Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/_8nGLG90lhQeL4mzuxgefOWGFkc.roa
File: _8nGLG90lhQeL4mzuxgefOWGFkc.roa (raw, json)
Hash identifier: RUInxhHWl3NiuHKrXRHoO7serE7DFAO9ZU8w+HBDiDE=
Subject key identifier: FF:C9:C6:2C:6F:74:96:14:1E:2F:89:B3:BB:18:1E:7C:E5:86:16:47
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 019DDE60A7A691D378DB4BE138318D96A557
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/_8nGLG90lhQeL4mzuxgefOWGFkc.roa
Signing time: Thu 30 Apr 2026 12:32:49 +0000
ROA not before: Thu 30 Apr 2026 12:32:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 33993
IP address blocks: 2.56.178.0/24 maxlen: 24
45.12.114.0/24 maxlen: 24
45.12.115.0/24 maxlen: 24
45.15.130.0/24 maxlen: 24
45.15.147.0/24 maxlen: 24
45.128.49.0/24 maxlen: 24
45.128.53.0/24 maxlen: 24
45.136.114.0/24 maxlen: 24
141.98.188.0/24 maxlen: 24
141.98.189.0/24 maxlen: 24
141.98.190.0/24 maxlen: 24
141.98.191.0/24 maxlen: 24
171.22.119.0/24 maxlen: 24
171.22.133.0/24 maxlen: 24
171.22.134.0/24 maxlen: 24
171.22.135.0/24 maxlen: 24
171.22.136.0/24 maxlen: 24
171.22.137.0/24 maxlen: 24
171.22.138.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 04 May 2026 11:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:de:60:a7:a6:91:d3:78:db:4b:e1:38:31:8d:96:a5:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Apr 30 12:32:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ffc9c62c6f7496141e2f89b3bb181e7ce5861647
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:65:8b:40:7c:6f:28:7e:34:6c:71:f0:6d:59:
4d:28:e0:26:4f:15:f8:2d:63:2d:f2:2e:34:05:5a:
6a:53:64:3e:9f:7d:20:6b:18:a9:22:4e:ca:a4:35:
1c:8e:a3:ba:5e:36:0f:f5:15:0f:16:95:bd:9f:22:
da:48:49:9d:cc:9f:e5:53:90:6c:9c:89:97:52:4e:
84:b7:01:a5:4c:8e:92:c1:61:4c:b8:6f:5d:18:0f:
c6:f3:d9:44:19:87:4d:61:53:33:97:16:7b:5c:b6:
1b:a0:c9:f6:48:22:12:99:06:df:56:88:b6:5c:4a:
19:6b:02:50:b5:27:fe:12:41:fd:02:51:91:79:04:
f8:90:4e:e6:65:0b:e8:23:63:f3:8a:2a:66:c8:87:
b9:e5:b9:04:4e:34:3e:1a:47:0a:3e:8d:25:96:89:
c0:0c:95:48:c7:11:de:8b:64:a8:3a:b4:ba:7a:3a:
87:4e:11:84:bd:0f:63:a4:65:5f:1f:d0:17:1c:42:
4d:83:84:61:b2:93:c4:18:1d:fb:cc:72:23:60:e0:
5d:1c:59:66:7a:f3:95:2f:ff:c2:ef:eb:4f:24:8f:
69:e1:68:9a:df:5e:5d:ad:41:84:97:a6:e9:78:54:
cb:8e:ff:4c:ae:7f:be:0c:7d:75:ed:2b:37:99:b5:
03:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:C9:C6:2C:6F:74:96:14:1E:2F:89:B3:BB:18:1E:7C:E5:86:16:47
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/_8nGLG90lhQeL4mzuxgefOWGFkc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.178.0/24
45.12.114.0/23
45.15.130.0/24
45.15.147.0/24
45.128.49.0/24
45.128.53.0/24
45.136.114.0/24
141.98.188.0/22
171.22.119.0/24
171.22.133.0-171.22.138.255
Signature Algorithm: sha256WithRSAEncryption
b3:a9:2a:ca:92:ee:59:16:e1:08:6f:bc:92:07:ac:fa:a3:11:
35:0f:d6:5b:94:d9:42:6c:0f:1d:39:5d:8f:10:d5:4c:aa:bb:
64:2e:dd:4f:36:2c:70:e0:69:6c:15:b6:09:5d:81:7f:91:39:
7f:1f:bf:bf:0f:fa:2d:b3:78:cb:a1:cc:2c:48:22:56:21:b0:
51:1a:0c:29:12:8f:25:8f:b9:68:29:37:70:48:50:fb:ea:03:
b5:96:f9:3d:d1:94:37:40:2a:d5:e0:ca:a1:1b:ac:6e:f6:ed:
ce:45:d9:83:e2:a1:8a:69:f1:ae:d4:d4:79:1b:c4:30:1b:be:
2d:75:97:00:4c:10:83:da:cb:4b:c5:de:a9:c5:c3:75:6b:05:
fc:8b:91:e6:49:64:ca:ce:ef:3f:0c:cf:1a:91:e4:9d:2e:3b:
fd:dd:54:91:fc:d1:f5:80:82:d1:d8:db:f7:7e:eb:0b:66:83:
25:fe:dd:2b:a9:2a:7d:99:f8:80:91:05:6e:20:e0:12:ee:67:
da:6f:b7:e4:57:11:a5:e8:7c:fb:2f:aa:c1:a3:aa:c6:44:e6:
e7:46:90:5d:b2:47:2f:9e:ce:0d:aa:90:88:e5:53:8d:12:40:
54:5a:e6:93:bc:26:94:34:6f:b9:53:53:3b:7f:19:73:21:eb:
ad:29:0c:1f
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAZ3eYKemkdN420vhODGNlqVXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjYwNDMwMTIzMjQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmM5YzYyYzZmNzQ5NjE0MWUyZjg5YjNiYjE4MWU3Y2U1ODYxNjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqGWLQHxvKH40bHHwbVlNKOAmTxX4
LWMt8i40BVpqU2Q+n30gaxipIk7KpDUcjqO6XjYP9RUPFpW9nyLaSEmdzJ/lU5Bs
nImXUk6EtwGlTI6SwWFMuG9dGA/G89lEGYdNYVMzlxZ7XLYboMn2SCISmQbfVoi2
XEoZawJQtSf+EkH9AlGReQT4kE7mZQvoI2PziipmyIe55bkETjQ+GkcKPo0llonA
DJVIxxHei2SoOrS6ejqHThGEvQ9jpGVfH9AXHEJNg4RhspPEGB37zHIjYOBdHFlm
evOVL//C7+tPJI9p4Wia315drUGEl6bpeFTLjv9Mrn++DH117Ss3mbUD9wIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFP/JxixvdJYUHi+Js7sYHnzlhhZHMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvXzhuR0xHOTBsaFFlTDRtenV4Z2VmT1dHRmtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQAAjiyAwQB
LQxyAwQALQ+CAwQALQ+TAwQALYAxAwQALYA1AwQALYhyAwQCjWK8AwQAqxZ3MAwD
BACrFoUDBACrFoowDQYJKoZIhvcNAQELBQADggEBALOpKsqS7lkW4QhvvJIHrPqj
ETUP1luU2UJsDx05XY8Q1Uyqu2Qu3U82LHDgaWwVtgldgX+ROX8fv78P+i2zeMuh
zCxIIlYhsFEaDCkSjyWPuWgpN3BIUPvqA7WW+T3RlDdAKtXgyqEbrG727c5F2YPi
oYpp8a7U1HkbxDAbvi11lwBMEIPay0vF3qnFw3VrBfyLkeZJZMrO7z8MzxqR5J0u
O/3dVJH80fWAgtHY2/d+6wtmgyX+3SupKn2Z+ICRBW4g4BLuZ9pvt+RXEaXofPsv
qsGjqsZE5udGkF2yRy+ezg2qkIjlU40SQFRa5pO8JpQ0b7lTUzt/GXMh660pDB8=
-----END CERTIFICATE-----
Generated at Sun May 3 17:06:23 2026 by rpki-client