Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/3638d7-3ec3-4595-a631-110c878dcd29/1/My2S5v6l75VknZ7EL2SiBdNBLt4.roa
File: My2S5v6l75VknZ7EL2SiBdNBLt4.roa (raw, json)
Hash identifier: wEWt/qGUMsqIgdXHGGUBkhiVR/ctPqLfFTDFv5pXXM0=
Subject key identifier: 33:2D:92:E6:FE:A5:EF:95:64:9D:9E:C4:2F:64:A2:05:D3:41:2E:DE
Certificate issuer: /CN=e8a851ddae5a64cc38825395be9a507da95ab7cf
Certificate serial: 019ECAE3E75DFEE4ACB6A04F9811E7339107
Authority key identifier: E8:A8:51:DD:AE:5A:64:CC:38:82:53:95:BE:9A:50:7D:A9:5A:B7:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6KhR3a5aZMw4glOVvppQfalat88.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/3638d7-3ec3-4595-a631-110c878dcd29/1/My2S5v6l75VknZ7EL2SiBdNBLt4.roa
Signing time: Mon 15 Jun 2026 10:46:33 +0000
ROA not before: Mon 15 Jun 2026 10:46:33 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 202940
IP address blocks: 89.208.0.0/21 maxlen: 24
89.208.4.0/22 maxlen: 24
89.208.56.0/21 maxlen: 24
89.208.56.0/22 maxlen: 22
89.208.60.0/22 maxlen: 22
89.208.128.0/21 maxlen: 24
89.208.128.0/22 maxlen: 22
89.208.132.0/23 maxlen: 23
89.208.134.0/23 maxlen: 24
141.226.120.0/23 maxlen: 23
141.226.122.0/24 maxlen: 24
147.234.23.0/24 maxlen: 24
147.236.104.0/23 maxlen: 24
147.236.106.0/24 maxlen: 24
147.236.108.0/23 maxlen: 24
147.236.110.0/23 maxlen: 24
147.236.116.0/23 maxlen: 24
147.236.116.0/24 maxlen: 24
147.236.117.0/24 maxlen: 24
147.236.120.0/21 maxlen: 24
147.236.120.0/22 maxlen: 22
147.236.125.0/24 maxlen: 24
147.236.148.0/22 maxlen: 24
147.236.152.0/23 maxlen: 23
147.236.154.0/24 maxlen: 24
147.236.176.0/20 maxlen: 24
147.236.183.0/24 maxlen: 24
185.108.80.0/22 maxlen: 24
185.149.252.0/22 maxlen: 24
185.167.108.0/22 maxlen: 24
185.175.32.0/22 maxlen: 24
185.180.100.0/22 maxlen: 24
185.180.100.0/24 maxlen: 24
185.180.100.0/27 maxlen: 32
185.180.102.0/24 maxlen: 24
185.180.103.0/24 maxlen: 24
185.182.76.0/22 maxlen: 24
185.184.244.0/22 maxlen: 24
188.191.224.0/21 maxlen: 24
188.191.224.0/22 maxlen: 22
188.191.224.0/24 maxlen: 24
188.191.224.0/27 maxlen: 32
188.191.228.0/22 maxlen: 22
217.175.80.0/20 maxlen: 24
217.175.84.0/22 maxlen: 22
217.175.88.0/21 maxlen: 23
2a00:7c40::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/48/3638d7-3ec3-4595-a631-110c878dcd29/1/6KhR3a5aZMw4glOVvppQfalat88.crl
rsync://rpki.ripe.net/repository/DEFAULT/48/3638d7-3ec3-4595-a631-110c878dcd29/1/6KhR3a5aZMw4glOVvppQfalat88.mft
rsync://rpki.ripe.net/repository/DEFAULT/6KhR3a5aZMw4glOVvppQfalat88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 21 Jun 2026 16:01:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:ca:e3:e7:5d:fe:e4:ac:b6:a0:4f:98:11:e7:33:91:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8a851ddae5a64cc38825395be9a507da95ab7cf
Validity
Not Before: Jun 15 10:46:33 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=332d92e6fea5ef95649d9ec42f64a205d3412ede
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:dc:e2:d3:4e:38:8c:f4:f9:6a:1a:e4:ca:4a:
6a:ef:0c:37:9e:75:c3:00:f0:34:62:c2:95:b6:16:
cb:cd:03:d6:e5:d8:1e:1e:22:bb:c8:26:f3:5a:7a:
d2:4b:69:b0:79:fa:cc:dc:cd:07:77:5c:44:c5:9c:
05:22:35:65:45:1a:19:03:35:47:70:dd:d5:59:e1:
d6:30:c3:43:ff:98:b6:d2:28:85:7f:62:62:20:f2:
35:75:2f:72:90:d6:fd:80:f2:25:a6:42:fc:06:d1:
5e:83:c8:c2:23:a0:8b:25:e5:ec:db:84:00:9f:86:
eb:fd:52:f0:84:0d:74:08:39:08:71:68:d4:11:89:
6c:89:a7:f3:4d:f1:dd:90:e9:d3:51:b0:19:42:d3:
8b:bb:22:5c:ab:6c:2f:f8:21:e9:3c:df:07:f0:b6:
43:0b:0a:97:8e:6d:3e:07:56:d5:08:b2:0c:7f:fb:
fe:10:1a:f8:0a:22:f2:85:80:3e:64:77:9b:23:79:
5c:4d:81:a5:86:69:20:3b:e0:1e:54:61:6f:7f:fe:
26:e3:e2:e7:2c:03:55:73:8d:12:bd:03:e8:44:2c:
dc:7f:38:d3:c0:6e:7b:68:e9:a7:57:91:a7:2c:b4:
6b:37:ea:50:80:bd:0f:8b:db:09:57:f3:42:72:51:
64:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:2D:92:E6:FE:A5:EF:95:64:9D:9E:C4:2F:64:A2:05:D3:41:2E:DE
X509v3 Authority Key Identifier:
keyid:E8:A8:51:DD:AE:5A:64:CC:38:82:53:95:BE:9A:50:7D:A9:5A:B7:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6KhR3a5aZMw4glOVvppQfalat88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/3638d7-3ec3-4595-a631-110c878dcd29/1/My2S5v6l75VknZ7EL2SiBdNBLt4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/3638d7-3ec3-4595-a631-110c878dcd29/1/6KhR3a5aZMw4glOVvppQfalat88.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.208.0.0/21
89.208.56.0/21
89.208.128.0/21
141.226.120.0-141.226.122.255
147.234.23.0/24
147.236.104.0-147.236.106.255
147.236.108.0/22
147.236.116.0/23
147.236.120.0/21
147.236.148.0-147.236.154.255
147.236.176.0/20
185.108.80.0/22
185.149.252.0/22
185.167.108.0/22
185.175.32.0/22
185.180.100.0/22
185.182.76.0/22
185.184.244.0/22
188.191.224.0/21
217.175.80.0/20
IPv6:
2a00:7c40::/29
Signature Algorithm: sha256WithRSAEncryption
0e:46:91:29:a0:8c:74:aa:e0:1e:02:05:61:a9:49:83:39:b7:
aa:3c:d9:4e:9b:cb:74:8c:23:50:20:d7:a6:9a:c3:fb:5c:29:
81:1b:5b:20:80:6a:2d:0d:1f:8c:5d:03:8a:5f:43:08:71:28:
c4:e1:fb:3d:4f:24:d6:d4:70:8a:4d:0e:14:9f:28:cd:c7:45:
aa:39:f9:db:0d:1c:c4:7c:76:6d:ad:1d:2d:e9:57:8e:e4:ae:
8a:14:77:f4:88:4a:2f:7a:fe:f0:aa:d0:78:0b:20:0f:bd:3d:
f0:dd:13:e2:8e:8f:34:2c:dc:25:1f:68:31:c4:83:c2:1d:5a:
4d:a4:e3:76:5d:61:96:a5:63:bd:82:44:c8:e6:45:f9:26:b7:
a1:ca:9f:78:17:17:b4:f2:f6:38:04:77:1d:14:13:2e:20:57:
b3:b8:84:db:b8:e1:d4:75:a0:1d:1c:a2:ef:42:68:57:97:e3:
ff:b2:8f:3f:b6:7f:dd:01:cf:a5:19:23:c5:db:b1:af:69:60:
fe:5b:a6:6f:1c:39:32:18:b9:3f:3e:cf:9e:e5:54:a8:4f:ae:
13:73:17:9c:5f:8e:39:7c:1d:a2:d7:36:13:7f:04:a3:8c:0d:
cd:1a:a0:f9:5c:52:97:2e:3a:bc:d8:95:56:22:50:91:e8:d8:
b2:59:a5:7f
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgISAZ7K4+dd/uSstqBPmBHnM5EHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4YTg1MWRkYWU1YTY0Y2MzODgyNTM5NWJlOWE1MDdkYTk1
YWI3Y2YwHhcNMjYwNjE1MTA0NjMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzJkOTJlNmZlYTVlZjk1NjQ5ZDllYzQyZjY0YTIwNWQzNDEyZWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo9zi0044jPT5ahrkykpq7ww3nnXD
APA0YsKVthbLzQPW5dgeHiK7yCbzWnrSS2mwefrM3M0Hd1xExZwFIjVlRRoZAzVH
cN3VWeHWMMND/5i20iiFf2JiIPI1dS9ykNb9gPIlpkL8BtFeg8jCI6CLJeXs24QA
n4br/VLwhA10CDkIcWjUEYlsiafzTfHdkOnTUbAZQtOLuyJcq2wv+CHpPN8H8LZD
CwqXjm0+B1bVCLIMf/v+EBr4CiLyhYA+ZHebI3lcTYGlhmkgO+AeVGFvf/4m4+Ln
LANVc40SvQPoRCzcfzjTwG57aOmnV5GnLLRrN+pQgL0Pi9sJV/NCclFkrQIDAQAB
o4ICpzCCAqMwHQYDVR0OBBYEFDMtkub+pe+VZJ2exC9kogXTQS7eMB8GA1UdIwQY
MBaAFOioUd2uWmTMOIJTlb6aUH2pWrfPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNktoUjNhNWFaTXc0Z2xPVnZwcFFmYWxhdDg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC8zNjM4ZDctM2VjMy00NTk1LWE2MzEt
MTEwYzg3OGRjZDI5LzEvTXkyUzV2Nmw3NVZrblo3RUwyU2lCZE5CTHQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC8zNjM4ZDctM2VjMy00NTk1LWE2MzEtMTEwYzg3OGRjZDI5
LzEvNktoUjNhNWFaTXc0Z2xPVnZwcFFmYWxhdDg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG8BggrBgEFBQcBBwEB/wSBrDCBqTCBlwQCAAEwgZADBANZ
0AADBANZ0DgDBANZ0IAwDAMEA43ieAMEAI3iegMEAJPqFzAMAwQDk+xoAwQAk+xq
AwQCk+xsAwQBk+x0AwQDk+x4MAwDBAKT7JQDBACT7JoDBAST7LADBAK5bFADBAK5
lfwDBAK5p2wDBAK5ryADBAK5tGQDBAK5tkwDBAK5uPQDBAO8v+ADBATZr1AwDQQC
AAIwBwMFAyoAfEAwDQYJKoZIhvcNAQELBQADggEBAA5GkSmgjHSq4B4CBWGpSYM5
t6o82U6by3SMI1Ag16aaw/tcKYEbWyCAai0NH4xdA4pfQwhxKMTh+z1PJNbUcIpN
DhSfKM3HRao5+dsNHMR8dm2tHS3pV47krooUd/SISi96/vCq0HgLIA+9PfDdE+KO
jzQs3CUfaDHEg8IdWk2k43ZdYZalY72CRMjmRfkmt6HKn3gXF7Ty9jgEdx0UEy4g
V7O4hNu44dR1oB0cou9CaFeX4/+yjz+2f90Bz6UZI8Xbsa9pYP5bpm8cOTIYuT8+
z57lVKhPrhNzF5xfjjl8HaLXNhN/BKOMDc0aoPlcUpcuOrzYlVYiUJHo2LJZpX8=
-----END CERTIFICATE-----
Generated at Sun Jun 21 00:24:59 2026 by rpki-client