Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/c68819-2f9e-44ce-8810-51dc2b096def/1/0sAvcyqcXYxf2wjyuN9Lfaq7UCw.roa
File: 0sAvcyqcXYxf2wjyuN9Lfaq7UCw.roa (raw, json)
Hash identifier: 22dquEez5Az+MM8f9+xbwNsQePdF9a34phPtxcdOJWc=
Subject key identifier: D2:C0:2F:73:2A:9C:5D:8C:5F:DB:08:F2:B8:DF:4B:7D:AA:BB:50:2C
Certificate issuer: /CN=4200982284a050d941dbebbd04b5d0c914f635b7
Certificate serial: 019E5E6FAAA5642B763CC3C9DFF3AE6DEDE8
Authority key identifier: 42:00:98:22:84:A0:50:D9:41:DB:EB:BD:04:B5:D0:C9:14:F6:35:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QgCYIoSgUNlB2-u9BLXQyRT2Nbc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/c68819-2f9e-44ce-8810-51dc2b096def/1/0sAvcyqcXYxf2wjyuN9Lfaq7UCw.roa
Signing time: Mon 25 May 2026 09:20:36 +0000
ROA not before: Mon 25 May 2026 09:20:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 200651
IP address blocks: 37.156.68.0/24 maxlen: 24
37.228.128.0/24 maxlen: 24
37.228.129.0/24 maxlen: 24
85.193.77.0/24 maxlen: 24
94.198.190.0/24 maxlen: 24
185.10.68.0/24 maxlen: 24
185.100.84.0/23 maxlen: 23
185.100.84.0/24 maxlen: 24
185.100.85.0/24 maxlen: 24
185.100.86.0/24 maxlen: 24
185.100.87.0/24 maxlen: 24
185.146.232.0/24 maxlen: 24
185.146.233.0/24 maxlen: 24
185.146.234.0/24 maxlen: 24
185.165.168.0/24 maxlen: 24
185.165.169.0/24 maxlen: 24
185.165.170.0/24 maxlen: 24
185.165.171.0/24 maxlen: 24
185.246.188.0/24 maxlen: 24
185.246.189.0/24 maxlen: 24
185.246.190.0/24 maxlen: 24
185.246.191.0/24 maxlen: 24
185.247.224.0/24 maxlen: 24
185.247.225.0/24 maxlen: 24
185.247.226.0/24 maxlen: 24
188.240.231.0/24 maxlen: 24
188.241.54.0/24 maxlen: 24
213.218.160.0/24 maxlen: 24
2a06:1700::/48 maxlen: 48
2a06:1700:1::/48 maxlen: 48
2a06:1700:2::/48 maxlen: 48
2a06:1700:3::/48 maxlen: 48
2a06:1700:4::/48 maxlen: 48
2a06:1700:100::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/c68819-2f9e-44ce-8810-51dc2b096def/1/QgCYIoSgUNlB2-u9BLXQyRT2Nbc.crl
rsync://rpki.ripe.net/repository/DEFAULT/e1/c68819-2f9e-44ce-8810-51dc2b096def/1/QgCYIoSgUNlB2-u9BLXQyRT2Nbc.mft
rsync://rpki.ripe.net/repository/DEFAULT/QgCYIoSgUNlB2-u9BLXQyRT2Nbc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jun 2026 15:01:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:5e:6f:aa:a5:64:2b:76:3c:c3:c9:df:f3:ae:6d:ed:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4200982284a050d941dbebbd04b5d0c914f635b7
Validity
Not Before: May 25 09:20:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d2c02f732a9c5d8c5fdb08f2b8df4b7daabb502c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:bf:e0:5b:e6:65:c3:d7:55:40:19:3c:df:2c:
c9:89:95:fe:b1:0c:01:90:8e:5d:e5:1f:ff:03:51:
0f:5b:ea:d4:f5:76:11:f2:7d:6d:ac:e2:69:bc:bf:
61:13:43:c9:39:b7:25:a3:11:a0:f7:8c:25:d7:84:
90:25:23:3a:9b:2b:d9:9c:08:c3:f9:16:53:a2:31:
d8:95:10:32:0c:47:a7:df:0b:76:c1:af:a9:c5:48:
30:d2:ab:7c:4d:13:c1:0f:7e:71:9c:24:80:24:10:
52:96:1f:0b:e8:6c:bc:78:6c:92:42:19:47:0f:8b:
1a:83:d7:54:74:69:9d:42:29:81:20:ac:eb:cf:de:
06:af:79:6d:21:26:b0:d1:65:35:37:72:fc:b1:fc:
e1:9d:9c:9f:8a:65:3c:5b:e9:1c:da:08:14:89:81:
85:92:5d:4e:58:4e:b4:9d:96:8b:6d:c2:27:85:76:
85:a4:b3:82:7a:c8:89:5d:19:4c:79:60:8d:e7:2b:
26:78:ad:5f:85:48:c1:26:88:89:0f:c4:5d:ef:c3:
79:40:70:59:ea:e6:e7:e3:5e:bc:40:0a:23:f8:ed:
09:6b:50:c2:48:42:fa:ad:7e:46:ec:34:b1:52:e3:
5d:53:95:88:e8:0c:54:d8:85:83:3b:8a:61:28:55:
fe:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:C0:2F:73:2A:9C:5D:8C:5F:DB:08:F2:B8:DF:4B:7D:AA:BB:50:2C
X509v3 Authority Key Identifier:
keyid:42:00:98:22:84:A0:50:D9:41:DB:EB:BD:04:B5:D0:C9:14:F6:35:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QgCYIoSgUNlB2-u9BLXQyRT2Nbc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/c68819-2f9e-44ce-8810-51dc2b096def/1/0sAvcyqcXYxf2wjyuN9Lfaq7UCw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/c68819-2f9e-44ce-8810-51dc2b096def/1/QgCYIoSgUNlB2-u9BLXQyRT2Nbc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.156.68.0/24
37.228.128.0/23
85.193.77.0/24
94.198.190.0/24
185.10.68.0/24
185.100.84.0/22
185.146.232.0-185.146.234.255
185.165.168.0/22
185.246.188.0/22
185.247.224.0-185.247.226.255
188.240.231.0/24
188.241.54.0/24
213.218.160.0/24
IPv6:
2a06:1700::-2a06:1700:4:ffff:ffff:ffff:ffff:ffff
2a06:1700:100::/48
Signature Algorithm: sha256WithRSAEncryption
c9:1b:7e:97:20:7f:de:1c:ae:c5:d6:f2:87:de:62:0c:ae:dd:
eb:f8:56:0e:51:2a:82:2d:d4:c8:dc:7c:43:28:65:0c:4e:e0:
bf:f9:19:bc:43:66:df:4a:44:7c:cb:9b:59:2a:8b:e2:a6:83:
2a:3e:89:7a:fb:34:af:40:d7:4f:0b:80:32:51:94:2b:ab:c8:
d3:b5:bd:35:2e:cc:2e:ff:31:57:5d:c2:94:91:5b:a5:61:5f:
a8:f0:5b:c4:eb:4b:f5:68:b1:e0:98:36:fb:d6:84:73:54:aa:
22:f2:4a:57:fa:3f:ab:f8:91:3c:f5:4c:7a:c4:80:98:c8:c8:
d4:b3:ba:78:d1:ac:b3:4a:30:70:76:3e:4a:23:6f:ed:29:ed:
2b:70:ad:a8:2c:cf:e4:a9:c1:39:2c:7f:2a:f0:02:7d:c9:99:
e8:0d:f3:3c:a2:de:ac:a2:e8:3a:65:4d:5c:67:14:73:f6:24:
4f:92:be:f7:34:61:4f:0e:16:a7:e7:33:fc:41:a0:c9:11:7b:
3a:d0:12:9b:44:e3:38:a3:ef:94:9b:72:49:bf:a8:fd:e5:83:
66:6a:ac:a3:dc:e3:82:e6:36:df:ed:24:59:38:13:0e:f3:e2:
c6:c8:85:74:15:3f:45:2c:f1:a2:8c:cd:71:b6:8d:c9:bb:12:
a1:fb:f1:69
-----BEGIN CERTIFICATE-----
MIIFejCCBGKgAwIBAgISAZ5eb6qlZCt2PMPJ3/Oube3oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyMDA5ODIyODRhMDUwZDk0MWRiZWJiZDA0YjVkMGM5MTRm
NjM1YjcwHhcNMjYwNTI1MDkyMDM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmMwMmY3MzJhOWM1ZDhjNWZkYjA4ZjJiOGRmNGI3ZGFhYmI1MDJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsr/gW+Zlw9dVQBk83yzJiZX+sQwB
kI5d5R//A1EPW+rU9XYR8n1trOJpvL9hE0PJObcloxGg94wl14SQJSM6myvZnAjD
+RZTojHYlRAyDEen3wt2wa+pxUgw0qt8TRPBD35xnCSAJBBSlh8L6Gy8eGySQhlH
D4sag9dUdGmdQimBIKzrz94Gr3ltISaw0WU1N3L8sfzhnZyfimU8W+kc2ggUiYGF
kl1OWE60nZaLbcInhXaFpLOCesiJXRlMeWCN5ysmeK1fhUjBJoiJD8Rd78N5QHBZ
6ubn4168QAoj+O0Ja1DCSEL6rX5G7DSxUuNdU5WI6AxU2IWDO4phKFX+5QIDAQAB
o4IChjCCAoIwHQYDVR0OBBYEFNLAL3MqnF2MX9sI8rjfS32qu1AsMB8GA1UdIwQY
MBaAFEIAmCKEoFDZQdvrvQS10MkU9jW3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWdDWUlvU2dVTmxCMi11OUJMWFF5UlQyTmJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9jNjg4MTktMmY5ZS00NGNlLTg4MTAt
NTFkYzJiMDk2ZGVmLzEvMHNBdmN5cWNYWXhmMndqeXVOOUxmYXE3VUN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9jNjg4MTktMmY5ZS00NGNlLTg4MTAtNTFkYzJiMDk2ZGVm
LzEvUWdDWUlvU2dVTmxCMi11OUJMWFF5UlQyTmJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGbBggrBgEFBQcBBwEB/wSBizCBiDBkBAIAATBeAwQAJZxE
AwQBJeSAAwQAVcFNAwQAXsa+AwQAuQpEAwQCuWRUMAwDBAO5kugDBAC5kuoDBAK5
pagDBAK59rwwDAMEBbn34AMEALn34gMEALzw5wMEALzxNgMEANXaoDAgBAIAAjAa
MA8DBAAqBhcDBwAqBhcAAAQDBwAqBhcAAQAwDQYJKoZIhvcNAQELBQADggEBAMkb
fpcgf94crsXW8ofeYgyu3ev4Vg5RKoIt1MjcfEMoZQxO4L/5GbxDZt9KRHzLm1kq
i+Kmgyo+iXr7NK9A108LgDJRlCuryNO1vTUuzC7/MVddwpSRW6VhX6jwW8TrS/Vo
seCYNvvWhHNUqiLySlf6P6v4kTz1THrEgJjIyNSzunjRrLNKMHB2Pkojb+0p7Stw
ragsz+SpwTksfyrwAn3JmegN8zyi3qyi6DplTVxnFHP2JE+Svvc0YU8OFqfnM/xB
oMkRezrQEptE4zij75Sbckm/qP3lg2ZqrKPc44LmNt/tJFk4Ew7z4sbIhXQVP0Us
8aKMzXG2jcm7EqH78Wk=
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:25:04 2026 by rpki-client