Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/pRJy-aOHk3kCIsXTmBXBj7HJjRI.roa
File: pRJy-aOHk3kCIsXTmBXBj7HJjRI.roa (raw, json)
Hash identifier: 8EOzVqeR/fnfN5EnwI+onen8mdr4+VI5B7akaoiWg14=
Subject key identifier: A5:12:72:F9:A3:87:93:79:02:22:C5:D3:98:15:C1:8F:B1:C9:8D:12
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 019D68E4B11138071176703E950EE66F501A
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/pRJy-aOHk3kCIsXTmBXBj7HJjRI.roa
Signing time: Tue 07 Apr 2026 17:01:51 +0000
ROA not before: Tue 07 Apr 2026 17:01:51 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 50053
IP address blocks: 45.90.236.0/24 maxlen: 24
45.131.135.0/24 maxlen: 24
185.121.13.0/24 maxlen: 24
185.121.14.0/24 maxlen: 24
185.196.41.0/24 maxlen: 24
185.199.158.0/24 maxlen: 24
185.202.207.0/24 maxlen: 24
185.218.17.0/24 maxlen: 24
185.218.19.0/24 maxlen: 24
185.227.144.0/24 maxlen: 24
185.230.67.0/24 maxlen: 24
185.232.204.0/24 maxlen: 24
185.236.24.0/24 maxlen: 24
185.239.141.0/24 maxlen: 24
185.239.142.0/24 maxlen: 24
185.250.181.0/24 maxlen: 24
185.254.158.0/24 maxlen: 24
193.17.182.0/24 maxlen: 24
194.48.140.0/23 maxlen: 24
194.48.143.0/24 maxlen: 24
194.76.172.0/24 maxlen: 24
194.124.210.0/24 maxlen: 24
194.124.211.0/24 maxlen: 24
194.146.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 10 Apr 2026 23:01:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:68:e4:b1:11:38:07:11:76:70:3e:95:0e:e6:6f:50:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Apr 7 17:01:51 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a51272f9a38793790222c5d39815c18fb1c98d12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:6a:24:d8:82:83:77:6a:2f:98:d2:e0:4d:9c:
23:5e:f7:e4:04:f3:fb:63:08:08:9c:66:2d:c1:69:
bd:50:29:2d:92:13:95:fd:a6:04:03:46:87:89:be:
64:5a:53:63:3f:84:a1:0f:90:5b:0e:6c:95:7e:aa:
89:96:7f:57:f1:b3:70:37:be:12:07:f1:30:8a:2f:
65:d5:fa:dd:87:7b:02:13:8e:33:d0:28:8b:54:a1:
9c:a1:22:ea:5c:b2:7a:04:85:7a:b4:68:da:23:65:
01:0c:36:f1:8a:26:31:29:d8:2a:56:29:80:80:7b:
dc:52:09:60:05:05:e7:18:bc:89:8f:fb:dd:39:d0:
64:8d:85:0e:61:ac:a6:04:23:80:48:a5:4c:9e:de:
aa:92:38:89:7e:56:73:f4:79:87:96:04:c1:be:52:
22:aa:8f:3c:77:62:b7:d9:46:a1:38:7e:0c:5d:d2:
59:03:30:75:7a:c8:d9:12:a5:ad:ca:21:85:0a:60:
90:46:bf:60:d4:76:31:cf:0e:41:44:7d:8f:b7:5f:
bc:4d:92:c4:a7:96:11:79:6a:8b:55:b4:62:8e:0c:
fc:ee:2f:5c:f3:46:1e:c7:b0:72:6a:9b:87:91:96:
66:39:1e:89:90:f1:1b:1b:f1:d3:9a:ad:bc:45:bf:
50:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:12:72:F9:A3:87:93:79:02:22:C5:D3:98:15:C1:8F:B1:C9:8D:12
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/pRJy-aOHk3kCIsXTmBXBj7HJjRI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.236.0/24
45.131.135.0/24
185.121.13.0-185.121.14.255
185.196.41.0/24
185.199.158.0/24
185.202.207.0/24
185.218.17.0/24
185.218.19.0/24
185.227.144.0/24
185.230.67.0/24
185.232.204.0/24
185.236.24.0/24
185.239.141.0-185.239.142.255
185.250.181.0/24
185.254.158.0/24
193.17.182.0/24
194.48.140.0/23
194.48.143.0/24
194.76.172.0/24
194.124.210.0/23
194.146.223.0/24
Signature Algorithm: sha256WithRSAEncryption
86:94:27:91:75:f6:24:4d:c8:10:e9:c7:3c:38:f7:bd:60:e8:
67:73:4b:bd:a2:d7:62:3b:a0:6e:84:2a:ec:0f:e8:03:a5:b5:
7a:c9:39:c0:06:0a:9c:c7:3f:49:8e:d0:04:13:1e:47:da:d0:
01:ae:71:82:b2:57:13:ff:ef:de:3b:23:86:3a:25:f7:82:5c:
e1:56:a9:bc:ec:43:ac:bb:bd:9e:b0:3a:57:93:ba:d1:f0:6e:
b6:6b:ef:f5:9a:eb:10:20:23:32:9e:6d:fb:04:55:31:78:ef:
1c:c3:4e:f1:1f:5a:b3:db:cf:5b:5d:11:d5:6a:7e:cc:fc:e2:
e0:1e:30:a0:79:78:35:96:2f:bb:55:51:90:4d:f6:b3:5a:52:
99:9c:02:6c:cf:ee:18:7c:8f:27:0b:22:a7:14:ff:23:db:c0:
f1:e1:05:69:34:81:40:78:11:77:b7:9c:73:35:27:b5:69:52:
90:3c:2f:26:77:91:55:08:91:36:20:7c:c0:b0:ef:33:5a:cd:
18:d9:2a:63:8d:65:3e:e1:07:a1:3e:27:bc:0f:79:f7:d0:12:
fc:be:53:d4:9d:59:d7:64:be:40:14:79:23:98:56:32:78:02:
8a:09:a2:20:e2:f7:f7:a7:61:09:21:fd:ff:b6:a3:1d:91:c7:
65:37:a8:96
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgISAZ1o5LEROAcRdnA+lQ7mb1AaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjYwNDA3MTcwMTUxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTEyNzJmOWEzODc5Mzc5MDIyMmM1ZDM5ODE1YzE4ZmIxYzk4ZDEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2ok2IKDd2ovmNLgTZwjXvfkBPP7
YwgInGYtwWm9UCktkhOV/aYEA0aHib5kWlNjP4ShD5BbDmyVfqqJln9X8bNwN74S
B/Ewii9l1frdh3sCE44z0CiLVKGcoSLqXLJ6BIV6tGjaI2UBDDbxiiYxKdgqVimA
gHvcUglgBQXnGLyJj/vdOdBkjYUOYaymBCOASKVMnt6qkjiJflZz9HmHlgTBvlIi
qo88d2K32UahOH4MXdJZAzB1esjZEqWtyiGFCmCQRr9g1HYxzw5BRH2Pt1+8TZLE
p5YReWqLVbRijgz87i9c80Yex7ByapuHkZZmOR6JkPEbG/HTmq28Rb9Q0wIDAQAB
o4ICljCCApIwHQYDVR0OBBYEFKUScvmjh5N5AiLF05gVwY+xyY0SMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvcFJKeS1hT0hrM2tDSXNYVG1CWEJqN0hKalJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGrBggrBgEFBQcBBwEB/wSBmzCBmDCBlQQCAAEwgY4DBAAt
WuwDBAAtg4cwDAMEALl5DQMEALl5DgMEALnEKQMEALnHngMEALnKzwMEALnaEQME
ALnaEwMEALnjkAMEALnmQwMEALnozAMEALnsGDAMAwQAue+NAwQAue+OAwQAufq1
AwQAuf6eAwQAwRG2AwQBwjCMAwQAwjCPAwQAwkysAwQBwnzSAwQAwpLfMA0GCSqG
SIb3DQEBCwUAA4IBAQCGlCeRdfYkTcgQ6cc8OPe9YOhnc0u9otdiO6BuhCrsD+gD
pbV6yTnABgqcxz9JjtAEEx5H2tABrnGCslcT/+/eOyOGOiX3glzhVqm87EOsu72e
sDpXk7rR8G62a+/1musQICMynm37BFUxeO8cw07xH1qz289bXRHVan7M/OLgHjCg
eXg1li+7VVGQTfazWlKZnAJsz+4YfI8nCyKnFP8j28Dx4QVpNIFAeBF3t5xzNSe1
aVKQPC8md5FVCJE2IHzAsO8zWs0Y2SpjjWU+4QehPie8D3n30BL8vlPUnVnXZL5A
FHkjmFYyeAKKCaIg4vf3p2EJIf3/tqMdkcdlN6iW
-----END CERTIFICATE-----
Generated at Fri Apr 10 06:07:19 2026 by rpki-client