Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/60T19wa2SlM3ZiPayRZ2n1NrApw.roa
File: 60T19wa2SlM3ZiPayRZ2n1NrApw.roa (raw, json)
Hash identifier: aMzkAP/cDxiHQ9vf70ws51PtkVu4/Z7Zz2jP+ZQUqas=
Subject key identifier: EB:44:F5:F7:06:B6:4A:53:37:66:23:DA:C9:16:76:9F:53:6B:02:9C
Certificate issuer: /CN=66de1d9dcdb25c1e532c5c9b69dfa757e306210e
Certificate serial: 019EDF612CC672E7DE978A860B3C42E2FF2C
Authority key identifier: 66:DE:1D:9D:CD:B2:5C:1E:53:2C:5C:9B:69:DF:A7:57:E3:06:21:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zt4dnc2yXB5TLFybad-nV-MGIQ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/60T19wa2SlM3ZiPayRZ2n1NrApw.roa
Signing time: Fri 19 Jun 2026 10:15:48 +0000
ROA not before: Fri 19 Jun 2026 10:15:48 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 198507
IP address blocks: 37.143.52.0/22 maxlen: 24
37.143.52.0/24 maxlen: 24
37.143.53.0/24 maxlen: 24
37.143.54.0/24 maxlen: 24
37.143.55.0/24 maxlen: 24
45.9.196.0/22 maxlen: 22
45.14.176.0/22 maxlen: 22
45.81.192.0/22 maxlen: 22
185.132.73.0/24 maxlen: 24
185.132.74.0/24 maxlen: 24
185.132.75.0/24 maxlen: 24
2a06:e040::/32 maxlen: 32
2a06:e040:3501::/48 maxlen: 48
2a06:e040:3502::/48 maxlen: 48
2a06:e040:6900::/40 maxlen: 40
2a06:e040:7601::/48 maxlen: 48
2a06:e040:7603::/48 maxlen: 48
2a06:e043::/32 maxlen: 32
2a06:e044:10::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/Zt4dnc2yXB5TLFybad-nV-MGIQ4.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/Zt4dnc2yXB5TLFybad-nV-MGIQ4.mft
rsync://rpki.ripe.net/repository/DEFAULT/Zt4dnc2yXB5TLFybad-nV-MGIQ4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 20 Jun 2026 19:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:df:61:2c:c6:72:e7:de:97:8a:86:0b:3c:42:e2:ff:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66de1d9dcdb25c1e532c5c9b69dfa757e306210e
Validity
Not Before: Jun 19 10:15:48 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=eb44f5f706b64a53376623dac916769f536b029c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:5c:77:89:71:f3:db:90:40:6e:a2:03:95:94:
51:82:81:fc:93:a5:e4:62:54:f7:fc:0e:16:0c:b4:
3b:38:f3:db:99:c2:5e:93:57:c9:c9:c5:7b:13:31:
e8:37:25:54:16:d2:02:d5:96:af:ae:0c:15:d2:b7:
ba:b5:3f:c4:7b:d2:ea:fd:e2:97:3f:6f:1b:61:89:
34:66:ed:7f:78:cb:2a:9f:18:16:4a:dc:b6:c5:0f:
a6:24:2b:28:e7:2b:b3:a7:e7:eb:de:cf:5a:1b:26:
7d:64:65:41:54:1b:63:38:bc:e4:4b:e8:9f:f8:6f:
02:9c:4d:7d:86:26:b0:49:e9:c7:d1:45:df:d1:5c:
31:bd:b3:60:c9:68:f9:01:ff:10:56:47:36:8f:cd:
3c:d2:06:6d:f1:a7:fa:8a:46:38:c8:08:60:c3:6b:
97:96:7b:fc:a1:62:c8:a9:68:e1:00:03:95:bd:db:
0f:39:06:d7:4d:dd:e0:4d:1b:71:6b:56:58:e7:c9:
36:23:9b:d0:3f:54:48:b5:2d:3b:da:6e:99:99:60:
19:6b:71:e6:3c:c1:a3:d4:48:cf:75:78:a3:98:e8:
13:fb:c3:f2:1c:a8:72:2e:cc:c1:82:b6:a4:10:bc:
5c:4e:f6:3a:a0:f9:0e:9a:08:94:23:2e:1e:39:1d:
23:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:44:F5:F7:06:B6:4A:53:37:66:23:DA:C9:16:76:9F:53:6B:02:9C
X509v3 Authority Key Identifier:
keyid:66:DE:1D:9D:CD:B2:5C:1E:53:2C:5C:9B:69:DF:A7:57:E3:06:21:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zt4dnc2yXB5TLFybad-nV-MGIQ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/60T19wa2SlM3ZiPayRZ2n1NrApw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/Zt4dnc2yXB5TLFybad-nV-MGIQ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.143.52.0/22
45.9.196.0/22
45.14.176.0/22
45.81.192.0/22
185.132.73.0-185.132.75.255
IPv6:
2a06:e040::/32
2a06:e043::/32
2a06:e044:10::/48
Signature Algorithm: sha256WithRSAEncryption
6c:f5:f9:0a:b7:b9:16:b1:b9:dc:2d:b5:81:1c:37:92:5e:c1:
66:51:54:47:47:bb:39:1c:fe:a0:64:85:28:48:45:eb:78:a8:
74:79:80:26:d0:b7:4f:da:40:59:7a:3f:b2:84:7a:9b:bf:6e:
81:6f:31:8a:90:17:81:b3:60:9a:6f:ac:e2:73:0a:88:9f:ec:
0f:33:1a:5e:d8:6f:58:39:19:24:c5:38:9b:f1:6e:6f:e9:69:
99:ad:fd:e0:2f:57:65:3c:a5:c3:be:3a:e9:22:b4:d2:99:3f:
7d:58:f2:4b:2d:f3:ed:11:11:d0:86:97:18:8e:6e:44:a3:87:
12:b2:00:bf:8b:71:a8:d4:48:8b:64:0a:b1:2a:b4:bf:37:f8:
67:cc:38:d1:b2:f4:8f:59:d9:b6:01:36:39:68:8a:a5:38:08:
40:27:c4:9d:c6:1c:ba:52:83:34:8f:2a:c3:06:ed:98:09:5e:
d9:8f:ee:c9:26:5e:97:6f:16:83:9c:bd:1a:b4:72:39:70:f2:
b3:93:b8:5b:c6:91:36:fa:68:93:97:e7:28:a0:75:fb:cc:7a:
92:f2:56:ed:11:b2:59:eb:2f:fa:e4:58:6d:d7:ff:8b:4a:49:
07:3b:4c:67:28:7d:71:e6:b0:1f:93:3f:d0:ab:08:29:38:a7:
5b:30:93:01
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAZ7fYSzGcufel4qGCzxC4v8sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZGUxZDlkY2RiMjVjMWU1MzJjNWM5YjY5ZGZhNzU3ZTMw
NjIxMGUwHhcNMjYwNjE5MTAxNTQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjQ0ZjVmNzA2YjY0YTUzMzc2NjIzZGFjOTE2NzY5ZjUzNmIwMjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq1x3iXHz25BAbqIDlZRRgoH8k6Xk
YlT3/A4WDLQ7OPPbmcJek1fJycV7EzHoNyVUFtIC1ZavrgwV0re6tT/Ee9Lq/eKX
P28bYYk0Zu1/eMsqnxgWSty2xQ+mJCso5yuzp+fr3s9aGyZ9ZGVBVBtjOLzkS+if
+G8CnE19hiawSenH0UXf0VwxvbNgyWj5Af8QVkc2j8080gZt8af6ikY4yAhgw2uX
lnv8oWLIqWjhAAOVvdsPOQbXTd3gTRtxa1ZY58k2I5vQP1RItS072m6ZmWAZa3Hm
PMGj1EjPdXijmOgT+8PyHKhyLszBgrakELxcTvY6oPkOmgiUIy4eOR0jfQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFOtE9fcGtkpTN2Yj2skWdp9TawKcMB8GA1UdIwQY
MBaAFGbeHZ3NslweUyxcm2nfp1fjBiEOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnQ0ZG5jMnlYQjVUTEZ5YmFkLW5WLU1HSVE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC82MGZjZmUtN2IyYy00NjcyLWJjMmYt
NDA0Nzk4NzA5NzZlLzEvNjBUMTl3YTJTbE0zWmlQYXlSWjJuMU5yQXB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC82MGZjZmUtN2IyYy00NjcyLWJjMmYtNDA0Nzk4NzA5NzZl
LzEvWnQ0ZG5jMnlYQjVUTEZ5YmFkLW5WLU1HSVE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTAsBAIAATAmAwQCJY80AwQC
LQnEAwQCLQ6wAwQCLVHAMAwDBAC5hEkDBAK5hEgwHQQCAAIwFwMFACoG4EADBQAq
BuBDAwcAKgbgRAAQMA0GCSqGSIb3DQEBCwUAA4IBAQBs9fkKt7kWsbncLbWBHDeS
XsFmUVRHR7s5HP6gZIUoSEXreKh0eYAm0LdP2kBZej+yhHqbv26BbzGKkBeBs2Ca
b6zicwqIn+wPMxpe2G9YORkkxTib8W5v6WmZrf3gL1dlPKXDvjrpIrTSmT99WPJL
LfPtERHQhpcYjm5Eo4cSsgC/i3Go1EiLZAqxKrS/N/hnzDjRsvSPWdm2ATY5aIql
OAhAJ8Sdxhy6UoM0jyrDBu2YCV7Zj+7JJl6XbxaDnL0atHI5cPKzk7hbxpE2+miT
l+cooHX7zHqS8lbtEbJZ6y/65Fht1/+LSkkHO0xnKH1x5rAfkz/QqwgpOKdbMJMB
-----END CERTIFICATE-----
Generated at Sat Jun 20 02:15:21 2026 by rpki-client