Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/Ah2ML49P4aAtNvSS35Sd6hTqKio.roa
File: Ah2ML49P4aAtNvSS35Sd6hTqKio.roa (raw, json)
Hash identifier: s72tJyEXR8KDsHfFSIA+Do1QEfQxlwurXdWOU3HUP+E=
Subject key identifier: 02:1D:8C:2F:8F:4F:E1:A0:2D:36:F4:92:DF:94:9D:EA:14:EA:2A:2A
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 019EAC165D7FAE1126319C98A26183D33B38
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/Ah2ML49P4aAtNvSS35Sd6hTqKio.roa
Signing time: Tue 09 Jun 2026 11:13:27 +0000
ROA not before: Tue 09 Jun 2026 11:13:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 215365
IP address blocks: 5.231.118.0/24 maxlen: 24
5.231.119.0/24 maxlen: 24
77.90.15.0/24 maxlen: 24
77.90.52.0/24 maxlen: 24
77.90.60.0/24 maxlen: 24
77.90.61.0/24 maxlen: 24
77.90.63.0/24 maxlen: 24
94.249.186.0/24 maxlen: 24
94.249.187.0/24 maxlen: 24
94.249.188.0/24 maxlen: 24
185.129.84.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:ac:16:5d:7f:ae:11:26:31:9c:98:a2:61:83:d3:3b:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Jun 9 11:13:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=021d8c2f8f4fe1a02d36f492df949dea14ea2a2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:e3:9c:93:30:b5:e8:fd:b8:6a:a7:3c:1d:8c:
9e:ae:3c:97:1d:da:69:24:15:42:13:c1:e4:d0:1a:
bc:c9:2e:f2:60:9c:8c:89:15:44:be:bc:65:06:f6:
1b:1f:aa:8d:2e:4f:6b:75:74:db:fc:83:49:b2:4e:
15:fc:98:34:8a:71:6a:90:7c:f0:9e:db:02:00:04:
ca:0b:45:82:97:0f:d2:84:15:6c:67:4b:73:a1:e5:
be:c5:5b:03:c0:91:ee:75:ba:57:77:bf:95:a1:54:
39:7a:d2:31:2e:93:d3:29:6c:d9:af:f3:81:72:f7:
ae:e9:cb:ce:8e:64:bc:ec:6f:dd:4b:32:40:bc:4d:
9e:b0:ce:13:3b:5f:68:99:6b:39:54:f4:93:52:58:
ec:bf:a6:46:44:0a:cb:4d:6e:fa:0b:b5:32:02:e8:
c4:5e:91:0d:58:1c:66:32:1e:bd:50:11:f6:b1:5a:
a6:bf:58:0e:37:f4:6b:b7:7a:6d:29:3c:60:af:ba:
77:8a:f4:87:d3:37:fb:1e:1a:45:64:a0:de:2a:9b:
71:68:5f:81:5c:de:96:e6:cf:48:4f:33:b0:e3:37:
d7:7f:04:3d:91:22:bc:b7:9c:20:8a:a8:38:12:19:
95:1f:a8:71:d1:1d:d5:5c:54:3b:c7:f3:4b:ab:e6:
75:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:1D:8C:2F:8F:4F:E1:A0:2D:36:F4:92:DF:94:9D:EA:14:EA:2A:2A
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/Ah2ML49P4aAtNvSS35Sd6hTqKio.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.231.118.0/23
77.90.15.0/24
77.90.52.0/24
77.90.60.0/23
77.90.63.0/24
94.249.186.0-94.249.188.255
185.129.84.0/22
Signature Algorithm: sha256WithRSAEncryption
8b:49:38:aa:8c:df:3a:59:a1:23:c3:d3:3c:24:98:e0:65:5a:
2b:1e:69:2d:05:93:98:14:ff:74:08:e8:ed:7f:9e:e9:fa:f6:
ff:09:85:1d:1d:15:fc:73:ed:8c:4d:1d:07:0a:6a:e7:28:f1:
77:6b:4b:c5:e1:d8:72:08:4a:06:78:2b:f5:92:5e:f4:e6:60:
ff:a5:45:06:d4:11:9d:bf:f1:ef:63:37:d2:f9:d4:08:88:a8:
fe:3c:cc:49:93:fe:75:6a:1e:fa:92:f4:c7:6e:62:71:33:63:
0d:b9:f6:1e:2f:07:22:0a:45:50:c8:49:75:5e:d8:a8:33:c5:
1a:77:ab:f3:ce:70:3a:4d:b7:50:28:e3:a9:12:84:9b:72:ee:
5a:80:d6:09:9f:b2:dd:00:f2:d3:b3:6a:1a:2c:82:3b:d9:03:
91:22:90:e4:db:cc:1f:ff:99:2e:ba:bb:1e:66:eb:b4:34:74:
22:7f:65:ab:00:20:e0:78:3d:e1:8b:f0:5e:9d:78:a1:58:91:
15:de:fc:58:a4:d4:55:83:ed:85:90:50:4d:d6:fe:72:ff:db:
bc:bd:60:a2:eb:a3:90:16:46:12:70:8f:cd:30:14:b6:b7:39:
b4:a0:4e:a8:89:41:83:26:68:ad:6a:67:a3:c9:7f:30:04:32:
3c:f0:9e:43
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZ6sFl1/rhEmMZyYomGD0zs4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjYwNjA5MTExMzI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjFkOGMyZjhmNGZlMWEwMmQzNmY0OTJkZjk0OWRlYTE0ZWEyYTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+OckzC16P24aqc8HYyerjyXHdpp
JBVCE8Hk0Bq8yS7yYJyMiRVEvrxlBvYbH6qNLk9rdXTb/INJsk4V/Jg0inFqkHzw
ntsCAATKC0WClw/ShBVsZ0tzoeW+xVsDwJHudbpXd7+VoVQ5etIxLpPTKWzZr/OB
cveu6cvOjmS87G/dSzJAvE2esM4TO19omWs5VPSTUljsv6ZGRArLTW76C7UyAujE
XpENWBxmMh69UBH2sVqmv1gON/Rrt3ptKTxgr7p3ivSH0zf7HhpFZKDeKptxaF+B
XN6W5s9ITzOw4zfXfwQ9kSK8t5wgiqg4EhmVH6hx0R3VXFQ7x/NLq+Z1wwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFAIdjC+PT+GgLTb0kt+UneoU6ioqMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvQWgyTUw0OVA0YUF0TnZTUzM1U2Q2aFRxS2lvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQBBed2AwQA
TVoPAwQATVo0AwQBTVo8AwQATVo/MAwDBAFe+boDBABe+bwDBAK5gVQwDQYJKoZI
hvcNAQELBQADggEBAItJOKqM3zpZoSPD0zwkmOBlWiseaS0Fk5gU/3QI6O1/nun6
9v8JhR0dFfxz7YxNHQcKauco8XdrS8Xh2HIISgZ4K/WSXvTmYP+lRQbUEZ2/8e9j
N9L51AiIqP48zEmT/nVqHvqS9MduYnEzYw259h4vByIKRVDISXVe2KgzxRp3q/PO
cDpNt1Ao46kShJty7lqA1gmfst0A8tOzahosgjvZA5EikOTbzB//mS66ux5m67Q0
dCJ/ZasAIOB4PeGL8F6deKFYkRXe/Fik1FWD7YWQUE3W/nL/27y9YKLro5AWRhJw
j80wFLa3ObSgTqiJQYMmaK1qZ6PJfzAEMjzwnkM=
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:37:25 2026 by rpki-client