Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/DeBELiaVDIm9e9ht1-GHWeELAg4.roa
File: DeBELiaVDIm9e9ht1-GHWeELAg4.roa (raw, json)
Hash identifier: 6yIPWOzy1D2Ick+lH0lpZl07DrAhix1Km4Ihd5P9WW4=
Subject key identifier: 0D:E0:44:2E:26:95:0C:89:BD:7B:D8:6D:D7:E1:87:59:E1:0B:02:0E
Certificate issuer: /CN=aca66a5938af567a9e29b4f76f115607c2b8aa20
Certificate serial: 019E474F9340179CC60EECFE6EB22B73A5F2
Authority key identifier: AC:A6:6A:59:38:AF:56:7A:9E:29:B4:F7:6F:11:56:07:C2:B8:AA:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rKZqWTivVnqeKbT3bxFWB8K4qiA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/DeBELiaVDIm9e9ht1-GHWeELAg4.roa
Signing time: Wed 20 May 2026 21:34:17 +0000
ROA not before: Wed 20 May 2026 21:34:17 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 14618
IP address blocks: 87.58.64.0/24 maxlen: 24
87.58.65.0/24 maxlen: 24
137.31.4.0/24 maxlen: 24
137.31.5.0/24 maxlen: 24
137.31.6.0/24 maxlen: 24
137.31.7.0/24 maxlen: 24
137.31.96.0/24 maxlen: 24
137.31.97.0/24 maxlen: 24
159.254.0.0/24 maxlen: 24
159.254.1.0/24 maxlen: 24
159.254.2.0/24 maxlen: 24
159.254.3.0/24 maxlen: 24
159.254.4.0/24 maxlen: 24
159.254.5.0/24 maxlen: 24
159.254.6.0/24 maxlen: 24
159.254.7.0/24 maxlen: 24
159.254.8.0/24 maxlen: 24
159.254.9.0/24 maxlen: 24
159.254.10.0/24 maxlen: 24
159.254.11.0/24 maxlen: 24
159.254.12.0/24 maxlen: 24
159.254.80.0/24 maxlen: 24
159.254.81.0/24 maxlen: 24
159.254.82.0/24 maxlen: 24
159.254.186.0/24 maxlen: 24
159.254.187.0/24 maxlen: 24
159.254.188.0/24 maxlen: 24
159.254.189.0/24 maxlen: 24
159.254.190.0/24 maxlen: 24
159.254.191.0/24 maxlen: 24
159.254.200.0/24 maxlen: 24
159.254.201.0/24 maxlen: 24
159.254.207.0/24 maxlen: 24
159.254.208.0/24 maxlen: 24
194.9.116.0/24 maxlen: 24
2a03:eec0:3601::/48 maxlen: 48
2a03:eec0:3602::/48 maxlen: 48
2a03:eec0:3603::/48 maxlen: 48
2a03:eec0:3604::/48 maxlen: 48
2a03:eec0:3605::/48 maxlen: 48
2a03:eec0:3606::/48 maxlen: 48
2a03:eec0:3607::/48 maxlen: 48
2a03:eec0:3608::/48 maxlen: 48
2a03:eec0:3609::/48 maxlen: 48
2a03:eec0:360a::/48 maxlen: 48
2a03:eec0:360b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/rKZqWTivVnqeKbT3bxFWB8K4qiA.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/rKZqWTivVnqeKbT3bxFWB8K4qiA.mft
rsync://rpki.ripe.net/repository/DEFAULT/rKZqWTivVnqeKbT3bxFWB8K4qiA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 May 2026 08:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:47:4f:93:40:17:9c:c6:0e:ec:fe:6e:b2:2b:73:a5:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aca66a5938af567a9e29b4f76f115607c2b8aa20
Validity
Not Before: May 20 21:34:17 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0de0442e26950c89bd7bd86dd7e18759e10b020e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:3d:58:c8:ce:8c:a7:ba:26:24:01:b7:81:67:
8d:72:b5:0e:f6:bb:e4:72:0b:77:f7:11:2a:d8:ac:
4d:ca:4f:95:89:b3:d9:3a:b4:2d:cf:90:2f:cd:ac:
00:5f:eb:5d:01:ed:ae:7e:13:d7:c8:e3:d6:79:da:
7b:f9:ac:67:39:2b:0a:34:f3:43:60:0e:4c:80:59:
b6:ef:a7:83:5a:6f:0f:21:cc:35:dc:60:a3:62:ca:
3c:8e:84:13:76:44:2e:4f:08:41:29:76:d7:e0:a4:
07:9d:81:27:29:61:f5:94:9c:28:01:65:3f:c8:66:
33:73:2f:c0:9e:32:f4:4e:a5:1a:04:f8:36:d7:d7:
de:97:e0:a0:e0:84:58:8d:15:a0:18:3f:3d:45:23:
d8:ec:75:cf:2f:86:d1:bf:ca:28:ee:8b:2e:01:65:
7d:24:bc:bc:39:78:69:d4:76:fe:c0:8d:02:4e:60:
8b:a7:32:0b:6b:03:2f:11:21:38:ba:cd:f5:37:56:
55:58:26:94:cf:06:ff:e6:11:84:02:79:de:bf:24:
9e:90:11:3a:e1:1b:64:6b:4f:92:1f:1d:cf:3f:d0:
5d:e6:67:02:b3:a1:e7:cb:c8:28:9b:6e:37:e8:0c:
aa:69:3a:18:dc:b7:ab:be:f1:34:a6:a1:c0:0f:0d:
c9:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:E0:44:2E:26:95:0C:89:BD:7B:D8:6D:D7:E1:87:59:E1:0B:02:0E
X509v3 Authority Key Identifier:
keyid:AC:A6:6A:59:38:AF:56:7A:9E:29:B4:F7:6F:11:56:07:C2:B8:AA:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rKZqWTivVnqeKbT3bxFWB8K4qiA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/DeBELiaVDIm9e9ht1-GHWeELAg4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/rKZqWTivVnqeKbT3bxFWB8K4qiA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.58.64.0/23
137.31.4.0/22
137.31.96.0/23
159.254.0.0-159.254.12.255
159.254.80.0-159.254.82.255
159.254.186.0-159.254.191.255
159.254.200.0/23
159.254.207.0-159.254.208.255
194.9.116.0/24
IPv6:
2a03:eec0:3601::-2a03:eec0:360b:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
0a:17:b8:06:d3:d3:15:22:3b:30:50:43:0a:a2:6e:2c:72:37:
2e:28:be:4c:a7:be:be:c5:e0:b6:ac:3f:07:ee:3e:77:cf:bf:
a2:e0:8d:a1:43:ec:13:53:55:7e:0a:1f:2e:d7:d6:04:df:c7:
ae:07:cf:b4:f0:bd:22:3d:81:bc:0c:fd:26:54:1c:90:a5:ca:
c4:fd:5b:95:54:49:26:23:4a:84:97:73:d0:d5:99:d2:d8:06:
ed:1b:9b:16:ee:8e:38:37:dc:ea:b1:ac:a3:19:db:c1:07:a5:
07:36:f9:fe:96:14:c2:40:62:ae:87:a2:6d:e2:14:3a:bc:95:
f5:0d:e2:ab:0d:07:d4:29:b3:6d:83:18:ea:2b:a7:4b:7a:86:
1e:c3:5e:b0:3d:d7:a1:84:89:8d:b7:31:9e:35:dd:af:31:a3:
e7:e1:53:92:8b:ba:45:98:d7:d3:88:bb:c1:75:1c:72:b8:d9:
ce:02:79:af:2f:29:c1:26:ae:3f:61:dc:0b:ac:c5:f2:0d:a0:
0a:06:c7:60:e2:c8:dc:a0:a4:43:f0:ff:d1:23:9d:7f:47:72:
55:1a:88:67:ba:f1:ba:dd:2f:50:14:33:c8:9d:10:23:74:85:
c2:81:bb:df:41:34:ab:8d:a0:b6:51:60:ae:45:2f:aa:4f:cf:
4c:cb:26:49
-----BEGIN CERTIFICATE-----
MIIFaTCCBFGgAwIBAgISAZ5HT5NAF5zGDuz+brIrc6XyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjYTY2YTU5MzhhZjU2N2E5ZTI5YjRmNzZmMTE1NjA3YzJi
OGFhMjAwHhcNMjYwNTIwMjEzNDE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGUwNDQyZTI2OTUwYzg5YmQ3YmQ4NmRkN2UxODc1OWUxMGIwMjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmj1YyM6Mp7omJAG3gWeNcrUO9rvk
cgt39xEq2KxNyk+VibPZOrQtz5AvzawAX+tdAe2ufhPXyOPWedp7+axnOSsKNPND
YA5MgFm276eDWm8PIcw13GCjYso8joQTdkQuTwhBKXbX4KQHnYEnKWH1lJwoAWU/
yGYzcy/AnjL0TqUaBPg219fel+Cg4IRYjRWgGD89RSPY7HXPL4bRv8oo7osuAWV9
JLy8OXhp1Hb+wI0CTmCLpzILawMvESE4us31N1ZVWCaUzwb/5hGEAnnevySekBE6
4Rtka0+SHx3PP9Bd5mcCs6Hny8gom2436AyqaToY3LervvE0pqHADw3JywIDAQAB
o4ICdTCCAnEwHQYDVR0OBBYEFA3gRC4mlQyJvXvYbdfhh1nhCwIOMB8GA1UdIwQY
MBaAFKymalk4r1Z6nim0928RVgfCuKogMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcktacVdUaXZWbnFlS2JUM2J4RldCOEs0cWlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8xNTA4OWItMThkNy00ZmYwLTlkMjgt
YjliNjU0MDJiOTI4LzEvRGVCRUxpYVZESW05ZTlodDEtR0hXZUVMQWc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8xNTA4OWItMThkNy00ZmYwLTlkMjgtYjliNjU0MDJiOTI4
LzEvcktacVdUaXZWbnFlS2JUM2J4RldCOEs0cWlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGKBggrBgEFBQcBBwEB/wR7MHkwWwQCAAEwVQMEAVc6QAME
AokfBAMEAYkfYDALAwMBn/4DBACf/gwwDAMEBJ/+UAMEAJ/+UjAMAwQBn/66AwQG
n/6AAwQBn/7IMAwDBACf/s8DBACf/tADBADCCXQwGgQCAAIwFDASAwcAKgPuwDYB
AwcCKgPuwDYIMA0GCSqGSIb3DQEBCwUAA4IBAQAKF7gG09MVIjswUEMKom4scjcu
KL5Mp76+xeC2rD8H7j53z7+i4I2hQ+wTU1V+Ch8u19YE38euB8+08L0iPYG8DP0m
VByQpcrE/VuVVEkmI0qEl3PQ1ZnS2AbtG5sW7o44N9zqsayjGdvBB6UHNvn+lhTC
QGKuh6Jt4hQ6vJX1DeKrDQfUKbNtgxjqK6dLeoYew16wPdehhImNtzGeNd2vMaPn
4VOSi7pFmNfTiLvBdRxyuNnOAnmvLynBJq4/YdwLrMXyDaAKBsdg4sjcoKRD8P/R
I51/R3JVGohnuvG63S9QFDPInRAjdIXCgbvfQTSrjaC2UWCuRS+qT89MyyZJ
-----END CERTIFICATE-----
Generated at Fri May 22 14:18:37 2026 by rpki-client