Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/xRuhOtkYjrRIpMoRFflOFRyswsg.roa
File: xRuhOtkYjrRIpMoRFflOFRyswsg.roa (raw, json)
Hash identifier: avU1js7XcoxJHnFteVJ7014sbwOGOSv+FXKGMMSH0i8=
Subject key identifier: C5:1B:A1:3A:D9:18:8E:B4:48:A4:CA:11:15:F9:4E:15:1C:AC:C2:C8
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 019E636B578CF00D9F1F48F89C2D4626A706
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/xRuhOtkYjrRIpMoRFflOFRyswsg.roa
Signing time: Tue 26 May 2026 08:33:59 +0000
ROA not before: Tue 26 May 2026 08:33:59 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 137409
IP address blocks: 14.102.61.0/24 maxlen: 24
14.102.62.0/24 maxlen: 24
14.102.84.0/24 maxlen: 24
14.102.86.0/24 maxlen: 24
45.150.180.0/24 maxlen: 24
62.169.128.0/24 maxlen: 24
66.56.87.0/24 maxlen: 24
103.61.196.0/24 maxlen: 24
147.90.35.0/24 maxlen: 24
158.173.167.0/24 maxlen: 24
158.173.243.0/24 maxlen: 24
158.173.246.0/24 maxlen: 24
158.173.247.0/24 maxlen: 24
167.160.28.0/24 maxlen: 24
170.62.238.0/24 maxlen: 24
192.253.209.0/24 maxlen: 24
198.55.31.0/24 maxlen: 24
203.188.175.0/24 maxlen: 24
203.188.189.0/24 maxlen: 24
203.188.190.0/24 maxlen: 24
203.188.191.0/24 maxlen: 24
212.32.71.0/24 maxlen: 24
212.32.73.0/24 maxlen: 24
212.32.76.0/24 maxlen: 24
213.254.163.0/24 maxlen: 24
213.254.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.mft
rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:63:6b:57:8c:f0:0d:9f:1f:48:f8:9c:2d:46:26:a7:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: May 26 08:33:59 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c51ba13ad9188eb448a4ca1115f94e151cacc2c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:f2:a4:b8:86:5e:04:93:1a:e0:02:0c:87:e4:
a2:cf:10:93:e9:1b:63:33:1f:36:0e:0d:9b:d6:83:
0f:92:d0:4a:f3:da:6b:53:b9:db:28:78:93:68:15:
67:80:52:bf:25:bc:b2:4e:40:30:4d:19:0e:cf:49:
c5:d7:19:c3:84:ee:c3:5b:d2:21:02:74:d3:7a:59:
b4:c6:c9:a9:06:ee:73:82:0e:ba:fd:31:d4:e6:cd:
e3:e9:91:ba:46:c8:38:5b:a9:8d:ca:17:5d:7a:6a:
1b:37:08:14:69:53:94:11:80:87:c7:32:40:ea:20:
e6:4c:d3:2c:9d:af:a5:36:2b:65:85:55:48:20:37:
af:1e:c9:da:e0:3d:28:3f:59:2a:81:e0:6e:7e:e0:
e0:55:45:20:69:58:fa:a2:73:d5:ea:82:d2:ce:35:
f3:6c:7b:06:75:25:80:48:05:76:ba:ea:37:19:b5:
e3:08:e4:18:f7:75:b1:81:68:83:4c:28:31:c1:6a:
02:44:a7:40:3a:29:5f:ca:11:dc:30:47:63:c9:d8:
6b:b5:a5:4d:88:cf:9a:5c:6f:12:18:d4:ab:46:02:
4c:f0:a4:59:36:8b:f8:45:8a:f5:74:7a:3b:71:3a:
c5:67:55:bc:eb:53:97:10:83:2e:82:f8:8d:ef:5f:
7f:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:1B:A1:3A:D9:18:8E:B4:48:A4:CA:11:15:F9:4E:15:1C:AC:C2:C8
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/xRuhOtkYjrRIpMoRFflOFRyswsg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.61.0-14.102.62.255
14.102.84.0/24
14.102.86.0/24
45.150.180.0/24
62.169.128.0/24
66.56.87.0/24
103.61.196.0/24
147.90.35.0/24
158.173.167.0/24
158.173.243.0/24
158.173.246.0/23
167.160.28.0/24
170.62.238.0/24
192.253.209.0/24
198.55.31.0/24
203.188.175.0/24
203.188.189.0-203.188.191.255
212.32.71.0/24
212.32.73.0/24
212.32.76.0/24
213.254.163.0/24
213.254.175.0/24
Signature Algorithm: sha256WithRSAEncryption
c5:8b:af:2a:35:1b:41:c9:aa:2b:da:9f:3b:49:52:d5:ce:4d:
a4:5c:e6:91:8e:19:b4:03:34:95:95:59:c9:f1:d1:cb:7c:9a:
12:2d:3e:56:fc:94:b4:a2:f5:62:3b:70:8b:12:60:b7:ec:b0:
10:6f:d0:f7:db:b6:8d:33:82:f0:a7:3f:30:d1:ca:e3:0d:6f:
9a:4a:a6:6a:1e:fd:c3:78:ef:1b:6e:5e:d2:6c:cb:55:97:d4:
c2:38:7a:c9:ac:7d:e5:65:bc:c9:39:13:92:3a:40:db:fb:80:
2f:49:65:7f:10:fe:31:d0:5e:79:01:1e:75:3a:33:3a:57:df:
b7:3a:ed:53:2c:99:45:19:a6:8e:d0:17:22:6b:ba:6f:af:70:
dc:84:a1:09:44:99:1b:5e:a0:91:76:48:cf:cc:bf:55:4f:ae:
40:22:3e:bc:de:89:e2:6d:b3:bc:87:01:ed:d8:37:50:15:76:
d3:98:60:b0:e9:a9:28:c1:fd:e7:6d:76:e5:ab:70:d6:15:f9:
64:d1:38:ce:24:6e:44:38:4c:8e:da:63:21:90:b2:f5:fb:a5:
c3:2a:e4:e2:da:3c:a5:f0:23:a6:87:60:52:30:7b:ad:62:e6:
16:4e:19:c4:de:25:ff:3c:88:a0:08:55:87:d9:e8:a1:7f:b5:
e7:54:d5:02
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgISAZ5ja1eM8A2fH0j4nC1GJqcGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjYwNTI2MDgzMzU5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTFiYTEzYWQ5MTg4ZWI0NDhhNGNhMTExNWY5NGUxNTFjYWNjMmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0fKkuIZeBJMa4AIMh+SizxCT6Rtj
Mx82Dg2b1oMPktBK89prU7nbKHiTaBVngFK/JbyyTkAwTRkOz0nF1xnDhO7DW9Ih
AnTTelm0xsmpBu5zgg66/THU5s3j6ZG6Rsg4W6mNyhddemobNwgUaVOUEYCHxzJA
6iDmTNMsna+lNitlhVVIIDevHsna4D0oP1kqgeBufuDgVUUgaVj6onPV6oLSzjXz
bHsGdSWASAV2uuo3GbXjCOQY93WxgWiDTCgxwWoCRKdAOilfyhHcMEdjydhrtaVN
iM+aXG8SGNSrRgJM8KRZNov4RYr1dHo7cTrFZ1W861OXEIMugviN719/CwIDAQAB
o4ICnDCCApgwHQYDVR0OBBYEFMUboTrZGI60SKTKERX5ThUcrMLIMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEveFJ1aE90a1lqclJJcE1vUkZmbE9GUnlzd3NnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGxBggrBgEFBQcBBwEB/wSBoTCBnjCBmwQCAAEwgZQwDAME
AA5mPQMEAA5mPgMEAA5mVAMEAA5mVgMEAC2WtAMEAD6pgAMEAEI4VwMEAGc9xAME
AJNaIwMEAJ6tpwMEAJ6t8wMEAZ6t9gMEAKegHAMEAKo+7gMEAMD90QMEAMY3HwME
AMu8rzAMAwQAy7y9AwQGy7yAAwQA1CBHAwQA1CBJAwQA1CBMAwQA1f6jAwQA1f6v
MA0GCSqGSIb3DQEBCwUAA4IBAQDFi68qNRtByaor2p87SVLVzk2kXOaRjhm0AzSV
lVnJ8dHLfJoSLT5W/JS0ovViO3CLEmC37LAQb9D327aNM4Lwpz8w0crjDW+aSqZq
Hv3DeO8bbl7SbMtVl9TCOHrJrH3lZbzJOROSOkDb+4AvSWV/EP4x0F55AR51OjM6
V9+3Ou1TLJlFGaaO0Bcia7pvr3DchKEJRJkbXqCRdkjPzL9VT65AIj683onibbO8
hwHt2DdQFXbTmGCw6akowf3nbXblq3DWFflk0TjOJG5EOEyO2mMhkLL1+6XDKuTi
2jyl8COmh2BSMHutYuYWThnE3iX/PIigCFWH2eihf7XnVNUC
-----END CERTIFICATE-----
Generated at Thu Jun 4 07:07:32 2026 by rpki-client