Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/kKHv40TosdPxE2LWc5chUzNf03w.roa
File: kKHv40TosdPxE2LWc5chUzNf03w.roa (raw, json)
Hash identifier: x4MF2FyZk7KXoiY41SF2+70eMK73iUPHyklsSaEdR6g=
Subject key identifier: 90:A1:EF:E3:44:E8:B1:D3:F1:13:62:D6:73:97:21:53:33:5F:D3:7C
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 019EBB22AB8690A92E5616324ADC1C112CF7
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/kKHv40TosdPxE2LWc5chUzNf03w.roa
Signing time: Fri 12 Jun 2026 09:21:11 +0000
ROA not before: Fri 12 Jun 2026 09:21:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 50053
IP address blocks: 45.90.236.0/24 maxlen: 24
45.131.135.0/24 maxlen: 24
185.121.13.0/24 maxlen: 24
185.121.14.0/24 maxlen: 24
185.196.41.0/24 maxlen: 24
185.199.158.0/24 maxlen: 24
185.202.207.0/24 maxlen: 24
185.214.108.0/24 maxlen: 24
185.218.17.0/24 maxlen: 24
185.218.19.0/24 maxlen: 24
185.221.23.0/24 maxlen: 24
185.227.144.0/24 maxlen: 24
185.230.67.0/24 maxlen: 24
185.232.204.0/24 maxlen: 24
185.236.24.0/24 maxlen: 24
185.239.141.0/24 maxlen: 24
185.239.142.0/24 maxlen: 24
185.240.121.0/24 maxlen: 24
185.250.181.0/24 maxlen: 24
185.254.158.0/24 maxlen: 24
193.17.182.0/24 maxlen: 24
194.48.140.0/23 maxlen: 24
194.48.143.0/24 maxlen: 24
194.76.168.0/24 maxlen: 24
194.76.172.0/24 maxlen: 24
194.124.210.0/24 maxlen: 24
194.124.211.0/24 maxlen: 24
194.146.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 03:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:bb:22:ab:86:90:a9:2e:56:16:32:4a:dc:1c:11:2c:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jun 12 09:21:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=90a1efe344e8b1d3f11362d673972153335fd37c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:81:50:98:8b:c0:76:7e:c0:bd:bc:c2:33:fd:
c7:9b:17:d9:c7:d8:1d:7b:28:20:52:a7:70:ad:48:
6e:b6:8c:ca:8a:69:d2:06:e3:5d:67:39:d3:24:35:
e5:34:65:4d:d7:60:c8:c0:b8:9d:9e:e4:8b:9d:d9:
b8:06:f6:6e:4d:80:3d:ee:f4:33:a0:26:f3:a1:9d:
e6:0e:66:2a:c3:95:c3:75:68:56:08:5f:12:27:2c:
30:79:54:51:f6:96:ee:37:3e:95:15:5c:e2:b7:d0:
f3:3e:a3:84:4a:39:a7:d4:b5:38:2f:e3:17:a8:ca:
7f:54:70:45:61:94:45:47:ed:31:36:bc:06:5a:7e:
25:6d:2d:f8:5c:2f:16:98:97:e1:4e:c8:d3:ab:53:
8a:b1:5c:93:31:7c:58:0c:43:65:cd:dc:cd:18:3a:
95:08:5b:0e:b1:5b:9a:e7:30:60:21:a5:09:a6:96:
b3:6a:68:05:4c:f6:1d:9b:d6:8e:de:b2:93:4c:a2:
75:44:37:e1:c6:93:52:06:72:2c:c6:96:98:b7:73:
7d:20:ac:9e:b9:be:af:de:f4:cb:9c:22:db:a7:24:
0d:ee:a2:29:c8:43:56:77:12:19:56:26:1d:fa:fc:
e2:e2:a7:d5:98:11:86:04:df:3c:61:13:27:c0:d9:
de:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:A1:EF:E3:44:E8:B1:D3:F1:13:62:D6:73:97:21:53:33:5F:D3:7C
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/kKHv40TosdPxE2LWc5chUzNf03w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.236.0/24
45.131.135.0/24
185.121.13.0-185.121.14.255
185.196.41.0/24
185.199.158.0/24
185.202.207.0/24
185.214.108.0/24
185.218.17.0/24
185.218.19.0/24
185.221.23.0/24
185.227.144.0/24
185.230.67.0/24
185.232.204.0/24
185.236.24.0/24
185.239.141.0-185.239.142.255
185.240.121.0/24
185.250.181.0/24
185.254.158.0/24
193.17.182.0/24
194.48.140.0/23
194.48.143.0/24
194.76.168.0/24
194.76.172.0/24
194.124.210.0/23
194.146.223.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:f9:04:77:73:4f:9e:68:a8:ea:e9:f5:d0:66:ad:f9:f7:d3:
2f:0b:7b:d4:3f:a6:8f:db:da:81:5e:c6:39:b0:5d:61:69:95:
e1:80:97:90:07:2e:c9:7a:f6:6f:5c:68:8b:66:3f:b1:3b:60:
a8:fa:ff:93:1e:9e:36:a5:f6:43:9d:e5:d6:3f:b7:75:6c:e0:
73:aa:4d:4f:4c:49:60:2e:4e:1a:aa:ff:bb:64:c5:a5:7e:3b:
ad:a9:17:57:0d:2c:c7:31:fe:40:4c:ee:fa:65:44:a7:e3:03:
9e:2f:48:b7:70:62:81:f7:34:f4:ad:b2:bc:64:51:51:c2:be:
07:11:bf:01:7a:ce:ba:ee:81:e4:97:f8:78:ee:66:53:88:e5:
fa:c3:36:c9:e7:45:ae:bc:1d:f1:2f:39:2d:2c:2a:ae:82:1e:
32:a0:52:ba:15:f6:10:d1:73:63:4e:ff:15:85:9a:c1:c5:58:
02:6e:c4:96:0f:2e:3a:89:9f:96:3d:be:85:de:c2:3f:dd:52:
db:c4:1f:56:34:c9:57:de:88:c6:81:b5:7c:d9:fb:67:39:9c:
c3:b3:c6:b0:3e:ad:22:1d:b2:94:a2:5e:3c:c8:4c:25:04:9e:
35:9d:4c:3f:b5:99:aa:82:d3:9a:93:ab:8f:64:e0:4b:bb:11:
31:f4:ad:a7
-----BEGIN CERTIFICATE-----
MIIFojCCBIqgAwIBAgISAZ67IquGkKkuVhYyStwcESz3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjYwNjEyMDkyMTExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGExZWZlMzQ0ZThiMWQzZjExMzYyZDY3Mzk3MjE1MzMzNWZkMzdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYFQmIvAdn7AvbzCM/3HmxfZx9gd
eyggUqdwrUhutozKimnSBuNdZznTJDXlNGVN12DIwLidnuSLndm4BvZuTYA97vQz
oCbzoZ3mDmYqw5XDdWhWCF8SJywweVRR9pbuNz6VFVzit9DzPqOESjmn1LU4L+MX
qMp/VHBFYZRFR+0xNrwGWn4lbS34XC8WmJfhTsjTq1OKsVyTMXxYDENlzdzNGDqV
CFsOsVua5zBgIaUJppazamgFTPYdm9aO3rKTTKJ1RDfhxpNSBnIsxpaYt3N9IKye
ub6v3vTLnCLbpyQN7qIpyENWdxIZViYd+vzi4qfVmBGGBN88YRMnwNnetQIDAQAB
o4ICrjCCAqowHQYDVR0OBBYEFJCh7+NE6LHT8RNi1nOXIVMzX9N8MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEva0tIdjQwVG9zZFB4RTJMV2M1Y2hVek5mMDN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHDBggrBgEFBQcBBwEB/wSBszCBsDCBrQQCAAEwgaYDBAAt
WuwDBAAtg4cwDAMEALl5DQMEALl5DgMEALnEKQMEALnHngMEALnKzwMEALnWbAME
ALnaEQMEALnaEwMEALndFwMEALnjkAMEALnmQwMEALnozAMEALnsGDAMAwQAue+N
AwQAue+OAwQAufB5AwQAufq1AwQAuf6eAwQAwRG2AwQBwjCMAwQAwjCPAwQAwkyo
AwQAwkysAwQBwnzSAwQAwpLfMA0GCSqGSIb3DQEBCwUAA4IBAQBv+QR3c0+eaKjq
6fXQZq3599MvC3vUP6aP29qBXsY5sF1haZXhgJeQBy7JevZvXGiLZj+xO2Co+v+T
Hp42pfZDneXWP7d1bOBzqk1PTElgLk4aqv+7ZMWlfjutqRdXDSzHMf5ATO76ZUSn
4wOeL0i3cGKB9zT0rbK8ZFFRwr4HEb8Bes667oHkl/h47mZTiOX6wzbJ50WuvB3x
LzktLCqugh4yoFK6FfYQ0XNjTv8VhZrBxVgCbsSWDy46iZ+WPb6F3sI/3VLbxB9W
NMlX3ojGgbV82ftnOZzDs8awPq0iHbKUol48yEwlBJ41nUw/tZmqgtOak6uPZOBL
uxEx9K2n
-----END CERTIFICATE-----
Generated at Sat Jun 13 12:22:32 2026 by rpki-client