Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/aLP0Wc2GOab-Lr83oRf276N27pU.roa
File: aLP0Wc2GOab-Lr83oRf276N27pU.roa (raw, json)
Hash identifier: OkRQDLEnjSPa0F00HzNzJ1ZTqYi0QL+7wu/MUT77HIA=
Subject key identifier: 68:B3:F4:59:CD:86:39:A6:FE:2E:BF:37:A1:17:F6:EF:A3:76:EE:95
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 019E17DBBC296334D7D514FAD1F24896DEC4
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/aLP0Wc2GOab-Lr83oRf276N27pU.roa
Signing time: Mon 11 May 2026 16:25:36 +0000
ROA not before: Mon 11 May 2026 16:25:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 29262
IP address blocks: 93.190.14.0/24 maxlen: 24
185.85.189.0/24 maxlen: 24
185.85.190.0/24 maxlen: 24
185.85.237.0/24 maxlen: 24
185.85.238.0/24 maxlen: 24
185.85.239.0/24 maxlen: 24
185.86.5.0/24 maxlen: 24
185.98.63.0/24 maxlen: 24
185.119.80.0/24 maxlen: 24
2a0b:6780::/29 maxlen: 29
2a0c:46c0::/29 maxlen: 29
2a0c:67c0::/29 maxlen: 29
2a10:8b00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.mft
rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 06:33:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:17:db:bc:29:63:34:d7:d5:14:fa:d1:f2:48:96:de:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: May 11 16:25:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=68b3f459cd8639a6fe2ebf37a117f6efa376ee95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:01:cd:7d:1c:7b:f2:eb:a0:fd:4c:b6:30:7e:
b1:97:d3:b1:ed:44:a4:31:86:2a:46:74:02:62:75:
2d:4e:62:01:7a:eb:1a:e7:44:67:3a:42:ad:14:9a:
87:2b:4c:25:04:6c:e6:e2:2b:53:75:4e:69:bf:97:
f9:3e:d2:d1:2d:b5:9e:39:e3:05:68:6e:f3:6d:26:
8f:85:68:c4:62:fd:9b:8c:3c:a6:16:0e:b9:d7:37:
38:c8:3f:9f:f9:bb:0f:0e:9a:ff:78:d9:eb:84:84:
fa:57:ba:a2:ab:fa:98:f2:d7:ba:9c:02:1e:0e:6f:
c1:52:01:9d:ec:4d:98:84:6e:03:47:ec:b9:5c:48:
70:84:7e:ee:67:5d:15:b1:6b:f0:b3:21:9a:b7:b3:
ee:f0:bd:de:2e:5e:63:e7:c4:3f:b7:62:08:3c:cc:
87:cd:6b:81:c5:6c:80:ef:90:38:19:c0:a1:70:ee:
4e:9e:6f:ce:49:cf:5b:f3:e7:49:9c:50:1a:cb:c1:
86:ae:18:bc:56:0a:20:33:2a:d6:bb:71:c4:52:db:
c3:47:1a:2f:d8:8b:1e:30:4d:ac:96:85:1b:ae:3f:
a1:fe:c5:04:c5:e8:a5:63:1a:e8:de:b8:32:b2:75:
a0:b3:bd:50:d1:75:03:53:45:e7:d8:c1:3c:b0:f1:
72:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:B3:F4:59:CD:86:39:A6:FE:2E:BF:37:A1:17:F6:EF:A3:76:EE:95
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/aLP0Wc2GOab-Lr83oRf276N27pU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.190.14.0/24
185.85.189.0-185.85.190.255
185.85.237.0-185.85.239.255
185.86.5.0/24
185.98.63.0/24
185.119.80.0/24
IPv6:
2a0b:6780::/29
2a0c:46c0::/29
2a0c:67c0::/29
2a10:8b00::/29
Signature Algorithm: sha256WithRSAEncryption
49:41:f8:1c:24:85:58:ba:46:6b:cd:cb:8d:37:e0:3b:aa:f8:
ad:f2:5c:c3:d2:95:b0:1c:12:54:2c:88:96:bd:06:28:ee:27:
7f:23:f8:c8:f7:6c:fe:5c:f5:10:9a:a6:04:84:2f:d3:ac:4e:
a7:ee:93:1c:52:e9:60:8c:d4:ee:42:d2:2b:b8:3e:ef:8b:c5:
6d:d8:1a:89:ce:55:b5:1a:3b:55:10:f2:4c:26:2e:11:05:88:
10:e7:fc:af:2b:09:c3:e6:a1:f2:0f:48:cb:9f:6a:52:b9:31:
a9:14:df:85:b8:74:4f:76:f2:1b:43:e8:85:b2:a9:6e:97:1e:
84:fa:39:67:97:c6:ba:b9:99:d6:2b:d2:e2:a8:c9:d9:fc:1e:
4d:91:25:8a:82:9a:08:56:19:c8:29:c1:bb:bf:39:ac:ee:3b:
c9:72:2c:31:33:ba:2b:cd:b2:a5:1b:2e:19:6a:ba:5a:2b:89:
5b:a4:3a:27:a4:ae:d9:7a:75:80:26:8b:41:41:f5:80:67:4e:
eb:58:07:05:7b:dc:4c:cc:93:e2:d2:c6:de:42:4b:c1:c5:67:
2d:66:39:8b:f2:bc:2c:b5:8f:3e:1a:21:61:15:22:0b:ff:2f:
1c:b2:36:27:40:2f:2c:dd:dc:37:f9:b2:8e:29:e3:1a:61:e6:
6f:6d:8e:65
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAZ4X27wpYzTX1RT60fJIlt7EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjYwNTExMTYyNTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGIzZjQ1OWNkODYzOWE2ZmUyZWJmMzdhMTE3ZjZlZmEzNzZlZTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuQHNfRx78uug/Uy2MH6xl9Ox7USk
MYYqRnQCYnUtTmIBeusa50RnOkKtFJqHK0wlBGzm4itTdU5pv5f5PtLRLbWeOeMF
aG7zbSaPhWjEYv2bjDymFg651zc4yD+f+bsPDpr/eNnrhIT6V7qiq/qY8te6nAIe
Dm/BUgGd7E2YhG4DR+y5XEhwhH7uZ10VsWvwsyGat7Pu8L3eLl5j58Q/t2IIPMyH
zWuBxWyA75A4GcChcO5Onm/OSc9b8+dJnFAay8GGrhi8VgogMyrWu3HEUtvDRxov
2IseME2sloUbrj+h/sUExeilYxro3rgysnWgs71Q0XUDU0Xn2ME8sPFyVwIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFGiz9FnNhjmm/i6/N6EX9u+jdu6VMB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvYUxQMFdjMkdPYWItTHI4M29SZjI3Nk4yN3BVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDA6BAIAATA0AwQAXb4OMAwD
BAC5Vb0DBAC5Vb4wDAMEALlV7QMEBLlV4AMEALlWBQMEALliPwMEALl3UDAiBAIA
AjAcAwUDKgtngAMFAyoMRsADBQMqDGfAAwUDKhCLADANBgkqhkiG9w0BAQsFAAOC
AQEASUH4HCSFWLpGa83LjTfgO6r4rfJcw9KVsBwSVCyIlr0GKO4nfyP4yPds/lz1
EJqmBIQv06xOp+6THFLpYIzU7kLSK7g+74vFbdgaic5VtRo7VRDyTCYuEQWIEOf8
rysJw+ah8g9Iy59qUrkxqRTfhbh0T3byG0PohbKpbpcehPo5Z5fGurmZ1ivS4qjJ
2fweTZElioKaCFYZyCnBu785rO47yXIsMTO6K82ypRsuGWq6WiuJW6Q6J6Su2Xp1
gCaLQUH1gGdO61gHBXvcTMyT4tLG3kJLwcVnLWY5i/K8LLWPPhohYRUiC/8vHLI2
J0AvLN3cN/myjinjGmHmb22OZQ==
-----END CERTIFICATE-----
Generated at Wed May 13 13:31:57 2026 by rpki-client