Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/AyXPl7SOM5blpXlQjHsZyT-4XeA.roa
File: AyXPl7SOM5blpXlQjHsZyT-4XeA.roa (raw, json)
Hash identifier: 80lF8fT0/x4iwMujaSthDIpH6FZAj4sgS+Wkyj3J2V4=
Subject key identifier: 03:25:CF:97:B4:8E:33:96:E5:A5:79:50:8C:7B:19:C9:3F:B8:5D:E0
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 019DF38C94C19DCB93EF65F67766FDA9FC59
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/AyXPl7SOM5blpXlQjHsZyT-4XeA.roa
Signing time: Mon 04 May 2026 15:12:49 +0000
ROA not before: Mon 04 May 2026 15:12:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 45.8.23.0/24 maxlen: 24
45.90.17.0/24 maxlen: 24
45.131.134.0/24 maxlen: 24
45.131.135.0/24 maxlen: 24
185.108.204.0/24 maxlen: 24
185.126.82.0/24 maxlen: 24
185.199.54.0/24 maxlen: 24
185.199.158.0/24 maxlen: 24
185.199.159.0/24 maxlen: 24
185.206.251.0/24 maxlen: 24
185.209.38.0/24 maxlen: 24
185.209.73.0/24 maxlen: 24
185.209.74.0/24 maxlen: 24
185.209.75.0/24 maxlen: 24
185.210.154.0/24 maxlen: 24
185.210.233.0/24 maxlen: 24
185.210.235.0/24 maxlen: 24
185.214.103.0/24 maxlen: 24
185.214.108.0/24 maxlen: 24
185.218.20.0/24 maxlen: 24
185.218.101.0/24 maxlen: 24
185.220.248.0/24 maxlen: 24
185.220.249.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.221.20.0/24 maxlen: 24
185.222.28.0/24 maxlen: 24
185.222.29.0/24 maxlen: 24
185.223.80.0/24 maxlen: 24
185.223.155.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.225.1.0/24 maxlen: 24
185.225.2.0/24 maxlen: 24
185.225.3.0/24 maxlen: 24
185.225.22.0/24 maxlen: 24
185.226.104.0/24 maxlen: 24
185.226.105.0/24 maxlen: 24
185.226.107.0/24 maxlen: 24
185.227.144.0/24 maxlen: 24
185.227.146.0/23 maxlen: 24
185.227.147.0/24 maxlen: 24
185.228.72.0/24 maxlen: 24
185.228.75.0/24 maxlen: 24
185.230.53.0/24 maxlen: 24
185.230.67.0/24 maxlen: 24
185.232.206.0/24 maxlen: 24
185.234.22.0/24 maxlen: 24
185.246.112.0/24 maxlen: 24
193.8.112.0/23 maxlen: 24
193.8.112.0/24 maxlen: 24
193.8.113.0/24 maxlen: 24
193.8.114.0/24 maxlen: 24
193.58.144.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
193.58.146.0/24 maxlen: 24
194.5.65.0/24 maxlen: 24
194.5.67.0/24 maxlen: 24
194.76.169.0/24 maxlen: 24
194.124.69.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 May 2026 14:07:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:f3:8c:94:c1:9d:cb:93:ef:65:f6:77:66:fd:a9:fc:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: May 4 15:12:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0325cf97b48e3396e5a579508c7b19c93fb85de0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:70:81:4e:e8:ef:29:85:65:79:89:c3:89:91:
9c:33:b7:f6:9e:42:8d:4c:d6:85:05:20:e6:4e:6c:
dd:a9:5c:9b:2b:a1:32:f4:1a:c5:24:94:59:b4:49:
7b:dc:42:45:ce:ac:7d:2e:5e:33:fe:91:38:79:62:
75:1d:f3:2a:00:5c:61:81:68:5b:3b:92:03:c8:e0:
21:64:2a:3d:9e:15:7f:45:be:db:19:a5:c3:f6:50:
6a:13:ba:9a:b7:39:55:69:55:7d:e5:00:87:c5:eb:
51:c8:e6:2f:29:f2:95:d1:7c:8c:5b:e3:cb:da:ba:
9d:a6:2c:3d:e9:ec:17:59:9a:5f:ea:eb:a5:0d:ae:
2a:e7:f8:9a:dd:7a:f1:ce:f4:54:f7:12:c7:07:be:
02:47:a0:3f:f6:0f:c8:4a:c5:3c:01:33:d6:49:55:
c7:4b:9f:9b:f8:ef:bb:dd:6f:a7:12:f1:85:06:95:
be:57:16:11:c3:75:28:07:89:05:89:d9:4b:b3:46:
52:5f:63:0b:52:ad:58:39:fc:f4:7d:95:6b:91:bc:
ac:89:de:ff:33:e9:e5:64:19:b9:76:cf:b7:7f:6a:
b0:a0:3c:7d:9f:55:cb:20:7e:9f:1c:eb:27:8e:ca:
d3:97:e6:ee:3b:be:e8:53:60:d2:73:7d:c7:01:e4:
1c:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:25:CF:97:B4:8E:33:96:E5:A5:79:50:8C:7B:19:C9:3F:B8:5D:E0
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/AyXPl7SOM5blpXlQjHsZyT-4XeA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.23.0/24
45.90.17.0/24
45.131.134.0/23
185.108.204.0/24
185.126.82.0/24
185.199.54.0/24
185.199.158.0/23
185.206.251.0/24
185.209.38.0/24
185.209.73.0-185.209.75.255
185.210.154.0/24
185.210.233.0/24
185.210.235.0/24
185.214.103.0/24
185.214.108.0/24
185.218.20.0/24
185.218.101.0/24
185.220.248.0/22
185.221.20.0/24
185.222.28.0/23
185.223.80.0/24
185.223.155.0/24
185.225.0.0/22
185.225.22.0/24
185.226.104.0/23
185.226.107.0/24
185.227.144.0/24
185.227.146.0/23
185.228.72.0/24
185.228.75.0/24
185.230.53.0/24
185.230.67.0/24
185.232.206.0/24
185.234.22.0/24
185.246.112.0/24
193.8.112.0-193.8.114.255
193.58.144.0/24
193.58.146.0/23
194.5.65.0/24
194.5.67.0/24
194.76.169.0/24
194.124.69.0/24
Signature Algorithm: sha256WithRSAEncryption
41:d2:77:d1:aa:1a:86:83:1a:b8:d1:09:01:25:3b:7d:44:4a:
d7:30:0f:65:7a:11:8f:3d:40:d2:02:72:23:4e:7f:bf:dc:b5:
16:db:ee:ff:5e:a1:3f:35:31:05:e1:53:e3:a2:2a:1c:66:fd:
bb:a1:d7:34:aa:42:7f:d1:35:5d:4a:93:04:6e:a1:0f:e9:08:
a4:64:30:08:c4:cb:15:98:27:f3:0b:70:98:09:8a:a5:4c:0c:
04:37:ef:12:c1:21:e4:4c:f9:07:ad:a3:a3:c9:97:8d:0b:a5:
7d:38:ca:63:f3:4c:22:48:46:77:bb:9d:da:b1:fa:f5:ed:e3:
e3:12:ab:ec:d7:ca:24:e9:96:ac:1f:2d:bb:4a:e2:40:fa:d3:
70:f7:39:98:bb:44:d6:f4:ac:36:36:5e:0b:51:10:b6:b3:63:
0d:60:28:a9:62:2f:47:50:1e:82:0f:3b:8d:8c:a4:74:ce:6b:
8f:d9:70:c7:16:87:50:7b:42:e6:52:fa:43:94:ec:89:08:ad:
b1:73:51:4b:cf:cf:3c:69:73:c7:e4:f2:90:98:64:5e:28:07:
eb:95:1c:40:e2:b6:d8:2f:57:41:08:e7:90:69:32:4f:d0:0e:
33:ca:c8:a8:c5:69:45:0c:09:95:66:64:3d:4c:ac:86:29:24:
c9:e5:04:b3
-----BEGIN CERTIFICATE-----
MIIGDTCCBPWgAwIBAgISAZ3zjJTBncuT72X2d2b9qfxZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjYwNTA0MTUxMjQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzI1Y2Y5N2I0OGUzMzk2ZTVhNTc5NTA4YzdiMTljOTNmYjg1ZGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5XCBTujvKYVleYnDiZGcM7f2nkKN
TNaFBSDmTmzdqVybK6Ey9BrFJJRZtEl73EJFzqx9Ll4z/pE4eWJ1HfMqAFxhgWhb
O5IDyOAhZCo9nhV/Rb7bGaXD9lBqE7qatzlVaVV95QCHxetRyOYvKfKV0XyMW+PL
2rqdpiw96ewXWZpf6uulDa4q5/ia3XrxzvRU9xLHB74CR6A/9g/ISsU8ATPWSVXH
S5+b+O+73W+nEvGFBpW+VxYRw3UoB4kFidlLs0ZSX2MLUq1YOfz0fZVrkbysid7/
M+nlZBm5ds+3f2qwoDx9n1XLIH6fHOsnjsrTl+buO77oU2DSc33HAeQcNQIDAQAB
o4IDGTCCAxUwHQYDVR0OBBYEFAMlz5e0jjOW5aV5UIx7Gck/uF3gMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvQXlYUGw3U09NNWJscFhsUWpIc1p5VC00WGVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBLQYIKwYBBQUHAQcBAf8EggEcMIIBGDCCARQEAgABMIIB
DAMEAC0IFwMEAC1aEQMEAS2DhgMEALlszAMEALl+UgMEALnHNgMEAbnHngMEALnO
+wMEALnRJjAMAwQAudFJAwQCudFIAwQAudKaAwQAudLpAwQAudLrAwQAudZnAwQA
udZsAwQAudoUAwQAudplAwQCudz4AwQAud0UAwQBud4cAwQAud9QAwQAud+bAwQC
ueEAAwQAueEWAwQBueJoAwQAueJrAwQAueOQAwQBueOSAwQAueRIAwQAueRLAwQA
ueY1AwQAueZDAwQAuejOAwQAueoWAwQAufZwMAwDBATBCHADBADBCHIDBADBOpAD
BAHBOpIDBADCBUEDBADCBUMDBADCTKkDBADCfEUwDQYJKoZIhvcNAQELBQADggEB
AEHSd9GqGoaDGrjRCQElO31EStcwD2V6EY89QNICciNOf7/ctRbb7v9eoT81MQXh
U+OiKhxm/buh1zSqQn/RNV1KkwRuoQ/pCKRkMAjEyxWYJ/MLcJgJiqVMDAQ37xLB
IeRM+Qeto6PJl40LpX04ymPzTCJIRne7ndqx+vXt4+MSq+zXyiTplqwfLbtK4kD6
03D3OZi7RNb0rDY2XgtRELazYw1gKKliL0dQHoIPO42MpHTOa4/ZcMcWh1B7QuZS
+kOU7IkIrbFzUUvPzzxpc8fk8pCYZF4oB+uVHEDittgvV0EI55BpMk/QDjPKyKjF
aUUMCZVmZD1MrIYpJMnlBLM=
-----END CERTIFICATE-----
Generated at Tue May 5 00:56:31 2026 by rpki-client