Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/v_0eUbZxNf2hdWS1oMKOSZPnQKU.roa
File: v_0eUbZxNf2hdWS1oMKOSZPnQKU.roa (raw, json)
Hash identifier: 82uOWtCvpF+2O4KQXlga8z+X2/JUamsk4Fyt/aKM0p4=
Subject key identifier: BF:FD:1E:51:B6:71:35:FD:A1:75:64:B5:A0:C2:8E:49:93:E7:40:A5
Certificate issuer: /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial: 019E6E2F802871F6206723549084CF912B1D
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/v_0eUbZxNf2hdWS1oMKOSZPnQKU.roa
Signing time: Thu 28 May 2026 10:44:27 +0000
ROA not before: Thu 28 May 2026 10:44:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 202656
IP address blocks: 45.136.206.0/24 maxlen: 24
45.137.52.0/24 maxlen: 24
45.137.53.0/24 maxlen: 24
45.137.55.0/24 maxlen: 24
45.137.191.0/24 maxlen: 24
45.139.28.0/24 maxlen: 24
45.139.31.0/24 maxlen: 24
45.140.171.0/24 maxlen: 24
45.140.173.0/24 maxlen: 24
45.141.186.0/24 maxlen: 24
45.141.187.0/24 maxlen: 24
45.141.198.0/23 maxlen: 23
45.145.162.0/24 maxlen: 24
45.147.1.0/24 maxlen: 24
45.149.83.0/24 maxlen: 24
45.152.225.0/24 maxlen: 24
45.154.162.0/24 maxlen: 24
85.202.166.0/24 maxlen: 24
85.202.167.0/24 maxlen: 24
91.191.186.0/24 maxlen: 24
91.212.82.0/24 maxlen: 24
91.220.84.0/24 maxlen: 24
91.220.90.0/24 maxlen: 24
91.220.126.0/24 maxlen: 24
91.221.38.0/24 maxlen: 24
92.249.13.0/24 maxlen: 24
92.249.14.0/24 maxlen: 24
193.150.98.0/24 maxlen: 24
193.150.170.0/24 maxlen: 24
193.150.171.0/24 maxlen: 24
193.163.199.0/24 maxlen: 24
194.33.8.0/24 maxlen: 24
194.33.9.0/24 maxlen: 24
194.55.103.0/24 maxlen: 24
194.55.104.0/24 maxlen: 24
194.61.76.0/24 maxlen: 24
194.61.233.0/24 maxlen: 24
194.147.84.0/24 maxlen: 24
194.147.85.0/24 maxlen: 24
195.245.110.0/24 maxlen: 24
213.139.194.0/24 maxlen: 24
2a09:e06::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.mft
rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:6e:2f:80:28:71:f6:20:67:23:54:90:84:cf:91:2b:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Validity
Not Before: May 28 10:44:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=bffd1e51b67135fda17564b5a0c28e4993e740a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:cd:81:7f:97:b3:4e:2a:d4:ea:15:73:68:4b:
b3:9a:94:53:24:99:34:78:d4:14:ef:6a:71:82:d0:
f7:b8:1d:c5:65:a8:6f:81:66:50:96:20:f0:4f:9d:
3e:b6:ea:49:1e:4c:23:d2:93:e4:7f:26:03:be:5b:
5f:72:d5:13:0d:02:fd:ce:9b:42:a6:7c:08:31:92:
5f:dd:53:32:26:a7:1d:a9:34:18:a1:5f:36:1e:ed:
d6:9f:00:c7:b3:1b:f6:e1:06:e1:1e:54:74:3d:ed:
43:19:59:63:6c:1b:3f:5d:95:d7:79:7a:25:57:83:
c7:ae:6b:c3:1e:92:57:f2:d2:b5:40:a2:77:1d:ef:
26:b9:17:30:b9:e8:f1:98:bf:4e:5c:43:62:ea:28:
b6:bd:83:6e:11:7a:d2:27:ec:8b:ab:63:22:b3:c0:
e5:ad:3e:6d:4f:5d:bd:32:44:86:8d:e6:56:a5:26:
92:c4:3e:89:91:1b:4c:be:cf:a1:f8:7a:05:aa:23:
23:31:67:61:8c:59:e8:be:86:d7:2a:83:ce:70:4c:
e3:e3:fb:d5:b5:e4:7d:f0:fa:92:f3:7c:16:81:08:
5e:c5:ab:27:09:40:41:86:5d:a8:29:55:9c:c5:1a:
00:4f:b0:bd:37:6b:98:9a:3f:9b:7c:63:5e:bb:07:
24:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:FD:1E:51:B6:71:35:FD:A1:75:64:B5:A0:C2:8E:49:93:E7:40:A5
X509v3 Authority Key Identifier:
keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/v_0eUbZxNf2hdWS1oMKOSZPnQKU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.206.0/24
45.137.52.0/23
45.137.55.0/24
45.137.191.0/24
45.139.28.0/24
45.139.31.0/24
45.140.171.0/24
45.140.173.0/24
45.141.186.0/23
45.141.198.0/23
45.145.162.0/24
45.147.1.0/24
45.149.83.0/24
45.152.225.0/24
45.154.162.0/24
85.202.166.0/23
91.191.186.0/24
91.212.82.0/24
91.220.84.0/24
91.220.90.0/24
91.220.126.0/24
91.221.38.0/24
92.249.13.0-92.249.14.255
193.150.98.0/24
193.150.170.0/23
193.163.199.0/24
194.33.8.0/23
194.55.103.0-194.55.104.255
194.61.76.0/24
194.61.233.0/24
194.147.84.0/23
195.245.110.0/24
213.139.194.0/24
IPv6:
2a09:e06::/32
Signature Algorithm: sha256WithRSAEncryption
60:cc:cc:16:8a:a0:02:2c:c4:91:7c:e3:f2:a5:1b:01:3b:26:
c7:df:0c:99:87:1c:42:e5:88:aa:9d:4f:f7:31:94:7c:bc:51:
76:71:e9:21:90:4a:42:77:56:06:e2:a8:aa:0f:ed:0a:91:9a:
98:78:a2:05:c2:b8:01:0e:b8:1e:f1:2f:db:4e:ce:68:7c:81:
21:41:c8:f9:43:2d:4f:1d:1f:47:09:c9:07:ec:aa:c4:e2:a4:
be:d8:57:8d:53:6c:83:51:ae:1c:fc:cd:91:8b:f5:6a:59:26:
6f:8f:ce:04:36:80:3b:d1:4f:12:39:8e:a7:a7:bb:ee:88:10:
8f:22:e2:4a:bf:82:29:f9:fb:2c:08:1a:4f:b0:59:a7:3d:0b:
04:81:5a:e9:51:30:3c:af:86:c9:00:5d:83:6f:ed:14:6f:17:
9b:32:3d:1a:59:ba:3e:4d:7a:84:16:2f:ef:b7:6f:81:17:d2:
36:4d:b3:90:81:f1:ae:49:c0:7a:30:ba:45:79:a8:e8:17:db:
a9:17:4d:40:dc:e8:11:ce:df:52:4c:28:9c:c9:93:91:e5:55:
5f:d4:3b:50:57:8d:dc:d5:a2:ca:62:04:ba:e9:3f:b3:b9:72:
17:49:4d:c3:ed:0b:00:9d:34:ee:26:87:b4:ee:89:71:56:ff:
b0:ec:ac:99
-----BEGIN CERTIFICATE-----
MIIF4jCCBMqgAwIBAgISAZ5uL4AocfYgZyNUkITPkSsdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjYwNTI4MTA0NDI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmZkMWU1MWI2NzEzNWZkYTE3NTY0YjVhMGMyOGU0OTkzZTc0MGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxs2Bf5ezTirU6hVzaEuzmpRTJJk0
eNQU72pxgtD3uB3FZahvgWZQliDwT50+tupJHkwj0pPkfyYDvltfctUTDQL9zptC
pnwIMZJf3VMyJqcdqTQYoV82Hu3WnwDHsxv24QbhHlR0Pe1DGVljbBs/XZXXeXol
V4PHrmvDHpJX8tK1QKJ3He8muRcwuejxmL9OXENi6ii2vYNuEXrSJ+yLq2Mis8Dl
rT5tT129MkSGjeZWpSaSxD6JkRtMvs+h+HoFqiMjMWdhjFnovobXKoPOcEzj4/vV
teR98PqS83wWgQhexasnCUBBhl2oKVWcxRoAT7C9N2uYmj+bfGNeuwckCwIDAQAB
o4IC7jCCAuowHQYDVR0OBBYEFL/9HlG2cTX9oXVktaDCjkmT50ClMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvdl8wZVViWnhOZjJoZFdTMW9NS09TWlBuUUtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAgYIKwYBBQUHAQcBAf8EgfIwge8wgd0EAgABMIHWAwQA
LYjOAwQBLYk0AwQALYk3AwQALYm/AwQALYscAwQALYsfAwQALYyrAwQALYytAwQB
LY26AwQBLY3GAwQALZGiAwQALZMBAwQALZVTAwQALZjhAwQALZqiAwQBVcqmAwQA
W7+6AwQAW9RSAwQAW9xUAwQAW9xaAwQAW9x+AwQAW90mMAwDBABc+Q0DBABc+Q4D
BADBlmIDBAHBlqoDBADBo8cDBAHCIQgwDAMEAMI3ZwMEAMI3aAMEAMI9TAMEAMI9
6QMEAcKTVAMEAMP1bgMEANWLwjANBAIAAjAHAwUAKgkOBjANBgkqhkiG9w0BAQsF
AAOCAQEAYMzMFoqgAizEkXzj8qUbATsmx98MmYccQuWIqp1P9zGUfLxRdnHpIZBK
QndWBuKoqg/tCpGamHiiBcK4AQ64HvEv207OaHyBIUHI+UMtTx0fRwnJB+yqxOKk
vthXjVNsg1GuHPzNkYv1alkmb4/OBDaAO9FPEjmOp6e77ogQjyLiSr+CKfn7LAga
T7BZpz0LBIFa6VEwPK+GyQBdg2/tFG8XmzI9Glm6Pk16hBYv77dvgRfSNk2zkIHx
rknAejC6RXmo6BfbqRdNQNzoEc7fUkwonMmTkeVVX9Q7UFeN3NWiymIEuuk/s7ly
F0lNw+0LAJ007iaHtO6JcVb/sOysmQ==
-----END CERTIFICATE-----
Generated at Thu Jun 4 07:55:35 2026 by rpki-client