Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/2iaa-8cN3Ad70YUjgKguPGxnmx0.roa
File: 2iaa-8cN3Ad70YUjgKguPGxnmx0.roa (raw, json)
Hash identifier: PpNPhKn2R/iyuLLV/ieIxuGF3dswzzpOiRzzvCtuAVE=
Subject key identifier: DA:26:9A:FB:C7:0D:DC:07:7B:D1:85:23:80:A8:2E:3C:6C:67:9B:1D
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 019E5B0DDA3A90F826DAEBEB3884AA6B927B
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/2iaa-8cN3Ad70YUjgKguPGxnmx0.roa
Signing time: Sun 24 May 2026 17:34:54 +0000
ROA not before: Sun 24 May 2026 17:34:54 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 214238
IP address blocks: 186.243.129.0/24 maxlen: 24
186.243.130.0/24 maxlen: 24
186.243.131.0/24 maxlen: 24
186.243.133.0/24 maxlen: 24
186.243.143.0/24 maxlen: 24
186.243.170.0/24 maxlen: 24
186.243.180.0/24 maxlen: 24
186.243.181.0/24 maxlen: 24
186.243.182.0/24 maxlen: 24
186.243.201.0/24 maxlen: 24
186.243.202.0/24 maxlen: 24
186.243.203.0/24 maxlen: 24
186.243.214.0/24 maxlen: 24
186.243.249.0/24 maxlen: 24
186.243.251.0/24 maxlen: 24
186.243.252.0/24 maxlen: 24
186.243.253.0/24 maxlen: 24
186.246.58.0/24 maxlen: 24
186.246.72.0/24 maxlen: 24
186.246.75.0/24 maxlen: 24
186.246.76.0/24 maxlen: 24
186.246.77.0/24 maxlen: 24
186.246.107.0/24 maxlen: 24
186.246.108.0/24 maxlen: 24
186.246.109.0/24 maxlen: 24
186.246.111.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 05 Jun 2026 03:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:5b:0d:da:3a:90:f8:26:da:eb:eb:38:84:aa:6b:92:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: May 24 17:34:54 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=da269afbc70ddc077bd1852380a82e3c6c679b1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:f1:ef:30:35:2b:49:28:1b:e8:4d:3b:09:f6:
ef:0e:a6:4e:56:7a:9e:12:52:63:67:f6:a4:33:6d:
f3:ba:12:56:9b:df:a9:03:22:52:67:b8:9d:2a:bd:
14:f0:69:ac:07:c1:1c:97:7e:2b:d3:a8:77:b9:63:
9a:a9:8c:1d:7d:fa:b5:c6:b0:66:9e:1e:88:61:67:
41:6a:16:a5:54:9b:a1:5c:5a:36:03:4e:c8:61:98:
af:7e:e9:2d:46:c9:af:61:f6:8a:86:07:91:30:71:
98:08:0e:b9:fa:a9:f3:9d:d0:d3:a1:f4:f2:1d:3f:
ba:5b:a6:25:79:e4:57:3a:e3:63:36:1c:69:85:63:
b9:6c:df:15:ae:7b:6f:0e:3d:1d:1a:fa:7a:3d:aa:
d9:ef:f4:6e:4d:1f:55:f4:32:40:89:3b:50:14:3e:
5d:bd:f8:88:74:1a:a0:8e:33:e9:e0:67:41:f3:c6:
b5:1a:31:f0:ef:bb:30:c0:86:4f:a1:13:b1:a9:92:
ce:4c:16:24:ba:b2:50:58:b5:94:43:7d:85:2f:f8:
9d:dd:17:6f:d1:a6:e5:ec:21:d6:7f:fb:7f:2b:1c:
1f:28:7a:43:9e:7b:68:06:6d:99:84:58:0e:67:57:
44:7c:36:ff:fd:3e:1a:83:b8:ec:30:ab:77:e8:53:
76:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:26:9A:FB:C7:0D:DC:07:7B:D1:85:23:80:A8:2E:3C:6C:67:9B:1D
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/2iaa-8cN3Ad70YUjgKguPGxnmx0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
186.243.129.0-186.243.131.255
186.243.133.0/24
186.243.143.0/24
186.243.170.0/24
186.243.180.0-186.243.182.255
186.243.201.0-186.243.203.255
186.243.214.0/24
186.243.249.0/24
186.243.251.0-186.243.253.255
186.246.58.0/24
186.246.72.0/24
186.246.75.0-186.246.77.255
186.246.107.0-186.246.109.255
186.246.111.0/24
Signature Algorithm: sha256WithRSAEncryption
06:7a:d6:74:68:b3:6a:1a:58:9a:6c:f1:4e:88:72:ad:c5:72:
75:4a:85:d9:44:90:ce:2e:fe:53:8b:86:bf:62:8b:94:9a:d4:
e1:ce:1b:ed:d4:1c:90:20:b8:1a:c0:b3:57:5b:fc:64:22:7e:
10:c3:34:e4:85:51:4d:cd:77:d3:06:06:81:8c:55:e1:3d:87:
29:aa:48:cf:64:ed:30:81:c1:1a:a4:cb:b3:9d:1d:7b:a3:d0:
fd:4c:10:55:d3:73:96:ef:2b:55:34:a7:70:7e:74:dc:dd:18:
6f:23:70:38:41:d9:dd:9f:b6:5d:9f:d9:0f:dc:0b:3c:88:14:
47:e5:c5:03:4a:5f:e6:f3:81:2d:3c:97:01:3f:50:25:5b:4e:
58:5b:6d:cd:1f:7c:16:9d:69:a3:44:e2:7d:cf:fd:2e:73:a6:
e8:18:8d:6b:6c:a7:d5:ce:9c:60:7b:cb:91:34:58:14:d1:b5:
e2:06:e5:84:60:2e:b6:25:dd:d0:c7:ff:8b:01:ae:6f:df:20:
67:27:da:d1:6b:bf:2d:7a:b2:32:1d:e5:97:a7:30:3f:11:98:
a6:93:48:69:0a:c7:43:fb:a4:18:b1:25:f3:c1:c9:55:48:52:
58:6a:da:09:40:cb:81:3c:2b:18:75:ec:0e:c5:9c:ce:fb:6c:
4b:82:6c:80
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAZ5bDdo6kPgm2uvrOISqa5J7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjYwNTI0MTczNDU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTI2OWFmYmM3MGRkYzA3N2JkMTg1MjM4MGE4MmUzYzZjNjc5YjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqfHvMDUrSSgb6E07CfbvDqZOVnqe
ElJjZ/akM23zuhJWm9+pAyJSZ7idKr0U8GmsB8Ecl34r06h3uWOaqYwdffq1xrBm
nh6IYWdBahalVJuhXFo2A07IYZivfuktRsmvYfaKhgeRMHGYCA65+qnzndDTofTy
HT+6W6YleeRXOuNjNhxphWO5bN8VrntvDj0dGvp6ParZ7/RuTR9V9DJAiTtQFD5d
vfiIdBqgjjPp4GdB88a1GjHw77swwIZPoROxqZLOTBYkurJQWLWUQ32FL/id3Rdv
0abl7CHWf/t/KxwfKHpDnntoBm2ZhFgOZ1dEfDb//T4ag7jsMKt36FN2mQIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFNommvvHDdwHe9GFI4CoLjxsZ5sdMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvMmlhYS04Y04zQWQ3MFlVamdLZ3VQR3hubXgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjCBiwQCAAEwgYQwDAME
ALrzgQMEArrzgAMEALrzhQMEALrzjwMEALrzqjAMAwQCuvO0AwQAuvO2MAwDBAC6
88kDBAK688gDBAC689YDBAC68/kwDAMEALrz+wMEAbrz/AMEALr2OgMEALr2SDAM
AwQAuvZLAwQBuvZMMAwDBAC69msDBAG69mwDBAC69m8wDQYJKoZIhvcNAQELBQAD
ggEBAAZ61nRos2oaWJps8U6Icq3FcnVKhdlEkM4u/lOLhr9ii5Sa1OHOG+3UHJAg
uBrAs1db/GQifhDDNOSFUU3Nd9MGBoGMVeE9hymqSM9k7TCBwRqky7OdHXuj0P1M
EFXTc5bvK1U0p3B+dNzdGG8jcDhB2d2ftl2f2Q/cCzyIFEflxQNKX+bzgS08lwE/
UCVbTlhbbc0ffBadaaNE4n3P/S5zpugYjWtsp9XOnGB7y5E0WBTRteIG5YRgLrYl
3dDH/4sBrm/fIGcn2tFrvy16sjId5ZenMD8RmKaTSGkKx0P7pBixJfPByVVIUlhq
2glAy4E8Kxh17A7FnM77bEuCbIA=
-----END CERTIFICATE-----
Generated at Thu Jun 4 09:59:15 2026 by rpki-client