Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/viNdF4GjOL8ikONaRFp3xaFJQ6U.roa
File: viNdF4GjOL8ikONaRFp3xaFJQ6U.roa (raw, json)
Hash identifier: uJwtKCv2JTbPu2uzWL8YYN7VZw8mK2wy3RXekknsD30=
Subject key identifier: BE:23:5D:17:81:A3:38:BF:22:90:E3:5A:44:5A:77:C5:A1:49:43:A5
Certificate issuer: /CN=a9807f6d50d97d971dcf2e2e5064e9b907adb3ec
Certificate serial: 019EFF56253704B33ABA863B659C5B1391CA
Authority key identifier: A9:80:7F:6D:50:D9:7D:97:1D:CF:2E:2E:50:64:E9:B9:07:AD:B3:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qYB_bVDZfZcdzy4uUGTpuQets-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/viNdF4GjOL8ikONaRFp3xaFJQ6U.roa
Signing time: Thu 25 Jun 2026 15:11:36 +0000
ROA not before: Thu 25 Jun 2026 15:11:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 13285
IP address blocks: 2.96.0.0/13 maxlen: 24
62.24.128.0/17 maxlen: 24
62.241.160.0/19 maxlen: 24
78.144.0.0/13 maxlen: 24
79.77.0.0/16 maxlen: 24
79.78.0.0/15 maxlen: 24
80.40.0.0/13 maxlen: 24
80.40.0.0/15 maxlen: 24
80.42.0.0/16 maxlen: 24
81.1.64.0/18 maxlen: 24
81.86.0.0/16 maxlen: 24
81.178.0.0/15 maxlen: 24
83.67.0.0/16 maxlen: 24
84.43.0.0/17 maxlen: 24
87.242.128.0/17 maxlen: 24
89.168.128.0/17 maxlen: 24
89.240.0.0/14 maxlen: 24
92.16.0.0/12 maxlen: 24
145.255.240.0/21 maxlen: 24
185.24.12.0/22 maxlen: 24
185.173.120.0/22 maxlen: 24
185.175.48.0/22 maxlen: 24
185.175.144.0/22 maxlen: 24
193.218.99.0/24 maxlen: 24
194.106.32.0/19 maxlen: 24
194.247.224.0/19 maxlen: 24
195.112.0.0/18 maxlen: 24
195.137.0.0/17 maxlen: 24
195.149.0.0/18 maxlen: 24
212.1.128.0/19 maxlen: 24
212.67.96.0/19 maxlen: 24
212.74.96.0/19 maxlen: 24
212.139.0.0/16 maxlen: 24
212.159.128.0/18 maxlen: 24
213.78.0.0/16 maxlen: 24
2001:7e0::/32 maxlen: 32
2001:4a00::/27 maxlen: 27
2a00:4340::/32 maxlen: 32
2a0b:db00::/29 maxlen: 29
2a0b:e900::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/qYB_bVDZfZcdzy4uUGTpuQets-w.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/qYB_bVDZfZcdzy4uUGTpuQets-w.mft
rsync://rpki.ripe.net/repository/DEFAULT/qYB_bVDZfZcdzy4uUGTpuQets-w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Jun 2026 09:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:ff:56:25:37:04:b3:3a:ba:86:3b:65:9c:5b:13:91:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9807f6d50d97d971dcf2e2e5064e9b907adb3ec
Validity
Not Before: Jun 25 15:11:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=be235d1781a338bf2290e35a445a77c5a14943a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:90:d6:e3:8c:62:a2:24:67:32:c7:e1:80:88:
39:e9:14:52:df:eb:bb:bb:f0:ab:5c:68:5f:6c:f5:
a5:07:78:c7:3c:e8:24:36:d2:c6:72:6c:53:e9:ba:
14:9e:bb:70:28:ff:88:81:e3:c7:a7:f0:6e:b6:44:
66:8b:2d:9b:f6:e2:f1:94:81:bc:a9:8f:92:64:1b:
dc:5a:0c:3b:c2:9d:59:24:c9:e0:10:f5:ea:9d:47:
92:a7:87:9b:dc:2a:9c:22:e7:80:7a:6d:d4:46:7d:
23:2a:52:35:06:91:13:6a:e9:c7:e7:6e:98:7e:4b:
12:bd:72:e7:22:cc:04:e7:49:bd:26:37:24:c4:a5:
cd:2d:a5:4a:b7:75:28:d3:e2:f3:5b:34:49:11:f5:
b7:bb:03:14:7f:e9:0c:6d:a4:c2:35:22:cb:27:79:
d0:21:91:cd:e7:c3:5b:cc:2e:b7:e1:73:79:dd:95:
75:ac:95:75:89:bb:cf:1e:67:9f:93:06:f8:3b:f1:
7b:57:8a:0e:d6:6d:b7:e3:03:31:6b:09:04:2f:c3:
09:bb:20:96:09:8b:72:7a:cd:a5:49:c5:18:c9:2b:
67:93:c8:58:4c:ba:97:ae:ff:9c:fc:8d:c3:36:33:
86:40:b5:a9:a0:fe:b9:b8:9f:d8:b0:0a:a0:8f:65:
dc:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:23:5D:17:81:A3:38:BF:22:90:E3:5A:44:5A:77:C5:A1:49:43:A5
X509v3 Authority Key Identifier:
keyid:A9:80:7F:6D:50:D9:7D:97:1D:CF:2E:2E:50:64:E9:B9:07:AD:B3:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qYB_bVDZfZcdzy4uUGTpuQets-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/viNdF4GjOL8ikONaRFp3xaFJQ6U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/qYB_bVDZfZcdzy4uUGTpuQets-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.96.0.0/13
62.24.128.0/17
62.241.160.0/19
78.144.0.0/13
79.77.0.0-79.79.255.255
80.40.0.0/13
81.1.64.0/18
81.86.0.0/16
81.178.0.0/15
83.67.0.0/16
84.43.0.0/17
87.242.128.0/17
89.168.128.0/17
89.240.0.0/14
92.16.0.0/12
145.255.240.0/21
185.24.12.0/22
185.173.120.0/22
185.175.48.0/22
185.175.144.0/22
193.218.99.0/24
194.106.32.0/19
194.247.224.0/19
195.112.0.0/18
195.137.0.0/17
195.149.0.0/18
212.1.128.0/19
212.67.96.0/19
212.74.96.0/19
212.139.0.0/16
212.159.128.0/18
213.78.0.0/16
IPv6:
2001:7e0::/32
2001:4a00::/27
2a00:4340::/32
2a0b:db00::/29
2a0b:e900::/29
Signature Algorithm: sha256WithRSAEncryption
5d:ba:fc:11:7d:46:73:92:2e:68:04:5c:e5:a8:59:01:51:3f:
e5:ae:c4:fd:28:fa:0f:67:9e:f2:78:c6:3c:9f:ec:6d:f1:30:
5a:fe:a3:ba:93:cb:17:f6:83:99:47:b5:3a:58:c4:f7:4e:af:
f5:53:7e:24:34:5e:cb:23:44:eb:d8:7f:ff:25:39:42:6d:4c:
5d:ee:c5:c6:50:8d:39:fb:95:0d:66:c4:50:97:b2:5a:2a:19:
77:c6:90:0a:cd:71:4c:65:2a:14:bf:f3:29:13:ff:fc:a3:ec:
9f:93:fb:72:a2:19:7e:ef:2d:4b:29:69:94:a3:8c:fd:ff:46:
56:76:54:b9:87:48:c8:4b:57:fb:05:8b:f9:29:9d:db:5c:08:
8b:74:f1:b7:c6:22:7a:31:6a:52:a5:f6:38:a8:8e:9c:5c:48:
8e:72:d2:4b:ea:f1:c7:d0:da:6a:50:41:76:ef:03:bc:3d:80:
80:4d:02:69:26:1b:87:68:be:83:7a:b4:77:a2:a3:6f:85:f7:
d5:c5:86:d4:73:9a:77:f8:1d:ba:e7:58:20:a7:f2:0f:f5:d9:
a1:cc:d9:ea:19:95:82:ef:1e:3e:10:16:61:46:e1:dc:70:b5:
ec:e3:b7:9d:dc:3b:39:f2:e3:31:16:6c:f2:ed:4d:6a:4e:80:
f9:c7:d7:2b
-----BEGIN CERTIFICATE-----
MIIF5DCCBMygAwIBAgISAZ7/ViU3BLM6uoY7ZZxbE5HKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5ODA3ZjZkNTBkOTdkOTcxZGNmMmUyZTUwNjRlOWI5MDdh
ZGIzZWMwHhcNMjYwNjI1MTUxMTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTIzNWQxNzgxYTMzOGJmMjI5MGUzNWE0NDVhNzdjNWExNDk0M2E1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy5DW44xioiRnMsfhgIg56RRS3+u7
u/CrXGhfbPWlB3jHPOgkNtLGcmxT6boUnrtwKP+IgePHp/ButkRmiy2b9uLxlIG8
qY+SZBvcWgw7wp1ZJMngEPXqnUeSp4eb3CqcIueAem3URn0jKlI1BpETaunH526Y
fksSvXLnIswE50m9JjckxKXNLaVKt3Uo0+LzWzRJEfW3uwMUf+kMbaTCNSLLJ3nQ
IZHN58NbzC634XN53ZV1rJV1ibvPHmefkwb4O/F7V4oO1m234wMxawkEL8MJuyCW
CYtyes2lScUYyStnk8hYTLqXrv+c/I3DNjOGQLWpoP65uJ/YsAqgj2XcxQIDAQAB
o4IC8DCCAuwwHQYDVR0OBBYEFL4jXReBozi/IpDjWkRad8WhSUOlMB8GA1UdIwQY
MBaAFKmAf21Q2X2XHc8uLlBk6bkHrbPsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVlCX2JWRFpmWmNkenk0dVVHVHB1UWV0cy13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9jYTlkYmUtMDA5NS00MGYzLWI5MzIt
MGQ4ZjdkZDhjY2U2LzEvdmlOZEY0R2pPTDhpa09OYVJGcDN4YUZKUTZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9jYTlkYmUtMDA5NS00MGYzLWI5MzItMGQ4ZjdkZDhjY2U2
LzEvcVlCX2JWRFpmWmNkenk0dVVHVHB1UWV0cy13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBBAYIKwYBBQUHAQcBAf8EgfQwgfEwgcMEAgABMIG8AwMD
AmADBAc+GIADBAU+8aADAwNOkDAKAwMAT00DAwRPQAMDA1AoAwQGUQFAAwMAUVYD
AwFRsgMDAFNDAwQHVCsAAwQHV/KAAwQHWaiAAwMCWfADAwRcEAMEA5H/8AMEArkY
DAMEArmteAMEArmvMAMEArmvkAMEAMHaYwMEBcJqIAMEBcL34AMEBsNwAAMEB8OJ
AAMEBsOVAAMEBdQBgAMEBdRDYAMEBdRKYAMDANSLAwQG1J+AAwMA1U4wKQQCAAIw
IwMFACABB+ADBQUgAUoAAwUAKgBDQAMFAyoL2wADBQMqC+kAMA0GCSqGSIb3DQEB
CwUAA4IBAQBduvwRfUZzki5oBFzlqFkBUT/lrsT9KPoPZ57yeMY8n+xt8TBa/qO6
k8sX9oOZR7U6WMT3Tq/1U34kNF7LI0Tr2H//JTlCbUxd7sXGUI05+5UNZsRQl7Ja
Khl3xpAKzXFMZSoUv/MpE//8o+yfk/tyohl+7y1LKWmUo4z9/0ZWdlS5h0jIS1f7
BYv5KZ3bXAiLdPG3xiJ6MWpSpfY4qI6cXEiOctJL6vHH0NpqUEF27wO8PYCATQJp
JhuHaL6DerR3oqNvhffVxYbUc5p3+B2651ggp/IP9dmhzNnqGZWC7x4+EBZhRuHc
cLXs47ed3Ds58uMxFmzy7U1qToD5x9cr
-----END CERTIFICATE-----
Generated at Mon Jun 29 14:35:17 2026 by rpki-client