Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/OBRksvg4pzEpnd-qGsSGfrYiJDg.roa
File: OBRksvg4pzEpnd-qGsSGfrYiJDg.roa (raw, json)
Hash identifier: qUFjsFvGyWie5HHXPHeOsUUnkujHq+ZsJh/54f5sf6U=
Subject key identifier: 38:14:64:B2:F8:38:A7:31:29:9D:DF:AA:1A:C4:86:7E:B6:22:24:38
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 019E4746B6411D3C85D546CB48A09CC01A17
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/OBRksvg4pzEpnd-qGsSGfrYiJDg.roa
Signing time: Wed 20 May 2026 21:24:36 +0000
ROA not before: Wed 20 May 2026 21:24:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 399955
IP address blocks: 5.35.192.0/21 maxlen: 24
31.187.92.0/22 maxlen: 24
66.9.96.0/20 maxlen: 24
66.117.8.0/22 maxlen: 24
74.124.204.0/22 maxlen: 24
77.223.192.0/21 maxlen: 24
77.223.200.0/23 maxlen: 24
79.139.52.0/22 maxlen: 24
79.139.64.0/23 maxlen: 24
83.142.200.0/21 maxlen: 24
85.204.160.0/22 maxlen: 24
88.135.96.0/20 maxlen: 24
89.39.172.0/23 maxlen: 24
91.210.80.0/22 maxlen: 24
93.119.184.0/21 maxlen: 24
94.26.64.0/23 maxlen: 24
94.26.110.0/23 maxlen: 24
94.101.103.0/24 maxlen: 24
95.178.8.0/21 maxlen: 24
95.215.144.0/22 maxlen: 24
116.50.16.0/21 maxlen: 24
121.127.48.0/20 maxlen: 24
141.193.108.0/22 maxlen: 24
162.250.216.0/22 maxlen: 24
168.75.224.0/20 maxlen: 24
176.222.48.0/22 maxlen: 24
178.216.184.0/21 maxlen: 24
188.215.12.0/22 maxlen: 24
192.109.205.0/24 maxlen: 24
194.149.76.0/22 maxlen: 24
195.133.202.0/23 maxlen: 24
198.14.16.0/20 maxlen: 24
198.145.112.0/22 maxlen: 24
205.134.244.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 May 2026 21:25:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:47:46:b6:41:1d:3c:85:d5:46:cb:48:a0:9c:c0:1a:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: May 20 21:24:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=381464b2f838a731299ddfaa1ac4867eb6222438
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:b6:b9:8a:56:f7:37:28:fa:5a:2e:ac:88:b7:
8e:4f:85:3b:bf:67:17:b6:04:b5:03:15:e0:c4:47:
73:06:86:b6:da:bb:bf:32:23:9e:b3:3b:65:a4:a3:
b9:2e:8f:d6:2a:c2:52:22:de:12:dc:72:42:0a:12:
84:ea:d8:8c:56:b0:67:fe:1b:03:72:67:a5:1f:e2:
1d:6f:04:1b:6e:7a:f0:b0:2d:4b:5c:be:c1:db:55:
02:61:94:ef:1f:2a:f8:35:06:ae:08:a7:b5:ca:4f:
90:1b:77:e7:d5:25:31:57:5b:58:52:bb:00:06:34:
67:79:3c:f1:40:43:be:ad:be:ad:9c:8d:59:5c:75:
83:15:14:fe:6f:e7:e3:46:1d:db:7a:2f:0c:a4:cd:
f7:9b:6b:70:df:99:2c:5a:0e:6e:10:f8:57:14:38:
b1:2a:e8:ca:13:28:1e:50:c8:57:3a:3f:ac:a2:e3:
d8:9a:b2:fd:3d:bd:6f:50:26:11:0c:b2:10:84:c1:
8d:74:32:c7:d9:6e:78:ab:b4:ec:31:6b:63:95:70:
42:83:6f:09:c6:97:1e:9c:34:67:92:74:ac:a4:a2:
5f:78:85:cd:d2:93:5d:25:16:28:b4:e9:77:39:9e:
6b:78:49:fd:ea:ea:c1:be:2b:a2:e8:ce:fc:b7:83:
04:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:14:64:B2:F8:38:A7:31:29:9D:DF:AA:1A:C4:86:7E:B6:22:24:38
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/OBRksvg4pzEpnd-qGsSGfrYiJDg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.192.0/21
31.187.92.0/22
66.9.96.0/20
66.117.8.0/22
74.124.204.0/22
77.223.192.0-77.223.201.255
79.139.52.0/22
79.139.64.0/23
83.142.200.0/21
85.204.160.0/22
88.135.96.0/20
89.39.172.0/23
91.210.80.0/22
93.119.184.0/21
94.26.64.0/23
94.26.110.0/23
94.101.103.0/24
95.178.8.0/21
95.215.144.0/22
116.50.16.0/21
121.127.48.0/20
141.193.108.0/22
162.250.216.0/22
168.75.224.0/20
176.222.48.0/22
178.216.184.0/21
188.215.12.0/22
192.109.205.0/24
194.149.76.0/22
195.133.202.0/23
198.14.16.0/20
198.145.112.0/22
205.134.244.0/22
Signature Algorithm: sha256WithRSAEncryption
76:c3:d1:fa:c3:ca:a8:8f:a2:3b:a5:28:7e:e2:39:b3:4e:29:
7d:f0:fe:96:e1:aa:7c:96:5f:87:f0:69:4e:92:60:49:4d:2d:
e3:0b:b7:00:6e:5e:10:62:ce:c5:06:63:ad:7e:6e:24:b4:45:
84:11:9b:8e:24:1d:e4:d1:71:86:5c:5a:1b:66:40:65:a4:b9:
f2:03:fa:af:23:17:c1:ee:c3:cd:64:27:ac:ee:c2:df:86:7d:
ad:f1:de:21:10:79:27:ee:29:37:8a:c8:51:26:f6:6f:3d:26:
66:16:91:5d:15:85:c9:b7:ae:fd:69:de:a1:cb:22:b9:c2:84:
73:f5:9a:41:5e:91:ef:db:27:5b:45:8a:b6:f7:d0:25:67:2f:
c8:c3:60:81:d3:f5:b0:0b:e5:2e:12:8b:a9:1e:8b:2f:77:f4:
2b:1c:d4:6b:b6:c3:b7:3d:36:98:87:bd:39:f0:9a:77:4a:e4:
08:a3:99:0f:b0:cb:bb:e2:ab:39:98:e1:80:3c:34:e6:04:a6:
e4:e7:a0:c5:d6:e5:7e:3c:41:6a:8e:2a:de:6c:97:d4:bc:c7:
1e:c8:76:61:10:ea:e6:df:ef:69:50:0a:3f:92:a4:5e:55:72:
7e:ff:ff:1d:5d:29:cc:a1:4a:8e:d3:f8:d3:dd:a6:38:ab:e0:
7f:c9:d5:e0
-----BEGIN CERTIFICATE-----
MIIFyjCCBLKgAwIBAgISAZ5HRrZBHTyF1UbLSKCcwBoXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjYwNTIwMjEyNDM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODE0NjRiMmY4MzhhNzMxMjk5ZGRmYWExYWM0ODY3ZWI2MjIyNDM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx7a5ilb3Nyj6Wi6siLeOT4U7v2cX
tgS1AxXgxEdzBoa22ru/MiOesztlpKO5Lo/WKsJSIt4S3HJCChKE6tiMVrBn/hsD
cmelH+IdbwQbbnrwsC1LXL7B21UCYZTvHyr4NQauCKe1yk+QG3fn1SUxV1tYUrsA
BjRneTzxQEO+rb6tnI1ZXHWDFRT+b+fjRh3bei8MpM33m2tw35ksWg5uEPhXFDix
KujKEygeUMhXOj+souPYmrL9Pb1vUCYRDLIQhMGNdDLH2W54q7TsMWtjlXBCg28J
xpcenDRnknSspKJfeIXN0pNdJRYotOl3OZ5reEn96urBviui6M78t4MExQIDAQAB
o4IC1jCCAtIwHQYDVR0OBBYEFDgUZLL4OKcxKZ3fqhrEhn62IiQ4MB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvT0JSa3N2ZzRwekVwbmQtcUdzU0dmcllpSkRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHrBggrBgEFBQcBBwEB/wSB2zCB2DCB1QQCAAEwgc4DBAMF
I8ADBAIfu1wDBARCCWADBAJCdQgDBAJKfMwwDAMEBk3fwAMEAU3fyAMEAk+LNAME
AU+LQAMEA1OOyAMEAlXMoAMEBFiHYAMEAVknrAMEAlvSUAMEA113uAMEAV4aQAME
AV4abgMEAF5lZwMEA1+yCAMEAl/XkAMEA3QyEAMEBHl/MAMEAo3BbAMEAqL62AME
BKhL4AMEArDeMAMEA7LYuAMEArzXDAMEAMBtzQMEAsKVTAMEAcOFygMEBMYOEAME
AsaRcAMEAs2G9DANBgkqhkiG9w0BAQsFAAOCAQEAdsPR+sPKqI+iO6UofuI5s04p
ffD+luGqfJZfh/BpTpJgSU0t4wu3AG5eEGLOxQZjrX5uJLRFhBGbjiQd5NFxhlxa
G2ZAZaS58gP6ryMXwe7DzWQnrO7C34Z9rfHeIRB5J+4pN4rIUSb2bz0mZhaRXRWF
ybeu/WneocsiucKEc/WaQV6R79snW0WKtvfQJWcvyMNggdP1sAvlLhKLqR6LL3f0
KxzUa7bDtz02mIe9OfCad0rkCKOZD7DLu+KrOZjhgDw05gSm5OegxdblfjxBao4q
3myX1LzHHsh2YRDq5t/vaVAKP5KkXlVyfv//HV0pzKFKjtP4092mOKvgf8nV4A==
-----END CERTIFICATE-----
Generated at Thu May 21 04:12:17 2026 by rpki-client