Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/f449b3-d8a8-493e-9bd7-e88465c46186/1/iLwUwV6SQ7J7-unfeBw52VXkjW0.roa
File: iLwUwV6SQ7J7-unfeBw52VXkjW0.roa (raw, json)
Hash identifier: g4NICDb7jd72gHqeqqjDKVOLXW3I2EYFnQJg/lawhvc=
Subject key identifier: 88:BC:14:C1:5E:92:43:B2:7B:FA:E9:DF:78:1C:39:D9:55:E4:8D:6D
Certificate issuer: /CN=c27358682df3df8bdc7024507f92ecfc5ae097bb
Certificate serial: 019E3F6C901CB285462DEEDDF35C1D884D9F
Authority key identifier: C2:73:58:68:2D:F3:DF:8B:DC:70:24:50:7F:92:EC:FC:5A:E0:97:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wnNYaC3z34vccCRQf5Ls_Frgl7s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/f449b3-d8a8-493e-9bd7-e88465c46186/1/iLwUwV6SQ7J7-unfeBw52VXkjW0.roa
Signing time: Tue 19 May 2026 08:48:59 +0000
ROA not before: Tue 19 May 2026 08:48:59 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 15703
IP address blocks: 80.247.220.0/24 maxlen: 24
87.233.0.0/16 maxlen: 24
193.28.152.0/24 maxlen: 24
213.193.192.0/21 maxlen: 24
213.193.193.0/24 maxlen: 24
213.193.208.0/21 maxlen: 24
213.193.210.0/24 maxlen: 24
213.193.234.0/24 maxlen: 24
213.193.247.0/24 maxlen: 24
213.239.136.0/24 maxlen: 24
2001:990::/32 maxlen: 32
2001:9a8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2e/f449b3-d8a8-493e-9bd7-e88465c46186/1/wnNYaC3z34vccCRQf5Ls_Frgl7s.crl
rsync://rpki.ripe.net/repository/DEFAULT/2e/f449b3-d8a8-493e-9bd7-e88465c46186/1/wnNYaC3z34vccCRQf5Ls_Frgl7s.mft
rsync://rpki.ripe.net/repository/DEFAULT/wnNYaC3z34vccCRQf5Ls_Frgl7s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:3f:6c:90:1c:b2:85:46:2d:ee:dd:f3:5c:1d:88:4d:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c27358682df3df8bdc7024507f92ecfc5ae097bb
Validity
Not Before: May 19 08:48:59 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=88bc14c15e9243b27bfae9df781c39d955e48d6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:15:7a:a1:42:26:bf:cf:bf:f3:4a:fd:2c:7c:
43:56:ab:62:a3:b6:52:34:e1:ef:55:cf:71:8b:92:
4a:9a:d6:1f:19:92:45:2b:b6:d4:69:0b:09:55:7a:
c1:f0:67:b7:c3:18:f0:b9:1b:d8:08:c1:de:8d:c3:
a8:01:d6:2a:68:57:86:4d:2f:a2:2b:c6:d2:92:e5:
b0:8a:ae:54:ff:93:8c:2b:35:04:91:dc:a2:20:5e:
d1:16:37:b0:b8:e1:b3:33:55:d8:a7:dc:36:33:13:
b5:3a:69:d0:74:01:1e:c1:c7:8e:8e:fc:16:86:c5:
41:f8:e5:dd:d4:a2:7b:7e:5c:7f:f8:a2:88:be:e9:
07:f0:fb:13:37:65:d8:59:ec:be:1e:1f:e2:0f:00:
d0:80:cb:b7:1e:3f:5b:9a:5d:88:8b:cb:5f:bb:0c:
0b:e8:3d:d6:a0:5e:87:40:c6:cc:2b:be:d7:50:7f:
2d:1b:01:a7:88:90:c9:29:97:fc:54:89:d2:18:82:
aa:4b:37:5e:66:b5:67:94:62:0a:27:33:23:c8:ca:
36:74:8e:cb:d7:60:0e:ce:41:78:2d:73:ce:54:70:
3e:74:2c:d7:55:ad:c8:2b:c9:b8:2a:fe:83:40:66:
4c:7f:33:29:f4:49:08:b0:98:2b:aa:bd:a3:02:11:
e0:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:BC:14:C1:5E:92:43:B2:7B:FA:E9:DF:78:1C:39:D9:55:E4:8D:6D
X509v3 Authority Key Identifier:
keyid:C2:73:58:68:2D:F3:DF:8B:DC:70:24:50:7F:92:EC:FC:5A:E0:97:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wnNYaC3z34vccCRQf5Ls_Frgl7s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/f449b3-d8a8-493e-9bd7-e88465c46186/1/iLwUwV6SQ7J7-unfeBw52VXkjW0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/f449b3-d8a8-493e-9bd7-e88465c46186/1/wnNYaC3z34vccCRQf5Ls_Frgl7s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.247.220.0/24
87.233.0.0/16
193.28.152.0/24
213.193.192.0/21
213.193.208.0/21
213.193.234.0/24
213.193.247.0/24
213.239.136.0/24
IPv6:
2001:990::/32
2001:9a8::/32
Signature Algorithm: sha256WithRSAEncryption
73:94:01:db:df:58:46:a5:d5:e4:c6:33:15:35:5d:62:98:3c:
9e:db:e7:86:9c:29:51:9d:90:41:27:d2:ec:96:37:c5:23:2d:
dd:1e:7c:dd:1e:ac:cc:45:61:11:13:ec:47:59:7f:f6:b5:72:
80:90:54:1b:23:d1:12:fb:99:2d:79:6c:7a:97:44:f3:98:69:
6a:52:28:7d:20:5e:f6:32:3f:41:db:92:1b:98:e4:53:a3:19:
b4:71:e4:4b:2f:ab:bb:d1:8b:d5:95:4e:4d:1f:98:98:8c:66:
88:d0:6b:96:fb:24:2d:fb:f6:f3:52:5d:7d:73:06:8e:ac:08:
9b:da:a3:78:b6:2c:80:a5:59:4f:bf:11:9d:16:1c:c4:a4:c5:
11:04:24:bb:2f:a3:f5:e3:26:03:94:cf:3b:c6:bc:47:63:10:
b5:38:f3:2a:1c:1c:4c:64:f8:50:06:5a:1e:a2:aa:b5:35:95:
56:36:75:a3:56:e3:8e:c6:8c:a4:80:5f:c2:bf:8f:89:42:8c:
d0:92:78:b1:c7:ef:e8:7a:b8:44:0a:46:e3:f0:15:7b:bc:09:
9e:4e:17:87:9f:fa:8a:4f:71:ed:de:b5:0c:22:c1:76:b9:3d:
97:31:f2:10:6c:96:61:03:cb:b4:b2:4c:e4:e9:78:b1:e3:47:
25:70:e7:0c
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAZ4/bJAcsoVGLe7d81wdiE2fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzM1ODY4MmRmM2RmOGJkYzcwMjQ1MDdmOTJlY2ZjNWFl
MDk3YmIwHhcNMjYwNTE5MDg0ODU5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGJjMTRjMTVlOTI0M2IyN2JmYWU5ZGY3ODFjMzlkOTU1ZTQ4ZDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtRV6oUImv8+/80r9LHxDVqtio7ZS
NOHvVc9xi5JKmtYfGZJFK7bUaQsJVXrB8Ge3wxjwuRvYCMHejcOoAdYqaFeGTS+i
K8bSkuWwiq5U/5OMKzUEkdyiIF7RFjewuOGzM1XYp9w2MxO1OmnQdAEewceOjvwW
hsVB+OXd1KJ7flx/+KKIvukH8PsTN2XYWey+Hh/iDwDQgMu3Hj9bml2Ii8tfuwwL
6D3WoF6HQMbMK77XUH8tGwGniJDJKZf8VInSGIKqSzdeZrVnlGIKJzMjyMo2dI7L
12AOzkF4LXPOVHA+dCzXVa3IK8m4Kv6DQGZMfzMp9EkIsJgrqr2jAhHgYQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFIi8FMFekkOye/rp33gcOdlV5I1tMB8GA1UdIwQY
MBaAFMJzWGgt89+L3HAkUH+S7Pxa4Je7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25OWWFDM3ozNHZjY0NSUWY1THNfRnJnbDdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9mNDQ5YjMtZDhhOC00OTNlLTliZDct
ZTg4NDY1YzQ2MTg2LzEvaUx3VXdWNlNRN0o3LXVuZmVCdzUyVlhralcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9mNDQ5YjMtZDhhOC00OTNlLTliZDctZTg4NDY1YzQ2MTg2
LzEvd25OWWFDM3ozNHZjY0NSUWY1THNfRnJnbDdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA1BAIAATAvAwQAUPfcAwMA
V+kDBADBHJgDBAPVwcADBAPVwdADBADVweoDBADVwfcDBADV74gwFAQCAAIwDgMF
ACABCZADBQAgAQmoMA0GCSqGSIb3DQEBCwUAA4IBAQBzlAHb31hGpdXkxjMVNV1i
mDye2+eGnClRnZBBJ9LsljfFIy3dHnzdHqzMRWERE+xHWX/2tXKAkFQbI9ES+5kt
eWx6l0TzmGlqUih9IF72Mj9B25IbmORToxm0ceRLL6u70YvVlU5NH5iYjGaI0GuW
+yQt+/bzUl19cwaOrAib2qN4tiyApVlPvxGdFhzEpMURBCS7L6P14yYDlM87xrxH
YxC1OPMqHBxMZPhQBloeoqq1NZVWNnWjVuOOxoykgF/Cv4+JQozQknixx+/oerhE
Ckbj8BV7vAmeTheHn/qKT3Ht3rUMIsF2uT2XMfIQbJZhA8u0skzk6Xix40clcOcM
-----END CERTIFICATE-----
Generated at Sat Jun 13 15:17:12 2026 by rpki-client