Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/a407a0-8bc1-4416-9437-24246682bf00/1/PeGqvcvoQwIlcxZ0yNmi59c1yzQ.roa
File: PeGqvcvoQwIlcxZ0yNmi59c1yzQ.roa (raw, json)
Hash identifier: 50M9/kQdJNFZZaEeJg52nYi4ikYT+HD/jZQVEJxVekQ=
Subject key identifier: 3D:E1:AA:BD:CB:E8:43:02:25:73:16:74:C8:D9:A2:E7:D7:35:CB:34
Certificate issuer: /CN=0ae4bc9401d9f87772c8c9c69834077512f42611
Certificate serial: 019E462CBAD596E453C914C424F9941E55A1
Authority key identifier: 0A:E4:BC:94:01:D9:F8:77:72:C8:C9:C6:98:34:07:75:12:F4:26:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CuS8lAHZ-HdyyMnGmDQHdRL0JhE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/a407a0-8bc1-4416-9437-24246682bf00/1/PeGqvcvoQwIlcxZ0yNmi59c1yzQ.roa
Signing time: Wed 20 May 2026 16:16:36 +0000
ROA not before: Wed 20 May 2026 16:16:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 50053
IP address blocks: 81.85.72.0/24 maxlen: 24
81.85.74.0/24 maxlen: 24
81.85.75.0/24 maxlen: 24
185.5.75.0/24 maxlen: 24
185.9.24.0/24 maxlen: 24
185.9.25.0/24 maxlen: 24
185.9.26.0/24 maxlen: 24
185.28.172.0/24 maxlen: 24
185.28.173.0/24 maxlen: 24
185.28.174.0/24 maxlen: 24
185.74.44.0/24 maxlen: 24
185.74.45.0/24 maxlen: 24
185.74.46.0/24 maxlen: 24
213.155.9.0/24 maxlen: 24
213.155.10.0/24 maxlen: 24
213.155.11.0/24 maxlen: 24
213.155.12.0/24 maxlen: 24
213.155.14.0/24 maxlen: 24
213.155.15.0/24 maxlen: 24
213.155.28.0/24 maxlen: 24
217.177.32.0/24 maxlen: 24
217.177.33.0/24 maxlen: 24
217.177.34.0/24 maxlen: 24
217.177.44.0/24 maxlen: 24
217.177.45.0/24 maxlen: 24
217.177.46.0/24 maxlen: 24
217.177.47.0/24 maxlen: 24
217.179.48.0/24 maxlen: 24
217.179.49.0/24 maxlen: 24
2a11:2cc0:2::/47 maxlen: 47
2a11:2cc0:4::/47 maxlen: 47
2a11:2cc0:6::/47 maxlen: 47
2a11:2cc0:8::/47 maxlen: 47
2a11:2cc0:10::/47 maxlen: 47
2a11:2cc0:20::/47 maxlen: 47
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/a407a0-8bc1-4416-9437-24246682bf00/1/CuS8lAHZ-HdyyMnGmDQHdRL0JhE.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/a407a0-8bc1-4416-9437-24246682bf00/1/CuS8lAHZ-HdyyMnGmDQHdRL0JhE.mft
rsync://rpki.ripe.net/repository/DEFAULT/CuS8lAHZ-HdyyMnGmDQHdRL0JhE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 May 2026 17:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:46:2c:ba:d5:96:e4:53:c9:14:c4:24:f9:94:1e:55:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ae4bc9401d9f87772c8c9c69834077512f42611
Validity
Not Before: May 20 16:16:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3de1aabdcbe8430225731674c8d9a2e7d735cb34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:ea:d8:90:af:22:be:c7:4e:56:de:52:5b:45:
3a:3e:21:1d:c8:1c:19:6c:54:fa:3f:f2:36:ba:1c:
4c:1c:be:55:19:cf:99:73:72:6e:c6:d8:08:c1:ea:
6e:54:3d:b1:40:63:c8:25:98:d8:4a:8a:a1:d5:54:
fe:bb:0e:9f:26:0a:d8:00:8f:07:eb:4b:92:fa:8e:
d4:6a:d6:d3:93:b1:2d:4b:6d:d8:26:24:34:9e:a2:
eb:68:53:ef:fd:48:cf:17:c9:e6:f9:9b:2a:4c:53:
76:2a:7b:2a:81:10:20:62:95:8a:e4:49:f3:73:3f:
57:fa:c0:d9:36:97:d9:f9:1c:b3:5c:d4:63:e5:6e:
fe:0e:5c:98:87:60:73:ce:f6:33:ad:bd:4c:4f:9b:
e1:46:e4:4b:d4:ff:cd:67:90:39:0e:c6:64:7c:14:
a6:11:4e:72:8d:33:95:bc:23:11:15:fd:fc:f0:e1:
06:c8:51:eb:de:f6:13:6f:b3:9f:d8:53:c3:73:75:
ec:ed:1e:0a:42:c2:e9:45:66:b5:a2:8e:a2:cf:30:
39:2c:d4:07:1f:ed:75:da:30:32:ae:97:d3:a4:fc:
08:57:41:5c:61:96:b5:d1:b1:e2:77:a9:8c:4f:c2:
1f:1f:53:1a:9f:cc:0f:e1:0e:c9:71:57:f1:0e:e9:
d4:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:E1:AA:BD:CB:E8:43:02:25:73:16:74:C8:D9:A2:E7:D7:35:CB:34
X509v3 Authority Key Identifier:
keyid:0A:E4:BC:94:01:D9:F8:77:72:C8:C9:C6:98:34:07:75:12:F4:26:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CuS8lAHZ-HdyyMnGmDQHdRL0JhE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/a407a0-8bc1-4416-9437-24246682bf00/1/PeGqvcvoQwIlcxZ0yNmi59c1yzQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/a407a0-8bc1-4416-9437-24246682bf00/1/CuS8lAHZ-HdyyMnGmDQHdRL0JhE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.85.72.0/24
81.85.74.0/23
185.5.75.0/24
185.9.24.0-185.9.26.255
185.28.172.0-185.28.174.255
185.74.44.0-185.74.46.255
213.155.9.0-213.155.12.255
213.155.14.0/23
213.155.28.0/24
217.177.32.0-217.177.34.255
217.177.44.0/22
217.179.48.0/23
IPv6:
2a11:2cc0:2::-2a11:2cc0:9:ffff:ffff:ffff:ffff:ffff
2a11:2cc0:10::/47
2a11:2cc0:20::/47
Signature Algorithm: sha256WithRSAEncryption
0b:ec:57:0a:18:43:39:8a:02:53:9d:df:47:5a:b3:80:70:81:
01:0e:37:b0:5f:5c:cd:ea:8c:ee:bc:09:5e:88:32:28:50:b4:
d0:c0:2b:96:1d:40:9a:d9:ee:13:ab:fd:f7:cb:fa:eb:99:09:
90:c2:9f:31:97:a4:e5:d9:67:40:94:9a:1a:72:e6:c1:5b:48:
51:dc:ee:f4:57:59:0e:5b:a9:d1:bc:2d:22:e0:e2:04:a9:d5:
87:01:12:d4:7c:c5:75:39:97:ab:dd:80:8b:52:4c:ef:82:b4:
f2:ff:de:82:8d:54:b4:79:96:2a:2e:21:18:03:08:87:d7:f5:
bc:e3:ed:3c:31:07:da:8f:f6:17:db:80:e0:78:7c:4a:d4:68:
cc:fe:3c:00:cf:6f:6e:87:72:fe:d2:97:4c:fb:f2:6e:2f:66:
f4:b9:09:69:1f:91:21:82:d1:8c:01:61:1c:28:9d:6f:c8:dc:
dd:45:87:af:7e:34:63:0d:0b:3e:a4:83:94:67:b8:09:7b:af:
8a:fc:fa:41:cb:32:e4:af:f1:9b:d7:78:e1:18:dd:76:ab:26:
6e:1d:43:7a:e8:a7:cf:08:f4:76:91:6a:9f:8a:fc:47:2d:cc:
71:68:9f:ce:b8:88:1d:f2:fa:5e:7f:d4:56:ec:88:32:23:74:
4f:bd:64:e3
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgISAZ5GLLrVluRTyRTEJPmUHlWhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhZTRiYzk0MDFkOWY4Nzc3MmM4YzljNjk4MzQwNzc1MTJm
NDI2MTEwHhcNMjYwNTIwMTYxNjM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGUxYWFiZGNiZTg0MzAyMjU3MzE2NzRjOGQ5YTJlN2Q3MzVjYjM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAserYkK8ivsdOVt5SW0U6PiEdyBwZ
bFT6P/I2uhxMHL5VGc+Zc3JuxtgIwepuVD2xQGPIJZjYSoqh1VT+uw6fJgrYAI8H
60uS+o7UatbTk7EtS23YJiQ0nqLraFPv/UjPF8nm+ZsqTFN2KnsqgRAgYpWK5Enz
cz9X+sDZNpfZ+RyzXNRj5W7+DlyYh2BzzvYzrb1MT5vhRuRL1P/NZ5A5DsZkfBSm
EU5yjTOVvCMRFf388OEGyFHr3vYTb7Of2FPDc3Xs7R4KQsLpRWa1oo6izzA5LNQH
H+112jAyrpfTpPwIV0FcYZa10bHid6mMT8IfH1Man8wP4Q7JcVfxDunUFQIDAQAB
o4ICpDCCAqAwHQYDVR0OBBYEFD3hqr3L6EMCJXMWdMjZoufXNcs0MB8GA1UdIwQY
MBaAFArkvJQB2fh3csjJxpg0B3US9CYRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3VTOGxBSFotSGR5eU1uR21EUUhkUkwwSmhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC9hNDA3YTAtOGJjMS00NDE2LTk0Mzct
MjQyNDY2ODJiZjAwLzEvUGVHcXZjdm9Rd0lsY3haMHlObWk1OWMxeXpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC9hNDA3YTAtOGJjMS00NDE2LTk0MzctMjQyNDY2ODJiZjAw
LzEvQ3VTOGxBSFotSGR5eU1uR21EUUhkUkwwSmhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG5BggrBgEFBQcBBwEB/wSBqTCBpjB2BAIAATBwAwQAUVVI
AwQBUVVKAwQAuQVLMAwDBAO5CRgDBAC5CRowDAMEArkcrAMEALkcrjAMAwQCuUos
AwQAuUouMAwDBADVmwkDBADVmwwDBAHVmw4DBADVmxwwDAMEBdmxIAMEANmxIgME
AtmxLAMEAdmzMDAsBAIAAjAmMBIDBwEqESzAAAIDBwEqESzAAAgDBwEqESzAABAD
BwEqESzAACAwDQYJKoZIhvcNAQELBQADggEBAAvsVwoYQzmKAlOd30das4BwgQEO
N7BfXM3qjO68CV6IMihQtNDAK5YdQJrZ7hOr/ffL+uuZCZDCnzGXpOXZZ0CUmhpy
5sFbSFHc7vRXWQ5bqdG8LSLg4gSp1YcBEtR8xXU5l6vdgItSTO+CtPL/3oKNVLR5
liouIRgDCIfX9bzj7TwxB9qP9hfbgOB4fErUaMz+PADPb26Hcv7Sl0z78m4vZvS5
CWkfkSGC0YwBYRwonW/I3N1Fh69+NGMNCz6kg5RnuAl7r4r8+kHLMuSv8ZvXeOEY
3XarJm4dQ3rop88I9HaRap+K/EctzHFon864iB3y+l5/1FbsiDIjdE+9ZOM=
-----END CERTIFICATE-----
Generated at Sat May 23 02:43:16 2026 by rpki-client