Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/I5yqw9RZ4x-5tc6XWlYBYJYoj4I.roa
File: I5yqw9RZ4x-5tc6XWlYBYJYoj4I.roa (raw, json)
Hash identifier: rgZ1saDisY1eRcQfm004JnPsFiFulrCkVTIjRrN9HY8=
Subject key identifier: 23:9C:AA:C3:D4:59:E3:1F:B9:B5:CE:97:5A:56:01:60:96:28:8F:82
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 019E269C4B3DE457B3B4E70F07A1F8625E6E
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/I5yqw9RZ4x-5tc6XWlYBYJYoj4I.roa
Signing time: Thu 14 May 2026 13:10:37 +0000
ROA not before: Thu 14 May 2026 13:10:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 201942
IP address blocks: 31.170.100.0/22 maxlen: 24
37.32.99.0/24 maxlen: 24
45.90.238.0/24 maxlen: 24
45.131.132.0/23 maxlen: 24
45.137.160.0/22 maxlen: 24
45.147.104.0/22 maxlen: 24
45.147.116.0/22 maxlen: 24
45.159.76.0/22 maxlen: 24
62.106.87.0/24 maxlen: 24
81.21.228.0/22 maxlen: 24
85.115.192.0/22 maxlen: 24
88.135.64.0/22 maxlen: 24
91.235.40.0/24 maxlen: 24
91.235.41.0/24 maxlen: 24
91.238.239.0/24 maxlen: 24
92.60.34.0/24 maxlen: 24
92.60.35.0/24 maxlen: 24
93.92.228.0/22 maxlen: 24
93.189.120.0/24 maxlen: 24
93.189.123.0/24 maxlen: 24
95.214.144.0/22 maxlen: 24
109.230.194.0/24 maxlen: 24
109.230.250.0/24 maxlen: 24
185.91.108.0/22 maxlen: 24
185.105.12.0/22 maxlen: 24
185.105.232.0/22 maxlen: 24
185.106.124.0/22 maxlen: 24
185.107.152.0/22 maxlen: 24
185.118.52.0/23 maxlen: 23
185.118.54.0/23 maxlen: 23
185.119.48.0/22 maxlen: 24
185.128.52.0/22 maxlen: 24
185.129.104.0/22 maxlen: 24
185.150.78.0/23 maxlen: 24
185.163.168.0/22 maxlen: 24
185.163.232.0/22 maxlen: 24
185.166.172.0/22 maxlen: 24
185.175.152.0/22 maxlen: 24
185.176.188.0/22 maxlen: 24
185.179.228.0/22 maxlen: 24
185.179.232.0/22 maxlen: 24
185.189.64.0/22 maxlen: 24
185.196.40.0/22 maxlen: 24
185.196.42.0/24 maxlen: 24
185.196.43.0/24 maxlen: 24
185.197.216.0/22 maxlen: 24
185.199.44.0/22 maxlen: 24
185.199.55.0/24 maxlen: 24
185.200.228.0/22 maxlen: 24
185.201.152.0/22 maxlen: 24
185.202.204.0/22 maxlen: 24
185.202.205.0/24 maxlen: 24
185.202.206.0/24 maxlen: 24
185.204.108.0/24 maxlen: 24
185.204.244.0/22 maxlen: 24
185.212.84.0/22 maxlen: 24
185.216.28.0/22 maxlen: 24
185.217.12.0/22 maxlen: 24
185.218.16.0/22 maxlen: 24
185.220.240.0/22 maxlen: 24
185.221.16.0/22 maxlen: 24
185.222.188.0/22 maxlen: 24
185.223.220.0/22 maxlen: 24
185.224.220.0/22 maxlen: 24
185.226.8.0/22 maxlen: 24
185.226.28.0/22 maxlen: 24
185.227.176.0/22 maxlen: 24
185.227.204.0/24 maxlen: 24
185.230.48.0/22 maxlen: 24
185.239.252.0/22 maxlen: 24
185.239.252.0/24 maxlen: 24
185.239.253.0/24 maxlen: 24
185.239.255.0/24 maxlen: 24
185.245.32.0/23 maxlen: 23
185.247.4.0/24 maxlen: 24
193.17.180.0/22 maxlen: 24
193.17.180.0/24 maxlen: 24
193.17.182.0/24 maxlen: 24
193.35.88.0/22 maxlen: 24
193.105.66.0/24 maxlen: 24
193.162.15.0/24 maxlen: 24
194.35.40.0/24 maxlen: 24
194.41.116.0/22 maxlen: 24
194.41.118.0/24 maxlen: 24
194.41.119.0/24 maxlen: 24
195.182.13.0/24 maxlen: 24
212.80.208.0/22 maxlen: 24
212.115.44.0/22 maxlen: 24
213.232.232.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 18 May 2026 17:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:26:9c:4b:3d:e4:57:b3:b4:e7:0f:07:a1:f8:62:5e:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: May 14 13:10:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=239caac3d459e31fb9b5ce975a56016096288f82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:c9:28:02:25:9d:8b:6c:9c:22:fe:66:4c:ad:
8e:15:98:64:c3:80:e9:f6:c0:72:49:90:99:a2:8e:
49:13:f9:c8:b3:c2:6a:8b:37:e5:77:63:6d:70:42:
49:06:f9:c7:6d:89:2c:10:9b:b9:6e:79:82:3b:b7:
d8:fe:b5:26:4b:64:13:5a:55:bf:92:70:93:65:48:
fc:bd:9b:0a:ac:a8:e8:ab:75:77:c8:f4:2f:52:ed:
32:8d:99:f3:f2:c0:62:3d:54:4f:7f:bd:74:4e:41:
bc:53:dc:c4:ef:9f:f7:93:bd:ac:5e:f1:19:af:62:
9b:ba:a3:64:51:08:86:cb:a6:db:5d:89:e4:88:ba:
7d:6e:60:df:d8:0e:1a:f4:b8:d3:8d:6a:50:1b:8a:
20:4d:b2:88:d9:9a:af:1f:4c:19:3d:6c:2e:4a:75:
84:a2:7f:24:7a:d3:51:fe:02:13:51:9f:77:c0:b9:
25:00:32:d2:4d:c0:ec:ed:08:dd:66:e6:e0:5b:7f:
d3:a8:c6:10:f7:2f:40:54:f7:d2:ae:ef:1d:71:95:
d7:f6:5e:1d:4b:8a:69:f2:e6:85:3f:0b:c0:3e:5c:
60:cc:ef:e0:4f:40:99:4d:c6:92:63:03:a2:29:a4:
2f:cc:98:d1:1b:89:8d:82:b4:67:e7:7f:21:f3:6d:
37:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:9C:AA:C3:D4:59:E3:1F:B9:B5:CE:97:5A:56:01:60:96:28:8F:82
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/I5yqw9RZ4x-5tc6XWlYBYJYoj4I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.100.0/22
37.32.99.0/24
45.90.238.0/24
45.131.132.0/23
45.137.160.0/22
45.147.104.0/22
45.147.116.0/22
45.159.76.0/22
62.106.87.0/24
81.21.228.0/22
85.115.192.0/22
88.135.64.0/22
91.235.40.0/23
91.238.239.0/24
92.60.34.0/23
93.92.228.0/22
93.189.120.0/24
93.189.123.0/24
95.214.144.0/22
109.230.194.0/24
109.230.250.0/24
185.91.108.0/22
185.105.12.0/22
185.105.232.0/22
185.106.124.0/22
185.107.152.0/22
185.118.52.0/22
185.119.48.0/22
185.128.52.0/22
185.129.104.0/22
185.150.78.0/23
185.163.168.0/22
185.163.232.0/22
185.166.172.0/22
185.175.152.0/22
185.176.188.0/22
185.179.228.0-185.179.235.255
185.189.64.0/22
185.196.40.0/22
185.197.216.0/22
185.199.44.0/22
185.199.55.0/24
185.200.228.0/22
185.201.152.0/22
185.202.204.0/22
185.204.108.0/24
185.204.244.0/22
185.212.84.0/22
185.216.28.0/22
185.217.12.0/22
185.218.16.0/22
185.220.240.0/22
185.221.16.0/22
185.222.188.0/22
185.223.220.0/22
185.224.220.0/22
185.226.8.0/22
185.226.28.0/22
185.227.176.0/22
185.227.204.0/24
185.230.48.0/22
185.239.252.0/22
185.245.32.0/23
185.247.4.0/24
193.17.180.0/22
193.35.88.0/22
193.105.66.0/24
193.162.15.0/24
194.35.40.0/24
194.41.116.0/22
195.182.13.0/24
212.80.208.0/22
212.115.44.0/22
213.232.232.0/24
Signature Algorithm: sha256WithRSAEncryption
96:73:93:f3:24:d5:7f:b1:dd:b1:9f:ef:50:03:69:cf:60:74:
be:ac:97:31:55:3e:fb:cf:e7:a9:2c:9c:1c:54:60:a8:54:91:
86:58:e8:88:78:f9:14:c9:ed:56:50:37:65:13:03:c1:32:2c:
87:77:93:34:cb:53:d4:13:44:3c:48:a0:ac:b6:5f:51:4a:37:
46:4d:b8:d5:37:cc:27:3c:5c:17:ae:0b:4a:c2:20:3e:b4:37:
38:28:3d:eb:d0:8f:f8:ff:17:14:fc:1c:1f:bd:e6:ec:27:8f:
8f:75:20:69:59:94:98:2d:8b:ba:27:b7:98:bb:67:74:47:48:
9a:c8:b6:e1:ab:50:d8:6d:cc:cc:3e:af:f6:9c:60:f0:4d:5b:
45:46:96:3d:c1:20:40:0d:fd:16:ad:3a:5e:28:59:6d:50:50:
f6:0b:57:fe:5b:7c:46:7b:15:19:62:e4:be:55:0d:68:3d:6d:
0f:22:72:d0:b9:b5:da:28:31:b6:9f:19:e6:b4:48:c2:42:28:
11:35:49:d9:e0:3b:c9:e8:64:75:a3:59:65:06:f5:4a:31:41:
6f:64:96:ee:56:b3:c4:3c:da:80:9e:6e:37:b8:98:40:98:69:
4c:20:ff:e2:0c:36:88:3b:21:bd:10:65:06:6a:c2:e2:61:ee:
2c:0b:af:63
-----BEGIN CERTIFICATE-----
MIIGxTCCBa2gAwIBAgISAZ4mnEs95FeztOcPB6H4Yl5uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjYwNTE0MTMxMDM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzljYWFjM2Q0NTllMzFmYjliNWNlOTc1YTU2MDE2MDk2Mjg4ZjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5skoAiWdi2ycIv5mTK2OFZhkw4Dp
9sBySZCZoo5JE/nIs8Jqizfld2NtcEJJBvnHbYksEJu5bnmCO7fY/rUmS2QTWlW/
knCTZUj8vZsKrKjoq3V3yPQvUu0yjZnz8sBiPVRPf710TkG8U9zE75/3k72sXvEZ
r2KbuqNkUQiGy6bbXYnkiLp9bmDf2A4a9LjTjWpQG4ogTbKI2ZqvH0wZPWwuSnWE
on8ketNR/gITUZ93wLklADLSTcDs7QjdZubgW3/TqMYQ9y9AVPfSru8dcZXX9l4d
S4pp8uaFPwvAPlxgzO/gT0CZTcaSYwOiKaQvzJjRG4mNgrRn538h82037wIDAQAB
o4ID0TCCA80wHQYDVR0OBBYEFCOcqsPUWeMfubXOl1pWAWCWKI+CMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvSTV5cXc5Ulo0eC01dGM2WFdsWUJZSllvajRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIB5QYIKwYBBQUHAQcBAf8EggHUMIIB0DCCAcwEAgABMIIB
xAMEAh+qZAMEACUgYwMEAC1a7gMEAS2DhAMEAi2JoAMEAi2TaAMEAi2TdAMEAi2f
TAMEAD5qVwMEAlEV5AMEAlVzwAMEAliHQAMEAVvrKAMEAFvu7wMEAVw8IgMEAl1c
5AMEAF29eAMEAF29ewMEAl/WkAMEAG3mwgMEAG3m+gMEArlbbAMEArlpDAMEArlp
6AMEArlqfAMEArlrmAMEArl2NAMEArl3MAMEArmANAMEArmBaAMEAbmWTgMEArmj
qAMEArmj6AMEArmmrAMEArmvmAMEArmwvDAMAwQCubPkAwQCubPoAwQCub1AAwQC
ucQoAwQCucXYAwQCuccsAwQAucc3AwQCucjkAwQCucmYAwQCucrMAwQAucxsAwQC
ucz0AwQCudRUAwQCudgcAwQCudkMAwQCudoQAwQCudzwAwQCud0QAwQCud68AwQC
ud/cAwQCueDcAwQCueIIAwQCueIcAwQCueOwAwQAuePMAwQCueYwAwQCue/8AwQB
ufUgAwQAufcEAwQCwRG0AwQCwSNYAwQAwWlCAwQAwaIPAwQAwiMoAwQCwil0AwQA
w7YNAwQC1FDQAwQC1HMsAwQA1ejoMA0GCSqGSIb3DQEBCwUAA4IBAQCWc5PzJNV/
sd2xn+9QA2nPYHS+rJcxVT77z+epLJwcVGCoVJGGWOiIePkUye1WUDdlEwPBMiyH
d5M0y1PUE0Q8SKCstl9RSjdGTbjVN8wnPFwXrgtKwiA+tDc4KD3r0I/4/xcU/Bwf
vebsJ4+PdSBpWZSYLYu6J7eYu2d0R0iayLbhq1DYbczMPq/2nGDwTVtFRpY9wSBA
Df0WrTpeKFltUFD2C1f+W3xGexUZYuS+VQ1oPW0PInLQubXaKDG2nxnmtEjCQigR
NUnZ4DvJ6GR1o1llBvVKMUFvZJbuVrPEPNqAnm43uJhAmGlMIP/iDDaIOyG9EGUG
asLiYe4sC69j
-----END CERTIFICATE-----
Generated at Mon May 18 01:44:04 2026 by rpki-client