Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/2e2747-ad74-4d31-9256-d35edb9fdd21/1/l6NuNn6eao4iqoazsoALmjkl7IA.roa
File: l6NuNn6eao4iqoazsoALmjkl7IA.roa (raw, json)
Hash identifier: dT9eiz7PQMF0UUElw+4pdl99uVOvX+3VR6IIMdbSZ9k=
Subject key identifier: 97:A3:6E:36:7E:9E:6A:8E:22:AA:86:B3:B2:80:0B:9A:39:25:EC:80
Certificate issuer: /CN=f48b3f0c6a87c045bdcffabd900db8892be702e1
Certificate serial: 019D8B4E56251A376ED4C6701571617071CD
Authority key identifier: F4:8B:3F:0C:6A:87:C0:45:BD:CF:FA:BD:90:0D:B8:89:2B:E7:02:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9Is_DGqHwEW9z_q9kA24iSvnAuE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/2e2747-ad74-4d31-9256-d35edb9fdd21/1/l6NuNn6eao4iqoazsoALmjkl7IA.roa
Signing time: Tue 14 Apr 2026 09:24:20 +0000
ROA not before: Tue 14 Apr 2026 09:24:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 5539
IP address blocks: 82.118.32.0/19 maxlen: 19
82.118.35.0/24 maxlen: 24
185.54.120.0/22 maxlen: 22
185.54.188.0/22 maxlen: 22
185.54.190.0/24 maxlen: 24
185.54.191.0/24 maxlen: 24
193.149.32.0/19 maxlen: 19
194.97.64.0/19 maxlen: 19
194.97.128.0/19 maxlen: 19
194.97.137.0/24 maxlen: 24
195.24.96.0/19 maxlen: 19
195.30.0.0/16 maxlen: 16
195.30.21.0/24 maxlen: 24
195.30.64.0/24 maxlen: 24
195.30.84.0/24 maxlen: 24
195.30.121.0/24 maxlen: 24
195.30.131.0/24 maxlen: 24
2001:608::/32 maxlen: 32
2001:608:804::/48 maxlen: 48
2001:608:e03::/48 maxlen: 48
2001:67c:158c::/48 maxlen: 48
2001:4150::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/26/2e2747-ad74-4d31-9256-d35edb9fdd21/1/9Is_DGqHwEW9z_q9kA24iSvnAuE.crl
rsync://rpki.ripe.net/repository/DEFAULT/26/2e2747-ad74-4d31-9256-d35edb9fdd21/1/9Is_DGqHwEW9z_q9kA24iSvnAuE.mft
rsync://rpki.ripe.net/repository/DEFAULT/9Is_DGqHwEW9z_q9kA24iSvnAuE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:8b:4e:56:25:1a:37:6e:d4:c6:70:15:71:61:70:71:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f48b3f0c6a87c045bdcffabd900db8892be702e1
Validity
Not Before: Apr 14 09:24:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=97a36e367e9e6a8e22aa86b3b2800b9a3925ec80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:71:4d:9b:48:65:0f:5a:b9:72:dd:48:83:0d:
3f:6b:a9:96:fe:8b:f0:9c:e6:46:04:a7:c7:45:62:
62:4d:12:5e:ff:b0:06:57:23:d4:86:71:84:d4:55:
71:09:5a:b9:7c:71:ac:27:97:f7:3c:41:10:e9:02:
68:b1:d7:22:2d:d5:41:94:fd:f6:60:e9:bf:04:40:
39:f6:b2:39:f0:52:71:e7:e3:57:29:23:e9:6f:99:
b1:97:0f:95:ae:68:b1:c1:59:a9:90:bd:d4:6d:c6:
ba:a5:36:e4:c3:fd:47:ad:69:70:ee:25:5e:ed:c9:
b4:24:bc:5d:a2:f9:fd:3a:d3:2a:01:55:06:3f:f1:
f8:52:99:ad:2e:dc:dd:24:15:33:d7:20:bb:b1:ef:
e0:c5:8a:fe:48:78:a1:b6:72:d7:fd:b9:d2:9f:0e:
04:4a:62:65:3c:06:15:48:f1:ea:61:53:a2:b2:9a:
d9:28:b5:8d:8c:f3:ea:ec:12:76:19:6e:5e:1f:18:
e3:7c:32:c3:48:f1:5e:2a:22:c5:c8:87:64:a6:98:
d4:ea:f3:cd:97:4b:41:3f:37:5c:64:d4:e8:c9:21:
5e:5e:b0:46:53:1e:e7:8e:d0:b1:a5:da:f6:66:7b:
58:ad:99:65:1a:5f:95:72:d0:b7:6a:e6:68:c2:e5:
cb:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:A3:6E:36:7E:9E:6A:8E:22:AA:86:B3:B2:80:0B:9A:39:25:EC:80
X509v3 Authority Key Identifier:
keyid:F4:8B:3F:0C:6A:87:C0:45:BD:CF:FA:BD:90:0D:B8:89:2B:E7:02:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9Is_DGqHwEW9z_q9kA24iSvnAuE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/2e2747-ad74-4d31-9256-d35edb9fdd21/1/l6NuNn6eao4iqoazsoALmjkl7IA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/2e2747-ad74-4d31-9256-d35edb9fdd21/1/9Is_DGqHwEW9z_q9kA24iSvnAuE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.118.32.0/19
185.54.120.0/22
185.54.188.0/22
193.149.32.0/19
194.97.64.0/19
194.97.128.0/19
195.24.96.0/19
195.30.0.0/16
IPv6:
2001:608::/32
2001:67c:158c::/48
2001:4150::/32
Signature Algorithm: sha256WithRSAEncryption
3f:aa:01:ff:a6:c4:a5:63:7f:61:6f:0c:58:37:26:d7:34:af:
e8:aa:ec:3a:a8:a5:da:e4:f3:3d:f9:21:d3:af:e1:b4:c0:25:
bd:85:c7:00:bf:23:96:99:44:5d:fd:53:5e:ba:7c:30:7c:b5:
57:c5:ea:46:8f:ac:28:be:3a:f2:97:ae:33:d2:87:27:c9:a6:
6a:a8:eb:dc:9f:f6:b7:3f:2d:2f:ec:43:81:f7:41:a5:1d:91:
a5:17:95:35:26:60:58:72:e0:44:2b:18:b4:3b:91:94:4a:14:
8d:a2:7c:d4:84:88:5e:74:56:55:a2:35:fe:00:28:ef:50:5e:
6c:06:61:d0:57:77:2d:29:4f:ae:76:ac:d7:f0:3f:32:b3:58:
54:01:80:31:e8:13:d8:17:26:86:89:c6:09:6d:c3:77:e1:48:
bd:7f:b1:22:05:89:8e:dd:9f:87:4e:2f:fe:19:c9:0b:02:5e:
44:3d:5b:d4:b5:c2:c8:a8:e8:7d:3e:01:bd:de:4d:49:71:76:
9f:49:d0:d6:67:22:a0:c6:eb:4c:0f:75:ab:d0:e5:75:e4:0a:
bd:ca:d5:13:75:25:79:31:2f:3f:1e:ea:1b:b4:fd:3a:c3:a6:
d8:13:2b:fa:69:f6:4e:50:20:c0:c5:2f:9d:01:18:ad:14:dd:
9a:bc:79:4b
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAZ2LTlYlGjdu1MZwFXFhcHHNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0OGIzZjBjNmE4N2MwNDViZGNmZmFiZDkwMGRiODg5MmJl
NzAyZTEwHhcNMjYwNDE0MDkyNDIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2EzNmUzNjdlOWU2YThlMjJhYTg2YjNiMjgwMGI5YTM5MjVlYzgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArnFNm0hlD1q5ct1Igw0/a6mW/ovw
nOZGBKfHRWJiTRJe/7AGVyPUhnGE1FVxCVq5fHGsJ5f3PEEQ6QJosdciLdVBlP32
YOm/BEA59rI58FJx5+NXKSPpb5mxlw+VrmixwVmpkL3Ubca6pTbkw/1HrWlw7iVe
7cm0JLxdovn9OtMqAVUGP/H4UpmtLtzdJBUz1yC7se/gxYr+SHihtnLX/bnSnw4E
SmJlPAYVSPHqYVOisprZKLWNjPPq7BJ2GW5eHxjjfDLDSPFeKiLFyIdkppjU6vPN
l0tBPzdcZNToySFeXrBGUx7njtCxpdr2ZntYrZllGl+VctC3auZowuXLIQIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFJejbjZ+nmqOIqqGs7KAC5o5JeyAMB8GA1UdIwQY
MBaAFPSLPwxqh8BFvc/6vZANuIkr5wLhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUlzX0RHcUh3RVc5el9xOWtBMjRpU3ZuQXVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8yZTI3NDctYWQ3NC00ZDMxLTkyNTYt
ZDM1ZWRiOWZkZDIxLzEvbDZOdU5uNmVhbzRpcW9henNvQUxtamtsN0lBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8yZTI3NDctYWQ3NC00ZDMxLTkyNTYtZDM1ZWRiOWZkZDIx
LzEvOUlzX0RHcUh3RVc5el9xOWtBMjRpU3ZuQXVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjA1BAIAATAvAwQFUnYgAwQC
uTZ4AwQCuTa8AwQFwZUgAwQFwmFAAwQFwmGAAwQFwxhgAwMAwx4wHQQCAAIwFwMF
ACABBggDBwAgAQZ8FYwDBQAgAUFQMA0GCSqGSIb3DQEBCwUAA4IBAQA/qgH/psSl
Y39hbwxYNybXNK/oquw6qKXa5PM9+SHTr+G0wCW9hccAvyOWmURd/VNeunwwfLVX
xepGj6wovjryl64z0ocnyaZqqOvcn/a3Py0v7EOB90GlHZGlF5U1JmBYcuBEKxi0
O5GUShSNonzUhIhedFZVojX+ACjvUF5sBmHQV3ctKU+udqzX8D8ys1hUAYAx6BPY
FyaGicYJbcN34Ui9f7EiBYmO3Z+HTi/+GckLAl5EPVvUtcLIqOh9PgG93k1JcXaf
SdDWZyKgxutMD3Wr0OV15Aq9ytUTdSV5MS8/HuobtP06w6bYEyv6afZOUCDAxS+d
ARitFN2avHlL
-----END CERTIFICATE-----
Generated at Fri Apr 17 12:43:26 2026 by rpki-client