Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/iUbDlKVvgz6eJXcJpD9GrO5GSxY.roa
File: iUbDlKVvgz6eJXcJpD9GrO5GSxY.roa (raw, json)
Hash identifier: I8U9a91y4dI57qS15T97Dwj/c7SuVzB/fcHUBPyBhcI=
Subject key identifier: 89:46:C3:94:A5:6F:83:3E:9E:25:77:09:A4:3F:46:AC:EE:46:4B:16
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 019E04037AEE6857DEA5C09A657800082814
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/iUbDlKVvgz6eJXcJpD9GrO5GSxY.roa
Signing time: Thu 07 May 2026 19:56:37 +0000
ROA not before: Thu 07 May 2026 19:56:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 58061
IP address blocks: 2.56.112.0/24 maxlen: 24
2.56.113.0/24 maxlen: 24
5.183.128.0/24 maxlen: 24
45.132.48.0/24 maxlen: 24
45.157.136.0/24 maxlen: 24
62.68.83.0/24 maxlen: 24
62.68.86.0/24 maxlen: 24
62.68.87.0/24 maxlen: 24
62.204.36.0/24 maxlen: 24
62.204.57.0/24 maxlen: 24
62.233.45.0/24 maxlen: 24
62.233.49.0/24 maxlen: 24
62.233.56.0/24 maxlen: 24
62.233.60.0/24 maxlen: 24
80.68.145.0/24 maxlen: 24
80.68.158.0/24 maxlen: 24
80.91.209.0/24 maxlen: 24
80.91.210.0/24 maxlen: 24
91.226.247.0/24 maxlen: 24
93.177.104.0/24 maxlen: 24
93.177.107.0/24 maxlen: 24
94.143.226.0/24 maxlen: 24
94.158.191.0/24 maxlen: 24
130.193.79.0/24 maxlen: 24
130.255.169.0/24 maxlen: 24
146.19.137.0/24 maxlen: 24
146.19.148.0/24 maxlen: 24
146.19.150.0/24 maxlen: 24
146.19.152.0/24 maxlen: 24
146.19.187.0/24 maxlen: 24
146.19.190.0/24 maxlen: 24
176.56.38.0/24 maxlen: 24
185.122.206.0/24 maxlen: 24
185.155.101.0/24 maxlen: 24
185.218.1.0/24 maxlen: 24
193.3.22.0/24 maxlen: 24
193.239.209.0/24 maxlen: 24
195.64.112.0/24 maxlen: 24
195.64.114.0/24 maxlen: 24
195.93.249.0/24 maxlen: 24
195.96.136.0/24 maxlen: 24
195.96.157.0/24 maxlen: 24
212.52.5.0/24 maxlen: 24
217.114.32.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.mft
rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 10 May 2026 07:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:04:03:7a:ee:68:57:de:a5:c0:9a:65:78:00:08:28:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: May 7 19:56:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8946c394a56f833e9e257709a43f46acee464b16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:72:ba:cf:e4:67:34:d4:72:75:bb:7d:37:45:
60:26:3f:7d:42:6d:89:76:34:75:88:1c:d8:23:0b:
0d:32:b9:e0:02:0e:b9:ce:c5:38:31:9e:f6:da:3a:
09:54:d7:fe:e7:ab:1c:08:8e:c6:e9:e3:83:13:2f:
f3:ca:b8:27:88:ba:20:9d:0d:b8:f3:b4:ad:16:96:
52:29:24:09:e4:0d:26:b6:14:27:cd:d4:7a:63:39:
ab:6d:74:65:57:a7:58:c9:e6:a1:6c:07:ed:ca:f7:
b7:57:57:59:42:c8:76:73:49:3a:40:9e:b9:a0:ad:
09:fb:14:71:75:84:65:59:8e:33:a4:b8:29:a8:e9:
64:ad:44:a9:fb:98:ae:f3:98:56:e0:d3:ca:6d:9c:
83:ae:4f:36:32:c3:af:3d:40:05:64:28:30:72:28:
90:ea:9f:8d:85:3e:68:1e:f3:88:15:28:3d:d5:be:
d4:45:55:bf:c3:85:5e:9a:07:5d:a6:ed:3d:3c:28:
e3:39:01:78:c0:9e:d9:03:ac:a7:2c:5a:d4:1a:be:
49:68:ed:14:b3:9d:7a:8b:2c:c1:ab:19:81:75:11:
18:62:00:00:9b:45:d7:84:34:8f:c0:8b:97:f1:12:
62:ee:f3:91:96:ef:3c:63:63:ea:b7:f8:5a:66:a2:
08:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:46:C3:94:A5:6F:83:3E:9E:25:77:09:A4:3F:46:AC:EE:46:4B:16
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/iUbDlKVvgz6eJXcJpD9GrO5GSxY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.112.0/23
5.183.128.0/24
45.132.48.0/24
45.157.136.0/24
62.68.83.0/24
62.68.86.0/23
62.204.36.0/24
62.204.57.0/24
62.233.45.0/24
62.233.49.0/24
62.233.56.0/24
62.233.60.0/24
80.68.145.0/24
80.68.158.0/24
80.91.209.0-80.91.210.255
91.226.247.0/24
93.177.104.0/24
93.177.107.0/24
94.143.226.0/24
94.158.191.0/24
130.193.79.0/24
130.255.169.0/24
146.19.137.0/24
146.19.148.0/24
146.19.150.0/24
146.19.152.0/24
146.19.187.0/24
146.19.190.0/24
176.56.38.0/24
185.122.206.0/24
185.155.101.0/24
185.218.1.0/24
193.3.22.0/24
193.239.209.0/24
195.64.112.0/24
195.64.114.0/24
195.93.249.0/24
195.96.136.0/24
195.96.157.0/24
212.52.5.0/24
217.114.32.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:40:91:f5:73:03:4e:bb:67:04:40:f0:bb:c6:21:4d:36:1a:
02:a0:05:bc:b7:18:0e:44:90:d5:98:19:bd:36:ec:03:a8:07:
2e:0c:28:c3:ec:f3:e7:bb:57:25:63:1f:09:81:c1:41:a7:8f:
81:3c:a1:a4:53:df:cb:99:c5:fb:bc:22:21:13:62:a0:f4:af:
b5:57:c0:b4:ba:d0:69:03:18:05:cd:77:63:f5:23:95:7e:c6:
ed:69:b4:47:7f:df:63:fb:46:63:84:51:db:97:a9:33:7a:fa:
cf:71:20:e6:5f:65:be:50:5c:18:8d:6f:4c:de:04:77:d4:3d:
be:dc:37:1b:b3:d0:47:3e:a5:35:b3:9c:d6:d3:b0:0b:a2:8c:
74:a4:ba:c6:4b:f2:8e:f9:07:1f:3f:0b:d0:a3:d5:38:fb:bd:
ef:46:92:bf:55:23:4f:17:ef:ac:a8:bf:96:96:0c:62:4b:1b:
75:aa:f4:db:3e:7b:a7:5a:5f:83:ca:ec:1a:e3:08:63:e9:42:
33:f2:04:ab:75:f6:d7:de:aa:c4:0c:a9:5d:d8:b8:50:96:8a:
7e:26:52:e5:e3:a7:22:44:60:ba:d1:92:d8:ce:ea:8d:23:43:
85:45:59:2d:99:8d:41:1c:f4:8e:55:a0:48:54:91:80:72:94:
16:74:86:e5
-----BEGIN CERTIFICATE-----
MIIF/jCCBOagAwIBAgISAZ4EA3ruaFfepcCaZXgACCgUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjYwNTA3MTk1NjM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTQ2YzM5NGE1NmY4MzNlOWUyNTc3MDlhNDNmNDZhY2VlNDY0YjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs3K6z+RnNNRydbt9N0VgJj99Qm2J
djR1iBzYIwsNMrngAg65zsU4MZ722joJVNf+56scCI7G6eODEy/zyrgniLognQ24
87StFpZSKSQJ5A0mthQnzdR6YzmrbXRlV6dYyeahbAftyve3V1dZQsh2c0k6QJ65
oK0J+xRxdYRlWY4zpLgpqOlkrUSp+5iu85hW4NPKbZyDrk82MsOvPUAFZCgwciiQ
6p+NhT5oHvOIFSg91b7URVW/w4Vemgddpu09PCjjOQF4wJ7ZA6ynLFrUGr5JaO0U
s516iyzBqxmBdREYYgAAm0XXhDSPwIuX8RJi7vORlu88Y2Pqt/haZqIItwIDAQAB
o4IDCjCCAwYwHQYDVR0OBBYEFIlGw5Slb4M+niV3CaQ/RqzuRksWMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvaVViRGxLVnZnejZlSlhjSnBEOUdyTzVHU3hZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBHgYIKwYBBQUHAQcBAf8EggENMIIBCTCCAQUEAgABMIH+
AwQBAjhwAwQABbeAAwQALYQwAwQALZ2IAwQAPkRTAwQBPkRWAwQAPswkAwQAPsw5
AwQAPuktAwQAPukxAwQAPuk4AwQAPuk8AwQAUESRAwQAUESeMAwDBABQW9EDBABQ
W9IDBABb4vcDBABdsWgDBABdsWsDBABej+IDBABenr8DBACCwU8DBACC/6kDBACS
E4kDBACSE5QDBACSE5YDBACSE5gDBACSE7sDBACSE74DBACwOCYDBAC5es4DBAC5
m2UDBAC52gEDBADBAxYDBADB79EDBADDQHADBADDQHIDBADDXfkDBADDYIgDBADD
YJ0DBADUNAUDBADZciAwDQYJKoZIhvcNAQELBQADggEBAE1AkfVzA067ZwRA8LvG
IU02GgKgBby3GA5EkNWYGb027AOoBy4MKMPs8+e7VyVjHwmBwUGnj4E8oaRT38uZ
xfu8IiETYqD0r7VXwLS60GkDGAXNd2P1I5V+xu1ptEd/32P7RmOEUduXqTN6+s9x
IOZfZb5QXBiNb0zeBHfUPb7cNxuz0Ec+pTWznNbTsAuijHSkusZL8o75Bx8/C9Cj
1Tj7ve9Gkr9VI08X76yov5aWDGJLG3Wq9Ns+e6daX4PK7BrjCGPpQjPyBKt19tfe
qsQMqV3YuFCWin4mUuXjpyJEYLrRktjO6o0jQ4VFWS2ZjUEc9I5VoEhUkYBylBZ0
huU=
-----END CERTIFICATE-----
Generated at Sat May 9 17:48:41 2026 by rpki-client