Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/jBTR9UVDQFLrBUttQ5n3lDByIQw.roa
File: jBTR9UVDQFLrBUttQ5n3lDByIQw.roa (raw, json)
Hash identifier: WzhuNN3ZwDEQteP3bcvfJpLQ9LKxtNECJwmspQEiiU0=
Subject key identifier: 8C:14:D1:F5:45:43:40:52:EB:05:4B:6D:43:99:F7:94:30:72:21:0C
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 019E991F0BFCB91E07AF5F13913640E8685C
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/jBTR9UVDQFLrBUttQ5n3lDByIQw.roa
Signing time: Fri 05 Jun 2026 18:50:09 +0000
ROA not before: Fri 05 Jun 2026 18:50:09 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 202656
IP address blocks: 45.15.239.0/24 maxlen: 24
45.129.1.0/24 maxlen: 24
45.132.39.0/24 maxlen: 24
45.135.35.0/24 maxlen: 24
45.138.7.0/24 maxlen: 24
45.138.156.0/24 maxlen: 24
45.138.212.0/24 maxlen: 24
45.138.215.0/24 maxlen: 24
45.140.65.0/24 maxlen: 24
45.149.130.0/24 maxlen: 24
45.149.131.0/24 maxlen: 24
45.152.118.0/24 maxlen: 24
45.152.119.0/24 maxlen: 24
62.192.136.0/24 maxlen: 24
62.192.139.0/24 maxlen: 24
83.138.51.0/24 maxlen: 24
83.138.52.0/24 maxlen: 24
84.246.82.0/24 maxlen: 24
91.206.69.0/24 maxlen: 24
91.224.140.0/24 maxlen: 24
91.237.104.0/24 maxlen: 24
91.237.105.0/24 maxlen: 24
91.242.225.0/24 maxlen: 24
91.242.240.0/24 maxlen: 24
157.22.20.0/24 maxlen: 24
157.22.65.0/24 maxlen: 24
157.22.69.0/24 maxlen: 24
157.22.119.0/24 maxlen: 24
176.116.2.0/24 maxlen: 24
176.116.5.0/24 maxlen: 24
176.116.9.0/24 maxlen: 24
176.116.20.0/24 maxlen: 24
176.116.23.0/24 maxlen: 24
176.126.109.0/24 maxlen: 24
176.126.112.0/24 maxlen: 24
176.126.115.0/24 maxlen: 24
178.211.140.0/24 maxlen: 24
193.0.245.0/24 maxlen: 24
193.0.246.0/24 maxlen: 24
193.5.1.0/24 maxlen: 24
193.33.67.0/24 maxlen: 24
193.58.171.0/24 maxlen: 24
193.58.178.0/24 maxlen: 24
194.26.216.0/24 maxlen: 24
194.34.251.0/24 maxlen: 24
195.96.155.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.mft
rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 06 Jun 2026 17:49:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:99:1f:0b:fc:b9:1e:07:af:5f:13:91:36:40:e8:68:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Jun 5 18:50:09 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8c14d1f545434052eb054b6d4399f7943072210c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:bc:58:fd:54:d6:34:27:0f:63:07:38:f7:fd:
4d:5d:11:97:10:96:26:3a:45:8f:f2:ca:7c:aa:10:
a7:e8:c4:06:fa:8d:ca:02:b6:07:1b:00:bc:77:56:
6c:72:f8:f4:a7:f3:32:e1:31:6b:be:a2:f3:05:ca:
1a:10:94:e3:7a:43:0f:7c:6f:d1:e3:63:54:6e:c8:
18:5b:f7:46:d5:56:a8:f7:0f:3a:84:c8:b8:82:4e:
7b:22:c8:8b:0a:b4:7a:60:83:65:8f:f0:5c:f1:3e:
2f:7b:8e:a2:74:d0:45:89:70:cb:61:31:c9:4a:25:
fb:f4:71:cc:ce:81:2c:ab:ff:c3:6e:9e:a3:a0:77:
24:a3:7c:10:70:cc:ed:d6:18:df:ef:58:a1:97:ec:
6d:7d:fa:9d:56:8c:15:f9:90:c0:a5:c6:57:8e:2b:
c0:81:cb:2f:7c:05:5c:31:89:1d:70:c4:5e:ea:2d:
59:40:f7:00:ac:1c:20:f5:d9:0e:de:8a:89:82:4e:
1f:11:fe:28:6a:4d:53:34:03:19:49:54:6f:93:7e:
0f:aa:57:27:67:54:f6:e4:b1:b2:2b:62:36:b6:4e:
8f:66:78:74:2a:5b:89:2d:5a:ca:66:e1:5d:2f:3b:
09:6e:3d:ec:c3:14:d8:88:b6:de:eb:fd:ae:3f:d8:
64:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:14:D1:F5:45:43:40:52:EB:05:4B:6D:43:99:F7:94:30:72:21:0C
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/jBTR9UVDQFLrBUttQ5n3lDByIQw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.239.0/24
45.129.1.0/24
45.132.39.0/24
45.135.35.0/24
45.138.7.0/24
45.138.156.0/24
45.138.212.0/24
45.138.215.0/24
45.140.65.0/24
45.149.130.0/23
45.152.118.0/23
62.192.136.0/24
62.192.139.0/24
83.138.51.0-83.138.52.255
84.246.82.0/24
91.206.69.0/24
91.224.140.0/24
91.237.104.0/23
91.242.225.0/24
91.242.240.0/24
157.22.20.0/24
157.22.65.0/24
157.22.69.0/24
157.22.119.0/24
176.116.2.0/24
176.116.5.0/24
176.116.9.0/24
176.116.20.0/24
176.116.23.0/24
176.126.109.0/24
176.126.112.0/24
176.126.115.0/24
178.211.140.0/24
193.0.245.0-193.0.246.255
193.5.1.0/24
193.33.67.0/24
193.58.171.0/24
193.58.178.0/24
194.26.216.0/24
194.34.251.0/24
195.96.155.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:89:28:9d:51:2b:f2:d7:66:d6:9d:59:61:ea:67:7b:98:c1:
b1:1b:1e:41:6c:d5:19:f4:46:1b:6b:6e:fb:bd:29:98:5b:e7:
59:1a:b6:98:bb:22:b2:43:dd:d3:7b:cc:ec:3c:a5:d7:27:63:
24:88:69:6a:58:75:fa:c7:0e:b6:27:1b:c1:6e:42:e9:47:1c:
73:be:f4:7a:3e:a6:1d:c8:8f:5f:4f:1a:b8:15:93:8d:39:03:
c7:50:85:9b:a7:c6:e1:bf:80:35:d4:e1:a7:cd:16:01:ae:13:
1d:31:a8:6a:78:da:36:9f:b4:f4:f1:8f:cd:29:b4:ef:19:38:
5d:0b:c7:94:f0:3d:1b:af:af:35:0d:4a:bd:e8:85:e1:ca:d3:
05:ba:28:9f:45:17:d1:2c:43:c4:9e:4a:79:aa:22:0b:cc:fc:
34:ef:30:16:c2:02:c4:cb:7e:24:9b:90:d0:f4:6a:f5:ab:d6:
4e:0a:f2:fa:9e:14:9b:44:09:51:c5:36:4f:e5:3f:91:2d:b8:
3f:e1:f3:13:98:59:9e:8d:ed:0a:67:56:91:a0:83:6e:63:11:
8c:ad:1a:08:13:66:be:48:81:68:4c:56:e7:75:9a:e3:10:eb:
bf:aa:c0:a5:55:23:94:49:85:4a:6f:a2:0f:6a:83:23:d7:da:
9c:b5:cb:4e
-----BEGIN CERTIFICATE-----
MIIGBzCCBO+gAwIBAgISAZ6ZHwv8uR4Hr18TkTZA6GhcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjYwNjA1MTg1MDA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzE0ZDFmNTQ1NDM0MDUyZWIwNTRiNmQ0Mzk5Zjc5NDMwNzIyMTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu7xY/VTWNCcPYwc49/1NXRGXEJYm
OkWP8sp8qhCn6MQG+o3KArYHGwC8d1Zscvj0p/My4TFrvqLzBcoaEJTjekMPfG/R
42NUbsgYW/dG1Vao9w86hMi4gk57IsiLCrR6YINlj/Bc8T4ve46idNBFiXDLYTHJ
SiX79HHMzoEsq//Dbp6joHcko3wQcMzt1hjf71ihl+xtffqdVowV+ZDApcZXjivA
gcsvfAVcMYkdcMRe6i1ZQPcArBwg9dkO3oqJgk4fEf4oak1TNAMZSVRvk34Pqlcn
Z1T25LGyK2I2tk6PZnh0KluJLVrKZuFdLzsJbj3swxTYiLbe6/2uP9hkFQIDAQAB
o4IDEzCCAw8wHQYDVR0OBBYEFIwU0fVFQ0BS6wVLbUOZ95QwciEMMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvakJUUjlVVkRRRkxyQlV0dFE1bjNsREJ5SVF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBJwYIKwYBBQUHAQcBAf8EggEWMIIBEjCCAQ4EAgABMIIB
BgMEAC0P7wMEAC2BAQMEAC2EJwMEAC2HIwMEAC2KBwMEAC2KnAMEAC2K1AMEAC2K
1wMEAC2MQQMEAS2VggMEAS2YdgMEAD7AiAMEAD7AizAMAwQAU4ozAwQAU4o0AwQA
VPZSAwQAW85FAwQAW+CMAwQBW+1oAwQAW/LhAwQAW/LwAwQAnRYUAwQAnRZBAwQA
nRZFAwQAnRZ3AwQAsHQCAwQAsHQFAwQAsHQJAwQAsHQUAwQAsHQXAwQAsH5tAwQA
sH5wAwQAsH5zAwQAstOMMAwDBADBAPUDBADBAPYDBADBBQEDBADBIUMDBADBOqsD
BADBOrIDBADCGtgDBADCIvsDBADDYJswDQYJKoZIhvcNAQELBQADggEBAJ+JKJ1R
K/LXZtadWWHqZ3uYwbEbHkFs1Rn0Rhtrbvu9KZhb51katpi7IrJD3dN7zOw8pdcn
YySIaWpYdfrHDrYnG8FuQulHHHO+9Ho+ph3Ij19PGrgVk405A8dQhZunxuG/gDXU
4afNFgGuEx0xqGp42jaftPTxj80ptO8ZOF0Lx5TwPRuvrzUNSr3oheHK0wW6KJ9F
F9EsQ8SeSnmqIgvM/DTvMBbCAsTLfiSbkND0avWr1k4K8vqeFJtECVHFNk/lP5Et
uD/h8xOYWZ6N7QpnVpGgg25jEYytGggTZr5IgWhMVud1muMQ67+qwKVVI5RJhUpv
og9qgyPX2py1y04=
-----END CERTIFICATE-----
Generated at Fri Jun 5 21:37:07 2026 by rpki-client