Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/Hw8g7GpMMX_GFQsnWUYf0SENblg.roa
File: Hw8g7GpMMX_GFQsnWUYf0SENblg.roa (raw, json)
Hash identifier: 0/FhCnnAOuOR3mNc7TMzjQIJWh1C1iyrgudcdDaAykw=
Subject key identifier: 1F:0F:20:EC:6A:4C:31:7F:C6:15:0B:27:59:46:1F:D1:21:0D:6E:58
Certificate issuer: /CN=aca66a5938af567a9e29b4f76f115607c2b8aa20
Certificate serial: 019EADCD970B96A00AA0B401D522DF0AD772
Authority key identifier: AC:A6:6A:59:38:AF:56:7A:9E:29:B4:F7:6F:11:56:07:C2:B8:AA:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rKZqWTivVnqeKbT3bxFWB8K4qiA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/Hw8g7GpMMX_GFQsnWUYf0SENblg.roa
Signing time: Tue 09 Jun 2026 19:13:12 +0000
ROA not before: Tue 09 Jun 2026 19:13:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 22616
IP address blocks: 137.31.15.0/24 maxlen: 24
137.31.49.0/24 maxlen: 24
137.31.60.0/24 maxlen: 24
137.31.61.0/24 maxlen: 24
137.31.101.0/24 maxlen: 24
137.31.114.0/23 maxlen: 24
147.161.128.0/23 maxlen: 24
159.254.58.0/23 maxlen: 24
159.254.60.0/23 maxlen: 24
159.254.64.0/23 maxlen: 24
159.254.66.0/23 maxlen: 24
159.254.69.0/24 maxlen: 24
159.254.84.0/24 maxlen: 24
159.254.85.0/24 maxlen: 24
159.254.86.0/24 maxlen: 24
159.254.92.0/24 maxlen: 24
159.254.93.0/24 maxlen: 24
159.254.94.0/24 maxlen: 24
159.254.95.0/24 maxlen: 24
159.254.96.0/24 maxlen: 24
159.254.97.0/24 maxlen: 24
159.254.99.0/24 maxlen: 24
159.254.100.0/24 maxlen: 24
159.254.182.0/23 maxlen: 24
159.254.184.0/23 maxlen: 24
159.254.202.0/24 maxlen: 24
159.254.209.0/24 maxlen: 24
159.254.217.0/24 maxlen: 24
159.254.220.0/24 maxlen: 24
159.254.221.0/24 maxlen: 24
159.254.240.0/24 maxlen: 24
159.254.241.0/24 maxlen: 24
164.137.4.0/24 maxlen: 24
164.137.5.0/24 maxlen: 24
164.137.6.0/24 maxlen: 24
164.137.7.0/24 maxlen: 24
164.137.8.0/24 maxlen: 24
164.137.9.0/24 maxlen: 24
164.137.10.0/24 maxlen: 24
164.137.11.0/24 maxlen: 24
164.137.12.0/24 maxlen: 24
164.137.13.0/24 maxlen: 24
164.137.14.0/24 maxlen: 24
164.137.15.0/24 maxlen: 24
164.137.16.0/24 maxlen: 24
164.137.17.0/24 maxlen: 24
164.137.18.0/24 maxlen: 24
164.137.19.0/24 maxlen: 24
164.137.20.0/24 maxlen: 24
164.137.21.0/24 maxlen: 24
164.137.22.0/24 maxlen: 24
164.137.23.0/24 maxlen: 24
164.137.24.0/24 maxlen: 24
164.137.25.0/24 maxlen: 24
164.137.26.0/24 maxlen: 24
164.137.27.0/24 maxlen: 24
164.137.28.0/24 maxlen: 24
164.137.29.0/24 maxlen: 24
164.137.30.0/24 maxlen: 24
164.137.31.0/24 maxlen: 24
164.137.32.0/24 maxlen: 24
164.137.33.0/24 maxlen: 24
164.137.34.0/24 maxlen: 24
164.137.35.0/24 maxlen: 24
164.137.36.0/24 maxlen: 24
164.137.37.0/24 maxlen: 24
164.137.38.0/24 maxlen: 24
164.137.39.0/24 maxlen: 24
164.137.40.0/24 maxlen: 24
164.137.41.0/24 maxlen: 24
164.137.42.0/24 maxlen: 24
164.137.43.0/24 maxlen: 24
164.137.44.0/24 maxlen: 24
164.137.45.0/24 maxlen: 24
164.137.46.0/24 maxlen: 24
164.137.47.0/24 maxlen: 24
164.137.48.0/24 maxlen: 24
164.137.49.0/24 maxlen: 24
164.137.50.0/24 maxlen: 24
164.137.51.0/24 maxlen: 24
164.137.52.0/24 maxlen: 24
164.137.53.0/24 maxlen: 24
220.42.0.0/16 maxlen: 24
220.43.0.0/16 maxlen: 24
2a03:eec0:3212::/48 maxlen: 48
2a03:eec0:321b::/48 maxlen: 48
2a03:eec0:322b::/48 maxlen: 48
2a03:eec0:322c::/48 maxlen: 48
2a03:eec0:322d::/48 maxlen: 48
2a03:eec0:322e::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/rKZqWTivVnqeKbT3bxFWB8K4qiA.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/rKZqWTivVnqeKbT3bxFWB8K4qiA.mft
rsync://rpki.ripe.net/repository/DEFAULT/rKZqWTivVnqeKbT3bxFWB8K4qiA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 04:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:ad:cd:97:0b:96:a0:0a:a0:b4:01:d5:22:df:0a:d7:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aca66a5938af567a9e29b4f76f115607c2b8aa20
Validity
Not Before: Jun 9 19:13:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1f0f20ec6a4c317fc6150b2759461fd1210d6e58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:e1:85:31:78:7d:28:ce:f0:ef:fc:4f:cf:31:
58:8c:59:7d:bc:87:ca:78:29:ba:e4:67:c4:aa:32:
4d:76:d7:18:9c:e2:4e:d7:0e:c6:b3:cc:a6:41:73:
ce:87:6d:42:36:f5:8f:70:a8:1b:89:44:45:ed:b6:
4c:8f:c1:d3:97:89:1f:e5:1b:7a:d5:9c:41:fd:70:
72:ec:8f:17:67:eb:d8:21:fb:68:4f:8a:97:84:a9:
94:56:31:12:e8:7f:aa:08:c8:c2:bf:bb:8e:d8:95:
26:a3:06:d7:48:be:9f:34:d6:47:17:e6:20:be:03:
d1:6e:7b:17:91:6a:a1:8b:70:df:75:d9:94:c4:03:
60:46:97:e7:f4:e5:e9:b3:be:61:38:88:af:fd:c5:
24:25:a6:bc:9c:d2:5b:67:21:99:cb:f0:2d:30:2a:
d8:40:dc:72:b4:8d:54:2d:52:4d:96:88:71:d0:31:
6b:35:cc:77:52:42:9d:b2:66:56:10:00:ea:a2:c6:
d3:73:4e:0e:0a:20:41:84:c1:79:ea:c2:3f:24:88:
63:f6:80:92:f3:34:69:69:3e:4b:ab:0b:7a:9a:3f:
06:64:d7:34:a2:ae:b2:3b:01:51:31:d5:85:a4:cd:
cf:1e:19:e7:f0:7d:4d:7a:ce:64:d6:a5:56:ab:f0:
d7:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:0F:20:EC:6A:4C:31:7F:C6:15:0B:27:59:46:1F:D1:21:0D:6E:58
X509v3 Authority Key Identifier:
keyid:AC:A6:6A:59:38:AF:56:7A:9E:29:B4:F7:6F:11:56:07:C2:B8:AA:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rKZqWTivVnqeKbT3bxFWB8K4qiA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/Hw8g7GpMMX_GFQsnWUYf0SENblg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/rKZqWTivVnqeKbT3bxFWB8K4qiA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
137.31.15.0/24
137.31.49.0/24
137.31.60.0/23
137.31.101.0/24
137.31.114.0/23
147.161.128.0/23
159.254.58.0-159.254.61.255
159.254.64.0/22
159.254.69.0/24
159.254.84.0-159.254.86.255
159.254.92.0-159.254.97.255
159.254.99.0-159.254.100.255
159.254.182.0-159.254.185.255
159.254.202.0/24
159.254.209.0/24
159.254.217.0/24
159.254.220.0/23
159.254.240.0/23
164.137.4.0-164.137.53.255
220.42.0.0/15
IPv6:
2a03:eec0:3212::/48
2a03:eec0:321b::/48
2a03:eec0:322b::-2a03:eec0:322e:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
86:b4:14:c8:27:48:5d:f3:a9:eb:55:a7:cd:85:52:67:85:1d:
35:8a:95:b9:30:b0:0a:a4:5a:10:5c:2e:12:8d:6e:88:6f:60:
5e:3b:59:9f:a3:e8:a7:8d:02:e8:72:05:d1:d8:b9:c0:25:75:
20:f3:f1:c3:77:aa:79:35:66:bb:a8:67:b4:2c:98:5d:38:10:
1b:2a:c4:c3:00:7e:e7:b4:1b:d3:b3:c4:66:eb:9d:3d:68:db:
30:4a:5b:80:14:1d:32:32:f3:6c:5d:35:16:21:00:81:24:84:
8f:0b:85:98:20:ba:4a:e2:86:e9:2e:41:84:e4:52:a6:25:97:
c7:91:67:f5:25:4a:c1:c4:d0:1e:ca:f0:48:d6:4d:36:dd:9a:
40:2b:8a:b4:56:e5:01:5d:e6:c5:a5:23:71:0d:ac:68:f6:08:
e4:08:f2:44:3e:af:4b:56:62:13:6e:c0:16:14:a2:4d:19:3a:
a0:57:fc:90:7d:35:ee:96:39:67:8b:c2:c2:7f:8b:4a:b4:63:
85:f4:b3:cf:18:da:ad:ed:b3:98:19:08:eb:51:29:ce:d7:e5:
f6:28:a7:d2:f1:d0:8a:23:3d:2c:ba:57:55:64:d0:da:3e:74:
bb:f4:aa:31:d5:81:a9:88:e3:a3:39:8b:ad:9a:96:12:f6:04:
b9:0d:90:c3
-----BEGIN CERTIFICATE-----
MIIF0TCCBLmgAwIBAgISAZ6tzZcLlqAKoLQB1SLfCtdyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjYTY2YTU5MzhhZjU2N2E5ZTI5YjRmNzZmMTE1NjA3YzJi
OGFhMjAwHhcNMjYwNjA5MTkxMzEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjBmMjBlYzZhNGMzMTdmYzYxNTBiMjc1OTQ2MWZkMTIxMGQ2ZTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnuGFMXh9KM7w7/xPzzFYjFl9vIfK
eCm65GfEqjJNdtcYnOJO1w7Gs8ymQXPOh21CNvWPcKgbiURF7bZMj8HTl4kf5Rt6
1ZxB/XBy7I8XZ+vYIftoT4qXhKmUVjES6H+qCMjCv7uO2JUmowbXSL6fNNZHF+Yg
vgPRbnsXkWqhi3DfddmUxANgRpfn9OXps75hOIiv/cUkJaa8nNJbZyGZy/AtMCrY
QNxytI1ULVJNlohx0DFrNcx3UkKdsmZWEADqosbTc04OCiBBhMF56sI/JIhj9oCS
8zRpaT5Lqwt6mj8GZNc0oq6yOwFRMdWFpM3PHhnn8H1Nes5k1qVWq/DX0wIDAQAB
o4IC3TCCAtkwHQYDVR0OBBYEFB8PIOxqTDF/xhULJ1lGH9EhDW5YMB8GA1UdIwQY
MBaAFKymalk4r1Z6nim0928RVgfCuKogMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcktacVdUaXZWbnFlS2JUM2J4RldCOEs0cWlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8xNTA4OWItMThkNy00ZmYwLTlkMjgt
YjliNjU0MDJiOTI4LzEvSHc4ZzdHcE1NWF9HRlFzbldVWWYwU0VOYmxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8xNTA4OWItMThkNy00ZmYwLTlkMjgtYjliNjU0MDJiOTI4
LzEvcktacVdUaXZWbnFlS2JUM2J4RldCOEs0cWlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHyBggrBgEFBQcBBwEB/wSB4jCB3zCBrgQCAAEwgacDBACJ
Hw8DBACJHzEDBAGJHzwDBACJH2UDBAGJH3IDBAGToYAwDAMEAZ/+OgMEAZ/+PAME
Ap/+QAMEAJ/+RTAMAwQCn/5UAwQAn/5WMAwDBAKf/lwDBAGf/mAwDAMEAJ/+YwME
AJ/+ZDAMAwQBn/62AwQBn/64AwQAn/7KAwQAn/7RAwQAn/7ZAwQBn/7cAwQBn/7w
MAwDBAKkiQQDBAGkiTQDAwHcKjAsBAIAAjAmAwcAKgPuwDISAwcAKgPuwDIbMBID
BwAqA+7AMisDBwAqA+7AMi4wDQYJKoZIhvcNAQELBQADggEBAIa0FMgnSF3zqetV
p82FUmeFHTWKlbkwsAqkWhBcLhKNbohvYF47WZ+j6KeNAuhyBdHYucAldSDz8cN3
qnk1ZruoZ7QsmF04EBsqxMMAfue0G9OzxGbrnT1o2zBKW4AUHTIy82xdNRYhAIEk
hI8LhZggukrihukuQYTkUqYll8eRZ/UlSsHE0B7K8EjWTTbdmkArirRW5QFd5sWl
I3ENrGj2COQI8kQ+r0tWYhNuwBYUok0ZOqBX/JB9Ne6WOWeLwsJ/i0q0Y4X0s88Y
2q3ts5gZCOtRKc7X5fYop9Lx0IojPSy6V1Vk0No+dLv0qjHVgamI46M5i62alhL2
BLkNkMM=
-----END CERTIFICATE-----
Generated at Sat Jun 13 13:41:17 2026 by rpki-client