Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/_yrUlBlxx-NNZcHATIfQDw9Ot4M.roa
File: _yrUlBlxx-NNZcHATIfQDw9Ot4M.roa (raw, json)
Hash identifier: 8pDKv3QEFZK3O1M91oNtTW4bPFOhWj0YqdFDpf4IzdQ=
Subject key identifier: FF:2A:D4:94:19:71:C7:E3:4D:65:C1:C0:4C:87:D0:0F:0F:4E:B7:83
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 019D7871D967F22D1E289FC6A21A4A9FCC6C
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/_yrUlBlxx-NNZcHATIfQDw9Ot4M.roa
Signing time: Fri 10 Apr 2026 17:30:20 +0000
ROA not before: Fri 10 Apr 2026 17:30:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 2914
IP address blocks: 5.182.28.0/22 maxlen: 22
45.67.117.0/24 maxlen: 24
45.145.176.0/22 maxlen: 22
62.106.83.0/24 maxlen: 24
77.246.242.0/24 maxlen: 24
89.40.161.0/24 maxlen: 24
91.242.68.0/23 maxlen: 24
91.242.70.0/24 maxlen: 24
91.242.73.0/24 maxlen: 24
91.242.74.0/24 maxlen: 24
91.242.82.0/24 maxlen: 24
91.242.105.0/24 maxlen: 24
91.242.124.0/24 maxlen: 24
91.242.126.0/24 maxlen: 24
92.249.25.0/24 maxlen: 24
95.141.251.0/24 maxlen: 24
146.19.228.0/24 maxlen: 24
147.78.20.0/24 maxlen: 24
147.78.21.0/24 maxlen: 24
147.78.22.0/24 maxlen: 24
147.78.23.0/24 maxlen: 24
185.51.120.0/24 maxlen: 24
185.147.48.0/24 maxlen: 24
185.180.145.0/24 maxlen: 24
185.212.11.0/24 maxlen: 24
185.218.184.0/24 maxlen: 24
185.252.193.0/24 maxlen: 24
193.84.26.0/24 maxlen: 24
193.109.82.0/24 maxlen: 24
194.50.200.0/24 maxlen: 24
194.50.201.0/24 maxlen: 24
194.50.206.0/23 maxlen: 24
194.50.206.0/24 maxlen: 24
195.88.146.0/24 maxlen: 24
195.88.147.0/24 maxlen: 24
195.138.103.0/24 maxlen: 24
195.138.104.0/22 maxlen: 24
195.138.107.0/24 maxlen: 24
195.138.111.0/24 maxlen: 24
195.138.114.0/24 maxlen: 24
195.138.120.0/24 maxlen: 24
195.211.48.0/24 maxlen: 24
195.216.248.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.mft
rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:78:71:d9:67:f2:2d:1e:28:9f:c6:a2:1a:4a:9f:cc:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Apr 10 17:30:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ff2ad4941971c7e34d65c1c04c87d00f0f4eb783
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:73:61:35:be:db:6e:ab:81:bd:70:d0:e1:e7:
51:da:20:8a:77:d3:31:25:e9:b2:fa:5b:55:f0:76:
a8:03:4a:c0:7d:aa:a8:c4:dd:1b:8b:ea:98:44:a5:
49:8a:7f:29:e1:e0:80:58:09:fd:3a:de:c8:41:06:
cb:0a:87:72:52:bc:d3:cf:e7:6b:52:93:dd:15:fc:
38:de:2d:28:16:ab:c0:17:5d:3f:82:15:88:14:ea:
6f:19:2e:17:bd:0b:ad:46:30:f6:0d:9c:93:44:b1:
72:cb:e2:b9:cf:b5:83:5b:b6:67:22:2d:4e:52:03:
d9:a8:3d:7d:17:6d:ae:1e:99:50:ed:d8:ff:db:d5:
a1:e2:01:f4:33:ed:ec:c4:43:d7:96:ee:45:d1:32:
a6:ca:6f:b6:ea:f6:74:28:6e:48:26:b2:1f:2b:e6:
11:15:11:94:fb:f5:63:8d:9c:16:37:ab:24:1a:54:
06:24:1f:bb:a1:3f:b0:41:06:b0:b1:f5:b6:a4:67:
aa:3b:ae:28:da:ee:33:ba:a5:d0:2a:f9:30:fd:7b:
be:db:61:0d:3c:e1:c6:8f:92:03:06:eb:7b:4c:f0:
cc:f4:cb:ac:49:89:3c:58:77:1d:c4:d5:27:bf:3b:
27:05:70:10:44:65:4a:ce:75:14:77:7d:07:81:0f:
24:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:2A:D4:94:19:71:C7:E3:4D:65:C1:C0:4C:87:D0:0F:0F:4E:B7:83
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/_yrUlBlxx-NNZcHATIfQDw9Ot4M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.28.0/22
45.67.117.0/24
45.145.176.0/22
62.106.83.0/24
77.246.242.0/24
89.40.161.0/24
91.242.68.0-91.242.70.255
91.242.73.0-91.242.74.255
91.242.82.0/24
91.242.105.0/24
91.242.124.0/24
91.242.126.0/24
92.249.25.0/24
95.141.251.0/24
146.19.228.0/24
147.78.20.0/22
185.51.120.0/24
185.147.48.0/24
185.180.145.0/24
185.212.11.0/24
185.218.184.0/24
185.252.193.0/24
193.84.26.0/24
193.109.82.0/24
194.50.200.0/23
194.50.206.0/23
195.88.146.0/23
195.138.103.0-195.138.107.255
195.138.111.0/24
195.138.114.0/24
195.138.120.0/24
195.211.48.0/24
195.216.248.0/24
Signature Algorithm: sha256WithRSAEncryption
76:8d:a7:ad:e2:4b:69:e5:84:bc:a4:ae:0a:ea:76:3f:85:bd:
62:d0:0a:20:a9:0a:47:f3:08:61:35:82:58:ce:19:8d:eb:48:
b4:ac:9e:46:00:c1:9d:49:e2:8a:4b:7f:1a:d6:62:7e:56:00:
82:70:f8:f5:04:11:25:dc:a5:53:ef:1d:b7:21:f2:ac:06:09:
c1:29:8f:b4:d6:31:7b:f5:6d:0f:69:2d:12:91:c3:5f:ef:23:
57:eb:9a:66:58:8c:47:c4:a8:a5:6a:fa:8e:6f:37:47:46:5f:
7d:f9:d3:0b:9c:f2:28:2a:8b:5b:52:20:5d:43:95:dd:e2:43:
30:1e:6b:36:16:fc:79:a3:b1:b6:d4:c2:f7:8b:2e:f5:1d:68:
ac:94:74:b0:ed:e8:90:c8:c9:8a:b3:4d:71:13:76:a4:b9:77:
42:3d:76:95:39:ab:86:9b:b8:47:52:68:f2:66:49:99:80:b7:
34:db:d9:cb:f2:6a:f1:9d:94:0e:c0:24:e0:78:48:cf:92:7a:
72:45:71:fc:f2:bb:f7:50:ee:32:52:f8:6b:40:f7:ad:b9:88:
4e:74:71:f0:a3:97:4b:1c:96:0a:76:71:21:a4:5b:9c:18:fc:
9a:2a:7a:35:50:21:4e:ad:30:36:53:68:ae:12:12:81:41:c6:
44:2d:59:33
-----BEGIN CERTIFICATE-----
MIIF2jCCBMKgAwIBAgISAZ14cdln8i0eKJ/GohpKn8xsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjYwNDEwMTczMDIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjJhZDQ5NDE5NzFjN2UzNGQ2NWMxYzA0Yzg3ZDAwZjBmNGViNzgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkXNhNb7bbquBvXDQ4edR2iCKd9Mx
Jemy+ltV8HaoA0rAfaqoxN0bi+qYRKVJin8p4eCAWAn9Ot7IQQbLCodyUrzTz+dr
UpPdFfw43i0oFqvAF10/ghWIFOpvGS4XvQutRjD2DZyTRLFyy+K5z7WDW7ZnIi1O
UgPZqD19F22uHplQ7dj/29Wh4gH0M+3sxEPXlu5F0TKmym+26vZ0KG5IJrIfK+YR
FRGU+/VjjZwWN6skGlQGJB+7oT+wQQawsfW2pGeqO64o2u4zuqXQKvkw/Xu+22EN
POHGj5IDBut7TPDM9MusSYk8WHcdxNUnvzsnBXAQRGVKznUUd30HgQ8kUQIDAQAB
o4IC5jCCAuIwHQYDVR0OBBYEFP8q1JQZccfjTWXBwEyH0A8PTreDMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvX3lyVWxCbHh4LU5OWmNIQVRJZlFEdzlPdDRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH7BggrBgEFBQcBBwEB/wSB6zCB6DCB5QQCAAEwgd4DBAIF
thwDBAAtQ3UDBAItkbADBAA+alMDBABN9vIDBABZKKEwDAMEAlvyRAMEAFvyRjAM
AwQAW/JJAwQAW/JKAwQAW/JSAwQAW/JpAwQAW/J8AwQAW/J+AwQAXPkZAwQAX437
AwQAkhPkAwQCk04UAwQAuTN4AwQAuZMwAwQAubSRAwQAudQLAwQAudq4AwQAufzB
AwQAwVQaAwQAwW1SAwQBwjLIAwQBwjLOAwQBw1iSMAwDBADDimcDBALDimgDBADD
im8DBADDinIDBADDingDBADD0zADBADD2PgwDQYJKoZIhvcNAQELBQADggEBAHaN
p63iS2nlhLykrgrqdj+FvWLQCiCpCkfzCGE1gljOGY3rSLSsnkYAwZ1J4opLfxrW
Yn5WAIJw+PUEESXcpVPvHbch8qwGCcEpj7TWMXv1bQ9pLRKRw1/vI1frmmZYjEfE
qKVq+o5vN0dGX3350wuc8igqi1tSIF1Dld3iQzAeazYW/HmjsbbUwveLLvUdaKyU
dLDt6JDIyYqzTXETdqS5d0I9dpU5q4abuEdSaPJmSZmAtzTb2cvyavGdlA7AJOB4
SM+SenJFcfzyu/dQ7jJS+GtA9625iE50cfCjl0sclgp2cSGkW5wY/JoqejVQIU6t
MDZTaK4SEoFBxkQtWTM=
-----END CERTIFICATE-----
Generated at Fri Apr 17 07:02:09 2026 by rpki-client