Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/195a47-a2cb-4f00-8531-e473531f6fe8/1/nUSJRV66NqKGAFCxm0Da1GPM28A.roa
File: nUSJRV66NqKGAFCxm0Da1GPM28A.roa (raw, json)
Hash identifier: KHTCkX4MVDXT+J4u+I5eD/wm8Rqswi0oWwHJ191RRyQ=
Subject key identifier: 9D:44:89:45:5E:BA:36:A2:86:00:50:B1:9B:40:DA:D4:63:CC:DB:C0
Certificate issuer: /CN=60a540ce450456345ec8e098ef4f53634d74bf1f
Certificate serial: 019EC752C7779AE2A638985025D8918ED862
Authority key identifier: 60:A5:40:CE:45:04:56:34:5E:C8:E0:98:EF:4F:53:63:4D:74:BF:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YKVAzkUEVjReyOCY709TY010vx8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/195a47-a2cb-4f00-8531-e473531f6fe8/1/nUSJRV66NqKGAFCxm0Da1GPM28A.roa
Signing time: Sun 14 Jun 2026 18:09:11 +0000
ROA not before: Sun 14 Jun 2026 18:09:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 931
IP address blocks: 5.252.164.0/24 maxlen: 24
5.252.165.0/24 maxlen: 24
5.252.166.0/24 maxlen: 24
5.252.167.0/24 maxlen: 24
31.216.59.0/24 maxlen: 24
45.87.60.0/24 maxlen: 24
45.87.61.0/24 maxlen: 24
45.87.62.0/24 maxlen: 24
45.87.63.0/24 maxlen: 24
45.130.152.0/24 maxlen: 24
45.130.153.0/24 maxlen: 24
45.130.154.0/24 maxlen: 24
45.130.155.0/24 maxlen: 24
45.143.144.0/24 maxlen: 24
45.143.145.0/24 maxlen: 24
45.143.146.0/24 maxlen: 24
45.143.147.0/24 maxlen: 24
89.36.230.0/24 maxlen: 24
89.37.100.0/24 maxlen: 24
89.46.43.0/24 maxlen: 24
94.154.8.0/24 maxlen: 24
103.104.248.0/24 maxlen: 24
103.104.249.0/24 maxlen: 24
103.104.250.0/24 maxlen: 24
103.104.251.0/24 maxlen: 24
103.202.52.0/24 maxlen: 24
103.202.53.0/24 maxlen: 24
103.202.54.0/24 maxlen: 24
103.202.55.0/24 maxlen: 24
135.84.209.0/24 maxlen: 24
135.84.210.0/24 maxlen: 24
135.84.211.0/24 maxlen: 24
135.84.212.0/24 maxlen: 24
135.84.213.0/24 maxlen: 24
135.136.128.0/19 maxlen: 32
135.136.128.0/24 maxlen: 24
135.136.129.0/24 maxlen: 24
135.136.130.0/24 maxlen: 24
135.136.131.0/24 maxlen: 24
135.136.132.0/24 maxlen: 24
135.136.134.0/24 maxlen: 24
135.136.135.0/24 maxlen: 24
135.136.136.0/24 maxlen: 24
135.136.137.0/24 maxlen: 24
135.136.138.0/24 maxlen: 24
135.136.139.0/24 maxlen: 24
135.136.142.0/24 maxlen: 24
135.136.143.0/24 maxlen: 32
135.136.144.0/24 maxlen: 32
153.52.160.0/19 maxlen: 32
178.211.157.0/24 maxlen: 24
185.162.74.0/24 maxlen: 24
185.162.75.0/24 maxlen: 24
185.234.115.0/24 maxlen: 24
188.210.236.0/24 maxlen: 24
194.49.68.0/24 maxlen: 24
194.49.69.0/24 maxlen: 24
194.49.78.0/24 maxlen: 24
194.49.79.0/24 maxlen: 24
207.189.0.0/19 maxlen: 32
207.189.0.0/24 maxlen: 24
207.189.1.0/24 maxlen: 24
207.189.2.0/24 maxlen: 24
207.189.3.0/24 maxlen: 24
207.189.4.0/24 maxlen: 24
207.189.5.0/24 maxlen: 24
207.189.6.0/24 maxlen: 24
207.189.7.0/24 maxlen: 24
207.189.8.0/24 maxlen: 24
207.189.9.0/24 maxlen: 24
207.189.10.0/24 maxlen: 24
207.189.11.0/24 maxlen: 24
207.189.12.0/24 maxlen: 24
207.189.13.0/24 maxlen: 24
207.189.14.0/24 maxlen: 24
207.189.15.0/24 maxlen: 24
207.189.26.0/24 maxlen: 24
207.189.27.0/24 maxlen: 24
207.189.30.0/24 maxlen: 24
207.189.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/195a47-a2cb-4f00-8531-e473531f6fe8/1/YKVAzkUEVjReyOCY709TY010vx8.crl
rsync://rpki.ripe.net/repository/DEFAULT/9c/195a47-a2cb-4f00-8531-e473531f6fe8/1/YKVAzkUEVjReyOCY709TY010vx8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YKVAzkUEVjReyOCY709TY010vx8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 25 Jun 2026 07:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:c7:52:c7:77:9a:e2:a6:38:98:50:25:d8:91:8e:d8:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60a540ce450456345ec8e098ef4f53634d74bf1f
Validity
Not Before: Jun 14 18:09:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9d4489455eba36a2860050b19b40dad463ccdbc0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:fe:4f:55:ed:2d:5c:00:9d:72:40:0a:4a:b1:
fd:42:a5:92:9c:8a:d4:3a:0a:6a:a1:fa:76:82:6c:
23:a0:65:59:1d:d3:b5:af:18:b5:39:b6:f2:fd:13:
ae:b4:f8:2a:00:3b:1e:06:4a:1c:dd:94:26:37:fb:
29:eb:31:22:87:3c:44:8b:2c:67:b7:96:df:25:19:
cc:e9:14:25:5d:2b:8c:1c:83:3a:3d:5e:26:0b:73:
71:01:28:51:1e:2b:13:89:87:03:8f:de:ba:c8:a4:
cd:b7:48:f2:88:2a:ff:64:d7:f6:d0:e4:0b:65:6a:
83:92:df:71:b6:2b:49:b3:63:3f:d5:0c:60:7d:84:
8e:0e:c2:e1:b5:0d:e8:46:f4:28:60:77:ef:ea:b9:
81:65:f8:4d:51:c0:40:2e:d0:51:78:e0:c2:e4:3a:
ed:6f:7f:e3:b3:de:fa:53:c2:d0:61:1b:bc:f8:73:
e2:f1:39:91:42:62:63:f6:2f:9d:c6:13:71:33:92:
1f:36:ce:5b:de:aa:98:0e:ac:1d:bc:7c:d5:ba:18:
51:47:79:b6:10:6e:3a:cd:e4:96:f8:3d:47:5d:1c:
de:6e:ed:a7:e4:e6:7d:e6:67:16:3e:62:72:82:77:
e8:74:72:55:ef:c2:98:d0:91:1b:f4:24:60:b9:0c:
c4:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:44:89:45:5E:BA:36:A2:86:00:50:B1:9B:40:DA:D4:63:CC:DB:C0
X509v3 Authority Key Identifier:
keyid:60:A5:40:CE:45:04:56:34:5E:C8:E0:98:EF:4F:53:63:4D:74:BF:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YKVAzkUEVjReyOCY709TY010vx8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/195a47-a2cb-4f00-8531-e473531f6fe8/1/nUSJRV66NqKGAFCxm0Da1GPM28A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/195a47-a2cb-4f00-8531-e473531f6fe8/1/YKVAzkUEVjReyOCY709TY010vx8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.164.0/22
31.216.59.0/24
45.87.60.0/22
45.130.152.0/22
45.143.144.0/22
89.36.230.0/24
89.37.100.0/24
89.46.43.0/24
94.154.8.0/24
103.104.248.0/22
103.202.52.0/22
135.84.209.0-135.84.213.255
135.136.128.0/19
153.52.160.0/19
178.211.157.0/24
185.162.74.0/23
185.234.115.0/24
188.210.236.0/24
194.49.68.0/23
194.49.78.0/23
207.189.0.0/19
Signature Algorithm: sha256WithRSAEncryption
66:e1:ac:df:0e:61:b1:d1:41:76:d7:55:64:de:e6:0b:7f:21:
46:fc:24:c3:03:36:93:7e:30:ef:c6:8a:07:60:d7:0c:20:71:
cd:f5:82:8d:8a:c8:98:5a:af:85:a6:7a:48:fd:06:86:c6:61:
96:8a:79:47:3f:dc:45:de:cd:88:93:cb:fd:8c:7a:36:bb:e6:
08:f6:27:26:e2:98:39:e9:e3:b8:52:ff:b1:62:18:31:da:4e:
b0:c2:00:ec:24:45:1b:c2:bf:9c:e9:85:fb:72:95:15:0d:75:
b1:a5:85:70:b2:03:41:b5:a8:d1:ca:0a:ac:43:5a:b9:32:5d:
71:b7:d9:4a:0b:2d:77:c9:76:19:94:aa:f9:27:d9:a5:ba:d2:
43:fd:bc:ac:4b:4b:42:dd:37:3f:f3:d6:af:11:49:49:09:eb:
18:8b:9f:38:c2:fa:df:45:2d:8b:93:33:53:b9:7f:b4:6c:9b:
b7:d3:f7:44:10:1d:4f:1a:70:2e:26:81:dc:0f:fd:70:a4:5c:
1d:b2:78:c8:08:cb:30:b7:66:9c:ca:93:d6:13:19:ea:77:66:
c3:60:ed:4f:68:09:49:b6:db:0c:e2:10:97:2a:11:9d:14:a1:
0c:a6:03:08:57:a0:e9:30:31:df:6c:0e:c7:d9:be:74:2d:69:
4c:5a:6a:4f
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgISAZ7HUsd3muKmOJhQJdiRjthiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwYTU0MGNlNDUwNDU2MzQ1ZWM4ZTA5OGVmNGY1MzYzNGQ3
NGJmMWYwHhcNMjYwNjE0MTgwOTExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDQ0ODk0NTVlYmEzNmEyODYwMDUwYjE5YjQwZGFkNDYzY2NkYmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqP5PVe0tXACdckAKSrH9QqWSnIrU
Ogpqofp2gmwjoGVZHdO1rxi1Obby/ROutPgqADseBkoc3ZQmN/sp6zEihzxEiyxn
t5bfJRnM6RQlXSuMHIM6PV4mC3NxAShRHisTiYcDj966yKTNt0jyiCr/ZNf20OQL
ZWqDkt9xtitJs2M/1QxgfYSODsLhtQ3oRvQoYHfv6rmBZfhNUcBALtBReODC5Drt
b3/js976U8LQYRu8+HPi8TmRQmJj9i+dxhNxM5IfNs5b3qqYDqwdvHzVuhhRR3m2
EG46zeSW+D1HXRzebu2n5OZ95mcWPmJygnfodHJV78KY0JEb9CRguQzEowIDAQAB
o4ICjjCCAoowHQYDVR0OBBYEFJ1EiUVeujaihgBQsZtA2tRjzNvAMB8GA1UdIwQY
MBaAFGClQM5FBFY0XsjgmO9PU2NNdL8fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUtWQXprVUVWalJleU9DWTcwOVRZMDEwdng4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy8xOTVhNDctYTJjYi00ZjAwLTg1MzEt
ZTQ3MzUzMWY2ZmU4LzEvblVTSlJWNjZOcUtHQUZDeG0wRGExR1BNMjhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy8xOTVhNDctYTJjYi00ZjAwLTg1MzEtZTQ3MzUzMWY2ZmU4
LzEvWUtWQXprVUVWalJleU9DWTcwOVRZMDEwdng4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGjBggrBgEFBQcBBwEB/wSBkzCBkDCBjQQCAAEwgYYDBAIF
/KQDBAAf2DsDBAItVzwDBAItgpgDBAItj5ADBABZJOYDBABZJWQDBABZLisDBABe
mggDBAJnaPgDBAJnyjQwDAMEAIdU0QMEAYdU1AMEBYeIgAMEBZk0oAMEALLTnQME
AbmiSgMEALnqcwMEALzS7AMEAcIxRAMEAcIxTgMEBc+9ADANBgkqhkiG9w0BAQsF
AAOCAQEAZuGs3w5hsdFBdtdVZN7mC38hRvwkwwM2k34w78aKB2DXDCBxzfWCjYrI
mFqvhaZ6SP0GhsZhlop5Rz/cRd7NiJPL/Yx6NrvmCPYnJuKYOenjuFL/sWIYMdpO
sMIA7CRFG8K/nOmF+3KVFQ11saWFcLIDQbWo0coKrENauTJdcbfZSgstd8l2GZSq
+SfZpbrSQ/28rEtLQt03P/PWrxFJSQnrGIufOML630Uti5MzU7l/tGybt9P3RBAd
TxpwLiaB3A/9cKRcHbJ4yAjLMLdmnMqT1hMZ6ndmw2DtT2gJSbbbDOIQlyoRnRSh
DKYDCFeg6TAx32wOx9m+dC1pTFpqTw==
-----END CERTIFICATE-----
Generated at Wed Jun 24 14:29:50 2026 by rpki-client