Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/IrT1izJjsi0TfCcq2lqIbiIQJHI.roa
File: IrT1izJjsi0TfCcq2lqIbiIQJHI.roa (raw, json)
Hash identifier: XIoNtYAb0+rc5ayEFBobv3HeFMAQ6TE3neU0MVac3gs=
Subject key identifier: 22:B4:F5:8B:32:63:B2:2D:13:7C:27:2A:DA:5A:88:6E:22:10:24:72
Certificate issuer: /CN=01c38a06a39b20b8da40009237d76acdd28e71a5
Certificate serial: 019E83B3A0CC34914DFE4985A92DD085FBD3
Authority key identifier: 01:C3:8A:06:A3:9B:20:B8:DA:40:00:92:37:D7:6A:CD:D2:8E:71:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AcOKBqObILjaQACSN9dqzdKOcaU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/IrT1izJjsi0TfCcq2lqIbiIQJHI.roa
Signing time: Mon 01 Jun 2026 15:00:47 +0000
ROA not before: Mon 01 Jun 2026 15:00:47 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 16839
IP address blocks: 37.98.232.0/21 maxlen: 24
37.98.232.0/22 maxlen: 24
37.98.232.0/23 maxlen: 23
37.98.232.0/24 maxlen: 24
37.98.233.0/24 maxlen: 24
37.98.234.0/23 maxlen: 23
37.98.234.0/24 maxlen: 24
37.98.235.0/24 maxlen: 24
37.98.236.0/22 maxlen: 24
37.98.236.0/23 maxlen: 23
37.98.236.0/24 maxlen: 24
37.98.237.0/24 maxlen: 24
37.98.238.0/23 maxlen: 23
37.98.238.0/24 maxlen: 24
37.98.239.0/24 maxlen: 24
136.242.128.0/17 maxlen: 17
138.12.128.0/17 maxlen: 17
138.12.128.0/24 maxlen: 24
138.12.129.0/24 maxlen: 24
148.139.0.0/16 maxlen: 16
148.139.0.0/24 maxlen: 24
148.139.1.0/24 maxlen: 24
148.139.2.0/24 maxlen: 24
148.139.3.0/24 maxlen: 24
148.139.4.0/22 maxlen: 24
148.139.8.0/22 maxlen: 24
148.139.12.0/22 maxlen: 24
148.139.16.0/22 maxlen: 24
148.139.28.0/24 maxlen: 24
148.139.29.0/24 maxlen: 24
148.139.30.0/24 maxlen: 24
148.139.32.0/20 maxlen: 24
148.139.48.0/20 maxlen: 24
148.139.64.0/20 maxlen: 24
148.139.80.0/20 maxlen: 24
148.139.96.0/22 maxlen: 24
148.139.100.0/22 maxlen: 24
148.139.104.0/24 maxlen: 24
148.139.105.0/24 maxlen: 24
148.139.108.0/22 maxlen: 24
148.139.112.0/22 maxlen: 24
148.139.116.0/22 maxlen: 24
148.139.120.0/22 maxlen: 24
148.139.124.0/24 maxlen: 24
148.139.125.0/24 maxlen: 24
148.139.136.0/22 maxlen: 24
148.139.140.0/24 maxlen: 24
148.139.141.0/24 maxlen: 24
148.139.142.0/24 maxlen: 24
148.139.143.0/24 maxlen: 24
148.139.144.0/22 maxlen: 24
148.139.144.0/24 maxlen: 24
148.139.148.0/22 maxlen: 24
148.139.152.0/22 maxlen: 24
148.139.156.0/22 maxlen: 24
148.139.160.0/20 maxlen: 24
148.139.176.0/20 maxlen: 24
148.139.192.0/24 maxlen: 24
148.139.193.0/24 maxlen: 24
148.139.194.0/24 maxlen: 24
148.139.195.0/24 maxlen: 24
148.139.196.0/22 maxlen: 24
148.139.200.0/22 maxlen: 24
148.139.214.0/24 maxlen: 24
148.139.215.0/24 maxlen: 24
148.139.224.0/22 maxlen: 24
148.139.228.0/22 maxlen: 24
148.139.232.0/22 maxlen: 24
148.139.236.0/22 maxlen: 24
148.139.240.0/22 maxlen: 24
148.139.244.0/22 maxlen: 24
148.139.248.0/22 maxlen: 24
148.139.252.0/22 maxlen: 24
157.5.128.0/17 maxlen: 24
157.5.128.0/23 maxlen: 24
157.5.130.0/23 maxlen: 24
157.5.132.0/23 maxlen: 24
157.5.134.0/23 maxlen: 24
157.5.136.0/23 maxlen: 24
157.5.138.0/23 maxlen: 24
157.70.0.0/17 maxlen: 17
163.120.128.0/17 maxlen: 17
165.171.0.0/17 maxlen: 17
165.171.0.0/18 maxlen: 24
165.171.0.0/22 maxlen: 24
165.171.0.0/24 maxlen: 24
165.171.64.0/18 maxlen: 24
165.171.64.0/22 maxlen: 24
2a04:37c0::/29 maxlen: 48
2a04:37c0:2000::/47 maxlen: 48
2a04:37c0:3110::/48 maxlen: 48
2a04:37c0:3120::/48 maxlen: 48
2a04:37c0:3510::/48 maxlen: 48
2a04:37c0:3520::/48 maxlen: 48
2a04:37c0:3910::/48 maxlen: 48
2a04:37c0:3920::/48 maxlen: 48
2a04:37c0:4110::/48 maxlen: 48
2a04:37c0:4120::/48 maxlen: 48
2a04:37c0:4410::/48 maxlen: 48
2a04:37c0:4420::/48 maxlen: 48
2a04:37c0:4430::/48 maxlen: 48
2a04:37c0:4910::/48 maxlen: 48
2a04:37c0:4920::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/AcOKBqObILjaQACSN9dqzdKOcaU.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/AcOKBqObILjaQACSN9dqzdKOcaU.mft
rsync://rpki.ripe.net/repository/DEFAULT/AcOKBqObILjaQACSN9dqzdKOcaU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:83:b3:a0:cc:34:91:4d:fe:49:85:a9:2d:d0:85:fb:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01c38a06a39b20b8da40009237d76acdd28e71a5
Validity
Not Before: Jun 1 15:00:47 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=22b4f58b3263b22d137c272ada5a886e22102472
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:d7:26:90:9a:29:b1:50:36:ce:40:3b:b6:26:
f6:5d:8c:bc:76:75:06:ae:c9:fc:23:43:de:dc:60:
d6:af:7c:9f:82:58:39:15:a3:de:1d:0e:0b:a8:a6:
02:1a:2d:30:c9:06:71:bd:f0:10:74:03:a4:5e:a6:
fd:da:29:0d:f9:c5:32:fa:ef:0f:11:0f:9e:0e:84:
0e:ea:bb:fe:31:a7:32:0a:cb:69:58:28:56:a1:91:
22:89:a5:74:1f:45:c9:8a:52:c3:53:70:94:92:bd:
1b:9d:4e:ab:ef:8b:11:1d:2f:5f:dd:f5:01:42:36:
99:24:dd:98:95:ca:f3:d2:23:3c:de:06:db:69:f6:
94:3d:cb:6f:48:ff:d7:a2:f2:28:e2:56:8c:7a:06:
c9:d9:9b:95:5e:9b:7d:23:42:2d:97:db:9f:91:86:
d0:36:8b:20:d7:a3:71:6b:7a:3a:df:ca:c4:b9:6b:
44:d6:8f:b8:b0:53:ec:c9:f1:29:93:55:e8:7c:e8:
5e:8b:03:64:7e:68:b4:fb:9c:89:5f:01:ea:db:df:
c1:79:ce:55:30:6b:a3:cd:16:12:0a:6b:22:6d:67:
a2:7f:06:6b:60:f3:4d:2d:70:a7:23:39:c0:75:fe:
bd:f4:a7:00:43:92:7e:19:01:70:a5:ce:f3:9b:b6:
28:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:B4:F5:8B:32:63:B2:2D:13:7C:27:2A:DA:5A:88:6E:22:10:24:72
X509v3 Authority Key Identifier:
keyid:01:C3:8A:06:A3:9B:20:B8:DA:40:00:92:37:D7:6A:CD:D2:8E:71:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AcOKBqObILjaQACSN9dqzdKOcaU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/IrT1izJjsi0TfCcq2lqIbiIQJHI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/AcOKBqObILjaQACSN9dqzdKOcaU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.98.232.0/21
136.242.128.0/17
138.12.128.0/17
148.139.0.0/16
157.5.128.0/17
157.70.0.0/17
163.120.128.0/17
165.171.0.0/17
IPv6:
2a04:37c0::/29
Signature Algorithm: sha256WithRSAEncryption
2e:12:47:1f:f9:4a:a3:93:58:b5:e2:84:16:fe:ab:52:48:d7:
b0:7a:d2:77:e9:81:8d:5d:d9:84:4d:a2:93:45:73:f4:83:a1:
e4:86:5b:20:cf:ad:eb:4a:dd:d6:26:de:d9:e1:72:95:58:05:
e8:a6:64:03:09:a8:51:a4:3f:7f:86:a0:ea:9b:3f:82:10:98:
86:61:9d:39:94:a6:8b:04:ea:97:91:d6:b5:a4:45:ee:39:f5:
ec:11:aa:88:31:61:38:4a:01:92:55:bb:a6:5b:c2:74:11:98:
24:58:48:09:0f:bb:9f:2b:7f:04:76:70:84:ca:22:4d:e1:90:
20:89:73:6a:ba:c2:18:c4:7f:14:49:ed:b7:03:3d:e4:12:69:
9f:52:7a:6e:28:90:28:bd:b6:45:d9:f3:d3:2d:2a:89:8c:5f:
67:1a:0c:2b:6f:a1:3f:51:3b:5a:bd:24:ee:18:02:ca:d4:0c:
26:dd:41:1a:82:1c:b9:d3:65:e8:77:18:30:5c:86:d3:f9:94:
2d:32:da:90:b2:63:a7:fd:6d:fa:1f:2d:8c:3e:d8:50:d4:e5:
fd:14:24:c0:a4:f5:e4:6f:c5:cc:93:31:db:92:67:0f:95:86:
88:fb:0c:6c:33:5b:f5:3e:f9:09:44:86:7c:59:ad:ad:8c:d3:
6a:13:50:94
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAZ6Ds6DMNJFN/kmFqS3QhfvTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxYzM4YTA2YTM5YjIwYjhkYTQwMDA5MjM3ZDc2YWNkZDI4
ZTcxYTUwHhcNMjYwNjAxMTUwMDQ3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmI0ZjU4YjMyNjNiMjJkMTM3YzI3MmFkYTVhODg2ZTIyMTAyNDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxNcmkJopsVA2zkA7tib2XYy8dnUG
rsn8I0Pe3GDWr3yfglg5FaPeHQ4LqKYCGi0wyQZxvfAQdAOkXqb92ikN+cUy+u8P
EQ+eDoQO6rv+MacyCstpWChWoZEiiaV0H0XJilLDU3CUkr0bnU6r74sRHS9f3fUB
QjaZJN2Ylcrz0iM83gbbafaUPctvSP/XovIo4laMegbJ2ZuVXpt9I0Itl9ufkYbQ
Nosg16Nxa3o638rEuWtE1o+4sFPsyfEpk1XofOheiwNkfmi0+5yJXwHq29/Bec5V
MGujzRYSCmsibWeifwZrYPNNLXCnIznAdf699KcAQ5J+GQFwpc7zm7Yo8QIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFCK09YsyY7ItE3wnKtpaiG4iECRyMB8GA1UdIwQY
MBaAFAHDigajmyC42kAAkjfXas3SjnGlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWNPS0JxT2JJTGphUUFDU045ZHF6ZEtPY2FVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS82YThlNWUtMzliNi00N2UzLWJiYjAt
YjI5ZjEwY2MwMzI4LzEvSXJUMWl6SmpzaTBUZkNjcTJscUliaUlRSkhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS82YThlNWUtMzliNi00N2UzLWJiYjAtYjI5ZjEwY2MwMzI4
LzEvQWNPS0JxT2JJTGphUUFDU045ZHF6ZEtPY2FVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjA1BAIAATAvAwQDJWLoAwQH
iPKAAwQHigyAAwMAlIsDBAedBYADBAedRgADBAejeIADBAelqwAwDQQCAAIwBwMF
AyoEN8AwDQYJKoZIhvcNAQELBQADggEBAC4SRx/5SqOTWLXihBb+q1JI17B60nfp
gY1d2YRNopNFc/SDoeSGWyDPretK3dYm3tnhcpVYBeimZAMJqFGkP3+GoOqbP4IQ
mIZhnTmUposE6peR1rWkRe459ewRqogxYThKAZJVu6ZbwnQRmCRYSAkPu58rfwR2
cITKIk3hkCCJc2q6whjEfxRJ7bcDPeQSaZ9Sem4okCi9tkXZ89MtKomMX2caDCtv
oT9RO1q9JO4YAsrUDCbdQRqCHLnTZeh3GDBchtP5lC0y2pCyY6f9bfofLYw+2FDU
5f0UJMCk9eRvxcyTMduSZw+Vhoj7DGwzW/U++QlEhnxZra2M02oTUJQ=
-----END CERTIFICATE-----
Generated at Sat Jun 13 17:03:43 2026 by rpki-client