Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/bi2Pu8sFtY0UVOt3mxHocxrNLIM.roa
File: bi2Pu8sFtY0UVOt3mxHocxrNLIM.roa (raw, json)
Hash identifier: 784OKifqP67yGlXNQorK1EncKrSn66YYLvyMakrT7ho=
Subject key identifier: 6E:2D:8F:BB:CB:05:B5:8D:14:54:EB:77:9B:11:E8:73:1A:CD:2C:83
Certificate issuer: /CN=e0559ce889ae4241121fe0a1653e4b955f3edf4b
Certificate serial: 019EB14DE1DF497F9AC726D526F7427E6917
Authority key identifier: E0:55:9C:E8:89:AE:42:41:12:1F:E0:A1:65:3E:4B:95:5F:3E:DF:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4FWc6ImuQkESH-ChZT5LlV8-30s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/bi2Pu8sFtY0UVOt3mxHocxrNLIM.roa
Signing time: Wed 10 Jun 2026 11:32:11 +0000
ROA not before: Wed 10 Jun 2026 11:32:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 34984
IP address blocks: 131.222.209.0/24 maxlen: 24
131.222.212.0/24 maxlen: 24
131.222.214.0/24 maxlen: 24
131.222.220.0/24 maxlen: 24
131.222.224.0/24 maxlen: 24
131.222.248.0/22 maxlen: 22
153.56.151.0/24 maxlen: 24
185.157.218.0/24 maxlen: 24
185.157.219.0/24 maxlen: 24
203.202.233.0/24 maxlen: 24
2a05:d740::/30 maxlen: 30
2a05:d744::/30 maxlen: 30
2a06:e900::/30 maxlen: 30
2a06:e904::/30 maxlen: 30
2a07:4a00::/30 maxlen: 30
2a07:4a04::/30 maxlen: 30
2a0a:37c0::/30 maxlen: 30
2a0a:37c4::/30 maxlen: 30
2a0b:9800::/30 maxlen: 30
2a0b:9804::/30 maxlen: 30
2a0b:a280::/30 maxlen: 30
2a0b:a284::/30 maxlen: 30
2a0b:a300::/30 maxlen: 30
2a0b:a304::/30 maxlen: 30
2a0c:7440::/30 maxlen: 30
2a0c:7444::/30 maxlen: 30
2a0c:74c0::/30 maxlen: 30
2a0c:74c4::/30 maxlen: 30
2a0c:7540::/30 maxlen: 30
2a0c:7544::/30 maxlen: 30
2a0d:2cc0::/30 maxlen: 30
2a0d:2cc4::/30 maxlen: 30
2a0d:88c0::/30 maxlen: 30
2a0d:88c4::/30 maxlen: 30
2a0f:1180::/30 maxlen: 30
2a0f:1184::/30 maxlen: 30
2a0f:2380::/30 maxlen: 30
2a0f:2384::/30 maxlen: 30
2a0f:3380::/30 maxlen: 30
2a0f:3384::/30 maxlen: 30
2a0f:4580::/30 maxlen: 30
2a0f:4584::/30 maxlen: 30
2a0f:4680::/30 maxlen: 30
2a0f:4684::/30 maxlen: 30
2a0f:5580::/30 maxlen: 30
2a0f:5584::/30 maxlen: 30
2a0f:7100::/30 maxlen: 30
2a0f:7104::/30 maxlen: 30
2a0f:7300::/30 maxlen: 30
2a0f:7304::/30 maxlen: 30
2a0f:7c80::/30 maxlen: 30
2a0f:7c84::/30 maxlen: 30
2a0f:9fc0::/30 maxlen: 30
2a0f:9fc4::/30 maxlen: 30
2a0f:a140::/30 maxlen: 30
2a0f:a144::/30 maxlen: 30
2a0f:a500::/30 maxlen: 30
2a0f:a504::/30 maxlen: 30
2a0f:a700::/30 maxlen: 30
2a0f:a704::/30 maxlen: 30
2a0f:c780::/30 maxlen: 30
2a0f:c784::/30 maxlen: 30
2a14:4080::/30 maxlen: 30
2a14:4084::/30 maxlen: 30
2a14:4380::/30 maxlen: 30
2a14:4384::/30 maxlen: 30
2a14:4480::/30 maxlen: 30
2a14:4484::/30 maxlen: 30
2a14:4980::/30 maxlen: 30
2a14:4984::/30 maxlen: 30
2a14:4a80::/30 maxlen: 30
2a14:4a84::/30 maxlen: 30
2a14:4b80::/30 maxlen: 30
2a14:4b84::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/4FWc6ImuQkESH-ChZT5LlV8-30s.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/4FWc6ImuQkESH-ChZT5LlV8-30s.mft
rsync://rpki.ripe.net/repository/DEFAULT/4FWc6ImuQkESH-ChZT5LlV8-30s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 10:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:b1:4d:e1:df:49:7f:9a:c7:26:d5:26:f7:42:7e:69:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0559ce889ae4241121fe0a1653e4b955f3edf4b
Validity
Not Before: Jun 10 11:32:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6e2d8fbbcb05b58d1454eb779b11e8731acd2c83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:bd:04:f1:8d:3b:5b:66:98:a5:d1:06:97:3e:
b2:0e:7e:d0:bb:3b:f1:6d:88:6e:8a:49:3f:29:f3:
05:ae:3d:32:a4:2b:9f:4d:26:be:f1:c0:17:54:45:
3a:41:7f:a4:ce:56:f5:ac:5a:ca:21:51:25:6e:bf:
cd:d4:7c:be:9f:d2:71:d1:a3:00:95:d7:c8:60:b5:
be:5c:c6:c9:7e:24:d0:ad:d0:0f:50:6b:da:89:f9:
88:86:b7:36:4f:cc:38:04:31:7d:e5:a5:06:83:f9:
9f:3f:ae:5a:ad:58:f5:72:33:fd:3f:44:65:cb:ab:
bf:4e:b0:e0:2a:1f:a0:a3:ea:4e:c6:12:08:6d:81:
e4:3a:38:ae:a1:a9:19:0c:f7:b2:87:2a:29:8f:24:
bf:1c:fd:48:1f:da:6d:80:8e:94:b9:98:db:89:8c:
bc:46:4f:9e:77:b4:9c:b1:89:4d:92:a3:86:58:8e:
c0:6b:16:52:d0:16:05:c9:58:4e:e1:22:18:8b:0a:
97:9a:ca:59:b2:6d:a2:a8:1d:5e:de:15:ee:db:bb:
f4:3c:72:91:21:63:0b:13:c7:d8:77:06:86:70:75:
0a:fc:9c:9f:e0:36:7e:d1:31:6b:59:e7:3a:2e:1a:
21:3d:f7:b1:ee:88:ac:c1:1f:15:18:d1:8e:7c:7b:
65:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:2D:8F:BB:CB:05:B5:8D:14:54:EB:77:9B:11:E8:73:1A:CD:2C:83
X509v3 Authority Key Identifier:
keyid:E0:55:9C:E8:89:AE:42:41:12:1F:E0:A1:65:3E:4B:95:5F:3E:DF:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4FWc6ImuQkESH-ChZT5LlV8-30s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/bi2Pu8sFtY0UVOt3mxHocxrNLIM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/4FWc6ImuQkESH-ChZT5LlV8-30s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
131.222.209.0/24
131.222.212.0/24
131.222.214.0/24
131.222.220.0/24
131.222.224.0/24
131.222.248.0/22
153.56.151.0/24
185.157.218.0/23
203.202.233.0/24
IPv6:
2a05:d740::/29
2a06:e900::/29
2a07:4a00::/29
2a0a:37c0::/29
2a0b:9800::/29
2a0b:a280::/29
2a0b:a300::/29
2a0c:7440::/29
2a0c:74c0::/29
2a0c:7540::/29
2a0d:2cc0::/29
2a0d:88c0::/29
2a0f:1180::/29
2a0f:2380::/29
2a0f:3380::/29
2a0f:4580::/29
2a0f:4680::/29
2a0f:5580::/29
2a0f:7100::/29
2a0f:7300::/29
2a0f:7c80::/29
2a0f:9fc0::/29
2a0f:a140::/29
2a0f:a500::/29
2a0f:a700::/29
2a0f:c780::/29
2a14:4080::/29
2a14:4380::/29
2a14:4480::/29
2a14:4980::/29
2a14:4a80::/29
2a14:4b80::/29
Signature Algorithm: sha256WithRSAEncryption
81:dc:a5:83:32:4c:7d:29:99:fa:c9:32:53:3d:6b:35:9e:de:
c8:fa:f1:a6:8d:5a:22:3e:28:e3:24:c0:83:32:f2:c3:5c:ce:
06:e9:7e:78:43:c5:a2:03:91:cc:4f:44:17:fd:7c:f4:35:f9:
53:1b:bf:64:b8:7c:67:04:d6:f4:41:39:28:21:73:d1:24:0a:
49:ce:4e:3e:26:a2:48:c2:de:30:95:9f:49:15:b6:3e:ab:cb:
a5:62:a8:ce:77:39:48:2a:d9:3c:13:b3:f1:ef:61:21:2e:e3:
3d:04:3e:4e:a5:d1:aa:6d:80:3f:85:d8:4f:4a:4c:d4:1b:cc:
8d:3b:1f:3f:17:e2:22:41:1b:03:e2:48:81:f1:a9:34:a5:da:
e2:71:d1:86:13:42:0e:16:b5:ca:85:e1:5b:d0:81:01:53:d5:
b9:58:4f:a1:b6:71:ef:c7:ec:dc:ea:e8:dd:0b:dc:29:41:e2:
54:29:80:29:79:17:d7:6a:61:e6:82:3a:32:05:81:da:97:34:
bf:2d:51:fa:0e:cf:7f:d9:f9:45:a1:ae:0c:ec:21:92:59:73:
0f:47:f6:69:d0:10:19:bc:50:1d:bd:fa:74:6c:ad:ad:19:50:
e0:cf:75:89:e0:b6:ed:d3:e0:4f:3b:c6:b1:9a:d1:16:10:90:
f5:52:bd:e7
-----BEGIN CERTIFICATE-----
MIIGHTCCBQWgAwIBAgISAZ6xTeHfSX+axybVJvdCfmkXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwNTU5Y2U4ODlhZTQyNDExMjFmZTBhMTY1M2U0Yjk1NWYz
ZWRmNGIwHhcNMjYwNjEwMTEzMjExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTJkOGZiYmNiMDViNThkMTQ1NGViNzc5YjExZTg3MzFhY2QyYzgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl70E8Y07W2aYpdEGlz6yDn7Quzvx
bYhuikk/KfMFrj0ypCufTSa+8cAXVEU6QX+kzlb1rFrKIVElbr/N1Hy+n9Jx0aMA
ldfIYLW+XMbJfiTQrdAPUGvaifmIhrc2T8w4BDF95aUGg/mfP65arVj1cjP9P0Rl
y6u/TrDgKh+go+pOxhIIbYHkOjiuoakZDPeyhyopjyS/HP1IH9ptgI6UuZjbiYy8
Rk+ed7ScsYlNkqOGWI7AaxZS0BYFyVhO4SIYiwqXmspZsm2iqB1e3hXu27v0PHKR
IWMLE8fYdwaGcHUK/Jyf4DZ+0TFrWec6LhohPfex7oiswR8VGNGOfHtlbQIDAQAB
o4IDKTCCAyUwHQYDVR0OBBYEFG4tj7vLBbWNFFTrd5sR6HMazSyDMB8GA1UdIwQY
MBaAFOBVnOiJrkJBEh/goWU+S5VfPt9LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEZXYzZJbXVRa0VTSC1DaFpUNUxsVjgtMzBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi8xZmE0YTEtOWExYy00N2RlLWFjYTYt
OTQ0OTk1N2ZkNWE1LzEvYmkyUHU4c0Z0WTBVVk90M214SG9jeHJOTElNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi8xZmE0YTEtOWExYy00N2RlLWFjYTYtOTQ0OTk1N2ZkNWE1
LzEvNEZXYzZJbXVRa0VTSC1DaFpUNUxsVjgtMzBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBPQYIKwYBBQUHAQcBAf8EggEsMIIBKDA8BAIAATA2AwQA
g97RAwQAg97UAwQAg97WAwQAg97cAwQAg97gAwQCg974AwQAmTiXAwQBuZ3aAwQA
y8rpMIHnBAIAAjCB4AMFAyoF10ADBQMqBukAAwUDKgdKAAMFAyoKN8ADBQMqC5gA
AwUDKguigAMFAyoLowADBQMqDHRAAwUDKgx0wAMFAyoMdUADBQMqDSzAAwUDKg2I
wAMFAyoPEYADBQMqDyOAAwUDKg8zgAMFAyoPRYADBQMqD0aAAwUDKg9VgAMFAyoP
cQADBQMqD3MAAwUDKg98gAMFAyoPn8ADBQMqD6FAAwUDKg+lAAMFAyoPpwADBQMq
D8eAAwUDKhRAgAMFAyoUQ4ADBQMqFESAAwUDKhRJgAMFAyoUSoADBQMqFEuAMA0G
CSqGSIb3DQEBCwUAA4IBAQCB3KWDMkx9KZn6yTJTPWs1nt7I+vGmjVoiPijjJMCD
MvLDXM4G6X54Q8WiA5HMT0QX/Xz0NflTG79kuHxnBNb0QTkoIXPRJApJzk4+JqJI
wt4wlZ9JFbY+q8ulYqjOdzlIKtk8E7Px72EhLuM9BD5OpdGqbYA/hdhPSkzUG8yN
Ox8/F+IiQRsD4kiB8ak0pdricdGGE0IOFrXKheFb0IEBU9W5WE+htnHvx+zc6ujd
C9wpQeJUKYApeRfXamHmgjoyBYHalzS/LVH6Ds9/2flFoa4M7CGSWXMPR/Zp0BAZ
vFAdvfp0bK2tGVDgz3WJ4Lbt0+BPO8axmtEWEJD1Ur3n
-----END CERTIFICATE-----
Generated at Thu Jun 11 18:39:08 2026 by rpki-client