Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/d74ca2-3de6-4b69-a000-94d1b89f8cb2/1/23A1M_7D38Nasymq2osByPDI5cA.roa
File: 23A1M_7D38Nasymq2osByPDI5cA.roa (raw, json)
Hash identifier: wp6SoUXMRZMv8bCbA5J4Lo7L/L66QrTkl3U2sJg5Tss=
Subject key identifier: DB:70:35:33:FE:C3:DF:C3:5A:B3:29:AA:DA:8B:01:C8:F0:C8:E5:C0
Certificate issuer: /CN=b1267a51acb66f2991bea5243fe388068971a1f1
Certificate serial: 019E6A2B171BB9A9A4E188446B511310628D
Authority key identifier: B1:26:7A:51:AC:B6:6F:29:91:BE:A5:24:3F:E3:88:06:89:71:A1:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sSZ6Uay2bymRvqUkP-OIBolxofE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/d74ca2-3de6-4b69-a000-94d1b89f8cb2/1/23A1M_7D38Nasymq2osByPDI5cA.roa
Signing time: Wed 27 May 2026 16:01:09 +0000
ROA not before: Wed 27 May 2026 16:01:09 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 47764
IP address blocks: 5.61.232.0/21 maxlen: 21
5.181.61.0/24 maxlen: 24
5.188.140.0/22 maxlen: 22
37.139.32.0/22 maxlen: 22
37.139.40.0/22 maxlen: 22
45.84.128.0/22 maxlen: 22
62.217.160.0/20 maxlen: 20
83.166.232.0/21 maxlen: 21
83.166.248.0/21 maxlen: 21
83.217.216.0/22 maxlen: 22
84.23.52.0/22 maxlen: 22
85.192.32.0/22 maxlen: 22
87.239.104.0/21 maxlen: 21
89.208.196.0/22 maxlen: 22
89.208.208.0/22 maxlen: 22
89.208.216.0/23 maxlen: 23
89.208.218.0/23 maxlen: 23
89.208.220.0/22 maxlen: 22
89.208.228.0/22 maxlen: 22
89.221.235.0/24 maxlen: 24
90.156.148.0/22 maxlen: 22
90.156.151.0/24 maxlen: 24
90.156.212.0/22 maxlen: 22
90.156.216.0/22 maxlen: 22
90.156.232.0/21 maxlen: 21
94.100.176.0/20 maxlen: 20
95.163.32.0/19 maxlen: 19
95.163.180.0/22 maxlen: 22
95.163.208.0/21 maxlen: 21
95.163.216.0/22 maxlen: 22
146.185.208.0/22 maxlen: 22
146.185.240.0/22 maxlen: 22
176.112.168.0/21 maxlen: 21
178.22.88.0/21 maxlen: 21
178.237.16.0/20 maxlen: 24
178.237.29.0/24 maxlen: 24
185.86.144.0/22 maxlen: 22
185.180.200.0/22 maxlen: 22
185.187.63.0/24 maxlen: 24
188.93.56.0/21 maxlen: 21
213.219.212.0/22 maxlen: 22
2a00:1148::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/d74ca2-3de6-4b69-a000-94d1b89f8cb2/1/sSZ6Uay2bymRvqUkP-OIBolxofE.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/d74ca2-3de6-4b69-a000-94d1b89f8cb2/1/sSZ6Uay2bymRvqUkP-OIBolxofE.mft
rsync://rpki.ripe.net/repository/DEFAULT/sSZ6Uay2bymRvqUkP-OIBolxofE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 16:01:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:6a:2b:17:1b:b9:a9:a4:e1:88:44:6b:51:13:10:62:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1267a51acb66f2991bea5243fe388068971a1f1
Validity
Not Before: May 27 16:01:09 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=db703533fec3dfc35ab329aada8b01c8f0c8e5c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:a4:56:82:18:f0:ab:78:a4:36:b1:bf:75:65:
c4:61:09:e1:1d:ef:2f:44:9a:14:0e:41:d8:fb:33:
de:d6:bd:9e:a7:d7:50:20:d3:0b:13:b1:3a:23:db:
ac:d9:4b:71:c3:c6:11:f7:26:07:4a:32:2f:8d:0d:
67:89:f2:94:ec:6f:8d:ee:93:2c:5b:1a:91:3c:32:
58:f0:2d:e4:38:2c:06:3c:f7:c4:32:66:fd:74:51:
06:ce:66:50:3a:f0:4a:a9:d7:03:6f:eb:4c:3a:d7:
2f:75:76:28:ba:e8:7a:05:4d:74:50:c6:a9:69:df:
0d:7a:28:52:0a:4a:ba:ed:04:00:ac:d6:5d:0e:ae:
97:73:0f:50:1e:c5:f4:8e:f0:69:f8:6e:be:66:37:
8e:90:9e:5f:4b:42:db:c9:bd:73:21:95:4d:9f:8b:
31:28:3d:5a:8a:8b:e9:a5:54:c4:0b:7f:02:57:dc:
26:b9:d4:7d:8d:64:b9:a2:ed:ec:ae:b6:2d:34:81:
36:82:1f:9d:2a:e4:a5:f5:80:b4:a6:d5:78:99:cf:
ef:36:48:7a:7c:29:56:ff:07:3d:df:27:50:e4:0f:
b9:03:d8:4e:c2:2f:c0:66:d3:aa:1e:42:6b:aa:e0:
bd:9e:b4:94:3c:86:fa:f2:95:01:28:3b:d2:a0:6a:
80:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:70:35:33:FE:C3:DF:C3:5A:B3:29:AA:DA:8B:01:C8:F0:C8:E5:C0
X509v3 Authority Key Identifier:
keyid:B1:26:7A:51:AC:B6:6F:29:91:BE:A5:24:3F:E3:88:06:89:71:A1:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sSZ6Uay2bymRvqUkP-OIBolxofE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/d74ca2-3de6-4b69-a000-94d1b89f8cb2/1/23A1M_7D38Nasymq2osByPDI5cA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/d74ca2-3de6-4b69-a000-94d1b89f8cb2/1/sSZ6Uay2bymRvqUkP-OIBolxofE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.232.0/21
5.181.61.0/24
5.188.140.0/22
37.139.32.0/22
37.139.40.0/22
45.84.128.0/22
62.217.160.0/20
83.166.232.0/21
83.166.248.0/21
83.217.216.0/22
84.23.52.0/22
85.192.32.0/22
87.239.104.0/21
89.208.196.0/22
89.208.208.0/22
89.208.216.0/21
89.208.228.0/22
89.221.235.0/24
90.156.148.0/22
90.156.212.0-90.156.219.255
90.156.232.0/21
94.100.176.0/20
95.163.32.0/19
95.163.180.0/22
95.163.208.0-95.163.219.255
146.185.208.0/22
146.185.240.0/22
176.112.168.0/21
178.22.88.0/21
178.237.16.0/20
185.86.144.0/22
185.180.200.0/22
185.187.63.0/24
188.93.56.0/21
213.219.212.0/22
IPv6:
2a00:1148::/32
Signature Algorithm: sha256WithRSAEncryption
48:ed:cc:2e:b5:f6:3d:07:75:a1:e6:92:9e:02:aa:b0:cc:c8:
ec:ed:68:55:e7:c9:e5:c3:e9:a3:7a:c5:ef:e2:50:29:6e:19:
e7:a3:47:9b:f5:e2:b6:3a:9c:2d:3d:79:c6:2b:a7:eb:93:75:
b3:0a:5d:bc:a8:29:f6:2f:3a:c4:6f:c6:32:4c:1e:26:68:00:
73:fb:28:cf:09:dc:ce:32:00:57:e2:be:67:63:36:ba:0a:95:
59:10:34:8c:09:9d:48:be:fa:c0:91:e2:b6:03:f5:03:86:04:
e6:0a:b8:5d:fe:a5:2d:07:b3:4c:05:13:7c:ab:3f:d3:bb:de:
21:d7:91:fb:33:b9:b4:f9:6e:87:47:06:30:ac:53:a7:a2:ec:
55:f3:37:b9:66:97:42:59:88:67:a6:9d:fb:bc:49:05:0c:1c:
94:ef:18:fe:1d:04:0f:32:e7:4e:e0:94:a9:38:3b:ea:f3:79:
5a:09:03:f1:36:ce:d8:9d:7b:18:53:59:ad:6f:09:6a:05:fc:
db:48:65:23:04:e1:d6:85:ac:96:81:f2:5f:44:0e:e7:09:f9:
35:05:7e:85:95:7c:94:b1:1c:cc:3b:5d:ec:e7:57:81:29:3e:
5c:45:0a:c4:c6:40:21:38:26:82:4f:d7:ad:74:b2:55:3e:4c:
d0:c3:61:7b
-----BEGIN CERTIFICATE-----
MIIF7jCCBNagAwIBAgISAZ5qKxcbuamk4YhEa1ETEGKNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxMjY3YTUxYWNiNjZmMjk5MWJlYTUyNDNmZTM4ODA2ODk3
MWExZjEwHhcNMjYwNTI3MTYwMTA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjcwMzUzM2ZlYzNkZmMzNWFiMzI5YWFkYThiMDFjOGYwYzhlNWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzKRWghjwq3ikNrG/dWXEYQnhHe8v
RJoUDkHY+zPe1r2ep9dQINMLE7E6I9us2Utxw8YR9yYHSjIvjQ1nifKU7G+N7pMs
WxqRPDJY8C3kOCwGPPfEMmb9dFEGzmZQOvBKqdcDb+tMOtcvdXYouuh6BU10UMap
ad8NeihSCkq67QQArNZdDq6Xcw9QHsX0jvBp+G6+ZjeOkJ5fS0Lbyb1zIZVNn4sx
KD1aiovppVTEC38CV9wmudR9jWS5ou3srrYtNIE2gh+dKuSl9YC0ptV4mc/vNkh6
fClW/wc93ydQ5A+5A9hOwi/AZtOqHkJrquC9nrSUPIb68pUBKDvSoGqA/wIDAQAB
o4IC+jCCAvYwHQYDVR0OBBYEFNtwNTP+w9/DWrMpqtqLAcjwyOXAMB8GA1UdIwQY
MBaAFLEmelGstm8pkb6lJD/jiAaJcaHxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1NaNlVheTJieW1SdnFVa1AtT0lCb2x4b2ZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9kNzRjYTItM2RlNi00YjY5LWEwMDAt
OTRkMWI4OWY4Y2IyLzEvMjNBMU1fN0QzOE5hc3ltcTJvc0J5UERJNWNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9kNzRjYTItM2RlNi00YjY5LWEwMDAtOTRkMWI4OWY4Y2Iy
LzEvc1NaNlVheTJieW1SdnFVa1AtT0lCb2x4b2ZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBDgYIKwYBBQUHAQcBAf8Egf4wgfswgekEAgABMIHiAwQD
BT3oAwQABbU9AwQCBbyMAwQCJYsgAwQCJYsoAwQCLVSAAwQEPtmgAwQDU6boAwQD
U6b4AwQCU9nYAwQCVBc0AwQCVcAgAwQDV+9oAwQCWdDEAwQCWdDQAwQDWdDYAwQC
WdDkAwQAWd3rAwQCWpyUMAwDBAJanNQDBAJanNgDBANanOgDBAReZLADBAVfoyAD
BAJfo7QwDAMEBF+j0AMEAl+j2AMEApK50AMEApK58AMEA7BwqAMEA7IWWAMEBLLt
EAMEArlWkAMEArm0yAMEALm7PwMEA7xdOAMEAtXb1DANBAIAAjAHAwUAKgARSDAN
BgkqhkiG9w0BAQsFAAOCAQEASO3MLrX2PQd1oeaSngKqsMzI7O1oVefJ5cPpo3rF
7+JQKW4Z56NHm/XitjqcLT15xiun65N1swpdvKgp9i86xG/GMkweJmgAc/sozwnc
zjIAV+K+Z2M2ugqVWRA0jAmdSL76wJHitgP1A4YE5gq4Xf6lLQezTAUTfKs/07ve
IdeR+zO5tPluh0cGMKxTp6LsVfM3uWaXQlmIZ6ad+7xJBQwclO8Y/h0EDzLnTuCU
qTg76vN5WgkD8TbO2J17GFNZrW8JagX820hlIwTh1oWsloHyX0QO5wn5NQV+hZV8
lLEczDtd7OdXgSk+XEUKxMZAITgmgk/XrXSyVT5M0MNhew==
-----END CERTIFICATE-----
Generated at Fri Jun 12 00:45:15 2026 by rpki-client