
193.109.82.0/24
194.50.200.0/23
194.50.206.0/23
195.88.147.0/24
195.138.103.0-195.138.107.255
195.138.111.0/24
195.138.114.0/24
195.138.120.0/24
195.211.48.0/24
195.216.248.0/24
Signature Algorithm: sha256WithRSAEncryption
51:54:de:10:54:9c:8b:00:7f:7a:ab:d6:d1:2e:8b:ae:ec:a6:
95:1f:58:cf:96:8a:5a:ae:e1:9c:d6:f0:c4:31:9b:27:d4:cd:
ae:c7:e9:c4:f2:59:c6:8a:9f:78:f9:ef:3d:ce:20:f2:6a:e3:
5a:80:cb:d2:41:36:aa:2e:bc:5a:d3:ef:de:28:01:42:53:be:
c6:40:df:9b:06:d0:26:1e:17:50:c3:8f:03:bc:bb:a9:81:5b:
d3:21:ea:d5:c8:88:ab:63:d3:63:54:57:39:5c:9c:04:eb:00:
0f:c9:03:c2:d7:7f:6a:fe:69:03:86:5f:fd:2f:a4:ed:f7:f4:
4d:7c:5e:71:00:3e:ed:03:92:af:75:59:17:b1:24:54:f5:9c:
38:a1:04:98:7c:9d:91:cb:d9:03:dd:07:e8:1b:63:37:39:ef:
76:9d:19:52:07:7b:4f:52:77:81:ce:55:f5:48:24:ac:53:0b:
bc:11:35:42:80:38:86:8a:c8:88:2a:4c:40:34:a6:c8:c6:5d:
bd:cd:40:3a:44:c5:72:82:2e:1f:cb:50:ae:91:4c:81:3b:0a:
f7:98:5c:a3:47:fa:ee:f0:7c:b1:85:66:3c:f2:0f:d2:3c:fa:
94:bc:b3:03:a9:f0:55:f5:74:c7:76:5b:fd:da:f1:9d:30:65:
f2:40:9f:ed
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgISAZ5QdN7VEzfWubeVAi/kQ0RoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjYwNTIyMTYxMTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGRkMjMyM2EyNjlhYWExOGNkZDg2Mjk5MmQ2MzAxYmQzNTM5MTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo5zSO/pa7i/s39jVy8HrVkFHHTxh
e9AhMzP+6JNXFOBVCLg7swTobqOiLkix9DZaLLh5/9u4PP/BNLhVOIc+VkU1E+0X
vBpj6BQbmT6Czz17yJqOSKwRbqDkGj9cPCdnxg/zVqcPeBu+uAzvOpy+i+d5Lc3P
urJIBrTwqIPWmJs6BlBbrkGGP4XlvjDoyuLTHTmsUvn4kBjhNDHyscshBZizIHXX
R5I0fRDL81shKb2A4kozfPpVzBFx6/2o4cZEscGXMtjHSVrbCLjTgVLKUyjUgNnW
i4GjLSiiW5RWoRmWgqbvtDUqdU/TfbPItoA6ev9TGy4ynsYT5hwMjBoNJQIDAQAB
o4ICyjCCAsYwHQYDVR0OBBYEFIDdIyOiaaqhjN2GKZLWMBvTU5F0MB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvZ04wakk2SnBxcUdNM1lZcGt0WXdHOU5Ua1hRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHfBggrBgEFBQcBBwEB/wSBzzCBzDCByQQCAAEwgcIDBAIF
thwDBAAtQ3UDBAItkbADBAA+alMDBABZKKEDBABb8kYDBABb8koDBABb8lIDBABb
8mkDBABb8nwDBABc+RkDBACSE+QDBACTThQDBACTThYDBAC5M3gDBAC5kzADBAC5
tJEDBAC51AsDBAC52rgDBAC5/MEDBADBVBoDBADBbVIDBAHCMsgDBAHCMs4DBADD
WJMwDAMEAMOKZwMEAsOKaAMEAMOKbwMEAMOKcgMEAMOKeAMEAMPTMAMEAMPY+DAN
BgkqhkiG9w0BAQsFAAOCAQEAUVTeEFSciwB/eqvW0S6LruymlR9Yz5aKWq7hnNbw
xDGbJ9TNrsfpxPJZxoqfePnvPc4g8mrjWoDL0kE2qi68WtPv3igBQlO+xkDfmwbQ
Jh4XUMOPA7y7qYFb0yHq1ciIq2PTY1RXOVycBOsAD8kDwtd/av5pA4Zf/S+k7ff0
TXxecQA+7QOSr3VZF7EkVPWcOKEEmHydkcvZA90H6BtjNznvdp0ZUgd7T1J3gc5V
9UgkrFMLvBE1QoA4horIiCpMQDSmyMZdvc1AOkTFcoIuH8tQrpFMgTsK95hco0f6
7vB8sYVmPPIP0jz6lLyzA6nwVfV0x3Zb/drxnTBl8kCf7Q==
-----END CERTIFICATE-----
Generated at Sat May 23 17:47:35 2026 by rpki-client