Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/S3LSGjrV7uABu8qEE_ahYBI7SkU.roa
File: S3LSGjrV7uABu8qEE_ahYBI7SkU.roa (raw, json)
Hash identifier: X5ME7tz1ZHkzkoANVkGErwtBAD9pTrBBL5KsvqoJ5Yo=
Subject key identifier: 4B:72:D2:1A:3A:D5:EE:E0:01:BB:CA:84:13:F6:A1:60:12:3B:4A:45
Certificate issuer: /CN=d3e97033a36aa9bcc0c2f167e620d7ca1493cbea
Certificate serial: 019DB3B09299E9081671C5A1C628F4C05469
Authority key identifier: D3:E9:70:33:A3:6A:A9:BC:C0:C2:F1:67:E6:20:D7:CA:14:93:CB:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/S3LSGjrV7uABu8qEE_ahYBI7SkU.roa
Signing time: Wed 22 Apr 2026 05:36:26 +0000
ROA not before: Wed 22 Apr 2026 05:36:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 60246
IP address blocks: 80.72.20.0/23 maxlen: 32
80.72.24.0/23 maxlen: 32
85.198.120.0/21 maxlen: 32
92.118.72.0/23 maxlen: 32
95.174.96.0/20 maxlen: 32
95.174.112.0/21 maxlen: 32
95.174.120.0/24 maxlen: 32
95.174.123.0/24 maxlen: 32
95.174.124.0/22 maxlen: 32
178.212.139.0/24 maxlen: 32
178.248.0.0/22 maxlen: 32
178.248.4.0/23 maxlen: 32
178.248.6.0/23 maxlen: 32
185.9.184.0/24 maxlen: 32
185.9.186.0/23 maxlen: 32
185.230.240.0/23 maxlen: 32
185.230.242.0/24 maxlen: 32
2a00:8740::/46 maxlen: 128
2a00:8740:10::/44 maxlen: 128
2a00:8740:20::/44 maxlen: 128
2a00:8740:30::/44 maxlen: 128
2a00:8740:80::/48 maxlen: 128
2a00:8740:100::/48 maxlen: 128
2a00:8740:110::/47 maxlen: 128
2a00:8740:112::/48 maxlen: 128
2a00:8740:201::/48 maxlen: 128
2a00:8740:ff00::/48 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/0-lwM6NqqbzAwvFn5iDXyhSTy-o.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/0-lwM6NqqbzAwvFn5iDXyhSTy-o.mft
rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 02:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:b3:b0:92:99:e9:08:16:71:c5:a1:c6:28:f4:c0:54:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3e97033a36aa9bcc0c2f167e620d7ca1493cbea
Validity
Not Before: Apr 22 05:36:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4b72d21a3ad5eee001bbca8413f6a160123b4a45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:bd:b4:a4:df:aa:38:67:af:ac:43:1e:be:a6:
6b:53:85:bf:d2:c8:5c:4f:dc:b4:65:a2:a1:3c:2a:
40:c5:e3:e2:5f:96:f3:1b:5b:5c:9e:47:08:ea:b3:
de:85:ba:9a:0a:82:88:73:41:b9:4e:f1:6b:13:b1:
d4:56:50:a3:f0:89:35:03:91:eb:20:0f:05:d3:09:
3b:c4:1b:70:87:fe:2b:d0:4d:31:9e:07:22:0f:2b:
7b:6a:b5:39:b3:25:a7:0b:ab:59:9b:7f:c4:0e:98:
b9:10:23:0f:9b:06:14:55:73:16:d4:bd:44:0f:b3:
ba:9c:b1:b0:86:78:96:44:d1:59:f9:1b:84:8f:43:
4f:86:54:b8:60:de:a6:d4:b8:aa:28:0b:16:a8:ed:
c2:8d:10:8b:08:fa:6d:16:48:ba:3a:db:e1:2e:fc:
6f:08:d1:1d:64:45:3d:09:9e:1f:9c:c2:ac:ac:cb:
ce:e6:a4:28:50:79:d2:2c:46:df:cb:b8:d6:13:69:
dd:14:8f:77:d4:a2:ed:a5:5b:a2:69:c0:af:db:29:
ac:65:dc:42:9b:7e:ad:6b:02:a7:50:45:fe:c1:57:
9d:0a:50:e8:e6:a8:f7:2a:c9:70:a1:0c:92:f7:ea:
00:c5:77:f9:31:79:fc:6a:d4:86:94:1e:fb:a3:e7:
0b:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:72:D2:1A:3A:D5:EE:E0:01:BB:CA:84:13:F6:A1:60:12:3B:4A:45
X509v3 Authority Key Identifier:
keyid:D3:E9:70:33:A3:6A:A9:BC:C0:C2:F1:67:E6:20:D7:CA:14:93:CB:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/S3LSGjrV7uABu8qEE_ahYBI7SkU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/0-lwM6NqqbzAwvFn5iDXyhSTy-o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.72.20.0/23
80.72.24.0/23
85.198.120.0/21
92.118.72.0/23
95.174.96.0-95.174.120.255
95.174.123.0-95.174.127.255
178.212.139.0/24
178.248.0.0/21
185.9.184.0/24
185.9.186.0/23
185.230.240.0-185.230.242.255
IPv6:
2a00:8740::/46
2a00:8740:10::-2a00:8740:3f:ffff:ffff:ffff:ffff:ffff
2a00:8740:80::/48
2a00:8740:100::/48
2a00:8740:110::-2a00:8740:112:ffff:ffff:ffff:ffff:ffff
2a00:8740:201::/48
2a00:8740:ff00::/48
Signature Algorithm: sha256WithRSAEncryption
30:93:87:b7:e2:d5:1a:b2:cf:7b:a0:5e:75:44:31:c6:de:f8:
c9:3a:7a:25:d7:ed:de:88:6f:2a:b1:0b:84:d1:6a:74:10:c7:
02:cd:f3:5b:2a:ce:2c:62:f9:1f:90:23:20:69:42:b3:fd:e8:
70:d8:f6:fd:93:ef:85:00:7c:37:f0:26:6f:85:62:4d:31:a5:
03:f3:0b:e0:7f:ab:1c:ae:98:21:2d:f9:f2:be:46:09:b2:1c:
a5:08:81:b5:7f:8f:f7:98:16:eb:25:93:6f:9c:de:b3:f8:c7:
55:f0:b8:7d:a2:31:a8:92:3e:a1:56:4e:d3:9c:62:f6:c9:8e:
05:72:6f:72:33:72:ad:78:fd:79:fd:8d:b3:85:40:68:01:85:
72:bd:bc:6a:76:af:46:89:65:e2:01:b3:14:94:69:ba:ad:e5:
7a:7d:3e:49:b0:0f:5f:5f:e0:d9:d8:06:c5:1e:40:33:5f:5d:
29:fb:e2:4a:be:22:ee:fb:44:62:80:42:2b:51:aa:61:52:f4:
b4:f4:59:8f:4c:ef:06:88:67:6a:fa:18:60:37:8f:3d:93:80:
93:f2:57:de:26:30:3c:79:47:d2:e7:8e:ef:dc:cc:43:b3:28:
1c:5f:08:2c:14:2b:38:20:9e:fe:ad:a6:86:d9:44:14:b6:cf:
e7:21:6e:bd
-----BEGIN CERTIFICATE-----
MIIFsTCCBJmgAwIBAgISAZ2zsJKZ6QgWccWhxij0wFRpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzZTk3MDMzYTM2YWE5YmNjMGMyZjE2N2U2MjBkN2NhMTQ5
M2NiZWEwHhcNMjYwNDIyMDUzNjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjcyZDIxYTNhZDVlZWUwMDFiYmNhODQxM2Y2YTE2MDEyM2I0YTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2r20pN+qOGevrEMevqZrU4W/0shc
T9y0ZaKhPCpAxePiX5bzG1tcnkcI6rPehbqaCoKIc0G5TvFrE7HUVlCj8Ik1A5Hr
IA8F0wk7xBtwh/4r0E0xngciDyt7arU5syWnC6tZm3/EDpi5ECMPmwYUVXMW1L1E
D7O6nLGwhniWRNFZ+RuEj0NPhlS4YN6m1LiqKAsWqO3CjRCLCPptFki6OtvhLvxv
CNEdZEU9CZ4fnMKsrMvO5qQoUHnSLEbfy7jWE2ndFI931KLtpVuiacCv2ymsZdxC
m36tawKnUEX+wVedClDo5qj3KslwoQyS9+oAxXf5MXn8atSGlB77o+cLVQIDAQAB
o4ICvTCCArkwHQYDVR0OBBYEFEty0ho61e7gAbvKhBP2oWASO0pFMB8GA1UdIwQY
MBaAFNPpcDOjaqm8wMLxZ+Yg18oUk8vqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMC1sd002TnFxYnpBd3ZGbjVpRFh5aFNUeS1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS81YTMyMGItZTk0Zi00MWM5LTgyZjMt
ZGJmOWQ0MWYxNzk4LzEvUzNMU0dqclY3dUFCdThxRUVfYWhZQkk3U2tVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS81YTMyMGItZTk0Zi00MWM5LTgyZjMtZGJmOWQ0MWYxNzk4
LzEvMC1sd002TnFxYnpBd3ZGbjVpRFh5aFNUeS1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHSBggrBgEFBQcBBwEB/wSBwjCBvzBgBAIAATBaAwQBUEgU
AwQBUEgYAwQDVcZ4AwQBXHZIMAwDBAVfrmADBABfrngwDAMEAF+uewMEB1+uAAME
ALLUiwMEA7L4AAMEALkJuAMEAbkJujAMAwQEuebwAwQAuebyMFsEAgACMFUDBwIq
AIdAAAAwEgMHBCoAh0AAEAMHBioAh0AAAAMHACoAh0AAgAMHACoAh0ABADASAwcE
KgCHQAEQAwcAKgCHQAESAwcAKgCHQAIBAwcAKgCHQP8AMA0GCSqGSIb3DQEBCwUA
A4IBAQAwk4e34tUass97oF51RDHG3vjJOnol1+3eiG8qsQuE0Wp0EMcCzfNbKs4s
YvkfkCMgaUKz/ehw2Pb9k++FAHw38CZvhWJNMaUD8wvgf6scrpghLfnyvkYJshyl
CIG1f4/3mBbrJZNvnN6z+MdV8Lh9ojGokj6hVk7TnGL2yY4Fcm9yM3KteP15/Y2z
hUBoAYVyvbxqdq9GiWXiAbMUlGm6reV6fT5JsA9fX+DZ2AbFHkAzX10p++JKviLu
+0RigEIrUaphUvS09FmPTO8GiGdq+hhgN489k4CT8lfeJjA8eUfS547v3MxDsygc
XwgsFCs4IJ7+raaG2UQUts/nIW69
-----END CERTIFICATE-----
Generated at Mon Apr 27 10:38:32 2026 by rpki-client