Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/Kr2xwlCFyWePd9nEnwS4fGx6D90.roa
File: Kr2xwlCFyWePd9nEnwS4fGx6D90.roa (raw, json)
Hash identifier: R+/IKvg4/m5jWEqCad+V3dGDHjnz9/lw+2w/P6KFhG0=
Subject key identifier: 2A:BD:B1:C2:50:85:C9:67:8F:77:D9:C4:9F:04:B8:7C:6C:7A:0F:DD
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 019E20793E48A820FFCD91290629A50557EF
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/Kr2xwlCFyWePd9nEnwS4fGx6D90.roa
Signing time: Wed 13 May 2026 08:34:37 +0000
ROA not before: Wed 13 May 2026 08:34:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212862
IP address blocks: 185.106.124.0/22 maxlen: 24
185.129.104.0/22 maxlen: 24
185.196.40.0/24 maxlen: 24
185.220.240.0/22 maxlen: 24
185.232.8.0/22 maxlen: 24
194.38.56.0/22 maxlen: 24
212.115.44.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 18 May 2026 17:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:20:79:3e:48:a8:20:ff:cd:91:29:06:29:a5:05:57:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: May 13 08:34:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2abdb1c25085c9678f77d9c49f04b87c6c7a0fdd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:4b:77:fa:4c:b9:41:19:95:d3:15:39:bf:5a:
82:50:12:65:6f:09:01:55:e8:08:bb:af:07:4f:83:
fa:da:ac:69:2a:70:6c:0b:1b:45:35:a3:e3:dd:07:
1f:ae:88:a7:24:69:ed:7d:63:3a:99:63:ab:21:28:
61:b1:45:2e:b2:27:7b:bd:50:e5:b2:e5:d1:c5:47:
fd:f0:b8:67:49:ac:1d:de:a3:62:41:f7:a0:a6:52:
25:f3:fc:e4:dc:2a:50:6e:7c:22:38:9d:e9:5f:59:
c6:6b:f4:8d:dd:00:e5:ba:a0:fa:61:ba:33:a9:e2:
68:8f:b6:af:79:2d:35:dc:3b:62:98:d3:a5:92:63:
9d:2d:34:bb:45:a6:8c:64:e4:8b:85:fe:83:85:c5:
45:de:73:95:72:c6:18:72:1a:94:d8:7e:a2:f1:70:
b8:e8:8c:eb:75:5a:bc:4a:b5:6b:0a:46:01:c9:fa:
70:66:76:98:0e:bc:3f:48:e9:54:43:64:a3:97:05:
35:2d:0e:bd:33:f0:b8:58:ea:2b:a5:a4:9b:4b:b1:
87:77:34:e9:b1:3a:cb:f4:35:f6:53:0d:d4:6f:75:
11:b3:d3:71:00:b8:b5:79:3a:97:f7:36:49:74:99:
e3:af:d3:01:e9:6f:75:4e:4d:2a:a6:3b:a3:38:82:
74:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:BD:B1:C2:50:85:C9:67:8F:77:D9:C4:9F:04:B8:7C:6C:7A:0F:DD
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/Kr2xwlCFyWePd9nEnwS4fGx6D90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.106.124.0/22
185.129.104.0/22
185.196.40.0/24
185.220.240.0/22
185.232.8.0/22
194.38.56.0/22
212.115.44.0/22
Signature Algorithm: sha256WithRSAEncryption
06:c8:28:8f:e8:14:a0:22:b0:51:13:5a:99:b3:46:5a:e0:7a:
7a:a5:52:90:12:ea:ca:13:52:e0:a0:3b:da:57:44:8b:bb:7e:
6a:54:a2:c1:61:72:2c:a3:13:c3:4c:ad:3c:4e:38:9d:23:25:
f1:e9:88:cc:8a:62:e8:78:6f:5d:1c:5d:68:6e:9b:27:4b:2a:
96:dd:61:ca:7b:68:5e:d5:8c:da:e2:3d:27:6f:f0:f9:e7:2e:
8e:61:d6:a0:7c:b6:d8:13:f7:87:c6:53:5b:26:af:9e:58:0e:
7d:36:af:fd:1a:1b:0c:d8:94:37:c0:76:a3:b3:35:a1:6d:a0:
1b:02:b5:bb:06:09:a7:2d:14:f2:a8:e3:07:8c:d1:81:87:a8:
67:69:f7:78:e8:4b:46:e3:5d:8e:72:a3:02:0c:ff:45:2f:a4:
60:d5:01:c3:90:54:3c:e1:34:e5:08:69:86:30:00:9a:92:b6:
38:75:2d:de:db:3e:0c:db:e2:9e:e6:64:66:53:be:f4:0e:7b:
ee:57:a9:48:e2:d6:ac:30:0f:2c:66:93:28:ff:61:b8:c4:6c:
fb:4c:4a:bd:5c:8a:71:a2:79:eb:1a:2d:a2:c8:d0:f9:cc:47:
1d:2e:41:e2:1d:7a:2b:7e:6c:c6:c8:c5:90:a6:31:04:df:e4:
f6:f3:4c:43
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZ4geT5IqCD/zZEpBimlBVfvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjYwNTEzMDgzNDM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWJkYjFjMjUwODVjOTY3OGY3N2Q5YzQ5ZjA0Yjg3YzZjN2EwZmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuEt3+ky5QRmV0xU5v1qCUBJlbwkB
VegIu68HT4P62qxpKnBsCxtFNaPj3QcfroinJGntfWM6mWOrIShhsUUusid7vVDl
suXRxUf98LhnSawd3qNiQfegplIl8/zk3CpQbnwiOJ3pX1nGa/SN3QDluqD6Yboz
qeJoj7aveS013DtimNOlkmOdLTS7RaaMZOSLhf6DhcVF3nOVcsYYchqU2H6i8XC4
6IzrdVq8SrVrCkYByfpwZnaYDrw/SOlUQ2SjlwU1LQ69M/C4WOorpaSbS7GHdzTp
sTrL9DX2Uw3Ub3URs9NxALi1eTqX9zZJdJnjr9MB6W91Tk0qpjujOIJ0rwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFCq9scJQhclnj3fZxJ8EuHxseg/dMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvS3IyeHdsQ0Z5V2VQZDluRW53UzRmR3g2RDkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCuWp8AwQC
uYFoAwQAucQoAwQCudzwAwQCuegIAwQCwiY4AwQC1HMsMA0GCSqGSIb3DQEBCwUA
A4IBAQAGyCiP6BSgIrBRE1qZs0Za4Hp6pVKQEurKE1LgoDvaV0SLu35qVKLBYXIs
oxPDTK08TjidIyXx6YjMimLoeG9dHF1obpsnSyqW3WHKe2he1Yza4j0nb/D55y6O
YdagfLbYE/eHxlNbJq+eWA59Nq/9GhsM2JQ3wHajszWhbaAbArW7BgmnLRTyqOMH
jNGBh6hnafd46EtG412OcqMCDP9FL6Rg1QHDkFQ84TTlCGmGMACakrY4dS3e2z4M
2+Ke5mRmU770DnvuV6lI4tasMA8sZpMo/2G4xGz7TEq9XIpxonnrGi2iyND5zEcd
LkHiHXorfmzGyMWQpjEE3+T280xD
-----END CERTIFICATE-----
Generated at Mon May 18 01:43:50 2026 by rpki-client