Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/4rP2no6dtW5dqqAycxAmnr6lEkk.roa
File: 4rP2no6dtW5dqqAycxAmnr6lEkk.roa (raw, json)
Hash identifier: 0Y+mysAwr+Z73+aFXq2DGMkj0ZkRIjaBqZfDdQqpDXk=
Subject key identifier: E2:B3:F6:9E:8E:9D:B5:6E:5D:AA:A0:32:73:10:26:9E:BE:A5:12:49
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 019E26CF8D9E770B0F4E39D9FA11D60A0E69
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/4rP2no6dtW5dqqAycxAmnr6lEkk.roa
Signing time: Thu 14 May 2026 14:06:36 +0000
ROA not before: Thu 14 May 2026 14:06:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 174
IP address blocks: 185.85.191.0/24 maxlen: 24
185.86.13.0/24 maxlen: 24
185.86.164.0/24 maxlen: 24
185.86.165.0/24 maxlen: 24
185.86.166.0/24 maxlen: 24
185.86.167.0/24 maxlen: 24
185.87.24.0/24 maxlen: 24
185.87.25.0/24 maxlen: 24
185.87.26.0/24 maxlen: 24
185.87.121.0/24 maxlen: 24
185.87.122.0/24 maxlen: 24
185.87.123.0/24 maxlen: 24
185.119.83.0/24 maxlen: 24
185.141.32.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.mft
rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 16 May 2026 17:01:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:26:cf:8d:9e:77:0b:0f:4e:39:d9:fa:11:d6:0a:0e:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: May 14 14:06:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e2b3f69e8e9db56e5daaa0327310269ebea51249
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:85:49:78:5c:cf:fe:5a:b0:78:47:6e:7f:12:
eb:e4:27:c3:67:71:8d:1a:56:b9:ef:13:4d:1a:e9:
3c:32:e5:f9:aa:87:2c:34:6b:11:f6:c8:5a:e6:a4:
81:71:f6:8e:e8:7a:0b:de:b8:60:8c:62:cd:ed:2b:
b6:00:69:8e:01:0f:c5:56:8d:98:ee:1e:3c:ab:0e:
87:16:61:ab:67:90:39:03:b2:7a:f5:41:6e:87:80:
37:59:4f:f4:e4:32:d9:02:27:3c:c0:50:44:6d:56:
e3:28:03:40:8f:80:3d:09:24:4c:7b:a2:4e:5f:e3:
d0:ba:14:40:66:62:bc:93:96:27:49:8b:93:d9:5b:
84:e6:37:3c:22:22:23:92:43:97:24:44:aa:06:51:
8c:1f:bf:60:da:f0:62:cf:17:1d:4e:c3:d8:72:85:
7f:c1:97:65:cf:98:c2:a3:4f:8c:94:8a:a3:74:97:
e2:1b:18:72:c3:de:a7:6f:42:1c:62:37:d4:38:52:
74:cf:b9:3a:69:35:98:34:c1:a9:fd:2c:b6:c8:ee:
aa:49:10:c0:0f:0f:8a:1e:0b:52:bd:12:9e:8d:21:
2a:77:ca:2d:2e:52:76:55:b6:c4:de:59:10:a7:51:
a5:e7:fd:fd:06:0e:61:00:90:c3:5f:d9:f3:a3:b2:
b5:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:B3:F6:9E:8E:9D:B5:6E:5D:AA:A0:32:73:10:26:9E:BE:A5:12:49
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/4rP2no6dtW5dqqAycxAmnr6lEkk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.85.191.0/24
185.86.13.0/24
185.86.164.0/22
185.87.24.0-185.87.26.255
185.87.121.0-185.87.123.255
185.119.83.0/24
185.141.32.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:78:5a:db:f0:cf:a4:38:e5:1f:87:5e:0e:4d:f9:6f:c4:82:
3a:12:06:09:59:6a:2d:68:96:b8:1f:4f:3a:f3:79:0a:ba:c5:
a8:01:c4:10:b3:f7:82:32:d7:01:2e:71:32:5c:29:71:20:07:
d5:cd:66:e4:39:74:e4:79:ba:a9:29:f9:5e:96:a2:39:e3:ac:
e4:73:aa:ff:34:5b:7e:60:b0:80:94:c2:ae:46:13:2c:c9:f6:
82:ab:02:ed:2f:48:68:2d:18:19:f4:ac:73:b3:22:5d:b2:a5:
8d:82:a1:3d:01:0f:41:77:df:63:3c:17:5b:e6:3f:a9:04:c0:
17:a1:e4:fb:1d:10:a3:2d:84:db:d5:51:78:c4:9f:cb:72:64:
58:3b:9e:e5:7b:5a:40:9f:16:26:e6:1b:d8:d7:39:0d:fe:64:
33:27:ca:45:a1:54:02:c6:5d:9d:64:4a:9e:43:20:42:df:df:
61:a1:62:35:c5:ef:b6:d2:fe:ca:7e:8f:3e:1b:62:68:ba:42:
a0:2b:53:8d:75:86:d2:be:85:f1:15:df:19:bf:05:68:84:06:
23:43:e6:3f:4f:0b:f2:0b:48:1e:96:31:14:84:90:41:54:e7:
80:52:36:45:71:00:c6:16:f5:8c:62:34:0b:76:7a:6a:09:03:
a4:f8:fa:31
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZ4mz42edwsPTjnZ+hHWCg5pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjYwNTE0MTQwNjM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmIzZjY5ZThlOWRiNTZlNWRhYWEwMzI3MzEwMjY5ZWJlYTUxMjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz4VJeFzP/lqweEdufxLr5CfDZ3GN
Gla57xNNGuk8MuX5qocsNGsR9sha5qSBcfaO6HoL3rhgjGLN7Su2AGmOAQ/FVo2Y
7h48qw6HFmGrZ5A5A7J69UFuh4A3WU/05DLZAic8wFBEbVbjKANAj4A9CSRMe6JO
X+PQuhRAZmK8k5YnSYuT2VuE5jc8IiIjkkOXJESqBlGMH79g2vBizxcdTsPYcoV/
wZdlz5jCo0+MlIqjdJfiGxhyw96nb0IcYjfUOFJ0z7k6aTWYNMGp/Sy2yO6qSRDA
Dw+KHgtSvRKejSEqd8otLlJ2VbbE3lkQp1Gl5/39Bg5hAJDDX9nzo7K1QwIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFOKz9p6OnbVuXaqgMnMQJp6+pRJJMB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvNHJQMm5vNmR0VzVkcXFBeWN4QW1ucjZsRWtrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAATA6AwQAuVW/AwQA
uVYNAwQCuVakMAwDBAO5VxgDBAC5VxowDAMEALlXeQMEArlXeAMEALl3UwMEALmN
IDANBgkqhkiG9w0BAQsFAAOCAQEAHXha2/DPpDjlH4deDk35b8SCOhIGCVlqLWiW
uB9POvN5CrrFqAHEELP3gjLXAS5xMlwpcSAH1c1m5Dl05Hm6qSn5XpaiOeOs5HOq
/zRbfmCwgJTCrkYTLMn2gqsC7S9IaC0YGfSsc7MiXbKljYKhPQEPQXffYzwXW+Y/
qQTAF6Hk+x0Qoy2E29VReMSfy3JkWDue5XtaQJ8WJuYb2Nc5Df5kMyfKRaFUAsZd
nWRKnkMgQt/fYaFiNcXvttL+yn6PPhtiaLpCoCtTjXWG0r6F8RXfGb8FaIQGI0Pm
P08L8gtIHpYxFISQQVTngFI2RXEAxhb1jGI0C3Z6agkDpPj6MQ==
-----END CERTIFICATE-----
Generated at Sat May 16 03:21:55 2026 by rpki-client