Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/zKub6NBCozlmh87PxhN7ZfPHlKo.roa
File: zKub6NBCozlmh87PxhN7ZfPHlKo.roa (raw, json)
Hash identifier: EgqJFfRYMOYonOQ6teoV7KR9b6DBf3T2SQHT7zNbuN0=
Subject key identifier: CC:AB:9B:E8:D0:42:A3:39:66:87:CE:CF:C6:13:7B:65:F3:C7:94:AA
Certificate issuer: /CN=2e6a86e62f0ce98e02e980869ff4414ee2a0f0ce
Certificate serial: 019ED6F3480621D010D1535E602AC4676695
Authority key identifier: 2E:6A:86:E6:2F:0C:E9:8E:02:E9:80:86:9F:F4:41:4E:E2:A0:F0:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/zKub6NBCozlmh87PxhN7ZfPHlKo.roa
Signing time: Wed 17 Jun 2026 18:58:48 +0000
ROA not before: Wed 17 Jun 2026 18:58:48 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 202656
IP address blocks: 103.147.170.0/24 maxlen: 24
103.148.141.0/24 maxlen: 24
103.149.85.0/24 maxlen: 24
103.152.175.0/24 maxlen: 24
130.49.2.0/24 maxlen: 24
130.49.5.0/24 maxlen: 24
130.49.14.0/24 maxlen: 24
130.49.17.0/24 maxlen: 24
130.49.22.0/24 maxlen: 24
130.49.24.0/24 maxlen: 24
130.49.31.0/24 maxlen: 24
130.49.32.0/24 maxlen: 24
130.49.39.0/24 maxlen: 24
130.49.42.0/24 maxlen: 24
130.49.47.0/24 maxlen: 24
130.49.51.0/24 maxlen: 24
130.49.55.0/24 maxlen: 24
130.49.57.0/24 maxlen: 24
130.49.60.0/24 maxlen: 24
130.49.62.0/24 maxlen: 24
130.49.68.0/24 maxlen: 24
130.49.70.0/24 maxlen: 24
130.49.81.0/24 maxlen: 24
130.49.84.0/24 maxlen: 24
130.49.87.0/24 maxlen: 24
130.49.89.0/24 maxlen: 24
130.49.92.0/24 maxlen: 24
130.49.96.0/24 maxlen: 24
130.49.101.0/24 maxlen: 24
130.49.104.0/24 maxlen: 24
130.49.110.0/24 maxlen: 24
130.49.111.0/24 maxlen: 24
130.49.122.0/24 maxlen: 24
130.49.125.0/24 maxlen: 24
138.249.28.0/24 maxlen: 24
138.249.46.0/24 maxlen: 24
138.249.52.0/24 maxlen: 24
138.249.54.0/24 maxlen: 24
138.249.58.0/24 maxlen: 24
138.249.59.0/24 maxlen: 24
138.249.63.0/24 maxlen: 24
138.249.77.0/24 maxlen: 24
138.249.84.0/24 maxlen: 24
138.249.86.0/24 maxlen: 24
138.249.88.0/24 maxlen: 24
138.249.91.0/24 maxlen: 24
138.249.98.0/24 maxlen: 24
138.249.150.0/24 maxlen: 24
138.249.201.0/24 maxlen: 24
138.249.255.0/24 maxlen: 24
155.212.34.0/24 maxlen: 24
155.212.44.0/24 maxlen: 24
155.212.46.0/24 maxlen: 24
155.212.53.0/24 maxlen: 24
155.212.55.0/24 maxlen: 24
155.212.60.0/24 maxlen: 24
155.212.63.0/24 maxlen: 24
155.212.67.0/24 maxlen: 24
155.212.74.0/24 maxlen: 24
155.212.75.0/24 maxlen: 24
155.212.81.0/24 maxlen: 24
155.212.82.0/24 maxlen: 24
155.212.89.0/24 maxlen: 24
155.212.92.0/24 maxlen: 24
155.212.96.0/24 maxlen: 24
155.212.101.0/24 maxlen: 24
155.212.104.0/24 maxlen: 24
155.212.115.0/24 maxlen: 24
155.212.117.0/24 maxlen: 24
155.212.122.0/24 maxlen: 24
155.212.126.0/24 maxlen: 24
170.168.144.0/24 maxlen: 24
170.168.146.0/24 maxlen: 24
170.168.197.0/24 maxlen: 24
170.168.207.0/24 maxlen: 24
170.168.212.0/24 maxlen: 24
170.168.223.0/24 maxlen: 24
170.168.228.0/24 maxlen: 24
170.168.238.0/24 maxlen: 24
170.168.248.0/24 maxlen: 24
213.178.152.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.mft
rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 21 Jun 2026 04:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:d6:f3:48:06:21:d0:10:d1:53:5e:60:2a:c4:67:66:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e6a86e62f0ce98e02e980869ff4414ee2a0f0ce
Validity
Not Before: Jun 17 18:58:48 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ccab9be8d042a3396687cecfc6137b65f3c794aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:a1:07:44:3b:d9:45:57:45:59:45:de:b1:cf:
09:f0:e1:92:a8:f1:bc:f1:d9:37:16:a5:31:0c:38:
e4:1c:aa:ef:6d:e6:7f:0d:67:17:5d:82:2e:17:e0:
34:19:42:3b:f8:f4:a2:38:9b:ff:e7:30:9b:55:2d:
e7:6a:33:c7:64:26:54:ad:48:b4:23:f1:b0:1d:27:
fc:66:c2:d7:5c:d6:94:ef:77:a6:ab:00:2c:78:68:
39:5f:4c:5b:af:51:ad:23:d9:65:dd:f3:36:16:4b:
ee:53:bf:a1:18:ee:22:38:3d:73:64:69:cd:a5:aa:
b4:34:a4:1c:9e:ca:1e:18:ca:53:63:d8:9d:7f:6f:
3c:35:ea:7d:ea:ce:3e:24:09:59:d3:72:c6:fc:8c:
fb:3f:1d:f6:1c:e5:09:ba:53:3e:90:a8:90:b7:d5:
e9:99:7a:e6:df:8b:2a:a2:1f:59:56:33:12:84:6d:
d9:33:c6:f4:10:cd:4a:2c:a1:4a:92:c8:0c:c8:53:
09:ec:92:08:d3:27:02:c1:65:a1:9a:9f:bc:fc:24:
b0:78:27:0c:02:cd:1f:19:d7:5a:d6:5a:e1:04:37:
a7:40:35:25:32:86:78:2a:55:e1:1e:ec:85:6c:96:
f1:00:b5:ef:d5:25:d2:f2:14:aa:8e:fd:08:dd:9f:
ec:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:AB:9B:E8:D0:42:A3:39:66:87:CE:CF:C6:13:7B:65:F3:C7:94:AA
X509v3 Authority Key Identifier:
keyid:2E:6A:86:E6:2F:0C:E9:8E:02:E9:80:86:9F:F4:41:4E:E2:A0:F0:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/zKub6NBCozlmh87PxhN7ZfPHlKo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.147.170.0/24
103.148.141.0/24
103.149.85.0/24
103.152.175.0/24
130.49.2.0/24
130.49.5.0/24
130.49.14.0/24
130.49.17.0/24
130.49.22.0/24
130.49.24.0/24
130.49.31.0-130.49.32.255
130.49.39.0/24
130.49.42.0/24
130.49.47.0/24
130.49.51.0/24
130.49.55.0/24
130.49.57.0/24
130.49.60.0/24
130.49.62.0/24
130.49.68.0/24
130.49.70.0/24
130.49.81.0/24
130.49.84.0/24
130.49.87.0/24
130.49.89.0/24
130.49.92.0/24
130.49.96.0/24
130.49.101.0/24
130.49.104.0/24
130.49.110.0/23
130.49.122.0/24
130.49.125.0/24
138.249.28.0/24
138.249.46.0/24
138.249.52.0/24
138.249.54.0/24
138.249.58.0/23
138.249.63.0/24
138.249.77.0/24
138.249.84.0/24
138.249.86.0/24
138.249.88.0/24
138.249.91.0/24
138.249.98.0/24
138.249.150.0/24
138.249.201.0/24
138.249.255.0/24
155.212.34.0/24
155.212.44.0/24
155.212.46.0/24
155.212.53.0/24
155.212.55.0/24
155.212.60.0/24
155.212.63.0/24
155.212.67.0/24
155.212.74.0/23
155.212.81.0-155.212.82.255
155.212.89.0/24
155.212.92.0/24
155.212.96.0/24
155.212.101.0/24
155.212.104.0/24
155.212.115.0/24
155.212.117.0/24
155.212.122.0/24
155.212.126.0/24
170.168.144.0/24
170.168.146.0/24
170.168.197.0/24
170.168.207.0/24
170.168.212.0/24
170.168.223.0/24
170.168.228.0/24
170.168.238.0/24
170.168.248.0/24
213.178.152.0/24
Signature Algorithm: sha256WithRSAEncryption
23:ac:2d:16:42:06:87:cb:d7:8f:ff:95:55:9d:50:e0:a7:76:
06:d6:72:90:fb:22:e5:f3:14:9c:09:56:d2:21:5e:1d:ed:c8:
a6:df:16:e0:0c:d5:b1:4f:0c:cc:7a:72:5b:25:8e:b1:60:29:
ef:42:09:88:ab:14:32:49:84:c1:0e:0a:96:9a:57:84:63:f6:
1b:f9:d0:28:dc:c1:92:f7:8b:0d:36:62:c6:2b:c1:ab:1f:a3:
cf:a5:c0:e2:98:c8:3e:fb:49:07:1c:11:8c:43:29:7b:d1:9b:
c8:5a:05:47:b8:36:79:85:c8:b5:23:58:a8:ba:61:c1:a0:f9:
64:51:1f:16:a1:6d:b7:9b:7b:9c:6a:0b:09:5a:c2:ee:2a:41:
93:b7:86:a7:e8:23:67:63:f5:bc:a6:cd:33:2d:c8:64:5e:c6:
14:b1:50:1c:0e:35:59:05:31:6b:f9:2a:d9:b9:9a:80:6c:cd:
12:0f:34:16:f9:cb:16:53:2f:13:3d:f9:53:74:82:87:a5:9e:
b2:8e:3f:d0:f3:b6:62:00:1c:37:de:c3:b1:5c:4a:83:2b:8d:
f6:09:0f:2c:99:05:e5:de:b0:a0:0a:01:5e:e5:33:a9:ff:ce:
da:de:c2:83:86:6c:7a:ee:e7:b9:b5:f4:9e:72:d0:b8:ee:8c:
e7:dd:0d:3d
-----BEGIN CERTIFICATE-----
MIIG2TCCBcGgAwIBAgISAZ7W80gGIdAQ0VNeYCrEZ2aVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlNmE4NmU2MmYwY2U5OGUwMmU5ODA4NjlmZjQ0MTRlZTJh
MGYwY2UwHhcNMjYwNjE3MTg1ODQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2FiOWJlOGQwNDJhMzM5NjY4N2NlY2ZjNjEzN2I2NWYzYzc5NGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvqEHRDvZRVdFWUXesc8J8OGSqPG8
8dk3FqUxDDjkHKrvbeZ/DWcXXYIuF+A0GUI7+PSiOJv/5zCbVS3najPHZCZUrUi0
I/GwHSf8ZsLXXNaU73emqwAseGg5X0xbr1GtI9ll3fM2FkvuU7+hGO4iOD1zZGnN
paq0NKQcnsoeGMpTY9idf288Nep96s4+JAlZ03LG/Iz7Px32HOUJulM+kKiQt9Xp
mXrm34sqoh9ZVjMShG3ZM8b0EM1KLKFKksgMyFMJ7JII0ycCwWWhmp+8/CSweCcM
As0fGdda1lrhBDenQDUlMoZ4KlXhHuyFbJbxALXv1SXS8hSqjv0I3Z/shwIDAQAB
o4ID5TCCA+EwHQYDVR0OBBYEFMyrm+jQQqM5ZofOz8YTe2Xzx5SqMB8GA1UdIwQY
MBaAFC5qhuYvDOmOAumAhp/0QU7ioPDOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG1xRzVpOE02WTRDNllDR25fUkJUdUtnOE00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8yYjYwMzAtNmQ4OC00ZTNlLTlmM2Et
YTY2N2JiNzY1MDYwLzEvekt1YjZOQkNvemxtaDg3UHhoTjdaZlBIbEtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8yYjYwMzAtNmQ4OC00ZTNlLTlmM2EtYTY2N2JiNzY1MDYw
LzEvTG1xRzVpOE02WTRDNllDR25fUkJUdUtnOE00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIB+QYIKwYBBQUHAQcBAf8EggHoMIIB5DCCAeAEAgABMIIB
2AMEAGeTqgMEAGeUjQMEAGeVVQMEAGeYrwMEAIIxAgMEAIIxBQMEAIIxDgMEAIIx
EQMEAIIxFgMEAIIxGDAMAwQAgjEfAwQAgjEgAwQAgjEnAwQAgjEqAwQAgjEvAwQA
gjEzAwQAgjE3AwQAgjE5AwQAgjE8AwQAgjE+AwQAgjFEAwQAgjFGAwQAgjFRAwQA
gjFUAwQAgjFXAwQAgjFZAwQAgjFcAwQAgjFgAwQAgjFlAwQAgjFoAwQBgjFuAwQA
gjF6AwQAgjF9AwQAivkcAwQAivkuAwQAivk0AwQAivk2AwQBivk6AwQAivk/AwQA
ivlNAwQAivlUAwQAivlWAwQAivlYAwQAivlbAwQAivliAwQAivmWAwQAivnJAwQA
ivn/AwQAm9QiAwQAm9QsAwQAm9QuAwQAm9Q1AwQAm9Q3AwQAm9Q8AwQAm9Q/AwQA
m9RDAwQBm9RKMAwDBACb1FEDBACb1FIDBACb1FkDBACb1FwDBACb1GADBACb1GUD
BACb1GgDBACb1HMDBACb1HUDBACb1HoDBACb1H4DBACqqJADBACqqJIDBACqqMUD
BACqqM8DBACqqNQDBACqqN8DBACqqOQDBACqqO4DBACqqPgDBADVspgwDQYJKoZI
hvcNAQELBQADggEBACOsLRZCBofL14//lVWdUOCndgbWcpD7IuXzFJwJVtIhXh3t
yKbfFuAM1bFPDMx6clsljrFgKe9CCYirFDJJhMEOCpaaV4Rj9hv50CjcwZL3iw02
YsYrwasfo8+lwOKYyD77SQccEYxDKXvRm8haBUe4NnmFyLUjWKi6YcGg+WRRHxah
bbebe5xqCwlawu4qQZO3hqfoI2dj9bymzTMtyGRexhSxUBwONVkFMWv5Ktm5moBs
zRIPNBb5yxZTLxM9+VN0goelnrKOP9DztmIAHDfew7FcSoMrjfYJDyyZBeXesKAK
AV7lM6n/ztrewoOGbHru57m19J5y0LjujOfdDT0=
-----END CERTIFICATE-----
Generated at Sat Jun 20 14:12:42 2026 by rpki-client