Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/g7ekW7Iduxu77xQC5YeDKlzDolg.roa
File: g7ekW7Iduxu77xQC5YeDKlzDolg.roa (raw, json)
Hash identifier: 1i8oYWr41cqY5QxX4lrK50XG0eGpHG2KFqU3cEnm8E8=
Subject key identifier: 83:B7:A4:5B:B2:1D:BB:1B:BB:EF:14:02:E5:87:83:2A:5C:C3:A2:58
Certificate issuer: /CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Certificate serial: 019E270BF9DAB8349824381C8246B8D8C075
Authority key identifier: 6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/g7ekW7Iduxu77xQC5YeDKlzDolg.roa
Signing time: Thu 14 May 2026 15:12:36 +0000
ROA not before: Thu 14 May 2026 15:12:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212238
IP address blocks: 5.157.136.0/24 maxlen: 24
5.157.139.0/24 maxlen: 24
5.157.160.0/22 maxlen: 22
37.35.36.0/24 maxlen: 24
37.35.37.0/24 maxlen: 24
37.35.39.0/24 maxlen: 24
62.216.72.0/24 maxlen: 24
62.216.73.0/24 maxlen: 24
62.216.74.0/24 maxlen: 24
62.216.75.0/24 maxlen: 24
62.216.80.0/24 maxlen: 24
62.216.81.0/24 maxlen: 24
62.216.82.0/24 maxlen: 24
62.216.83.0/24 maxlen: 24
62.216.92.0/24 maxlen: 24
62.216.93.0/24 maxlen: 24
62.216.94.0/24 maxlen: 24
62.216.95.0/24 maxlen: 24
91.225.14.0/24 maxlen: 24
91.225.15.0/24 maxlen: 24
91.235.123.0/24 maxlen: 24
146.66.208.0/24 maxlen: 24
146.66.209.0/24 maxlen: 24
146.66.212.0/22 maxlen: 22
146.66.212.0/23 maxlen: 23
146.66.212.0/24 maxlen: 24
146.66.213.0/24 maxlen: 24
146.66.214.0/24 maxlen: 24
146.66.215.0/24 maxlen: 24
146.66.220.0/24 maxlen: 24
146.66.221.0/24 maxlen: 24
146.66.223.0/24 maxlen: 24
178.157.76.0/24 maxlen: 24
178.157.94.0/24 maxlen: 24
178.157.108.0/24 maxlen: 24
178.157.110.0/24 maxlen: 24
178.157.124.0/24 maxlen: 24
178.157.126.0/24 maxlen: 24
185.76.60.0/24 maxlen: 24
185.76.62.0/24 maxlen: 24
188.74.130.0/24 maxlen: 24
188.74.152.0/24 maxlen: 24
188.74.155.0/24 maxlen: 24
188.74.171.0/24 maxlen: 24
188.74.181.0/24 maxlen: 24
188.74.190.0/24 maxlen: 24
188.74.208.0/24 maxlen: 24
188.74.209.0/24 maxlen: 24
188.74.212.0/22 maxlen: 22
188.74.245.0/24 maxlen: 24
188.119.165.0/24 maxlen: 24
188.119.166.0/24 maxlen: 24
188.119.181.0/24 maxlen: 24
188.119.190.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 05 Jun 2026 07:00:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:27:0b:f9:da:b8:34:98:24:38:1c:82:46:b8:d8:c0:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Validity
Not Before: May 14 15:12:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=83b7a45bb21dbb1bbbef1402e587832a5cc3a258
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:8c:15:e4:82:64:3a:96:3f:66:26:15:ac:5b:
a3:18:59:91:df:26:81:49:c3:07:3f:15:1f:79:31:
bb:e2:c8:46:96:3e:c0:31:d0:e9:bb:df:6b:5a:09:
2b:61:aa:0d:81:fb:6a:54:06:b9:fe:b4:d6:92:81:
a9:2e:67:50:a6:22:9b:63:3d:50:09:ab:68:90:88:
2e:26:cf:05:16:50:94:b3:4c:55:7b:f4:a3:ea:29:
5f:95:54:69:01:fa:99:19:f2:c4:9a:3b:70:c2:b9:
7d:e9:40:8f:e7:e8:aa:cb:14:64:55:71:84:47:3f:
a3:55:7e:73:b3:0e:94:e6:a7:a4:d2:e1:64:1a:5e:
c1:f8:c7:d9:b2:c8:d6:b2:4f:57:1f:d4:cf:ff:9d:
0b:04:65:5a:01:1b:9b:d6:9e:4c:d2:d9:58:85:d7:
fe:24:b1:c8:8f:8c:57:25:11:36:f0:0f:f3:1e:68:
82:79:b6:93:3a:73:c8:ce:79:52:e5:25:35:66:89:
15:3c:7f:4e:5a:b1:0f:8d:d3:00:c5:16:98:0f:99:
9a:93:3e:34:5c:e8:63:35:d5:0d:50:8c:76:e2:5b:
ea:9a:96:9e:63:4f:ca:82:74:72:43:5a:75:88:32:
e7:33:b4:47:ff:b1:c0:fe:a1:2c:db:86:6c:0a:78:
a7:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:B7:A4:5B:B2:1D:BB:1B:BB:EF:14:02:E5:87:83:2A:5C:C3:A2:58
X509v3 Authority Key Identifier:
keyid:6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/g7ekW7Iduxu77xQC5YeDKlzDolg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.157.136.0/24
5.157.139.0/24
5.157.160.0/22
37.35.36.0/23
37.35.39.0/24
62.216.72.0/22
62.216.80.0/22
62.216.92.0/22
91.225.14.0/23
91.235.123.0/24
146.66.208.0/23
146.66.212.0/22
146.66.220.0/23
146.66.223.0/24
178.157.76.0/24
178.157.94.0/24
178.157.108.0/24
178.157.110.0/24
178.157.124.0/24
178.157.126.0/24
185.76.60.0/24
185.76.62.0/24
188.74.130.0/24
188.74.152.0/24
188.74.155.0/24
188.74.171.0/24
188.74.181.0/24
188.74.190.0/24
188.74.208.0/23
188.74.212.0/22
188.74.245.0/24
188.119.165.0-188.119.166.255
188.119.181.0/24
188.119.190.0/24
Signature Algorithm: sha256WithRSAEncryption
33:a8:31:24:66:e2:d1:27:73:db:2e:30:85:fb:97:7c:87:21:
83:90:9e:ed:a1:72:80:0d:89:6e:60:34:60:06:82:64:07:01:
41:35:f9:6b:10:83:d2:cb:33:87:2e:84:09:53:f5:5e:85:3e:
a9:e2:ca:26:0d:1f:ef:02:36:34:1c:da:01:33:0d:dd:d1:c2:
7e:84:81:91:4d:13:12:e9:7d:e7:37:46:21:15:61:f5:3b:e3:
9f:4c:f5:41:4e:dd:7e:0e:5d:7c:64:da:b9:2d:b0:e2:6d:36:
3d:db:d1:98:27:13:8c:74:68:d4:56:58:17:96:3d:1f:dd:d9:
9a:7c:33:fc:cf:86:0b:d3:4b:5a:69:25:1f:4a:57:eb:4a:71:
1f:12:f7:74:6d:c3:d1:36:b3:95:1f:82:90:47:9b:7a:98:64:
9e:ce:25:1b:34:a4:9e:8b:d8:70:20:7a:ca:e3:2c:6b:e8:18:
4b:f6:56:93:a9:78:ac:52:b8:83:25:40:5b:14:8d:95:f1:07:
13:12:de:b7:10:66:da:60:dc:79:4c:0c:79:bb:c9:16:ff:2a:
03:95:8b:48:f8:28:7a:31:5a:31:44:4a:dd:59:ed:0d:fa:59:
2d:89:1d:d4:c3:df:c7:df:3f:6e:36:8e:47:a0:7b:10:20:1f:
f9:1c:e5:1f
-----BEGIN CERTIFICATE-----
MIIF0DCCBLigAwIBAgISAZ4nC/nauDSYJDgcgka42MB1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMjMzZDc1NTA4YjRlODVjY2NmNDQzNDlhN2NiNzAzMTk4
ZDFkMjYwHhcNMjYwNTE0MTUxMjM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2I3YTQ1YmIyMWRiYjFiYmJlZjE0MDJlNTg3ODMyYTVjYzNhMjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2owV5IJkOpY/ZiYVrFujGFmR3yaB
ScMHPxUfeTG74shGlj7AMdDpu99rWgkrYaoNgftqVAa5/rTWkoGpLmdQpiKbYz1Q
CatokIguJs8FFlCUs0xVe/Sj6ilflVRpAfqZGfLEmjtwwrl96UCP5+iqyxRkVXGE
Rz+jVX5zsw6U5qek0uFkGl7B+MfZssjWsk9XH9TP/50LBGVaARub1p5M0tlYhdf+
JLHIj4xXJRE28A/zHmiCebaTOnPIznlS5SU1ZokVPH9OWrEPjdMAxRaYD5makz40
XOhjNdUNUIx24lvqmpaeY0/KgnRyQ1p1iDLnM7RH/7HA/qEs24ZsCninkQIDAQAB
o4IC3DCCAtgwHQYDVR0OBBYEFIO3pFuyHbsbu+8UAuWHgypcw6JYMB8GA1UdIwQY
MBaAFGsjPXVQi06FzM9ENJp8twMZjR0mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEt
ZmE5Y2I1MWNkMGYxLzEvZzdla1c3SWR1eHU3N3hRQzVZZURLbHpEb2xnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEtZmE5Y2I1MWNkMGYx
LzEvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHxBggrBgEFBQcBBwEB/wSB4TCB3jCB2wQCAAEwgdQDBAAF
nYgDBAAFnYsDBAIFnaADBAElIyQDBAAlIycDBAI+2EgDBAI+2FADBAI+2FwDBAFb
4Q4DBABb63sDBAGSQtADBAKSQtQDBAGSQtwDBACSQt8DBACynUwDBACynV4DBACy
nWwDBACynW4DBACynXwDBACynX4DBAC5TDwDBAC5TD4DBAC8SoIDBAC8SpgDBAC8
SpsDBAC8SqsDBAC8SrUDBAC8Sr4DBAG8StADBAK8StQDBAC8SvUwDAMEALx3pQME
ALx3pgMEALx3tQMEALx3vjANBgkqhkiG9w0BAQsFAAOCAQEAM6gxJGbi0Sdz2y4w
hfuXfIchg5Ce7aFygA2JbmA0YAaCZAcBQTX5axCD0sszhy6ECVP1XoU+qeLKJg0f
7wI2NBzaATMN3dHCfoSBkU0TEul95zdGIRVh9Tvjn0z1QU7dfg5dfGTauS2w4m02
PdvRmCcTjHRo1FZYF5Y9H93Zmnwz/M+GC9NLWmklH0pX60pxHxL3dG3D0TazlR+C
kEebephkns4lGzSknovYcCB6yuMsa+gYS/ZWk6l4rFK4gyVAWxSNlfEHExLetxBm
2mDceUwMebvJFv8qA5WLSPgoejFaMURK3VntDfpZLYkd1MPfx98/bjaOR6B7ECAf
+RzlHw==
-----END CERTIFICATE-----
Generated at Thu Jun 4 14:06:23 2026 by rpki-client