Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/j7NLJIdD0pUUdWEjRus-d-ouOmw.roa
File: j7NLJIdD0pUUdWEjRus-d-ouOmw.roa (raw, json)
Hash identifier: nNWuvc7kwCcbsaHWqB1PxoRJF9M6XW2okYQM0JcWXQc=
Subject key identifier: 8F:B3:4B:24:87:43:D2:95:14:75:61:23:46:EB:3E:77:EA:2E:3A:6C
Certificate issuer: /CN=21021b252222997bfe33b7e4b315ac8d5e067954
Certificate serial: 019DFD691419C5E102649AF59E57773752DA
Authority key identifier: 21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/j7NLJIdD0pUUdWEjRus-d-ouOmw.roa
Signing time: Wed 06 May 2026 13:10:15 +0000
ROA not before: Wed 06 May 2026 13:10:15 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 10753
IP address blocks: 189.81.64.0/23 maxlen: 23
189.81.72.0/23 maxlen: 23
189.81.76.0/23 maxlen: 23
189.104.128.0/23 maxlen: 23
189.104.140.0/23 maxlen: 23
189.104.184.0/23 maxlen: 23
205.188.6.0/23 maxlen: 23
205.188.62.0/23 maxlen: 23
205.188.148.0/22 maxlen: 22
205.188.152.0/22 maxlen: 22
205.188.228.0/22 maxlen: 22
205.188.250.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 May 2026 13:42:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:fd:69:14:19:c5:e1:02:64:9a:f5:9e:57:77:37:52:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21021b252222997bfe33b7e4b315ac8d5e067954
Validity
Not Before: May 6 13:10:15 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8fb34b248743d2951475612346eb3e77ea2e3a6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:0e:69:6e:34:3b:87:80:a2:5d:b3:b9:2f:cf:
e9:82:11:f1:f2:4a:ad:e2:65:60:c1:7d:2d:88:91:
e8:5c:af:d4:57:e3:ad:b8:c7:ca:49:63:4f:26:dc:
2c:cc:f2:13:b9:2e:dc:e7:eb:c2:d6:cb:93:e8:02:
c3:1f:4b:ba:de:82:73:f6:76:5d:e0:3f:a2:f2:09:
40:11:4a:49:50:64:c8:06:38:9c:c3:5f:21:b8:c6:
15:d9:58:f1:cf:b7:98:c0:4a:31:85:be:88:08:2d:
21:5b:81:91:bf:67:01:f0:ce:72:71:32:20:0f:5f:
98:dc:bf:19:d9:01:12:c0:2e:0e:3e:d2:e0:53:f6:
48:f0:d1:73:48:7b:62:92:dd:a3:99:c7:e8:21:d0:
ab:06:57:68:7d:9a:57:57:0e:56:de:ff:33:98:fd:
d4:8c:17:9d:a7:28:50:17:63:75:66:55:6f:9d:2a:
da:ec:34:df:43:83:a1:1f:93:a5:02:4b:e9:69:14:
26:1d:ca:a4:c0:e1:79:34:75:2d:82:a8:82:69:a2:
bd:ef:7c:53:ba:b2:a0:9b:fa:b1:f6:dc:76:ac:b4:
ef:fd:87:49:48:83:e9:33:98:47:d2:87:ef:db:bf:
17:c5:cf:ab:f0:dc:65:e7:54:af:97:a0:ef:c2:9f:
21:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:B3:4B:24:87:43:D2:95:14:75:61:23:46:EB:3E:77:EA:2E:3A:6C
X509v3 Authority Key Identifier:
keyid:21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/j7NLJIdD0pUUdWEjRus-d-ouOmw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
189.81.64.0/23
189.81.72.0/23
189.81.76.0/23
189.104.128.0/23
189.104.140.0/23
189.104.184.0/23
205.188.6.0/23
205.188.62.0/23
205.188.148.0-205.188.155.255
205.188.228.0/22
205.188.250.0/23
Signature Algorithm: sha256WithRSAEncryption
73:2e:5f:0b:f9:75:26:7e:b6:c4:37:cc:3c:35:fa:f4:a5:b4:
29:8f:06:68:fa:6e:a8:e2:76:38:ac:37:9f:bb:f2:3a:af:9a:
d4:ff:c3:1c:09:5c:e8:7b:1b:50:02:d7:51:5d:dc:fa:69:6a:
f5:80:37:b2:88:75:b1:1e:f1:1d:75:9e:76:84:32:e9:48:f7:
09:65:ed:be:fd:8d:98:e8:4f:73:4d:a2:20:1c:4e:70:ef:d1:
dd:e9:82:66:ae:27:d2:c5:fe:10:77:ac:85:14:6c:ef:0b:bb:
ba:04:79:c8:d0:ee:0e:d4:c2:44:09:01:37:bc:13:62:56:65:
fa:ef:0d:d8:35:bd:a5:b9:7d:a3:94:78:86:e8:43:eb:97:53:
75:a8:7f:f3:aa:b0:85:00:13:42:d0:e2:9d:f2:15:95:61:2c:
33:12:be:dd:e8:ed:6e:bc:9c:1a:9d:6a:00:00:fb:00:05:3a:
3a:42:9e:61:80:8c:cb:3e:74:fd:d4:2d:6a:1a:da:ad:c2:0f:
fa:9c:54:01:0a:8a:10:d1:3f:13:f7:75:28:a3:85:eb:12:51:
42:76:42:d8:1c:ce:7d:c3:e8:c3:d3:85:25:79:a6:b2:ad:6c:
29:82:11:4d:3a:2b:d2:64:c5:f7:92:dd:0c:d2:5e:84:9e:55:
c8:12:31:dc
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAZ39aRQZxeECZJr1nld3N1LaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMDIxYjI1MjIyMjk5N2JmZTMzYjdlNGIzMTVhYzhkNWUw
Njc5NTQwHhcNMjYwNTA2MTMxMDE1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmIzNGIyNDg3NDNkMjk1MTQ3NTYxMjM0NmViM2U3N2VhMmUzYTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtA5pbjQ7h4CiXbO5L8/pghHx8kqt
4mVgwX0tiJHoXK/UV+OtuMfKSWNPJtwszPITuS7c5+vC1suT6ALDH0u63oJz9nZd
4D+i8glAEUpJUGTIBjicw18huMYV2Vjxz7eYwEoxhb6ICC0hW4GRv2cB8M5ycTIg
D1+Y3L8Z2QESwC4OPtLgU/ZI8NFzSHtikt2jmcfoIdCrBldofZpXVw5W3v8zmP3U
jBedpyhQF2N1ZlVvnSra7DTfQ4OhH5OlAkvpaRQmHcqkwOF5NHUtgqiCaaK973xT
urKgm/qx9tx2rLTv/YdJSIPpM5hH0ofv278Xxc+r8Nxl51Svl6Dvwp8hZQIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFI+zSySHQ9KVFHVhI0brPnfqLjpsMB8GA1UdIwQY
MBaAFCECGyUiIpl7/jO35LMVrI1eBnlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMt
NmVhYzYyZTYwZGY3LzEvajdOTEpJZEQwcFVVZFdFalJ1cy1kLW91T213LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMtNmVhYzYyZTYwZGY3
LzEvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQBvVFAAwQB
vVFIAwQBvVFMAwQBvWiAAwQBvWiMAwQBvWi4AwQBzbwGAwQBzbw+MAwDBALNvJQD
BALNvJgDBALNvOQDBAHNvPowDQYJKoZIhvcNAQELBQADggEBAHMuXwv5dSZ+tsQ3
zDw1+vSltCmPBmj6bqjidjisN5+78jqvmtT/wxwJXOh7G1AC11Fd3PppavWAN7KI
dbEe8R11nnaEMulI9wll7b79jZjoT3NNoiAcTnDv0d3pgmauJ9LF/hB3rIUUbO8L
u7oEecjQ7g7UwkQJATe8E2JWZfrvDdg1vaW5faOUeIboQ+uXU3Wof/OqsIUAE0LQ
4p3yFZVhLDMSvt3o7W68nBqdagAA+wAFOjpCnmGAjMs+dP3ULWoa2q3CD/qcVAEK
ihDRPxP3dSijhesSUUJ2Qtgczn3D6MPThSV5prKtbCmCEU06K9JkxfeS3QzSXoSe
VcgSMdw=
-----END CERTIFICATE-----
Generated at Mon May 11 19:13:31 2026 by rpki-client