Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/4GeJaduFaXOavkkoekZXd0AFaHY.roa
File: 4GeJaduFaXOavkkoekZXd0AFaHY.roa (raw, json)
Hash identifier: YFbinuAbsd1qPBoOFmSCjrQj3yaPcc2pOxUVPU0uXYg=
Subject key identifier: E0:67:89:69:DB:85:69:73:9A:BE:49:28:7A:46:57:77:40:05:68:76
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 019ECAAA3A869C906090D606AB36D1262960
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/4GeJaduFaXOavkkoekZXd0AFaHY.roa
Signing time: Mon 15 Jun 2026 09:43:34 +0000
ROA not before: Mon 15 Jun 2026 09:43:34 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 2.56.123.0/24 maxlen: 24
5.180.22.0/24 maxlen: 24
5.180.31.0/24 maxlen: 24
5.180.47.0/24 maxlen: 24
5.180.52.0/24 maxlen: 24
5.180.54.0/24 maxlen: 24
5.180.145.0/24 maxlen: 24
5.180.147.0/24 maxlen: 24
45.9.18.0/24 maxlen: 24
45.9.19.0/24 maxlen: 24
45.15.125.0/24 maxlen: 24
45.15.128.0/24 maxlen: 24
45.15.129.0/24 maxlen: 24
45.15.145.0/24 maxlen: 24
45.15.146.0/24 maxlen: 24
45.15.154.0/24 maxlen: 24
45.15.155.0/24 maxlen: 24
45.15.164.0/24 maxlen: 24
45.15.179.0/24 maxlen: 24
45.15.186.0/24 maxlen: 24
45.82.248.0/24 maxlen: 24
45.83.23.0/24 maxlen: 24
45.83.24.0/24 maxlen: 24
45.83.25.0/24 maxlen: 24
45.83.128.0/24 maxlen: 24
45.83.149.0/24 maxlen: 24
45.86.60.0/22 maxlen: 24
45.86.64.0/24 maxlen: 24
45.86.65.0/24 maxlen: 24
45.86.67.0/24 maxlen: 24
45.86.68.0/24 maxlen: 24
45.86.69.0/24 maxlen: 24
45.86.70.0/24 maxlen: 24
45.86.74.0/24 maxlen: 24
45.86.75.0/24 maxlen: 24
45.88.176.0/24 maxlen: 24
45.88.177.0/24 maxlen: 24
45.92.140.0/22 maxlen: 24
45.92.160.0/24 maxlen: 24
45.92.161.0/24 maxlen: 24
45.92.163.0/24 maxlen: 24
45.92.164.0/22 maxlen: 24
45.92.192.0/24 maxlen: 24
45.92.193.0/24 maxlen: 24
45.92.194.0/24 maxlen: 24
45.128.51.0/24 maxlen: 24
45.128.57.0/24 maxlen: 24
45.128.58.0/24 maxlen: 24
85.209.157.0/24 maxlen: 24
85.209.158.0/24 maxlen: 24
85.209.159.0/24 maxlen: 24
85.209.194.0/24 maxlen: 24
88.218.92.0/24 maxlen: 24
88.218.94.0/24 maxlen: 24
88.218.95.0/24 maxlen: 24
92.118.236.0/22 maxlen: 24
95.214.249.0/24 maxlen: 24
95.214.250.0/24 maxlen: 24
171.22.115.0/24 maxlen: 24
171.22.130.0/24 maxlen: 24
171.22.132.0/24 maxlen: 24
185.166.153.0/24 maxlen: 24
194.36.36.0/24 maxlen: 24
194.36.37.0/24 maxlen: 24
194.55.136.0/24 maxlen: 24
213.59.119.0/24 maxlen: 24
213.59.120.0/24 maxlen: 24
213.59.126.0/24 maxlen: 24
213.59.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Jun 2026 17:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:ca:aa:3a:86:9c:90:60:90:d6:06:ab:36:d1:26:29:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Jun 15 09:43:34 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e0678969db8569739abe49287a46577740056876
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:38:cd:12:34:31:0c:9e:45:33:a9:cd:e1:4f:
c3:c8:08:66:0a:32:bc:97:b6:b1:60:3a:3f:a4:4a:
42:21:e5:06:2b:c1:c5:57:40:61:1d:cc:d7:16:7b:
cb:7b:ba:2c:74:1f:7f:d0:c7:15:5f:69:a6:d9:03:
04:a4:20:4f:fe:68:62:39:7a:db:79:23:e6:57:6e:
10:ce:bb:54:b7:2c:49:50:d4:cd:d2:a6:cb:0d:12:
72:a6:09:17:8e:c8:cc:b4:2c:ce:86:43:82:7b:21:
72:f0:5c:66:f6:d0:10:22:74:19:ee:34:f3:2b:4b:
cd:cd:e6:1b:05:9b:f7:b6:ca:c4:72:46:6b:ec:37:
ed:cc:8f:aa:26:9e:32:58:08:4d:bf:18:5d:66:9f:
42:26:b7:3a:cb:f9:2b:ab:60:cb:fa:c2:ea:2e:f4:
15:ef:60:2e:15:63:0e:05:50:8c:03:46:5b:d5:10:
88:65:a4:1a:bb:1b:46:23:08:64:6f:fa:34:f7:d6:
58:21:e0:04:42:f6:ca:d0:9e:c4:b1:8e:7f:f8:78:
f5:cd:33:8f:39:80:8a:10:4c:39:fc:09:ac:67:a8:
f8:5e:15:35:d5:9e:39:88:5c:95:87:d2:d5:66:78:
88:9e:dc:6a:20:20:44:50:9a:5e:18:c7:62:5e:9b:
c5:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:67:89:69:DB:85:69:73:9A:BE:49:28:7A:46:57:77:40:05:68:76
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/4GeJaduFaXOavkkoekZXd0AFaHY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.123.0/24
5.180.22.0/24
5.180.31.0/24
5.180.47.0/24
5.180.52.0/24
5.180.54.0/24
5.180.145.0/24
5.180.147.0/24
45.9.18.0/23
45.15.125.0/24
45.15.128.0/23
45.15.145.0-45.15.146.255
45.15.154.0/23
45.15.164.0/24
45.15.179.0/24
45.15.186.0/24
45.82.248.0/24
45.83.23.0-45.83.25.255
45.83.128.0/24
45.83.149.0/24
45.86.60.0-45.86.65.255
45.86.67.0-45.86.70.255
45.86.74.0/23
45.88.176.0/23
45.92.140.0/22
45.92.160.0/23
45.92.163.0-45.92.167.255
45.92.192.0-45.92.194.255
45.128.51.0/24
45.128.57.0-45.128.58.255
85.209.157.0-85.209.159.255
85.209.194.0/24
88.218.92.0/24
88.218.94.0/23
92.118.236.0/22
95.214.249.0-95.214.250.255
171.22.115.0/24
171.22.130.0/24
171.22.132.0/24
185.166.153.0/24
194.36.36.0/23
194.55.136.0/24
213.59.119.0-213.59.120.255
213.59.126.0/23
Signature Algorithm: sha256WithRSAEncryption
a8:54:46:e1:96:9b:8f:df:5f:5e:8c:92:bd:d3:5d:a4:28:63:
7d:52:8f:8f:da:3f:2c:c5:49:03:dd:3c:4f:be:7a:6c:7a:f8:
af:eb:c8:9c:61:bc:49:02:76:85:33:84:2d:54:52:e9:8b:90:
fa:94:d7:f0:e9:a1:20:66:db:e5:dc:15:81:a0:88:df:44:fe:
31:a2:76:8f:e1:b8:87:0d:61:34:88:78:3f:a0:90:9f:72:69:
96:c4:52:ae:84:20:dd:03:81:91:2e:bb:e9:90:9c:68:f9:89:
2a:93:4b:93:38:58:65:0b:dd:e8:04:c6:70:24:bb:0d:e0:f9:
b7:3b:de:88:72:73:83:b2:23:fe:67:99:8c:ca:4e:28:07:c5:
46:86:bc:a7:37:48:49:f5:39:3b:a2:6e:d4:c8:f0:48:55:70:
52:78:b2:e2:c5:b0:e0:a5:c5:37:88:3e:a3:67:21:26:2e:4a:
19:cb:75:67:77:c4:ab:32:1c:26:ec:33:c4:0a:7a:44:41:48:
08:b6:67:84:31:2b:20:74:bd:35:f9:16:6b:11:00:7d:2d:56:
63:80:67:d3:f3:40:4d:77:cc:2e:1b:b4:09:1b:1f:f8:de:94:
0a:ad:2f:9c:f1:df:21:b1:21:c5:d9:0d:71:13:8b:8d:17:bb:
d4:94:3f:24
-----BEGIN CERTIFICATE-----
MIIGWTCCBUGgAwIBAgISAZ7KqjqGnJBgkNYGqzbRJilgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjYwNjE1MDk0MzM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDY3ODk2OWRiODU2OTczOWFiZTQ5Mjg3YTQ2NTc3NzQwMDU2ODc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvDjNEjQxDJ5FM6nN4U/DyAhmCjK8
l7axYDo/pEpCIeUGK8HFV0BhHczXFnvLe7osdB9/0McVX2mm2QMEpCBP/mhiOXrb
eSPmV24QzrtUtyxJUNTN0qbLDRJypgkXjsjMtCzOhkOCeyFy8Fxm9tAQInQZ7jTz
K0vNzeYbBZv3tsrEckZr7DftzI+qJp4yWAhNvxhdZp9CJrc6y/krq2DL+sLqLvQV
72AuFWMOBVCMA0Zb1RCIZaQauxtGIwhkb/o099ZYIeAEQvbK0J7EsY5/+Hj1zTOP
OYCKEEw5/AmsZ6j4XhU11Z45iFyVh9LVZniIntxqICBEUJpeGMdiXpvFgwIDAQAB
o4IDZTCCA2EwHQYDVR0OBBYEFOBniWnbhWlzmr5JKHpGV3dABWh2MB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvNEdlSmFkdUZhWE9hdmtrb2VrWlhkMEFGYUhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBeQYIKwYBBQUHAQcBAf8EggFoMIIBZDCCAWAEAgABMIIB
WAMEAAI4ewMEAAW0FgMEAAW0HwMEAAW0LwMEAAW0NAMEAAW0NgMEAAW0kQMEAAW0
kwMEAS0JEgMEAC0PfQMEAS0PgDAMAwQALQ+RAwQALQ+SAwQBLQ+aAwQALQ+kAwQA
LQ+zAwQALQ+6AwQALVL4MAwDBAAtUxcDBAEtUxgDBAAtU4ADBAAtU5UwDAMEAi1W
PAMEAS1WQDAMAwQALVZDAwQALVZGAwQBLVZKAwQBLViwAwQCLVyMAwQBLVygMAwD
BAAtXKMDBAMtXKAwDAMEBi1cwAMEAC1cwgMEAC2AMzAMAwQALYA5AwQALYA6MAwD
BABV0Z0DBAVV0YADBABV0cIDBABY2lwDBAFY2l4DBAJcduwwDAMEAF/W+QMEAF/W
+gMEAKsWcwMEAKsWggMEAKsWhAMEALmmmQMEAcIkJAMEAMI3iDAMAwQA1Tt3AwQA
1Tt4AwQB1Tt+MA0GCSqGSIb3DQEBCwUAA4IBAQCoVEbhlpuP319ejJK9012kKGN9
Uo+P2j8sxUkD3TxPvnpseviv68icYbxJAnaFM4QtVFLpi5D6lNfw6aEgZtvl3BWB
oIjfRP4xonaP4biHDWE0iHg/oJCfcmmWxFKuhCDdA4GRLrvpkJxo+Ykqk0uTOFhl
C93oBMZwJLsN4Pm3O96IcnODsiP+Z5mMyk4oB8VGhrynN0hJ9Tk7om7UyPBIVXBS
eLLixbDgpcU3iD6jZyEmLkoZy3Vnd8SrMhwm7DPECnpEQUgItmeEMSsgdL01+RZr
EQB9LVZjgGfT80BNd8wuG7QJGx/43pQKrS+c8d8hsSHF2Q1xE4uNF7vUlD8k
-----END CERTIFICATE-----
Generated at Thu Jun 18 03:44:43 2026 by rpki-client