Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/8d02KruNX3tmh28RFw8OcCnrOwY.roa
File: 8d02KruNX3tmh28RFw8OcCnrOwY.roa (raw, json)
Hash identifier: VGnqsysn1mYSIWIN5uD+QKkuZ6900ugrlryqETr8E/g=
Subject key identifier: F1:DD:36:2A:BB:8D:5F:7B:66:87:6F:11:17:0F:0E:70:29:EB:3B:06
Certificate issuer: /CN=947320d030930178e6f7ceef91d2ab8784d3dc16
Certificate serial: 019E4FD2D158961CFFFE33C7A53D41B860CF
Authority key identifier: 94:73:20:D0:30:93:01:78:E6:F7:CE:EF:91:D2:AB:87:84:D3:DC:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lHMg0DCTAXjm987vkdKrh4TT3BY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/8d02KruNX3tmh28RFw8OcCnrOwY.roa
Signing time: Fri 22 May 2026 13:14:36 +0000
ROA not before: Fri 22 May 2026 13:14:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 62005
IP address blocks: 45.66.248.0/24 maxlen: 24
45.66.249.0/24 maxlen: 24
45.86.228.0/24 maxlen: 24
45.86.229.0/24 maxlen: 24
45.86.231.0/24 maxlen: 24
45.129.199.0/24 maxlen: 24
45.143.166.0/23 maxlen: 23
45.150.108.0/24 maxlen: 24
45.150.109.0/24 maxlen: 24
62.106.66.0/24 maxlen: 24
62.204.35.0/24 maxlen: 24
77.72.85.0/24 maxlen: 24
83.97.79.0/24 maxlen: 24
91.211.27.0/24 maxlen: 24
91.235.234.0/24 maxlen: 24
91.242.228.0/24 maxlen: 24
91.242.241.0/24 maxlen: 24
130.49.155.0/24 maxlen: 24
146.19.143.0/24 maxlen: 24
146.19.254.0/24 maxlen: 24
155.212.242.0/24 maxlen: 24
155.212.243.0/24 maxlen: 24
176.124.32.0/24 maxlen: 24
176.124.33.0/24 maxlen: 24
185.39.18.0/24 maxlen: 24
185.123.53.0/24 maxlen: 24
193.104.75.0/24 maxlen: 24
193.109.120.0/24 maxlen: 24
193.200.16.0/24 maxlen: 24
193.200.17.0/24 maxlen: 24
194.26.141.0/24 maxlen: 24
194.61.120.0/24 maxlen: 24
194.61.121.0/24 maxlen: 24
195.54.160.0/24 maxlen: 24
212.46.38.0/24 maxlen: 24
213.109.147.0/24 maxlen: 24
213.109.192.0/24 maxlen: 24
2a10:1fc0:1::/48 maxlen: 48
2a10:1fc0:2::/48 maxlen: 48
2a10:1fc0:3::/48 maxlen: 48
2a10:1fc0:4::/48 maxlen: 48
2a10:1fc0:5::/48 maxlen: 48
2a10:1fc0:6::/48 maxlen: 48
2a10:1fc0:8::/48 maxlen: 48
2a10:1fc0:9::/48 maxlen: 48
2a10:1fc0:b::/48 maxlen: 48
2a10:1fc0:c::/48 maxlen: 48
2a10:1fc0:d::/48 maxlen: 48
2a10:1fc0:e::/48 maxlen: 48
2a10:1fc0:f::/48 maxlen: 48
2a10:1fc0:10::/48 maxlen: 48
2a10:1fc0:11::/48 maxlen: 48
2a10:1fc0:12::/48 maxlen: 48
2a10:1fc0:13::/48 maxlen: 48
2a10:1fc0:14::/48 maxlen: 48
2a10:1fc0:15::/48 maxlen: 48
2a10:1fc0:16::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/lHMg0DCTAXjm987vkdKrh4TT3BY.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/lHMg0DCTAXjm987vkdKrh4TT3BY.mft
rsync://rpki.ripe.net/repository/DEFAULT/lHMg0DCTAXjm987vkdKrh4TT3BY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Jun 2026 02:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:4f:d2:d1:58:96:1c:ff:fe:33:c7:a5:3d:41:b8:60:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=947320d030930178e6f7ceef91d2ab8784d3dc16
Validity
Not Before: May 22 13:14:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f1dd362abb8d5f7b66876f11170f0e7029eb3b06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:ed:70:30:3a:72:5f:1f:dc:f1:73:d7:b5:c5:
0d:5e:f0:9f:38:c3:10:59:1c:fa:f4:55:2f:69:f2:
ef:99:06:b8:28:22:c8:31:a4:0a:a3:27:a8:38:5b:
91:5d:98:b0:e9:c2:02:64:c7:70:f1:35:b3:95:e0:
ee:2e:e1:15:21:13:65:9c:18:be:f8:f0:90:4a:e1:
4d:ad:c7:a4:df:2d:63:69:24:9b:5a:dd:09:43:ba:
48:13:a7:11:87:a6:46:3d:52:55:c1:15:b0:ed:f3:
f5:35:10:56:17:0a:51:0c:01:c1:b9:96:4f:7d:c2:
2c:af:da:85:25:48:73:be:45:b7:26:d6:26:9b:ff:
26:19:98:6c:a0:4b:11:0b:42:4e:3f:bd:7e:94:f2:
0a:17:9c:30:0e:14:0d:56:b9:78:40:a1:c8:93:83:
8d:f2:e8:25:27:50:d1:b4:1b:ab:f7:ac:84:51:e9:
8e:c3:25:cb:76:76:ed:a5:be:e7:c7:9d:0d:bb:3d:
48:85:42:a0:9b:4e:96:b3:ef:1c:fc:e9:2d:f3:d1:
df:1d:52:13:78:f9:a6:8e:96:55:42:22:cf:4a:ef:
3f:f5:59:f4:05:18:e9:6c:82:69:4b:74:e9:98:31:
0c:b2:44:62:d6:21:fe:ef:8d:4c:c9:a3:cf:fb:ae:
27:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:DD:36:2A:BB:8D:5F:7B:66:87:6F:11:17:0F:0E:70:29:EB:3B:06
X509v3 Authority Key Identifier:
keyid:94:73:20:D0:30:93:01:78:E6:F7:CE:EF:91:D2:AB:87:84:D3:DC:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lHMg0DCTAXjm987vkdKrh4TT3BY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/8d02KruNX3tmh28RFw8OcCnrOwY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/lHMg0DCTAXjm987vkdKrh4TT3BY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.248.0/23
45.86.228.0/23
45.86.231.0/24
45.129.199.0/24
45.143.166.0/23
45.150.108.0/23
62.106.66.0/24
62.204.35.0/24
77.72.85.0/24
83.97.79.0/24
91.211.27.0/24
91.235.234.0/24
91.242.228.0/24
91.242.241.0/24
130.49.155.0/24
146.19.143.0/24
146.19.254.0/24
155.212.242.0/23
176.124.32.0/23
185.39.18.0/24
185.123.53.0/24
193.104.75.0/24
193.109.120.0/24
193.200.16.0/23
194.26.141.0/24
194.61.120.0/23
195.54.160.0/24
212.46.38.0/24
213.109.147.0/24
213.109.192.0/24
IPv6:
2a10:1fc0:1::-2a10:1fc0:6:ffff:ffff:ffff:ffff:ffff
2a10:1fc0:8::/47
2a10:1fc0:b::-2a10:1fc0:16:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
a0:1f:c7:65:85:89:25:6b:c1:6c:11:21:03:5b:d8:b4:65:72:
93:08:49:01:a4:96:10:b3:ac:f2:e1:71:a9:30:8e:94:46:b6:
66:d7:db:ea:61:7f:71:43:98:3e:5f:2b:a2:89:2a:c5:33:39:
75:80:a4:1e:7d:87:ea:9b:b9:ff:b7:91:15:5f:47:e4:dd:b0:
52:ee:87:66:d8:f8:46:25:61:30:69:e2:cc:78:60:f9:87:a4:
93:43:91:7f:01:92:df:7b:e1:73:a8:40:e1:2d:70:c3:71:17:
c3:1f:33:d9:ec:63:a8:75:31:6a:f3:f7:ee:6b:91:cb:f2:f2:
4d:99:27:fd:70:cb:f6:73:0b:5a:7a:3a:a6:06:ef:d2:fb:9f:
cf:bb:47:77:a9:26:62:5d:b7:20:74:dc:45:b3:eb:9c:7e:94:
ab:74:c5:87:e0:1f:ef:a0:0e:10:58:52:f5:02:a5:b7:85:85:
2e:73:a3:53:f2:01:a6:a3:3e:24:6f:fd:d3:10:9d:7f:b2:47:
84:e7:59:63:64:71:90:2d:2f:f8:9b:92:e3:59:ce:86:a2:68:
2f:61:70:9b:68:b6:06:05:24:b9:e5:e4:27:81:d8:3e:ca:6c:
57:12:e1:b5:f0:5b:f0:83:2a:83:81:03:95:00:9f:bd:0a:3e:
65:e1:ad:f9
-----BEGIN CERTIFICATE-----
MIIF6jCCBNKgAwIBAgISAZ5P0tFYlhz//jPHpT1BuGDPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0NzMyMGQwMzA5MzAxNzhlNmY3Y2VlZjkxZDJhYjg3ODRk
M2RjMTYwHhcNMjYwNTIyMTMxNDM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWRkMzYyYWJiOGQ1ZjdiNjY4NzZmMTExNzBmMGU3MDI5ZWIzYjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAju1wMDpyXx/c8XPXtcUNXvCfOMMQ
WRz69FUvafLvmQa4KCLIMaQKoyeoOFuRXZiw6cICZMdw8TWzleDuLuEVIRNlnBi+
+PCQSuFNrcek3y1jaSSbWt0JQ7pIE6cRh6ZGPVJVwRWw7fP1NRBWFwpRDAHBuZZP
fcIsr9qFJUhzvkW3JtYmm/8mGZhsoEsRC0JOP71+lPIKF5wwDhQNVrl4QKHIk4ON
8uglJ1DRtBur96yEUemOwyXLdnbtpb7nx50Nuz1IhUKgm06Ws+8c/Okt89HfHVIT
ePmmjpZVQiLPSu8/9Vn0BRjpbIJpS3TpmDEMskRi1iH+741MyaPP+64njwIDAQAB
o4IC9jCCAvIwHQYDVR0OBBYEFPHdNiq7jV97ZodvERcPDnAp6zsGMB8GA1UdIwQY
MBaAFJRzINAwkwF45vfO75HSq4eE09wWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEhNZzBEQ1RBWGptOTg3dmtkS3JoNFRUM0JZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC84MmU4NzYtYzk5Ny00NjA1LTg3YWEt
OGFjNGEyMTkzOGI0LzEvOGQwMktydU5YM3RtaDI4UkZ3OE9jQ25yT3dZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC84MmU4NzYtYzk5Ny00NjA1LTg3YWEtOGFjNGEyMTkzOGI0
LzEvbEhNZzBEQ1RBWGptOTg3dmtkS3JoNFRUM0JZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBCgYIKwYBBQUHAQcBAf8EgfowgfcwgbsEAgABMIG0AwQB
LUL4AwQBLVbkAwQALVbnAwQALYHHAwQBLY+mAwQBLZZsAwQAPmpCAwQAPswjAwQA
TUhVAwQAU2FPAwQAW9MbAwQAW+vqAwQAW/LkAwQAW/LxAwQAgjGbAwQAkhOPAwQA
khP+AwQBm9TyAwQBsHwgAwQAuScSAwQAuXs1AwQAwWhLAwQAwW14AwQBwcgQAwQA
whqNAwQBwj14AwQAwzagAwQA1C4mAwQA1W2TAwQA1W3AMDcEAgACMDEwEgMHACoQ
H8AAAQMHACoQH8AABgMHASoQH8AACDASAwcAKhAfwAALAwcAKhAfwAAWMA0GCSqG
SIb3DQEBCwUAA4IBAQCgH8dlhYkla8FsESEDW9i0ZXKTCEkBpJYQs6zy4XGpMI6U
RrZm19vqYX9xQ5g+XyuiiSrFMzl1gKQefYfqm7n/t5EVX0fk3bBS7odm2PhGJWEw
aeLMeGD5h6STQ5F/AZLfe+FzqEDhLXDDcRfDHzPZ7GOodTFq8/fua5HL8vJNmSf9
cMv2cwtaejqmBu/S+5/Pu0d3qSZiXbcgdNxFs+ucfpSrdMWH4B/voA4QWFL1AqW3
hYUuc6NT8gGmoz4kb/3TEJ1/skeE51ljZHGQLS/4m5LjWc6GomgvYXCbaLYGBSS5
5eQngdg+ymxXEuG18FvwgyqDgQOVAJ+9Cj5l4a35
-----END CERTIFICATE-----
Generated at Sat Jun 6 10:31:05 2026 by rpki-client