Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/DuJmGWifOMO9raJbGr-Dic1J_wY.roa
File: DuJmGWifOMO9raJbGr-Dic1J_wY.roa (raw, json)
Hash identifier: Zb3tG+z4TL7iWUC3uCpBd3IBefadb02gqKiouwyOf2I=
Subject key identifier: 0E:E2:66:19:68:9F:38:C3:BD:AD:A2:5B:1A:BF:83:89:CD:49:FF:06
Certificate issuer: /CN=a9807f6d50d97d971dcf2e2e5064e9b907adb3ec
Certificate serial: 019EFF5625FBF732590ACECB32A535C7AEAF
Authority key identifier: A9:80:7F:6D:50:D9:7D:97:1D:CF:2E:2E:50:64:E9:B9:07:AD:B3:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qYB_bVDZfZcdzy4uUGTpuQets-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/DuJmGWifOMO9raJbGr-Dic1J_wY.roa
Signing time: Thu 25 Jun 2026 15:11:36 +0000
ROA not before: Thu 25 Jun 2026 15:11:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 19905
IP address blocks: 2.96.0.0/13 maxlen: 24
62.24.128.0/17 maxlen: 24
62.241.160.0/19 maxlen: 24
78.144.0.0/13 maxlen: 24
79.77.0.0/16 maxlen: 24
79.78.0.0/15 maxlen: 24
80.40.0.0/13 maxlen: 24
80.40.0.0/15 maxlen: 24
80.42.0.0/16 maxlen: 24
81.1.64.0/18 maxlen: 24
81.86.0.0/16 maxlen: 24
81.178.0.0/15 maxlen: 24
83.67.0.0/16 maxlen: 24
84.43.0.0/17 maxlen: 24
87.242.128.0/17 maxlen: 24
89.168.128.0/17 maxlen: 24
89.240.0.0/14 maxlen: 24
92.16.0.0/12 maxlen: 24
145.255.240.0/21 maxlen: 24
185.24.12.0/22 maxlen: 24
185.173.120.0/22 maxlen: 24
185.175.48.0/22 maxlen: 24
185.175.144.0/22 maxlen: 24
193.218.99.0/24 maxlen: 24
194.106.32.0/19 maxlen: 24
194.247.224.0/19 maxlen: 24
195.112.0.0/18 maxlen: 24
195.137.0.0/17 maxlen: 24
195.149.0.0/18 maxlen: 24
212.1.128.0/19 maxlen: 24
212.67.96.0/19 maxlen: 24
212.74.96.0/19 maxlen: 24
212.139.0.0/16 maxlen: 24
212.159.128.0/18 maxlen: 24
213.78.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/qYB_bVDZfZcdzy4uUGTpuQets-w.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/qYB_bVDZfZcdzy4uUGTpuQets-w.mft
rsync://rpki.ripe.net/repository/DEFAULT/qYB_bVDZfZcdzy4uUGTpuQets-w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Jun 2026 09:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:ff:56:25:fb:f7:32:59:0a:ce:cb:32:a5:35:c7:ae:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9807f6d50d97d971dcf2e2e5064e9b907adb3ec
Validity
Not Before: Jun 25 15:11:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0ee26619689f38c3bdada25b1abf8389cd49ff06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:18:67:87:ff:97:89:17:65:9c:b3:46:15:18:
73:a6:fb:40:cd:f4:a0:0d:90:dd:bf:52:ae:2d:f2:
d7:54:e6:6e:e4:6c:90:38:1e:f6:fa:f1:32:9f:ff:
e2:d4:a1:d5:f5:17:82:a8:2c:bb:09:d5:bc:53:ac:
d5:71:44:07:f1:65:de:98:88:d2:92:cd:8e:a1:c1:
55:fe:e1:3d:48:90:ee:da:f1:93:7e:61:04:ec:9c:
8e:bb:70:4a:fb:10:96:54:4d:1e:87:e9:cc:21:8e:
e3:fc:0e:2e:b4:c2:0f:8c:92:d7:ce:1b:c8:2c:bc:
80:df:5d:4b:13:c2:ed:9a:84:b8:52:f6:9d:c5:0f:
16:d9:5e:53:d4:9e:3b:38:4c:04:dc:4f:e8:fe:4f:
fd:ff:11:b3:ae:b3:c1:c0:31:98:6e:a9:b9:51:cc:
fc:46:7f:7f:1e:d9:ba:06:f3:1b:82:98:f6:36:99:
3c:17:9f:e5:32:8d:31:6c:aa:a4:b0:62:62:d8:ff:
b0:22:25:36:31:bc:1f:4a:c8:4c:97:64:94:a6:8d:
aa:af:2e:9d:0a:95:f7:a3:bd:c9:c8:ec:35:d1:7e:
6c:ea:50:7c:7f:20:c1:50:6d:e2:ef:7a:41:af:92:
62:63:e5:66:b8:b9:91:19:f0:39:99:6e:5e:c9:04:
eb:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:E2:66:19:68:9F:38:C3:BD:AD:A2:5B:1A:BF:83:89:CD:49:FF:06
X509v3 Authority Key Identifier:
keyid:A9:80:7F:6D:50:D9:7D:97:1D:CF:2E:2E:50:64:E9:B9:07:AD:B3:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qYB_bVDZfZcdzy4uUGTpuQets-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/DuJmGWifOMO9raJbGr-Dic1J_wY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/qYB_bVDZfZcdzy4uUGTpuQets-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.96.0.0/13
62.24.128.0/17
62.241.160.0/19
78.144.0.0/13
79.77.0.0-79.79.255.255
80.40.0.0/13
81.1.64.0/18
81.86.0.0/16
81.178.0.0/15
83.67.0.0/16
84.43.0.0/17
87.242.128.0/17
89.168.128.0/17
89.240.0.0/14
92.16.0.0/12
145.255.240.0/21
185.24.12.0/22
185.173.120.0/22
185.175.48.0/22
185.175.144.0/22
193.218.99.0/24
194.106.32.0/19
194.247.224.0/19
195.112.0.0/18
195.137.0.0/17
195.149.0.0/18
212.1.128.0/19
212.67.96.0/19
212.74.96.0/19
212.139.0.0/16
212.159.128.0/18
213.78.0.0/16
Signature Algorithm: sha256WithRSAEncryption
83:55:9d:17:10:f5:99:8d:53:fc:ee:d4:98:a9:9e:77:3b:e3:
8f:46:38:c9:5f:b5:94:26:78:91:5c:1a:b0:e0:0c:6b:28:15:
92:39:e4:9e:b8:92:e3:08:62:77:c4:f5:8e:31:fc:24:c6:a6:
c6:29:4a:e6:f5:71:99:e0:77:0b:c9:a6:13:93:61:19:15:83:
88:41:5b:2e:ca:8c:2e:b4:ae:e3:ce:c7:4b:52:18:3a:d1:eb:
37:cc:9a:12:78:75:7e:50:77:52:a3:54:bc:b5:b9:bf:0c:05:
c1:c7:47:a8:ad:0e:11:9b:23:e5:33:5e:26:b1:4c:6a:8c:45:
91:2f:48:5f:fd:f4:4d:69:0c:a9:42:9a:88:d4:e5:53:a3:c2:
0c:41:b5:d2:6b:25:63:15:75:25:f7:f4:25:85:85:ee:ca:94:
71:63:60:83:80:2e:b8:a9:11:dc:fa:5d:bf:fa:52:74:17:69:
61:5c:c1:81:8e:82:73:f1:3c:84:c1:ad:73:25:50:4f:a8:b0:
a8:61:e9:a9:18:6a:24:cd:92:7f:db:7a:21:75:43:2a:91:ab:
56:15:57:d6:31:59:2e:f3:68:30:0d:e6:f7:8f:f1:56:15:61:
ed:e8:20:46:59:24:fe:0f:17:b0:f5:77:86:8a:7f:14:23:26:
74:44:0f:17
-----BEGIN CERTIFICATE-----
MIIFuDCCBKCgAwIBAgISAZ7/ViX79zJZCs7LMqU1x66vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5ODA3ZjZkNTBkOTdkOTcxZGNmMmUyZTUwNjRlOWI5MDdh
ZGIzZWMwHhcNMjYwNjI1MTUxMTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWUyNjYxOTY4OWYzOGMzYmRhZGEyNWIxYWJmODM4OWNkNDlmZjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0xhnh/+XiRdlnLNGFRhzpvtAzfSg
DZDdv1KuLfLXVOZu5GyQOB72+vEyn//i1KHV9ReCqCy7CdW8U6zVcUQH8WXemIjS
ks2OocFV/uE9SJDu2vGTfmEE7JyOu3BK+xCWVE0eh+nMIY7j/A4utMIPjJLXzhvI
LLyA311LE8LtmoS4UvadxQ8W2V5T1J47OEwE3E/o/k/9/xGzrrPBwDGYbqm5Ucz8
Rn9/Htm6BvMbgpj2Npk8F5/lMo0xbKqksGJi2P+wIiU2MbwfSshMl2SUpo2qry6d
CpX3o73JyOw10X5s6lB8fyDBUG3i73pBr5JiY+VmuLmRGfA5mW5eyQTrVwIDAQAB
o4ICxDCCAsAwHQYDVR0OBBYEFA7iZhlonzjDva2iWxq/g4nNSf8GMB8GA1UdIwQY
MBaAFKmAf21Q2X2XHc8uLlBk6bkHrbPsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVlCX2JWRFpmWmNkenk0dVVHVHB1UWV0cy13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9jYTlkYmUtMDA5NS00MGYzLWI5MzIt
MGQ4ZjdkZDhjY2U2LzEvRHVKbUdXaWZPTU85cmFKYkdyLURpYzFKX3dZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9jYTlkYmUtMDA5NS00MGYzLWI5MzItMGQ4ZjdkZDhjY2U2
LzEvcVlCX2JWRFpmWmNkenk0dVVHVHB1UWV0cy13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHZBggrBgEFBQcBBwEB/wSByTCBxjCBwwQCAAEwgbwDAwMC
YAMEBz4YgAMEBT7xoAMDA06QMAoDAwBPTQMDBE9AAwMDUCgDBAZRAUADAwBRVgMD
AVGyAwMAU0MDBAdUKwADBAdX8oADBAdZqIADAwJZ8AMDBFwQAwQDkf/wAwQCuRgM
AwQCua14AwQCua8wAwQCua+QAwQAwdpjAwQFwmogAwQFwvfgAwQGw3AAAwQHw4kA
AwQGw5UAAwQF1AGAAwQF1ENgAwQF1EpgAwMA1IsDBAbUn4ADAwDVTjANBgkqhkiG
9w0BAQsFAAOCAQEAg1WdFxD1mY1T/O7UmKmedzvjj0Y4yV+1lCZ4kVwasOAMaygV
kjnknriS4whid8T1jjH8JMamxilK5vVxmeB3C8mmE5NhGRWDiEFbLsqMLrSu487H
S1IYOtHrN8yaEnh1flB3UqNUvLW5vwwFwcdHqK0OEZsj5TNeJrFMaoxFkS9IX/30
TWkMqUKaiNTlU6PCDEG10mslYxV1Jff0JYWF7sqUcWNgg4AuuKkR3Ppdv/pSdBdp
YVzBgY6Cc/E8hMGtcyVQT6iwqGHpqRhqJM2Sf9t6IXVDKpGrVhVX1jFZLvNoMA3m
94/xVhVh7eggRlkk/g8XsPV3hop/FCMmdEQPFw==
-----END CERTIFICATE-----
Generated at Mon Jun 29 16:30:38 2026 by rpki-client