Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/2gNptmDeZqVqbzrPIcQVfj3mWXg.roa
File: 2gNptmDeZqVqbzrPIcQVfj3mWXg.roa (raw, json)
Hash identifier: 2kQtdB8OUILGqHb4YDa5UO9rq6rgZm0vuIQai+Tuhk8=
Subject key identifier: DA:03:69:B6:60:DE:66:A5:6A:6F:3A:CF:21:C4:15:7E:3D:E6:59:78
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 019E991F0B6FF34342130EAF13E9DD54CCFB
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/2gNptmDeZqVqbzrPIcQVfj3mWXg.roa
Signing time: Fri 05 Jun 2026 18:50:08 +0000
ROA not before: Fri 05 Jun 2026 18:50:08 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 58061
IP address blocks: 2.56.112.0/24 maxlen: 24
2.56.113.0/24 maxlen: 24
45.132.48.0/24 maxlen: 24
45.157.136.0/24 maxlen: 24
62.68.83.0/24 maxlen: 24
62.68.86.0/24 maxlen: 24
62.68.87.0/24 maxlen: 24
62.204.36.0/24 maxlen: 24
62.204.57.0/24 maxlen: 24
62.233.45.0/24 maxlen: 24
62.233.49.0/24 maxlen: 24
62.233.56.0/24 maxlen: 24
62.233.60.0/24 maxlen: 24
80.68.145.0/24 maxlen: 24
80.68.158.0/24 maxlen: 24
80.91.209.0/24 maxlen: 24
80.91.210.0/24 maxlen: 24
91.226.247.0/24 maxlen: 24
93.177.104.0/24 maxlen: 24
94.143.226.0/24 maxlen: 24
94.158.191.0/24 maxlen: 24
130.193.79.0/24 maxlen: 24
130.255.169.0/24 maxlen: 24
146.19.137.0/24 maxlen: 24
146.19.148.0/24 maxlen: 24
146.19.150.0/24 maxlen: 24
146.19.152.0/24 maxlen: 24
146.19.187.0/24 maxlen: 24
146.19.190.0/24 maxlen: 24
176.56.38.0/24 maxlen: 24
185.122.206.0/24 maxlen: 24
185.155.101.0/24 maxlen: 24
185.218.1.0/24 maxlen: 24
193.3.22.0/24 maxlen: 24
193.239.209.0/24 maxlen: 24
195.64.112.0/24 maxlen: 24
195.64.114.0/24 maxlen: 24
195.93.249.0/24 maxlen: 24
195.96.136.0/24 maxlen: 24
195.96.157.0/24 maxlen: 24
212.52.5.0/24 maxlen: 24
217.114.32.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.mft
rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 06 Jun 2026 17:49:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:99:1f:0b:6f:f3:43:42:13:0e:af:13:e9:dd:54:cc:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Jun 5 18:50:08 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=da0369b660de66a56a6f3acf21c4157e3de65978
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:38:91:05:e6:b9:20:79:71:87:b5:3e:57:21:
04:fa:1e:6e:84:86:d7:2a:7b:0f:6e:72:14:ce:55:
8e:ad:c1:2f:fa:43:99:97:9f:11:c9:4c:a1:d6:60:
6e:1c:66:61:a6:1b:61:4b:d5:5e:c0:86:65:ec:e4:
7e:72:77:7f:b8:04:40:c9:81:dc:b9:3a:82:6f:e1:
bc:41:f9:96:da:2e:98:11:a2:b6:a2:57:36:d9:11:
8b:51:d4:69:71:5e:ed:94:0a:bf:b8:f2:86:d5:3f:
b7:8f:c1:b3:c6:b4:a2:1b:45:17:46:c7:1d:c8:70:
65:f9:3b:ec:4b:19:98:0a:bc:53:10:7c:f6:91:35:
3e:e6:45:2a:00:50:6d:84:eb:2e:e7:48:d7:dc:48:
79:87:22:69:7d:ea:81:51:12:ef:5f:ec:71:e4:88:
d5:a7:7d:f7:c4:29:47:2f:e6:de:fa:07:48:e3:89:
65:ba:3f:85:e7:97:65:88:fc:2a:37:7e:48:b0:50:
82:2e:4d:8f:0a:4c:ef:26:19:2d:54:a4:21:6b:c3:
7b:6d:8a:1e:5d:68:8d:9a:e7:b9:98:6c:e3:36:96:
ea:07:19:cf:59:e5:6a:7f:e4:4e:5a:5d:97:1e:a5:
76:1a:cf:42:e3:30:39:58:bc:91:c7:05:17:92:25:
28:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:03:69:B6:60:DE:66:A5:6A:6F:3A:CF:21:C4:15:7E:3D:E6:59:78
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/2gNptmDeZqVqbzrPIcQVfj3mWXg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.112.0/23
45.132.48.0/24
45.157.136.0/24
62.68.83.0/24
62.68.86.0/23
62.204.36.0/24
62.204.57.0/24
62.233.45.0/24
62.233.49.0/24
62.233.56.0/24
62.233.60.0/24
80.68.145.0/24
80.68.158.0/24
80.91.209.0-80.91.210.255
91.226.247.0/24
93.177.104.0/24
94.143.226.0/24
94.158.191.0/24
130.193.79.0/24
130.255.169.0/24
146.19.137.0/24
146.19.148.0/24
146.19.150.0/24
146.19.152.0/24
146.19.187.0/24
146.19.190.0/24
176.56.38.0/24
185.122.206.0/24
185.155.101.0/24
185.218.1.0/24
193.3.22.0/24
193.239.209.0/24
195.64.112.0/24
195.64.114.0/24
195.93.249.0/24
195.96.136.0/24
195.96.157.0/24
212.52.5.0/24
217.114.32.0/24
Signature Algorithm: sha256WithRSAEncryption
64:07:c6:83:ed:38:2d:76:f1:ac:c3:59:85:11:cb:90:4e:40:
ff:79:7a:6a:4e:cf:2f:10:0e:60:d3:e7:c9:16:e2:44:25:bc:
b6:ff:7c:1d:50:af:75:0e:e3:20:e6:43:8e:5c:3e:ad:53:e8:
29:1c:66:ca:fa:e7:b9:d8:0c:50:be:ea:de:89:23:c1:47:bd:
c0:35:a4:3a:bc:a6:62:4e:24:47:cb:6f:b9:e2:5e:bc:8b:80:
5c:26:2a:9c:f3:f0:84:6a:03:ba:61:ce:c8:7d:0f:f8:9f:4d:
20:a6:5f:98:20:70:92:4d:57:f2:fe:fa:6d:7d:df:23:c6:db:
cc:57:70:d2:ef:d7:26:ef:68:d2:0d:7c:86:90:20:b6:07:59:
a6:26:6a:3e:ee:b9:27:1a:1c:6e:e0:41:db:ad:17:b1:ab:46:
2b:24:0d:5a:57:7f:e1:09:fe:ea:3c:91:93:82:c4:0b:07:7a:
61:5e:0c:8e:a4:6a:04:af:af:59:a2:9a:df:f6:27:e3:5d:d5:
74:78:2f:48:ec:24:00:ae:f4:bc:9e:d6:0b:ba:be:f4:46:75:
0a:9a:3c:b1:5c:69:4f:e2:df:bb:ff:72:a2:01:e1:fc:d2:f5:
ed:9c:82:55:72:51:3d:2f:59:c9:dd:cc:cc:fd:06:c9:94:3e:
5d:35:bf:21
-----BEGIN CERTIFICATE-----
MIIF7zCCBNegAwIBAgISAZ6ZHwtv80NCEw6vE+ndVMz7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjYwNjA1MTg1MDA4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTAzNjliNjYwZGU2NmE1NmE2ZjNhY2YyMWM0MTU3ZTNkZTY1OTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArDiRBea5IHlxh7U+VyEE+h5uhIbX
KnsPbnIUzlWOrcEv+kOZl58RyUyh1mBuHGZhphthS9VewIZl7OR+cnd/uARAyYHc
uTqCb+G8QfmW2i6YEaK2olc22RGLUdRpcV7tlAq/uPKG1T+3j8GzxrSiG0UXRscd
yHBl+TvsSxmYCrxTEHz2kTU+5kUqAFBthOsu50jX3Eh5hyJpfeqBURLvX+xx5IjV
p333xClHL+be+gdI44lluj+F55dliPwqN35IsFCCLk2PCkzvJhktVKQha8N7bYoe
XWiNmue5mGzjNpbqBxnPWeVqf+ROWl2XHqV2Gs9C4zA5WLyRxwUXkiUo0wIDAQAB
o4IC+zCCAvcwHQYDVR0OBBYEFNoDabZg3malam86zyHEFX495ll4MB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvMmdOcHRtRGVacVZxYnpyUEljUVZmajNtV1hnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBDwYIKwYBBQUHAQcBAf8Egf8wgfwwgfkEAgABMIHyAwQB
AjhwAwQALYQwAwQALZ2IAwQAPkRTAwQBPkRWAwQAPswkAwQAPsw5AwQAPuktAwQA
PukxAwQAPuk4AwQAPuk8AwQAUESRAwQAUESeMAwDBABQW9EDBABQW9IDBABb4vcD
BABdsWgDBABej+IDBABenr8DBACCwU8DBACC/6kDBACSE4kDBACSE5QDBACSE5YD
BACSE5gDBACSE7sDBACSE74DBACwOCYDBAC5es4DBAC5m2UDBAC52gEDBADBAxYD
BADB79EDBADDQHADBADDQHIDBADDXfkDBADDYIgDBADDYJ0DBADUNAUDBADZciAw
DQYJKoZIhvcNAQELBQADggEBAGQHxoPtOC128azDWYURy5BOQP95empOzy8QDmDT
58kW4kQlvLb/fB1Qr3UO4yDmQ45cPq1T6CkcZsr657nYDFC+6t6JI8FHvcA1pDq8
pmJOJEfLb7niXryLgFwmKpzz8IRqA7phzsh9D/ifTSCmX5ggcJJNV/L++m193yPG
28xXcNLv1ybvaNINfIaQILYHWaYmaj7uuScaHG7gQdutF7GrRiskDVpXf+EJ/uo8
kZOCxAsHemFeDI6kagSvr1mimt/2J+Nd1XR4L0jsJACu9Lye1gu6vvRGdQqaPLFc
aU/i37v/cqIB4fzS9e2cglVyUT0vWcndzMz9BsmUPl01vyE=
-----END CERTIFICATE-----
Generated at Fri Jun 5 21:37:07 2026 by rpki-client