Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/icspBYCC63q1vNy_EsXnZosS_IU.roa
File: icspBYCC63q1vNy_EsXnZosS_IU.roa (raw, json)
Hash identifier: 3NUI/DqhsJ55TwYWG35Se4xjLYr3z+ZTAvaw34Ss74M=
Subject key identifier: 89:CB:29:05:80:82:EB:7A:B5:BC:DC:BF:12:C5:E7:66:8B:12:FC:85
Certificate issuer: /CN=fad7100e77ed9119d66e2321bb6711d7e760982b
Certificate serial: 019E69D0B90CE92F5B4E4C89ABBD42DEA5D6
Authority key identifier: FA:D7:10:0E:77:ED:91:19:D6:6E:23:21:BB:67:11:D7:E7:60:98:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-tcQDnftkRnWbiMhu2cR1-dgmCs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/icspBYCC63q1vNy_EsXnZosS_IU.roa
Signing time: Wed 27 May 2026 14:22:27 +0000
ROA not before: Wed 27 May 2026 14:22:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 3320
IP address blocks: 46.80.0.0/12 maxlen: 12
62.153.0.0/16 maxlen: 16
62.154.0.0/15 maxlen: 15
62.156.0.0/14 maxlen: 14
62.224.0.0/14 maxlen: 14
79.192.0.0/10 maxlen: 10
80.128.0.0/11 maxlen: 11
80.128.0.0/12 maxlen: 12
80.144.0.0/13 maxlen: 13
80.152.0.0/14 maxlen: 14
80.156.0.0/16 maxlen: 16
80.157.0.0/16 maxlen: 16
80.157.8.0/21 maxlen: 21
80.157.16.0/20 maxlen: 20
84.128.0.0/10 maxlen: 10
87.128.0.0/10 maxlen: 10
91.0.0.0/10 maxlen: 10
93.192.0.0/10 maxlen: 10
192.166.49.0/24 maxlen: 24
193.158.0.0/15 maxlen: 15
194.25.0.0/16 maxlen: 16
194.150.228.0/23 maxlen: 23
195.145.0.0/16 maxlen: 16
195.243.0.0/16 maxlen: 16
212.184.0.0/15 maxlen: 15
217.0.0.0/13 maxlen: 13
217.80.0.0/12 maxlen: 12
217.224.0.0/11 maxlen: 11
2003::/19 maxlen: 19
2003::/23 maxlen: 23
2003:8:f400::/48 maxlen: 48
2003:8:f401::/48 maxlen: 48
2003:8:f402::/48 maxlen: 48
2003:8:f403::/48 maxlen: 48
2003:8:f404::/48 maxlen: 48
2003:8:f405::/48 maxlen: 48
2003:8:f406::/48 maxlen: 48
2003:8:f407::/48 maxlen: 48
2003:8:f408::/48 maxlen: 48
2003:8:f409::/48 maxlen: 48
2003:8:f40a::/48 maxlen: 48
2003:8:f40b::/48 maxlen: 48
2003:8:f40c::/48 maxlen: 48
2003:8:f40d::/48 maxlen: 48
2003:8:f40e::/48 maxlen: 48
2003:8:f40f::/48 maxlen: 48
2003:8:f412::/48 maxlen: 48
2003:8:f413::/48 maxlen: 48
2003:8:f414::/48 maxlen: 48
2003:8:f415::/48 maxlen: 48
2003:8:f416::/48 maxlen: 48
2003:8:f417::/48 maxlen: 48
2003:8:f418::/48 maxlen: 48
2003:8:f419::/48 maxlen: 48
2003:8:f41a::/48 maxlen: 48
2003:8:f41b::/48 maxlen: 48
2003:8:f41c::/48 maxlen: 48
2003:8:f41d::/48 maxlen: 48
2003:8:f41e::/48 maxlen: 48
2003:8:f41f::/48 maxlen: 48
2003:8:f420::/48 maxlen: 48
2003:8:f421::/48 maxlen: 48
2003:8:f422::/48 maxlen: 48
2003:8:f423::/48 maxlen: 48
2003:8:f424::/48 maxlen: 48
2003:8:f425::/48 maxlen: 48
2003:8:f426::/48 maxlen: 48
2003:8:f427::/48 maxlen: 48
2003:8:f428::/48 maxlen: 48
2003:8:f429::/48 maxlen: 48
2003:8:f42a::/48 maxlen: 48
2003:8:f42b::/48 maxlen: 48
2003:8:f500::/41 maxlen: 48
2003:8:f600::/41 maxlen: 48
2003:3c0::/28 maxlen: 28
2003:3e0::/28 maxlen: 28
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/1-tcQDnftkRnWbiMhu2cR1-dgmCs.crl
rsync://rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/1-tcQDnftkRnWbiMhu2cR1-dgmCs.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-tcQDnftkRnWbiMhu2cR1-dgmCs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 17:00:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:69:d0:b9:0c:e9:2f:5b:4e:4c:89:ab:bd:42:de:a5:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fad7100e77ed9119d66e2321bb6711d7e760982b
Validity
Not Before: May 27 14:22:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=89cb29058082eb7ab5bcdcbf12c5e7668b12fc85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:f5:51:0e:42:34:b0:56:7a:69:6e:8e:05:6d:
ce:6d:49:10:e5:eb:fc:87:f9:0d:97:80:70:7a:a0:
d6:ce:3e:d8:0c:7e:ad:25:85:ee:58:c0:47:83:ed:
c2:c2:dd:6e:ae:db:40:bd:f7:62:0b:f3:93:63:b6:
6d:c4:28:1d:0b:e1:96:06:96:19:6d:3c:59:f9:a9:
05:93:d6:0e:df:d6:b2:5a:23:d7:a2:da:af:50:92:
23:c1:68:6c:85:40:af:69:48:57:dd:96:79:ce:29:
c5:54:23:25:47:29:ec:8c:25:3e:f7:b0:18:b5:e5:
6c:c1:6f:95:02:1f:e8:6c:31:97:f9:7c:a0:22:9a:
3d:92:a1:ab:68:87:ee:b1:29:61:25:32:a9:44:52:
c8:ee:fc:fa:d2:58:61:42:91:92:f7:76:6e:32:e2:
5f:11:64:2e:06:cf:16:b9:40:98:9d:5a:41:71:c1:
f6:1b:a3:40:33:72:b9:a3:13:4e:d5:2b:b2:ce:46:
01:aa:e3:cb:2f:aa:3b:62:68:d6:64:75:7b:cc:b7:
71:63:45:3a:1c:7b:9a:31:93:6b:fb:07:11:12:fb:
f6:70:17:cd:8a:62:a0:e5:4a:c3:0f:82:4f:cb:3a:
20:3e:e3:cd:e0:55:7c:73:34:3a:72:e6:93:5f:b4:
93:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:CB:29:05:80:82:EB:7A:B5:BC:DC:BF:12:C5:E7:66:8B:12:FC:85
X509v3 Authority Key Identifier:
keyid:FA:D7:10:0E:77:ED:91:19:D6:6E:23:21:BB:67:11:D7:E7:60:98:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-tcQDnftkRnWbiMhu2cR1-dgmCs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/icspBYCC63q1vNy_EsXnZosS_IU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/1-tcQDnftkRnWbiMhu2cR1-dgmCs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.80.0.0/12
62.153.0.0-62.159.255.255
62.224.0.0/14
79.192.0.0/10
80.128.0.0/11
84.128.0.0/10
87.128.0.0/10
91.0.0.0/10
93.192.0.0/10
192.166.49.0/24
193.158.0.0/15
194.25.0.0/16
194.150.228.0/23
195.145.0.0/16
195.243.0.0/16
212.184.0.0/15
217.0.0.0/13
217.80.0.0/12
217.224.0.0/11
IPv6:
2003::/19
Signature Algorithm: sha256WithRSAEncryption
4e:47:8f:98:d6:4b:61:04:35:c2:8b:a9:5e:53:1e:b5:69:11:
78:93:f6:fb:1c:80:72:79:f8:44:8d:bb:e3:a4:d5:c8:b5:11:
86:5d:79:a9:ef:a7:0f:e7:52:7d:a6:86:b1:4b:7d:c9:fb:4e:
5e:cd:ce:e8:0f:72:cd:50:cb:60:34:61:66:5e:83:9d:07:b2:
f6:30:b3:b5:5f:2c:c8:79:d4:0b:cd:45:72:22:6f:2f:e0:fc:
f6:c5:bb:d1:9e:9a:00:65:ef:c3:ea:04:c7:12:6c:d2:22:e5:
60:e5:8a:b6:f2:4f:5c:77:d2:3e:a8:84:c8:2d:e9:f3:0f:20:
00:f1:7f:eb:a5:27:86:19:15:8b:c2:9d:9d:d6:ea:a0:77:10:
05:94:4b:95:f9:72:cf:bf:86:f8:d2:f4:4e:bb:f5:df:c5:11:
f8:fd:ce:3c:37:e5:43:f5:ef:b2:8c:25:42:8f:39:ea:39:20:
73:c7:af:96:7a:26:10:0f:27:57:20:87:4b:1c:1a:86:10:4d:
03:f5:b8:e8:ab:3a:14:cf:5a:98:f4:76:71:73:af:3a:1d:c3:
06:7d:c7:82:67:aa:b5:11:cb:58:c9:7f:21:f0:0f:89:9b:e0:
1a:c7:5d:80:26:95:74:fb:84:90:e8:dd:90:e2:bf:55:f0:5f:
8a:3b:97:56
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgISAZ5p0LkM6S9bTkyJq71C3qXWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhZDcxMDBlNzdlZDkxMTlkNjZlMjMyMWJiNjcxMWQ3ZTc2
MDk4MmIwHhcNMjYwNTI3MTQyMjI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWNiMjkwNTgwODJlYjdhYjViY2RjYmYxMmM1ZTc2NjhiMTJmYzg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApPVRDkI0sFZ6aW6OBW3ObUkQ5ev8
h/kNl4BweqDWzj7YDH6tJYXuWMBHg+3Cwt1urttAvfdiC/OTY7ZtxCgdC+GWBpYZ
bTxZ+akFk9YO39ayWiPXotqvUJIjwWhshUCvaUhX3ZZ5zinFVCMlRynsjCU+97AY
teVswW+VAh/obDGX+XygIpo9kqGraIfusSlhJTKpRFLI7vz60lhhQpGS93ZuMuJf
EWQuBs8WuUCYnVpBccH2G6NAM3K5oxNO1SuyzkYBquPLL6o7YmjWZHV7zLdxY0U6
HHuaMZNr+wcREvv2cBfNimKg5UrDD4JPyzogPuPN4FV8czQ6cuaTX7STdwIDAQAB
o4ICfTCCAnkwHQYDVR0OBBYEFInLKQWAgut6tbzcvxLF52aLEvyFMB8GA1UdIwQY
MBaAFPrXEA537ZEZ1m4jIbtnEdfnYJgrMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS10Y1FEbmZ0a1JuV2JpTWh1MmNSMS1kZ21Dcy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2UvMDFkNDExLWQ5MTUtNDI3Ny04ZmUy
LTc2YjBkZGEyYmYzZS8xL2ljc3BCWUNDNjNxMXZOeV9Fc1huWm9zU19JVS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvM2UvMDFkNDExLWQ5MTUtNDI3Ny04ZmUyLTc2YjBkZGEyYmYz
ZS8xLzEtdGNRRG5mdGtSbldiaU1odTJjUjEtZGdtQ3MuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgZAGCCsGAQUFBwEHAQH/BIGAMH4wbgQCAAEwaAMDBC5Q
MAoDAwA+mQMDBT6AAwMCPuADAwZPwAMDBVCAAwMGVIADAwZXgAMDBlsAAwMGXcAD
BADApjEDAwHBngMDAMIZAwQBwpbkAwMAw5EDAwDD8wMDAdS4AwMD2QADAwTZUAMD
BdngMAwEAgACMAYDBAUgAwAwDQYJKoZIhvcNAQELBQADggEBAE5Hj5jWS2EENcKL
qV5THrVpEXiT9vscgHJ5+ESNu+Ok1ci1EYZdeanvpw/nUn2mhrFLfcn7Tl7NzugP
cs1Qy2A0YWZeg50HsvYws7VfLMh51AvNRXIiby/g/PbFu9GemgBl78PqBMcSbNIi
5WDlirbyT1x30j6ohMgt6fMPIADxf+ulJ4YZFYvCnZ3W6qB3EAWUS5X5cs+/hvjS
9E679d/FEfj9zjw35UP177KMJUKPOeo5IHPHr5Z6JhAPJ1cgh0scGoYQTQP1uOir
OhTPWpj0dnFzrzodwwZ9x4JnqrURy1jJfyHwD4mb4BrHXYAmlXT7hJDo3ZDiv1Xw
X4o7l1Y=
-----END CERTIFICATE-----
Generated at Thu Jun 4 03:14:33 2026 by rpki-client