Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/iircksZ1lniGrsho4c71zTYscag.roa
File: iircksZ1lniGrsho4c71zTYscag.roa (raw, json)
Hash identifier: JTo2zm/yHGEpha7twMVXgQFe6va9VcI3pcXSuOxb/ug=
Subject key identifier: 8A:2A:DC:92:C6:75:96:78:86:AE:C8:68:E1:CE:F5:CD:36:2C:71:A8
Certificate issuer: /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Certificate serial: 019E2B5D07A16B4A724DEC4BE19855C0A841
Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/iircksZ1lniGrsho4c71zTYscag.roa
Signing time: Fri 15 May 2026 11:19:37 +0000
ROA not before: Fri 15 May 2026 11:19:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 32787
IP address blocks: 2.17.108.0/22 maxlen: 22
2.17.120.0/22 maxlen: 22
2.17.192.0/22 maxlen: 22
2.17.192.0/24 maxlen: 24
2.17.193.0/24 maxlen: 24
2.17.194.0/24 maxlen: 24
2.17.195.0/24 maxlen: 24
2.18.212.0/22 maxlen: 22
2.19.4.0/22 maxlen: 22
2.21.112.0/24 maxlen: 24
2.21.113.0/24 maxlen: 24
2.21.114.0/24 maxlen: 24
2.21.115.0/24 maxlen: 24
2.21.116.0/24 maxlen: 24
2.21.117.0/24 maxlen: 24
2.21.118.0/24 maxlen: 24
2.21.119.0/24 maxlen: 24
2.21.120.0/24 maxlen: 24
2.21.121.0/24 maxlen: 24
2.21.123.0/24 maxlen: 24
2.21.124.0/24 maxlen: 24
2.21.125.0/24 maxlen: 24
2.21.126.0/24 maxlen: 24
2.21.127.0/24 maxlen: 24
2.21.175.0/24 maxlen: 24
2.23.128.0/23 maxlen: 23
2.23.130.0/23 maxlen: 23
2.23.132.0/23 maxlen: 23
2.23.134.0/24 maxlen: 24
2.23.135.0/24 maxlen: 24
92.122.184.0/24 maxlen: 24
92.122.185.0/24 maxlen: 24
92.122.207.0/24 maxlen: 24
93.191.169.0/24 maxlen: 24
93.191.172.0/24 maxlen: 24
95.100.157.0/24 maxlen: 24
95.100.180.0/24 maxlen: 24
95.100.212.0/24 maxlen: 24
95.100.213.0/24 maxlen: 24
95.100.214.0/24 maxlen: 24
95.100.215.0/24 maxlen: 24
95.100.253.0/24 maxlen: 24
95.101.117.0/24 maxlen: 24
95.101.118.0/24 maxlen: 24
95.101.204.0/22 maxlen: 22
2a02:2370:1::/48 maxlen: 48
2a02:2370:2::/48 maxlen: 48
2a02:2370:3::/48 maxlen: 48
2a02:2370:4::/48 maxlen: 48
2a02:2370:5::/48 maxlen: 48
2a02:2370:6::/48 maxlen: 48
2a02:2370:101::/48 maxlen: 48
2a02:2370:102::/48 maxlen: 48
2a02:2370:103::/48 maxlen: 48
2a02:2370:104::/48 maxlen: 48
2a02:2370:105::/48 maxlen: 48
2a02:2370:106::/48 maxlen: 48
2a02:2370:200::/48 maxlen: 48
2a02:2370:201::/48 maxlen: 48
2a02:2370:202::/48 maxlen: 48
2a02:2370:203::/48 maxlen: 48
2a02:2370:204::/48 maxlen: 48
2a02:2370:205::/48 maxlen: 48
2a02:2370:206::/48 maxlen: 48
2a02:2370:207::/48 maxlen: 48
2a02:2370:208::/48 maxlen: 48
2a02:2370:209::/48 maxlen: 48
2a02:2370:20a::/48 maxlen: 48
2a02:2370:20b::/48 maxlen: 48
2a02:2370:20c::/48 maxlen: 48
2a02:2370:20d::/48 maxlen: 48
2a02:2370:4000::/48 maxlen: 48
2a02:2370:8000::/48 maxlen: 48
2a02:2370:c000::/48 maxlen: 48
2a02:2370:f000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.mft
rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Jun 2026 00:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:2b:5d:07:a1:6b:4a:72:4d:ec:4b:e1:98:55:c0:a8:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Validity
Not Before: May 15 11:19:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8a2adc92c675967886aec868e1cef5cd362c71a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:66:5b:1f:7b:1a:86:4f:45:f0:a4:69:5a:ac:
b0:c4:2b:d2:b8:5a:57:68:7a:7d:4e:3a:02:75:93:
56:56:f0:00:a1:bd:5c:86:43:e6:81:45:f7:9f:0c:
2f:f4:cc:f0:13:7b:99:26:ab:60:aa:2a:7f:7f:55:
9d:91:d2:7d:bb:82:d5:ac:ef:c3:12:f7:68:f3:0d:
b8:3f:c5:e8:4c:93:01:71:b3:a9:64:b7:26:82:8d:
10:31:37:7f:25:af:e9:e6:e3:0a:36:61:b3:ab:c7:
bb:09:49:c6:56:00:1b:9b:82:52:ef:1f:27:ee:5f:
a9:27:46:76:c5:4a:55:77:67:e1:80:3f:28:6d:07:
57:41:69:21:3b:3b:fb:48:64:47:35:69:e2:f0:df:
b0:ef:17:5d:dc:33:94:02:8e:87:95:90:0a:e9:38:
11:54:c1:d4:cc:77:df:42:67:5b:20:b5:3e:cf:83:
81:c0:29:3f:b1:ac:a5:8f:88:07:1f:ee:3f:57:f3:
d8:74:8c:8e:53:a2:3c:ff:17:f0:6d:41:15:62:13:
1b:b0:42:9d:92:81:b2:2d:8f:fe:25:b8:ab:1a:9e:
3d:bc:5a:77:d8:e7:9d:a7:24:45:49:64:da:4b:db:
ca:a1:8e:bc:7a:92:1e:ed:06:59:c5:41:1c:3c:28:
34:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:2A:DC:92:C6:75:96:78:86:AE:C8:68:E1:CE:F5:CD:36:2C:71:A8
X509v3 Authority Key Identifier:
keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/iircksZ1lniGrsho4c71zTYscag.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.17.108.0/22
2.17.120.0/22
2.17.192.0/22
2.18.212.0/22
2.19.4.0/22
2.21.112.0-2.21.121.255
2.21.123.0-2.21.127.255
2.21.175.0/24
2.23.128.0/21
92.122.184.0/23
92.122.207.0/24
93.191.169.0/24
93.191.172.0/24
95.100.157.0/24
95.100.180.0/24
95.100.212.0/22
95.100.253.0/24
95.101.117.0-95.101.118.255
95.101.204.0/22
IPv6:
2a02:2370:1::-2a02:2370:6:ffff:ffff:ffff:ffff:ffff
2a02:2370:101::-2a02:2370:106:ffff:ffff:ffff:ffff:ffff
2a02:2370:200::-2a02:2370:20d:ffff:ffff:ffff:ffff:ffff
2a02:2370:4000::/48
2a02:2370:8000::/48
2a02:2370:c000::/48
2a02:2370:f000::/48
Signature Algorithm: sha256WithRSAEncryption
0f:48:c8:b2:27:55:c7:4e:04:4e:25:a5:21:00:3b:e9:44:20:
7b:fb:f1:d7:52:3e:bb:3e:3f:1d:71:1b:1b:f4:61:bc:bd:9e:
75:a8:4d:c9:26:2e:c7:9b:4d:69:1f:53:cd:dc:ca:94:ec:8e:
99:76:d8:41:d6:af:78:8b:44:25:d4:ba:5e:25:ee:36:b5:2c:
5e:7b:fe:cb:82:1e:13:50:e0:f4:1c:8f:ff:ad:fe:26:01:ca:
ef:27:fd:ec:de:9c:a1:24:6e:2a:6c:2a:ae:8b:ad:fe:8a:d4:
d0:c4:1e:dd:18:d8:10:11:c7:d9:a4:8c:ed:40:19:2b:5b:3e:
f8:9f:78:54:b5:9e:c5:8d:43:47:ef:b3:4b:ee:db:ca:68:c7:
cf:7b:98:a5:3b:d1:d1:51:1b:55:ed:7a:aa:4c:9b:ac:51:94:
5c:9c:45:ab:35:97:fd:93:b0:8f:9f:fe:ad:4f:17:1a:38:82:
53:0c:c2:ca:96:e7:ab:9d:c2:1a:91:65:78:9e:e6:ef:6b:14:
41:89:6f:57:df:e0:ee:bd:cb:da:96:95:f5:78:15:72:9e:93:
91:4c:58:91:97:f8:16:08:39:7e:1f:d7:02:fc:2b:9e:aa:db:
8f:8b:cc:5a:aa:80:b6:10:51:b0:79:30:da:b8:5d:7f:2a:e6:
07:c8:65:c1
-----BEGIN CERTIFICATE-----
MIIF7jCCBNagAwIBAgISAZ4rXQeha0pyTexL4ZhVwKhBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5
YmQ2YWEwHhcNMjYwNTE1MTExOTM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTJhZGM5MmM2NzU5Njc4ODZhZWM4NjhlMWNlZjVjZDM2MmM3MWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw2ZbH3sahk9F8KRpWqywxCvSuFpX
aHp9TjoCdZNWVvAAob1chkPmgUX3nwwv9MzwE3uZJqtgqip/f1WdkdJ9u4LVrO/D
Evdo8w24P8XoTJMBcbOpZLcmgo0QMTd/Ja/p5uMKNmGzq8e7CUnGVgAbm4JS7x8n
7l+pJ0Z2xUpVd2fhgD8obQdXQWkhOzv7SGRHNWni8N+w7xdd3DOUAo6HlZAK6TgR
VMHUzHffQmdbILU+z4OBwCk/saylj4gHH+4/V/PYdIyOU6I8/xfwbUEVYhMbsEKd
koGyLY/+JbirGp49vFp32OedpyRFSWTaS9vKoY68epIe7QZZxUEcPCg0mQIDAQAB
o4IC+jCCAvYwHQYDVR0OBBYEFIoq3JLGdZZ4hq7IaOHO9c02LHGoMB8GA1UdIwQY
MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt
ODhkMWNhYzllNGYxLzEvaWlyY2tzWjFsbmlHcnNobzRjNzF6VFlzY2FnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx
LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBDgYIKwYBBQUHAQcBAf8Egf4wgfswgZEEAgABMIGKAwQC
AhFsAwQCAhF4AwQCAhHAAwQCAhLUAwQCAhMEMAwDBAQCFXADBAECFXgwDAMEAAIV
ewMEBwIVAAMEAAIVrwMEAwIXgAMEAVx6uAMEAFx6zwMEAF2/qQMEAF2/rAMEAF9k
nQMEAF9ktAMEAl9k1AMEAF9k/TAMAwQAX2V1AwQAX2V2AwQCX2XMMGUEAgACMF8w
EgMHACoCI3AAAQMHACoCI3AABjASAwcAKgIjcAEBAwcAKgIjcAEGMBEDBgEqAiNw
AgMHASoCI3ACDAMHACoCI3BAAAMHACoCI3CAAAMHACoCI3DAAAMHACoCI3DwADAN
BgkqhkiG9w0BAQsFAAOCAQEAD0jIsidVx04ETiWlIQA76UQge/vx11I+uz4/HXEb
G/RhvL2edahNySYux5tNaR9TzdzKlOyOmXbYQdaveItEJdS6XiXuNrUsXnv+y4Ie
E1Dg9ByP/63+JgHK7yf97N6coSRuKmwqrout/orU0MQe3RjYEBHH2aSM7UAZK1s+
+J94VLWexY1DR++zS+7bymjHz3uYpTvR0VEbVe16qkybrFGUXJxFqzWX/ZOwj5/+
rU8XGjiCUwzCypbnq53CGpFleJ7m72sUQYlvV9/g7r3L2paV9XgVcp6TkUxYkZf4
Fgg5fh/XAvwrnqrbj4vMWqqAthBRsHkw2rhdfyrmB8hlwQ==
-----END CERTIFICATE-----
Generated at Sat Jun 6 08:21:34 2026 by rpki-client