Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/uG6f6T4PoX1YsP61vtoP37x-uaE.roa
File: uG6f6T4PoX1YsP61vtoP37x-uaE.roa (raw, json)
Hash identifier: VwNA9FJYu5bfIkDhH0ZQpaCXxg8awsIu//DDmPMgkD0=
Subject key identifier: B8:6E:9F:E9:3E:0F:A1:7D:58:B0:FE:B5:BE:DA:0F:DF:BC:7E:B9:A1
Certificate issuer: /CN=4ee843a85dd664e9dc0310892bd7dd9ce52591c7
Certificate serial: 019D9BD8BF5D3B89453295A74EA25BC7E514
Authority key identifier: 4E:E8:43:A8:5D:D6:64:E9:DC:03:10:89:2B:D7:DD:9C:E5:25:91:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TuhDqF3WZOncAxCJK9fdnOUlkcc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/uG6f6T4PoX1YsP61vtoP37x-uaE.roa
Signing time: Fri 17 Apr 2026 14:29:26 +0000
ROA not before: Fri 17 Apr 2026 14:29:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 25160
IP address blocks: 5.10.144.0/20 maxlen: 20
31.28.65.0/24 maxlen: 24
31.28.67.0/24 maxlen: 24
31.28.68.0/24 maxlen: 24
31.28.70.0/24 maxlen: 24
31.28.72.0/24 maxlen: 24
31.28.75.0/24 maxlen: 24
31.28.80.0/22 maxlen: 22
31.28.84.0/23 maxlen: 23
31.28.86.0/24 maxlen: 24
37.157.32.0/21 maxlen: 21
45.88.112.0/22 maxlen: 22
82.163.112.0/21 maxlen: 21
82.163.124.0/22 maxlen: 22
82.163.192.0/19 maxlen: 24
82.163.205.0/24 maxlen: 24
91.238.221.0/24 maxlen: 24
94.126.43.0/24 maxlen: 24
94.126.47.0/24 maxlen: 24
158.41.64.0/18 maxlen: 18
165.65.0.0/16 maxlen: 16
178.18.116.0/23 maxlen: 23
178.18.119.0/24 maxlen: 24
185.28.240.0/22 maxlen: 22
185.53.224.0/22 maxlen: 22
185.120.204.0/22 maxlen: 22
185.121.76.0/22 maxlen: 22
185.135.164.0/22 maxlen: 22
185.237.48.0/22 maxlen: 22
193.0.176.0/23 maxlen: 23
193.221.128.0/19 maxlen: 19
194.8.254.0/23 maxlen: 23
195.250.16.0/22 maxlen: 22
206.245.192.0/18 maxlen: 24
2a00:e340::/29 maxlen: 29
2a01:a220::/29 maxlen: 30
2a10:d700::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/TuhDqF3WZOncAxCJK9fdnOUlkcc.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/TuhDqF3WZOncAxCJK9fdnOUlkcc.mft
rsync://rpki.ripe.net/repository/DEFAULT/TuhDqF3WZOncAxCJK9fdnOUlkcc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 Apr 2026 08:01:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9b:d8:bf:5d:3b:89:45:32:95:a7:4e:a2:5b:c7:e5:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ee843a85dd664e9dc0310892bd7dd9ce52591c7
Validity
Not Before: Apr 17 14:29:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b86e9fe93e0fa17d58b0feb5beda0fdfbc7eb9a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:4d:63:ab:91:ad:6e:e5:85:b1:fa:01:b2:57:
2d:7e:76:3f:49:5f:03:39:0f:a6:ed:a7:fd:29:89:
e4:59:c9:f6:a5:20:55:45:da:58:fb:73:21:f3:d5:
67:9b:e3:48:d3:f0:b1:9d:3a:4a:2d:b3:5b:43:f9:
25:f4:81:a1:f8:22:4d:a1:83:57:6d:50:bd:1a:39:
5d:17:59:a8:f5:e4:6d:26:fb:83:78:f4:f5:f5:03:
43:7a:21:9a:c3:0d:d9:03:63:88:13:6d:e6:c6:84:
02:b4:46:52:36:fb:43:b1:72:ea:d6:26:bf:48:3c:
e7:64:0e:48:b9:69:7b:16:63:17:5c:86:c1:d1:af:
fb:84:81:51:33:e7:92:5f:e3:c0:4e:70:e1:28:4f:
af:33:56:07:fe:bd:ac:cc:80:cc:70:86:27:d1:f7:
3f:b0:0e:6a:f5:be:56:34:4d:ed:ec:6c:79:d2:c9:
69:28:9c:c3:8f:f0:42:9f:25:7c:89:88:d0:b2:1e:
a8:e7:f2:6a:6c:05:83:39:1d:c5:f9:9e:96:b6:a9:
9a:21:6b:0a:e4:fa:e3:53:6d:23:11:58:b9:e0:b8:
4d:ec:a0:96:83:b7:58:15:8b:17:66:8c:4e:66:42:
fd:1c:bf:5b:62:f2:81:b6:74:d3:46:ed:d1:2d:4f:
79:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:6E:9F:E9:3E:0F:A1:7D:58:B0:FE:B5:BE:DA:0F:DF:BC:7E:B9:A1
X509v3 Authority Key Identifier:
keyid:4E:E8:43:A8:5D:D6:64:E9:DC:03:10:89:2B:D7:DD:9C:E5:25:91:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TuhDqF3WZOncAxCJK9fdnOUlkcc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/uG6f6T4PoX1YsP61vtoP37x-uaE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/TuhDqF3WZOncAxCJK9fdnOUlkcc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.144.0/20
31.28.65.0/24
31.28.67.0-31.28.68.255
31.28.70.0/24
31.28.72.0/24
31.28.75.0/24
31.28.80.0-31.28.86.255
37.157.32.0/21
45.88.112.0/22
82.163.112.0/21
82.163.124.0/22
82.163.192.0/19
91.238.221.0/24
94.126.43.0/24
94.126.47.0/24
158.41.64.0/18
165.65.0.0/16
178.18.116.0/23
178.18.119.0/24
185.28.240.0/22
185.53.224.0/22
185.120.204.0/22
185.121.76.0/22
185.135.164.0/22
185.237.48.0/22
193.0.176.0/23
193.221.128.0/19
194.8.254.0/23
195.250.16.0/22
206.245.192.0/18
IPv6:
2a00:e340::/29
2a01:a220::/29
2a10:d700::/29
Signature Algorithm: sha256WithRSAEncryption
44:9e:09:f3:84:42:19:53:ea:fa:57:95:18:ff:23:5f:0c:02:
fa:7e:58:20:4a:be:5c:8a:28:0e:d5:7f:88:c5:0d:0a:ec:d1:
c5:fc:5c:16:9a:35:10:65:7d:53:ec:34:00:44:2e:ae:49:81:
3d:f6:b1:02:3d:25:7f:87:75:1c:34:94:88:ed:2e:23:66:1c:
49:3c:43:70:18:03:22:ff:f5:c5:d4:8b:3c:6b:90:b7:77:6a:
ca:ab:7f:5f:30:f6:da:34:68:07:8d:f1:8c:f0:6a:fe:2c:9c:
34:0d:8e:34:db:64:63:76:d4:e0:d5:cb:5a:53:8d:1a:5a:05:
3c:70:01:ac:1d:9a:31:ca:9f:e6:21:9c:79:dd:c9:2c:4b:27:
3d:38:4c:4d:80:86:d6:53:40:a4:70:05:23:59:9f:8b:4e:f6:
a4:41:e4:3f:2d:e2:15:df:40:a8:96:d7:33:b3:c9:3e:0c:f0:
cc:8a:6a:4d:1d:05:58:6f:90:6a:61:cf:d1:51:4e:43:bc:97:
67:cd:c2:6b:ca:a1:e7:54:f0:dc:69:61:dc:15:2b:1c:2e:ce:
2b:6c:06:b5:89:69:bb:c4:8a:13:24:7c:72:84:71:33:b4:1c:
46:88:2f:4e:37:74:87:e7:5f:a1:3b:fd:67:82:d0:1b:ce:b2:
30:fb:8d:d6
-----BEGIN CERTIFICATE-----
MIIF3DCCBMSgAwIBAgISAZ2b2L9dO4lFMpWnTqJbx+UUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlZTg0M2E4NWRkNjY0ZTlkYzAzMTA4OTJiZDdkZDljZTUy
NTkxYzcwHhcNMjYwNDE3MTQyOTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODZlOWZlOTNlMGZhMTdkNThiMGZlYjViZWRhMGZkZmJjN2ViOWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs01jq5GtbuWFsfoBslctfnY/SV8D
OQ+m7af9KYnkWcn2pSBVRdpY+3Mh89Vnm+NI0/CxnTpKLbNbQ/kl9IGh+CJNoYNX
bVC9GjldF1mo9eRtJvuDePT19QNDeiGaww3ZA2OIE23mxoQCtEZSNvtDsXLq1ia/
SDznZA5IuWl7FmMXXIbB0a/7hIFRM+eSX+PATnDhKE+vM1YH/r2szIDMcIYn0fc/
sA5q9b5WNE3t7Gx50slpKJzDj/BCnyV8iYjQsh6o5/JqbAWDOR3F+Z6WtqmaIWsK
5PrjU20jEVi54LhN7KCWg7dYFYsXZoxOZkL9HL9bYvKBtnTTRu3RLU959QIDAQAB
o4IC6DCCAuQwHQYDVR0OBBYEFLhun+k+D6F9WLD+tb7aD9+8frmhMB8GA1UdIwQY
MBaAFE7oQ6hd1mTp3AMQiSvX3ZzlJZHHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHVoRHFGM1daT25jQXhDSks5ZmRuT1Vsa2NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9hZGFkMjAtYzUxMi00ZmIwLWExMjct
NDhjZjQxMmIzODdiLzEvdUc2ZjZUNFBvWDFZc1A2MXZ0b1AzN3gtdWFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9hZGFkMjAtYzUxMi00ZmIwLWExMjctNDhjZjQxMmIzODdi
LzEvVHVoRHFGM1daT25jQXhDSks5ZmRuT1Vsa2NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH9BggrBgEFBQcBBwEB/wSB7TCB6jCBygQCAAEwgcMDBAQF
CpADBAAfHEEwDAMEAB8cQwMEAB8cRAMEAB8cRgMEAB8cSAMEAB8cSzAMAwQEHxxQ
AwQAHxxWAwQDJZ0gAwQCLVhwAwQDUqNwAwQCUqN8AwQFUqPAAwQAW+7dAwQAXn4r
AwQAXn4vAwQGnilAAwMApUEDBAGyEnQDBACyEncDBAK5HPADBAK5NeADBAK5eMwD
BAK5eUwDBAK5h6QDBAK57TADBAHBALADBAXB3YADBAHCCP4DBALD+hADBAbO9cAw
GwQCAAIwFQMFAyoA40ADBQMqAaIgAwUDKhDXADANBgkqhkiG9w0BAQsFAAOCAQEA
RJ4J84RCGVPq+leVGP8jXwwC+n5YIEq+XIooDtV/iMUNCuzRxfxcFpo1EGV9U+w0
AEQurkmBPfaxAj0lf4d1HDSUiO0uI2YcSTxDcBgDIv/1xdSLPGuQt3dqyqt/XzD2
2jRoB43xjPBq/iycNA2ONNtkY3bU4NXLWlONGloFPHABrB2aMcqf5iGced3JLEsn
PThMTYCG1lNApHAFI1mfi072pEHkPy3iFd9AqJbXM7PJPgzwzIpqTR0FWG+QamHP
0VFOQ7yXZ83Ca8qh51Tw3Glh3BUrHC7OK2wGtYlpu8SKEyR8coRxM7QcRogvTjd0
h+dfoTv9Z4LQG86yMPuN1g==
-----END CERTIFICATE-----
Generated at Sat Apr 18 17:04:21 2026 by rpki-client