Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/yO0TfBMbzkBgWkoUuGX-VMRJ19Y.roa
File: yO0TfBMbzkBgWkoUuGX-VMRJ19Y.roa (raw, json)
Hash identifier: uyITF6NnGGVPCOFYrqHFvtcJPBHm9gE7mBPZ6rWC8xg=
Subject key identifier: C8:ED:13:7C:13:1B:CE:40:60:5A:4A:14:B8:65:FE:54:C4:49:D7:D6
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 019E6A7B042B84AB7A335DA741B7CEAF3C3B
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/yO0TfBMbzkBgWkoUuGX-VMRJ19Y.roa
Signing time: Wed 27 May 2026 17:28:27 +0000
ROA not before: Wed 27 May 2026 17:28:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 202656
IP address blocks: 45.15.239.0/24 maxlen: 24
45.129.1.0/24 maxlen: 24
45.132.39.0/24 maxlen: 24
45.135.35.0/24 maxlen: 24
45.138.7.0/24 maxlen: 24
45.138.156.0/24 maxlen: 24
45.138.212.0/24 maxlen: 24
45.138.215.0/24 maxlen: 24
45.140.65.0/24 maxlen: 24
45.149.130.0/24 maxlen: 24
45.149.131.0/24 maxlen: 24
45.152.118.0/24 maxlen: 24
45.152.119.0/24 maxlen: 24
62.192.136.0/24 maxlen: 24
62.192.139.0/24 maxlen: 24
83.138.51.0/24 maxlen: 24
83.138.52.0/24 maxlen: 24
84.246.82.0/24 maxlen: 24
91.206.69.0/24 maxlen: 24
91.224.140.0/24 maxlen: 24
91.237.104.0/24 maxlen: 24
91.237.105.0/24 maxlen: 24
91.242.225.0/24 maxlen: 24
91.242.240.0/24 maxlen: 24
92.119.194.0/23 maxlen: 23
157.22.20.0/24 maxlen: 24
157.22.65.0/24 maxlen: 24
157.22.69.0/24 maxlen: 24
157.22.119.0/24 maxlen: 24
176.116.2.0/24 maxlen: 24
176.116.5.0/24 maxlen: 24
176.116.9.0/24 maxlen: 24
176.116.20.0/24 maxlen: 24
176.116.23.0/24 maxlen: 24
176.126.109.0/24 maxlen: 24
176.126.112.0/24 maxlen: 24
176.126.115.0/24 maxlen: 24
178.211.140.0/24 maxlen: 24
193.0.245.0/24 maxlen: 24
193.0.246.0/24 maxlen: 24
193.5.1.0/24 maxlen: 24
193.33.67.0/24 maxlen: 24
193.58.171.0/24 maxlen: 24
193.58.178.0/24 maxlen: 24
194.26.216.0/24 maxlen: 24
194.34.251.0/24 maxlen: 24
195.96.155.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.mft
rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jun 2026 15:55:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:6a:7b:04:2b:84:ab:7a:33:5d:a7:41:b7:ce:af:3c:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: May 27 17:28:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c8ed137c131bce40605a4a14b865fe54c449d7d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:9b:6d:04:3b:3a:3a:b7:bf:ab:b0:e9:4a:13:
4d:06:a2:43:34:64:83:ec:34:0b:9c:29:dc:a5:d8:
3b:31:4a:de:00:23:ac:ad:78:11:13:21:d2:c3:5d:
f3:70:7b:ca:33:a2:7b:3c:55:34:e2:02:e2:21:b1:
0a:cb:5e:ea:29:bb:e9:b7:d0:2d:91:43:64:32:98:
77:63:24:aa:cf:a6:00:48:9c:c0:8c:34:18:ba:ed:
8b:9b:a2:9a:5c:ca:00:70:7f:6d:17:70:29:8b:e1:
47:e5:50:d8:98:40:77:e7:c8:f2:d3:7a:59:c1:82:
3d:fb:7c:64:a0:81:be:33:0c:2f:d7:34:fd:f6:3d:
c5:ed:81:0e:8f:d1:95:f6:0d:d0:f1:42:8f:bf:35:
12:b1:3c:48:33:51:fc:93:8e:3b:41:af:36:e9:93:
3d:b6:b4:ee:9d:56:77:49:df:2c:ab:62:27:d5:30:
a5:9e:36:48:f4:98:22:7d:d9:7d:76:29:f3:a3:7f:
06:74:64:47:2b:af:d0:5e:85:2b:78:74:3d:4a:d5:
d8:6b:12:4c:2d:8a:44:a5:aa:ce:ec:c3:b4:a7:1d:
73:c7:43:8e:65:2f:0b:5c:e6:86:c7:79:ab:70:4c:
e1:2a:da:3a:4a:8a:6b:a9:cf:1e:cc:5d:96:3e:e3:
ae:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:ED:13:7C:13:1B:CE:40:60:5A:4A:14:B8:65:FE:54:C4:49:D7:D6
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/yO0TfBMbzkBgWkoUuGX-VMRJ19Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.239.0/24
45.129.1.0/24
45.132.39.0/24
45.135.35.0/24
45.138.7.0/24
45.138.156.0/24
45.138.212.0/24
45.138.215.0/24
45.140.65.0/24
45.149.130.0/23
45.152.118.0/23
62.192.136.0/24
62.192.139.0/24
83.138.51.0-83.138.52.255
84.246.82.0/24
91.206.69.0/24
91.224.140.0/24
91.237.104.0/23
91.242.225.0/24
91.242.240.0/24
92.119.194.0/23
157.22.20.0/24
157.22.65.0/24
157.22.69.0/24
157.22.119.0/24
176.116.2.0/24
176.116.5.0/24
176.116.9.0/24
176.116.20.0/24
176.116.23.0/24
176.126.109.0/24
176.126.112.0/24
176.126.115.0/24
178.211.140.0/24
193.0.245.0-193.0.246.255
193.5.1.0/24
193.33.67.0/24
193.58.171.0/24
193.58.178.0/24
194.26.216.0/24
194.34.251.0/24
195.96.155.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:c1:85:0a:fa:84:6b:d8:e0:e2:16:9b:26:18:3e:57:31:47:
34:b1:32:80:dd:9d:8b:7e:d6:15:ec:1d:ec:78:e7:cb:d0:52:
69:13:8b:09:d5:04:50:53:e3:6f:79:c9:49:1e:76:12:a0:13:
3f:f3:a2:ca:34:4b:01:70:e8:3d:ac:d5:39:9b:6f:0e:c7:ae:
70:c9:9e:3a:b9:c1:67:67:5f:21:8d:af:eb:67:61:30:a7:74:
ad:6c:9a:d9:5a:4e:26:39:27:bc:7a:00:90:a4:35:11:8a:c8:
62:8f:c8:c8:2b:b9:35:7e:e5:c9:35:cd:66:da:43:32:23:0e:
34:0e:31:df:96:0f:23:95:17:8b:5b:89:13:82:c8:6f:71:24:
ca:f7:2f:35:e8:5b:2e:cc:69:34:83:d9:e0:60:99:8a:e0:50:
0a:84:b3:a1:09:7a:68:c9:98:b4:0f:15:db:9c:43:d0:04:a1:
49:62:c9:77:2c:93:b6:04:c7:72:ee:e1:da:e5:fc:bb:7e:28:
90:b8:47:a0:cf:28:28:80:1a:bb:97:f7:fb:fa:d6:06:b6:eb:
b8:e4:7a:8c:30:e5:cd:13:f6:18:2c:7a:15:89:9b:14:b0:85:
00:5d:6e:b2:89:4a:65:00:b9:41:30:09:98:fc:11:61:df:45:
0d:52:7b:d3
-----BEGIN CERTIFICATE-----
MIIGDTCCBPWgAwIBAgISAZ5qewQrhKt6M12nQbfOrzw7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjYwNTI3MTcyODI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGVkMTM3YzEzMWJjZTQwNjA1YTRhMTRiODY1ZmU1NGM0NDlkN2Q2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAppttBDs6Ore/q7DpShNNBqJDNGSD
7DQLnCncpdg7MUreACOsrXgREyHSw13zcHvKM6J7PFU04gLiIbEKy17qKbvpt9At
kUNkMph3YySqz6YASJzAjDQYuu2Lm6KaXMoAcH9tF3Api+FH5VDYmEB358jy03pZ
wYI9+3xkoIG+Mwwv1zT99j3F7YEOj9GV9g3Q8UKPvzUSsTxIM1H8k447Qa826ZM9
trTunVZ3Sd8sq2In1TClnjZI9Jgifdl9dinzo38GdGRHK6/QXoUreHQ9StXYaxJM
LYpEparO7MO0px1zx0OOZS8LXOaGx3mrcEzhKto6Soprqc8ezF2WPuOuAwIDAQAB
o4IDGTCCAxUwHQYDVR0OBBYEFMjtE3wTG85AYFpKFLhl/lTESdfWMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEveU8wVGZCTWJ6a0JnV2tvVXVHWC1WTVJKMTlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBLQYIKwYBBQUHAQcBAf8EggEcMIIBGDCCARQEAgABMIIB
DAMEAC0P7wMEAC2BAQMEAC2EJwMEAC2HIwMEAC2KBwMEAC2KnAMEAC2K1AMEAC2K
1wMEAC2MQQMEAS2VggMEAS2YdgMEAD7AiAMEAD7AizAMAwQAU4ozAwQAU4o0AwQA
VPZSAwQAW85FAwQAW+CMAwQBW+1oAwQAW/LhAwQAW/LwAwQBXHfCAwQAnRYUAwQA
nRZBAwQAnRZFAwQAnRZ3AwQAsHQCAwQAsHQFAwQAsHQJAwQAsHQUAwQAsHQXAwQA
sH5tAwQAsH5wAwQAsH5zAwQAstOMMAwDBADBAPUDBADBAPYDBADBBQEDBADBIUMD
BADBOqsDBADBOrIDBADCGtgDBADCIvsDBADDYJswDQYJKoZIhvcNAQELBQADggEB
AHvBhQr6hGvY4OIWmyYYPlcxRzSxMoDdnYt+1hXsHex458vQUmkTiwnVBFBT4295
yUkedhKgEz/zoso0SwFw6D2s1Tmbbw7HrnDJnjq5wWdnXyGNr+tnYTCndK1smtla
TiY5J7x6AJCkNRGKyGKPyMgruTV+5ck1zWbaQzIjDjQOMd+WDyOVF4tbiROCyG9x
JMr3LzXoWy7MaTSD2eBgmYrgUAqEs6EJemjJmLQPFducQ9AEoUliyXcsk7YEx3Lu
4drl/Lt+KJC4R6DPKCiAGruX9/v61ga267jkeoww5c0T9hgsehWJmxSwhQBdbrKJ
SmUAuUEwCZj8EWHfRQ1Se9M=
-----END CERTIFICATE-----
Generated at Tue Jun 2 19:25:28 2026 by rpki-client