Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/edea6e-66cc-4fb1-a454-fe837f98e026/1/KLAohmmOdRFjUwJR_1K60B9NrTA.roa
File: KLAohmmOdRFjUwJR_1K60B9NrTA.roa (raw, json)
Hash identifier: uPvV2ZIUkjKsg9aiUSSypsOe8FFLFkq7ZmliulgoZ7c=
Subject key identifier: 28:B0:28:86:69:8E:75:11:63:53:02:51:FF:52:BA:D0:1F:4D:AD:30
Certificate issuer: /CN=63444210ea08ac529878d51917e3b30054d620d1
Certificate serial: 019BFEC3515029ECFB981F231F4B786D535C
Authority key identifier: 63:44:42:10:EA:08:AC:52:98:78:D5:19:17:E3:B3:00:54:D6:20:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y0RCEOoIrFKYeNUZF-OzAFTWINE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/edea6e-66cc-4fb1-a454-fe837f98e026/1/KLAohmmOdRFjUwJR_1K60B9NrTA.roa
Signing time: Tue 27 Jan 2026 09:22:51 +0000
ROA not before: Tue 27 Jan 2026 09:22:51 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 30722
IP address blocks: 2.32.0.0/16 maxlen: 20
2.33.0.0/17 maxlen: 17
2.33.128.0/17 maxlen: 17
2.33.176.0/20 maxlen: 20
2.34.0.0/15 maxlen: 20
2.36.0.0/14 maxlen: 18
2.40.0.0/16 maxlen: 20
2.41.0.0/16 maxlen: 16
2.42.0.0/16 maxlen: 20
2.43.0.0/16 maxlen: 16
2.44.0.0/16 maxlen: 19
2.45.0.0/16 maxlen: 20
2.46.0.0/15 maxlen: 20
5.88.0.0/13 maxlen: 20
31.26.0.0/16 maxlen: 16
31.27.0.0/18 maxlen: 18
31.27.96.0/20 maxlen: 20
31.27.128.0/17 maxlen: 19
31.27.192.0/19 maxlen: 19
31.27.224.0/19 maxlen: 19
31.156.0.0/14 maxlen: 19
37.116.0.0/16 maxlen: 19
37.117.0.0/16 maxlen: 19
37.118.0.0/16 maxlen: 16
37.119.0.0/17 maxlen: 19
37.119.128.0/17 maxlen: 20
37.159.0.0/17 maxlen: 17
37.159.128.0/17 maxlen: 20
37.176.0.0/13 maxlen: 20
47.53.0.0/16 maxlen: 16
47.53.32.0/19 maxlen: 19
47.53.64.0/19 maxlen: 19
47.53.128.0/19 maxlen: 19
47.53.160.0/19 maxlen: 19
47.53.208.0/20 maxlen: 20
83.224.64.0/20 maxlen: 20
83.224.80.0/24 maxlen: 24
83.224.81.0/24 maxlen: 24
83.224.86.0/23 maxlen: 23
83.224.128.0/17 maxlen: 17
83.225.0.0/16 maxlen: 16
91.80.0.0/19 maxlen: 19
91.80.32.0/21 maxlen: 21
91.80.46.0/24 maxlen: 24
91.80.48.0/20 maxlen: 24
91.80.64.0/18 maxlen: 18
91.80.128.0/17 maxlen: 17
91.81.0.0/17 maxlen: 19
91.81.128.0/17 maxlen: 24
93.64.0.0/16 maxlen: 18
93.65.0.0/16 maxlen: 18
93.66.0.0/15 maxlen: 17
93.68.0.0/16 maxlen: 16
93.69.0.0/16 maxlen: 16
93.70.0.0/16 maxlen: 18
93.71.0.0/16 maxlen: 18
93.144.0.0/16 maxlen: 20
93.145.0.0/16 maxlen: 20
93.146.0.0/16 maxlen: 20
93.147.0.0/16 maxlen: 20
93.148.0.0/16 maxlen: 20
93.149.0.0/16 maxlen: 20
93.150.0.0/16 maxlen: 20
93.151.24.0/22 maxlen: 22
93.151.128.0/17 maxlen: 20
109.112.0.0/15 maxlen: 15
109.114.0.0/15 maxlen: 19
109.115.96.0/19 maxlen: 19
109.115.192.0/19 maxlen: 19
109.115.224.0/19 maxlen: 19
109.116.0.0/15 maxlen: 20
109.118.0.0/16 maxlen: 16
109.119.0.0/16 maxlen: 16
130.0.128.0/18 maxlen: 21
130.25.0.0/16 maxlen: 18
176.242.0.0/15 maxlen: 15
176.244.0.0/14 maxlen: 14
188.152.0.0/17 maxlen: 20
188.152.128.0/17 maxlen: 20
188.153.0.0/16 maxlen: 20
188.216.0.0/15 maxlen: 17
188.218.0.0/15 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:fe:c3:51:50:29:ec:fb:98:1f:23:1f:4b:78:6d:53:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63444210ea08ac529878d51917e3b30054d620d1
Validity
Not Before: Jan 27 09:22:51 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=28b02886698e751163530251ff52bad01f4dad30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:73:ff:81:f7:c3:f6:f0:7e:8c:64:5e:72:6f:
5b:45:b7:64:ea:c6:23:9f:ac:e7:9e:16:cb:c2:37:
e9:c4:13:45:64:14:14:ca:39:25:1e:70:ca:1e:81:
0f:1f:4c:ff:dc:1f:b1:87:1a:b6:f4:6f:2a:3f:8d:
f6:42:e7:5c:7e:64:9d:9f:1a:da:8c:ef:de:53:26:
11:c8:23:41:5a:24:c4:c7:65:4b:5a:03:60:8b:99:
a4:0a:ad:9c:48:aa:c8:70:ee:ed:00:b5:5e:32:0b:
d0:e3:7d:34:eb:82:de:86:72:01:07:ce:96:9a:40:
43:f3:96:06:32:a8:cf:d1:17:58:67:68:6b:4e:b9:
ea:44:b4:48:6b:81:9d:81:72:ca:95:07:50:f5:c0:
6a:98:93:3c:59:31:b5:fa:bc:a1:fd:a9:cf:42:e0:
09:67:7b:20:1b:09:e0:6e:55:f3:82:ca:0e:b3:79:
9e:e7:76:7b:59:2c:fc:4c:43:95:b8:52:19:4b:fd:
99:b7:50:c9:9d:e4:96:d1:c4:de:e5:a9:1d:95:3f:
3d:34:38:10:fc:c3:42:b9:55:cc:84:28:95:75:9e:
52:b9:dd:e8:f0:c6:46:bb:2a:2d:33:1f:1b:b9:84:
f2:e2:29:95:1b:db:65:a2:4c:15:3a:70:16:5b:e9:
d1:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:B0:28:86:69:8E:75:11:63:53:02:51:FF:52:BA:D0:1F:4D:AD:30
X509v3 Authority Key Identifier:
keyid:63:44:42:10:EA:08:AC:52:98:78:D5:19:17:E3:B3:00:54:D6:20:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y0RCEOoIrFKYeNUZF-OzAFTWINE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/edea6e-66cc-4fb1-a454-fe837f98e026/1/KLAohmmOdRFjUwJR_1K60B9NrTA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/edea6e-66cc-4fb1-a454-fe837f98e026/1/Y0RCEOoIrFKYeNUZF-OzAFTWINE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.32.0.0/12
5.88.0.0/13
31.26.0.0-31.27.63.255
31.27.96.0/20
31.27.128.0/17
31.156.0.0/14
37.116.0.0/14
37.159.0.0/16
37.176.0.0/13
47.53.0.0/16
83.224.64.0-83.224.81.255
83.224.86.0/23
83.224.128.0-83.225.255.255
91.80.0.0-91.80.39.255
91.80.46.0/24
91.80.48.0-91.81.255.255
93.64.0.0/13
93.144.0.0-93.150.255.255
93.151.24.0/22
93.151.128.0/17
109.112.0.0/13
130.0.128.0/18
130.25.0.0/16
176.242.0.0-176.247.255.255
188.152.0.0/15
188.216.0.0/14
Signature Algorithm: sha256WithRSAEncryption
12:f0:0b:bf:ab:a0:80:67:99:e2:09:72:4c:68:bb:4a:1f:2c:
0e:0a:79:f7:9d:17:56:25:fe:fd:f5:02:d2:92:ec:3b:ac:42:
99:03:54:d8:37:79:08:62:0e:0c:60:9e:c0:1a:53:53:ee:4e:
62:02:de:cd:b5:08:b4:d5:8b:12:68:0c:88:e2:8a:40:e0:70:
6b:c7:5f:ec:4e:fe:17:ce:8e:4a:44:2b:05:26:08:1f:05:95:
2e:58:41:9c:b5:0f:e1:b3:33:48:db:3d:49:18:3f:4d:d9:e0:
45:6c:15:c1:d7:94:c7:20:9c:85:43:e3:88:23:c6:e5:07:fb:
4d:b2:cd:a1:24:9c:0e:cc:eb:46:06:43:b5:01:0c:d5:dc:9f:
fd:98:84:d4:0d:e0:5d:0e:06:08:a7:c2:62:94:7d:46:ec:30:
ea:b2:77:c0:d0:e4:fe:90:35:08:8a:ed:d4:a0:50:fb:18:2c:
ab:4a:89:f9:df:84:98:7b:c1:30:1b:d8:ab:2c:0c:96:cc:d6:
93:b8:ae:69:a1:99:30:9b:57:9a:f6:d1:06:d7:a0:6f:c2:94:
93:63:72:45:35:c2:21:8b:08:e5:3a:08:1e:35:3d:e2:2f:6a:
9e:11:80:79:4d:25:6d:a5:80:85:f4:da:13:16:2a:76:4a:c1:
c2:e8:ba:2b
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgISAZv+w1FQKez7mB8jH0t4bVNcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzNDQ0MjEwZWEwOGFjNTI5ODc4ZDUxOTE3ZTNiMzAwNTRk
NjIwZDEwHhcNMjYwMTI3MDkyMjUxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGIwMjg4NjY5OGU3NTExNjM1MzAyNTFmZjUyYmFkMDFmNGRhZDMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlXP/gffD9vB+jGRecm9bRbdk6sYj
n6znnhbLwjfpxBNFZBQUyjklHnDKHoEPH0z/3B+xhxq29G8qP432QudcfmSdnxra
jO/eUyYRyCNBWiTEx2VLWgNgi5mkCq2cSKrIcO7tALVeMgvQ430064LehnIBB86W
mkBD85YGMqjP0RdYZ2hrTrnqRLRIa4GdgXLKlQdQ9cBqmJM8WTG1+ryh/anPQuAJ
Z3sgGwngblXzgsoOs3me53Z7WSz8TEOVuFIZS/2Zt1DJneSW0cTe5akdlT89NDgQ
/MNCuVXMhCiVdZ5Sud3o8MZGuyotMx8buYTy4imVG9tlokwVOnAWW+nRcQIDAQAB
o4ICyDCCAsQwHQYDVR0OBBYEFCiwKIZpjnURY1MCUf9SutAfTa0wMB8GA1UdIwQY
MBaAFGNEQhDqCKxSmHjVGRfjswBU1iDRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTBSQ0VPb0lyRktZZU5VWkYtT3pBRlRXSU5FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9lZGVhNmUtNjZjYy00ZmIxLWE0NTQt
ZmU4MzdmOThlMDI2LzEvS0xBb2htbU9kUkZqVXdKUl8xSzYwQjlOclRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9lZGVhNmUtNjZjYy00ZmIxLWE0NTQtZmU4MzdmOThlMDI2
LzEvWTBSQ0VPb0lyRktZZU5VWkYtT3pBRlRXSU5FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHdBggrBgEFBQcBBwEB/wSBzTCByjCBxwQCAAEwgcADAwQC
IAMDAwVYMAsDAwEfGgMEBh8bAAMEBB8bYAMEBx8bgAMDAh+cAwMCJXQDAwAlnwMD
AyWwAwMALzUwDAMEBlPgQAMEAVPgUAMEAVPgVjALAwQHU+CAAwMBU+AwCwMDBFtQ
AwQDW1AgAwQAW1AuMAsDBARbUDADAwFbUAMDA11AMAoDAwRdkAMDAF2WAwQCXZcY
AwQHXZeAAwMDbXADBAaCAIADAwCCGTAKAwMBsPIDAwOw8AMDAbyYAwMCvNgwDQYJ
KoZIhvcNAQELBQADggEBABLwC7+roIBnmeIJckxou0ofLA4KefedF1Yl/v31AtKS
7DusQpkDVNg3eQhiDgxgnsAaU1PuTmIC3s21CLTVixJoDIjiikDgcGvHX+xO/hfO
jkpEKwUmCB8FlS5YQZy1D+GzM0jbPUkYP03Z4EVsFcHXlMcgnIVD44gjxuUH+02y
zaEknA7M60YGQ7UBDNXcn/2YhNQN4F0OBginwmKUfUbsMOqyd8DQ5P6QNQiK7dSg
UPsYLKtKifnfhJh7wTAb2KssDJbM1pO4rmmhmTCbV5r20QbXoG/ClJNjckU1wiGL
COU6CB41PeIvap4RgHlNJW2lgIX02hMWKnZKwcLouis=
-----END CERTIFICATE-----
Generated at Mon Mar 2 03:57:10 2026 by rpki-client