Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/JpLt0eAZnL6ST2YsvKR8EUyz5UY.roa
File: JpLt0eAZnL6ST2YsvKR8EUyz5UY.roa (raw, json)
Hash identifier: GOeZGmONFSdc/WiqqDPSlmBrz6YUzxzb2MPmyB3PzQ0=
Subject key identifier: 26:92:ED:D1:E0:19:9C:BE:92:4F:66:2C:BC:A4:7C:11:4C:B3:E5:46
Certificate issuer: /CN=505127723ea0cfd0724713b291734caa353e20ea
Certificate serial: 019EE0568D8C7C1A5FF7F160A7D02D00008F
Authority key identifier: 50:51:27:72:3E:A0:CF:D0:72:47:13:B2:91:73:4C:AA:35:3E:20:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UFEncj6gz9ByRxOykXNMqjU-IOo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/JpLt0eAZnL6ST2YsvKR8EUyz5UY.roa
Signing time: Fri 19 Jun 2026 14:43:49 +0000
ROA not before: Fri 19 Jun 2026 14:43:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 46261
IP address blocks: 5.44.255.0/24 maxlen: 24
46.253.130.0/24 maxlen: 24
61.14.224.0/22 maxlen: 24
62.106.64.0/24 maxlen: 24
79.110.176.0/21 maxlen: 24
79.110.181.0/24 maxlen: 24
85.8.148.0/24 maxlen: 24
85.8.150.0/24 maxlen: 24
85.202.172.0/22 maxlen: 24
85.202.173.0/24 maxlen: 24
91.132.84.0/22 maxlen: 24
103.203.40.0/22 maxlen: 24
103.205.84.0/22 maxlen: 24
103.207.160.0/22 maxlen: 24
103.207.163.0/24 maxlen: 24
121.46.124.0/22 maxlen: 24
146.19.82.0/24 maxlen: 24
160.238.96.0/22 maxlen: 24
185.93.4.0/24 maxlen: 24
185.105.10.0/24 maxlen: 24
185.118.132.0/24 maxlen: 24
185.118.135.0/24 maxlen: 24
185.145.44.0/22 maxlen: 24
185.157.232.0/22 maxlen: 24
185.176.88.0/22 maxlen: 24
185.176.90.0/24 maxlen: 24
185.190.59.0/24 maxlen: 24
185.196.24.0/24 maxlen: 24
185.196.26.0/23 maxlen: 24
185.202.44.0/23 maxlen: 24
185.202.46.0/23 maxlen: 24
185.206.20.0/23 maxlen: 24
185.209.128.0/23 maxlen: 24
185.209.128.0/24 maxlen: 24
185.209.130.0/23 maxlen: 24
185.213.16.0/24 maxlen: 24
185.214.140.0/23 maxlen: 24
185.214.142.0/24 maxlen: 24
185.214.240.0/24 maxlen: 24
185.214.243.0/24 maxlen: 24
185.218.185.0/24 maxlen: 24
185.219.20.0/22 maxlen: 24
185.219.23.0/24 maxlen: 24
185.225.12.0/23 maxlen: 24
185.225.14.0/23 maxlen: 24
185.227.254.0/23 maxlen: 24
185.228.44.0/22 maxlen: 24
185.232.42.0/24 maxlen: 24
185.235.120.0/22 maxlen: 24
185.235.122.0/24 maxlen: 24
185.235.123.0/24 maxlen: 24
185.238.115.0/24 maxlen: 24
185.242.185.0/24 maxlen: 24
193.3.16.0/24 maxlen: 24
193.31.112.0/22 maxlen: 24
193.31.114.0/24 maxlen: 24
193.163.35.0/24 maxlen: 24
193.176.116.0/22 maxlen: 24
193.187.180.0/22 maxlen: 24
194.8.134.0/24 maxlen: 24
194.50.192.0/22 maxlen: 24
194.69.161.0/24 maxlen: 24
195.216.148.0/22 maxlen: 24
195.245.74.0/23 maxlen: 24
213.109.157.0/24 maxlen: 24
217.18.56.0/22 maxlen: 24
2a07:4580::/29 maxlen: 29
2a07:4580::/32 maxlen: 48
2a07:4580:b0d::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/UFEncj6gz9ByRxOykXNMqjU-IOo.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/UFEncj6gz9ByRxOykXNMqjU-IOo.mft
rsync://rpki.ripe.net/repository/DEFAULT/UFEncj6gz9ByRxOykXNMqjU-IOo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 29 Jun 2026 08:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:e0:56:8d:8c:7c:1a:5f:f7:f1:60:a7:d0:2d:00:00:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=505127723ea0cfd0724713b291734caa353e20ea
Validity
Not Before: Jun 19 14:43:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2692edd1e0199cbe924f662cbca47c114cb3e546
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:4b:91:59:2b:90:89:2a:ad:f6:83:5a:4b:2d:
ba:c6:6d:01:32:6d:e0:72:f9:00:ca:60:18:bf:2d:
10:d9:ca:30:72:ff:a0:4f:3f:7f:79:32:da:f8:30:
aa:9d:e3:64:07:d8:0a:ef:a1:c6:53:61:31:82:1a:
dd:18:de:17:3b:19:96:0a:cc:27:1b:6a:34:3f:80:
37:44:3b:6e:30:29:cc:4c:d2:43:82:46:cb:d2:25:
07:76:e9:8e:e9:35:a9:ce:6f:34:46:c2:72:02:3f:
9e:f0:cc:2e:e3:7a:c0:65:70:40:5e:6f:19:e2:db:
fe:a6:ae:fe:6b:f9:40:87:ab:f9:d0:88:05:82:46:
f4:66:fc:c6:92:c6:77:03:89:05:fa:85:c8:d5:bd:
5f:7d:9c:9f:1f:10:d6:88:a0:56:69:21:61:9c:38:
6a:0c:ca:db:dc:a6:2a:4e:18:e0:92:76:98:f5:dd:
e6:00:1f:ab:e1:6e:b0:ca:f9:a9:6a:73:b8:ff:0b:
b1:5a:80:1b:45:fe:24:ba:5b:e2:85:41:6e:a2:23:
ef:3e:81:22:2a:76:fc:20:c0:78:f5:cb:b7:d8:26:
09:6e:3b:79:e4:b6:9a:39:9f:9f:98:ec:75:ba:00:
17:9d:c8:c8:a7:2d:f9:aa:46:ea:c4:8e:a1:97:08:
41:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:92:ED:D1:E0:19:9C:BE:92:4F:66:2C:BC:A4:7C:11:4C:B3:E5:46
X509v3 Authority Key Identifier:
keyid:50:51:27:72:3E:A0:CF:D0:72:47:13:B2:91:73:4C:AA:35:3E:20:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UFEncj6gz9ByRxOykXNMqjU-IOo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/JpLt0eAZnL6ST2YsvKR8EUyz5UY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/UFEncj6gz9ByRxOykXNMqjU-IOo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.255.0/24
46.253.130.0/24
61.14.224.0/22
62.106.64.0/24
79.110.176.0/21
85.8.148.0/24
85.8.150.0/24
85.202.172.0/22
91.132.84.0/22
103.203.40.0/22
103.205.84.0/22
103.207.160.0/22
121.46.124.0/22
146.19.82.0/24
160.238.96.0/22
185.93.4.0/24
185.105.10.0/24
185.118.132.0/24
185.118.135.0/24
185.145.44.0/22
185.157.232.0/22
185.176.88.0/22
185.190.59.0/24
185.196.24.0/24
185.196.26.0/23
185.202.44.0/22
185.206.20.0/23
185.209.128.0/22
185.213.16.0/24
185.214.140.0-185.214.142.255
185.214.240.0/24
185.214.243.0/24
185.218.185.0/24
185.219.20.0/22
185.225.12.0/22
185.227.254.0/23
185.228.44.0/22
185.232.42.0/24
185.235.120.0/22
185.238.115.0/24
185.242.185.0/24
193.3.16.0/24
193.31.112.0/22
193.163.35.0/24
193.176.116.0/22
193.187.180.0/22
194.8.134.0/24
194.50.192.0/22
194.69.161.0/24
195.216.148.0/22
195.245.74.0/23
213.109.157.0/24
217.18.56.0/22
IPv6:
2a07:4580::/29
Signature Algorithm: sha256WithRSAEncryption
42:eb:ca:8c:9c:34:cf:13:f1:3c:1b:73:11:52:d9:bb:99:d2:
02:7e:68:f8:79:14:58:cb:ed:f7:a5:8e:4e:09:e2:f3:c0:8c:
b3:da:70:ae:6e:6d:69:02:05:2c:fb:b1:76:76:fd:32:9a:4b:
10:d0:56:8b:8d:92:7f:1b:9a:31:3d:11:d3:f3:2b:8a:21:a5:
ba:48:72:88:dc:03:84:8c:3d:d0:10:94:bd:fb:77:06:93:c7:
a7:8f:0f:de:fd:5a:be:c2:e1:b8:da:f5:61:13:52:fc:52:ef:
d5:59:0a:24:74:90:db:71:9e:b5:3a:09:66:53:9d:5d:af:50:
3d:70:c9:66:73:56:b4:6b:9b:5b:49:42:24:f3:a8:37:a4:36:
aa:65:85:bb:06:d1:a4:a2:db:1e:58:53:fd:53:d0:e6:9b:eb:
1c:f4:dd:5c:b3:66:ee:2c:19:1b:64:fe:e9:03:b9:d6:70:7c:
46:ee:18:19:01:7c:41:72:f9:c3:74:6a:91:c0:1b:77:1c:80:
21:66:8f:cb:15:9e:e4:d6:b5:14:0c:fb:8d:40:92:9d:70:34:
fa:21:9e:01:27:66:bb:67:83:99:13:dd:95:50:c5:12:2b:26:
41:d0:b2:41:d9:c5:6f:a9:d4:d3:73:d8:46:d7:0b:89:d0:d9:
48:95:a4:5a
-----BEGIN CERTIFICATE-----
MIIGVjCCBT6gAwIBAgISAZ7gVo2MfBpf9/Fgp9AtAACPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNTEyNzcyM2VhMGNmZDA3MjQ3MTNiMjkxNzM0Y2FhMzUz
ZTIwZWEwHhcNMjYwNjE5MTQ0MzQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjkyZWRkMWUwMTk5Y2JlOTI0ZjY2MmNiY2E0N2MxMTRjYjNlNTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3UuRWSuQiSqt9oNaSy26xm0BMm3g
cvkAymAYvy0Q2cowcv+gTz9/eTLa+DCqneNkB9gK76HGU2ExghrdGN4XOxmWCswn
G2o0P4A3RDtuMCnMTNJDgkbL0iUHdumO6TWpzm80RsJyAj+e8Mwu43rAZXBAXm8Z
4tv+pq7+a/lAh6v50IgFgkb0ZvzGksZ3A4kF+oXI1b1ffZyfHxDWiKBWaSFhnDhq
DMrb3KYqThjgknaY9d3mAB+r4W6wyvmpanO4/wuxWoAbRf4kulvihUFuoiPvPoEi
Knb8IMB49cu32CYJbjt55LaaOZ+fmOx1ugAXncjIpy35qkbqxI6hlwhB+QIDAQAB
o4IDYjCCA14wHQYDVR0OBBYEFCaS7dHgGZy+kk9mLLykfBFMs+VGMB8GA1UdIwQY
MBaAFFBRJ3I+oM/QckcTspFzTKo1PiDqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUZFbmNqNmd6OUJ5UnhPeWtYTk1xalUtSU9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC9hOTA0MjMtMGI0Yi00OTlmLWJlNjYt
NTU2MDhiNjk0NDU2LzEvSnBMdDBlQVpuTDZTVDJZc3ZLUjhFVXl6NVVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC9hOTA0MjMtMGI0Yi00OTlmLWJlNjYtNTU2MDhiNjk0NDU2
LzEvVUZFbmNqNmd6OUJ5UnhPeWtYTk1xalUtSU9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBdgYIKwYBBQUHAQcBAf8EggFlMIIBYTCCAU4EAgABMIIB
RgMEAAUs/wMEAC79ggMEAj0O4AMEAD5qQAMEA09usAMEAFUIlAMEAFUIlgMEAlXK
rAMEAluEVAMEAmfLKAMEAmfNVAMEAmfPoAMEAnkufAMEAJITUgMEAqDuYAMEALld
BAMEALlpCgMEALl2hAMEALl2hwMEArmRLAMEArmd6AMEArmwWAMEALm+OwMEALnE
GAMEAbnEGgMEArnKLAMEAbnOFAMEArnRgAMEALnVEDAMAwQCudaMAwQAudaOAwQA
udbwAwQAudbzAwQAudq5AwQCudsUAwQCueEMAwQBueP+AwQCueQsAwQAuegqAwQC
uet4AwQAue5zAwQAufK5AwQAwQMQAwQCwR9wAwQAwaMjAwQCwbB0AwQCwbu0AwQA
wgiGAwQCwjLAAwQAwkWhAwQCw9iUAwQBw/VKAwQA1W2dAwQC2RI4MA0EAgACMAcD
BQMqB0WAMA0GCSqGSIb3DQEBCwUAA4IBAQBC68qMnDTPE/E8G3MRUtm7mdICfmj4
eRRYy+33pY5OCeLzwIyz2nCubm1pAgUs+7F2dv0ymksQ0FaLjZJ/G5oxPRHT8yuK
IaW6SHKI3AOEjD3QEJS9+3cGk8enjw/e/Vq+wuG42vVhE1L8Uu/VWQokdJDbcZ61
OglmU51dr1A9cMlmc1a0a5tbSUIk86g3pDaqZYW7BtGkotseWFP9U9Dmm+sc9N1c
s2buLBkbZP7pA7nWcHxG7hgZAXxBcvnDdGqRwBt3HIAhZo/LFZ7k1rUUDPuNQJKd
cDT6IZ4BJ2a7Z4OZE92VUMUSKyZB0LJB2cVvqdTTc9hG1wuJ0NlIlaRa
-----END CERTIFICATE-----
Generated at Sun Jun 28 17:23:44 2026 by rpki-client