Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/b1475d-fcc2-48bb-ae01-c2ba24653f7b/1/iYx6dllKKSyUSDvDJh7paqMBGFQ.roa
File: iYx6dllKKSyUSDvDJh7paqMBGFQ.roa (raw, json)
Hash identifier: s8B/A/3MzmhBC88TjU8jTUVefL3bPgciwZlEMzQISP0=
Subject key identifier: 89:8C:7A:76:59:4A:29:2C:94:48:3B:C3:26:1E:E9:6A:A3:01:18:54
Certificate issuer: /CN=2037512e5355e815acf064603f8ae3f5528a5e3b
Certificate serial: 019EA892174719EC20DE3D23C8C35330502E
Authority key identifier: 20:37:51:2E:53:55:E8:15:AC:F0:64:60:3F:8A:E3:F5:52:8A:5E:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IDdRLlNV6BWs8GRgP4rj9VKKXjs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/b1475d-fcc2-48bb-ae01-c2ba24653f7b/1/iYx6dllKKSyUSDvDJh7paqMBGFQ.roa
Signing time: Mon 08 Jun 2026 18:50:06 +0000
ROA not before: Mon 08 Jun 2026 18:50:06 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 60404
IP address blocks: 5.2.64.0/20 maxlen: 20
5.2.67.0/24 maxlen: 24
5.2.70.0/24 maxlen: 24
5.255.96.0/19 maxlen: 19
88.214.28.0/24 maxlen: 24
88.214.29.0/24 maxlen: 24
88.214.30.0/24 maxlen: 24
88.214.31.0/24 maxlen: 24
103.251.164.0/22 maxlen: 22
103.251.164.0/24 maxlen: 24
103.251.165.0/24 maxlen: 24
103.251.166.0/24 maxlen: 24
103.251.167.0/24 maxlen: 24
150.129.8.0/22 maxlen: 22
150.129.8.0/24 maxlen: 24
150.129.9.0/24 maxlen: 24
150.129.10.0/24 maxlen: 24
185.31.172.0/22 maxlen: 24
192.76.150.0/24 maxlen: 24
192.76.153.0/24 maxlen: 24
192.76.160.0/24 maxlen: 24
192.76.163.0/24 maxlen: 24
2a01:6340::/29 maxlen: 29
2a04:52c0::/32 maxlen: 32
2a04:52c0:1::/48 maxlen: 64
2a04:52c0:138::/48 maxlen: 64
2a04:52c0:139::/48 maxlen: 64
2a04:52c0:140::/48 maxlen: 64
2a04:52c0:141::/48 maxlen: 64
2a04:52c0:142::/48 maxlen: 64
2a04:52c0:1000::/48 maxlen: 64
2a04:52c0:5001::/48 maxlen: 64
2a04:52c0:6000::/36 maxlen: 64
2a04:52c0:7000::/36 maxlen: 64
2a0f:6bc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/46/b1475d-fcc2-48bb-ae01-c2ba24653f7b/1/IDdRLlNV6BWs8GRgP4rj9VKKXjs.crl
rsync://rpki.ripe.net/repository/DEFAULT/46/b1475d-fcc2-48bb-ae01-c2ba24653f7b/1/IDdRLlNV6BWs8GRgP4rj9VKKXjs.mft
rsync://rpki.ripe.net/repository/DEFAULT/IDdRLlNV6BWs8GRgP4rj9VKKXjs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:a8:92:17:47:19:ec:20:de:3d:23:c8:c3:53:30:50:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2037512e5355e815acf064603f8ae3f5528a5e3b
Validity
Not Before: Jun 8 18:50:06 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=898c7a76594a292c94483bc3261ee96aa3011854
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:5d:04:38:d1:e1:30:9d:84:15:84:a1:2a:9f:
82:42:ef:11:97:ae:36:e5:8a:fe:18:8b:4c:9b:4b:
52:1b:eb:16:f4:65:81:02:ed:90:86:b2:59:ee:72:
58:b3:51:13:62:fe:01:96:03:e8:c1:ba:a1:f8:12:
70:a8:db:ea:b4:b2:dc:5a:2d:11:5b:52:e7:56:e4:
59:5b:9c:c3:36:2f:90:9a:71:44:4e:21:45:8d:9d:
92:c2:4f:f9:45:f9:7d:27:7a:14:22:ef:b2:48:ba:
9d:81:7c:a4:e5:af:1f:10:23:88:14:7f:00:3c:b1:
bf:3c:28:00:24:33:a2:32:4a:27:fb:45:82:e3:48:
a2:d3:42:53:66:c0:8f:0a:7c:54:66:c7:8a:e2:77:
1e:91:69:2d:56:3a:02:4e:5f:de:aa:3d:04:be:7c:
9a:3f:4c:87:76:74:01:28:65:37:5d:23:5f:ae:67:
51:ed:bf:26:e7:6b:e1:62:ce:5f:fc:ff:fa:b0:74:
3b:41:73:66:cc:fa:97:e7:e1:f1:85:85:c8:e6:c8:
c6:d0:42:09:70:46:51:ee:44:f9:db:de:28:a8:8c:
a9:57:1d:a7:fa:49:e9:8c:b1:f6:38:53:27:06:a0:
b1:f3:b3:03:45:46:ee:26:61:b2:7d:c4:8b:cb:44:
3d:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:8C:7A:76:59:4A:29:2C:94:48:3B:C3:26:1E:E9:6A:A3:01:18:54
X509v3 Authority Key Identifier:
keyid:20:37:51:2E:53:55:E8:15:AC:F0:64:60:3F:8A:E3:F5:52:8A:5E:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IDdRLlNV6BWs8GRgP4rj9VKKXjs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/b1475d-fcc2-48bb-ae01-c2ba24653f7b/1/iYx6dllKKSyUSDvDJh7paqMBGFQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/b1475d-fcc2-48bb-ae01-c2ba24653f7b/1/IDdRLlNV6BWs8GRgP4rj9VKKXjs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.2.64.0/20
5.255.96.0/19
88.214.28.0/22
103.251.164.0/22
150.129.8.0/22
185.31.172.0/22
192.76.150.0/24
192.76.153.0/24
192.76.160.0/24
192.76.163.0/24
IPv6:
2a01:6340::/29
2a04:52c0::/32
2a0f:6bc0::/29
Signature Algorithm: sha256WithRSAEncryption
22:43:61:cc:c0:7b:7b:98:96:18:13:92:ce:62:3e:d4:5b:f6:
e5:b2:14:03:44:c6:86:f9:e4:bd:c6:2c:9f:8f:78:82:6d:72:
0e:e6:b3:36:0c:e2:f7:d8:65:24:58:e6:51:79:03:b0:a0:86:
0e:36:86:c3:5e:62:3e:b7:26:db:c3:d3:46:8c:85:f6:7f:a0:
88:75:0e:f8:fc:dd:b5:ce:a9:83:19:a8:43:f4:f7:a2:98:79:
28:d5:94:f2:a0:5c:40:ab:9d:36:cf:8b:01:a8:a8:ff:2a:09:
37:1c:45:08:33:c6:97:96:07:75:c1:e9:88:12:c5:30:14:79:
b5:20:d5:cc:57:92:89:1f:b1:ec:b6:fb:46:b8:f2:ed:6a:55:
5d:9c:6e:9f:6e:32:3f:51:2d:8c:43:59:0b:92:b6:85:79:a3:
40:94:2d:5f:5a:79:24:35:d7:70:00:df:d0:1c:a7:6d:45:9c:
69:86:b1:8c:57:80:f9:ae:22:0d:1e:7f:e7:bd:96:af:ec:69:
ab:76:b0:c0:78:eb:76:36:c4:0d:3d:13:e9:ce:8f:7d:26:e4:
4e:20:1d:28:73:b7:2a:d6:7b:5a:3a:00:b2:98:73:a7:3c:11:
0b:9f:dc:0f:d7:a5:82:e3:a2:b7:b9:2e:d8:5c:31:ff:dd:46:
25:1d:6e:65
-----BEGIN CERTIFICATE-----
MIIFUDCCBDigAwIBAgISAZ6okhdHGewg3j0jyMNTMFAuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMzc1MTJlNTM1NWU4MTVhY2YwNjQ2MDNmOGFlM2Y1NTI4
YTVlM2IwHhcNMjYwNjA4MTg1MDA2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OThjN2E3NjU5NGEyOTJjOTQ0ODNiYzMyNjFlZTk2YWEzMDExODU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvF0EONHhMJ2EFYShKp+CQu8Rl642
5Yr+GItMm0tSG+sW9GWBAu2QhrJZ7nJYs1ETYv4BlgPowbqh+BJwqNvqtLLcWi0R
W1LnVuRZW5zDNi+QmnFETiFFjZ2Swk/5Rfl9J3oUIu+ySLqdgXyk5a8fECOIFH8A
PLG/PCgAJDOiMkon+0WC40ii00JTZsCPCnxUZseK4ncekWktVjoCTl/eqj0Evnya
P0yHdnQBKGU3XSNfrmdR7b8m52vhYs5f/P/6sHQ7QXNmzPqX5+HxhYXI5sjG0EIJ
cEZR7kT5294oqIypVx2n+knpjLH2OFMnBqCx87MDRUbuJmGyfcSLy0Q9uQIDAQAB
o4ICXDCCAlgwHQYDVR0OBBYEFImMenZZSikslEg7wyYe6WqjARhUMB8GA1UdIwQY
MBaAFCA3US5TVegVrPBkYD+K4/VSil47MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSURkUkxsTlY2QldzOEdSZ1A0cmo5VktLWGpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni9iMTQ3NWQtZmNjMi00OGJiLWFlMDEt
YzJiYTI0NjUzZjdiLzEvaVl4NmRsbEtLU3lVU0R2REpoN3BhcU1CR0ZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni9iMTQ3NWQtZmNjMi00OGJiLWFlMDEtYzJiYTI0NjUzZjdi
LzEvSURkUkxsTlY2QldzOEdSZ1A0cmo5VktLWGpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHIGCCsGAQUFBwEHAQH/BGMwYTBCBAIAATA8AwQEBQJAAwQF
Bf9gAwQCWNYcAwQCZ/ukAwQCloEIAwQCuR+sAwQAwEyWAwQAwEyZAwQAwEygAwQA
wEyjMBsEAgACMBUDBQMqAWNAAwUAKgRSwAMFAyoPa8AwDQYJKoZIhvcNAQELBQAD
ggEBACJDYczAe3uYlhgTks5iPtRb9uWyFANExob55L3GLJ+PeIJtcg7mszYM4vfY
ZSRY5lF5A7Cghg42hsNeYj63JtvD00aMhfZ/oIh1Dvj83bXOqYMZqEP096KYeSjV
lPKgXECrnTbPiwGoqP8qCTccRQgzxpeWB3XB6YgSxTAUebUg1cxXkokfsey2+0a4
8u1qVV2cbp9uMj9RLYxDWQuStoV5o0CULV9aeSQ113AA39Acp21FnGmGsYxXgPmu
Ig0ef+e9lq/saat2sMB463Y2xA09E+nOj30m5E4gHShztyrWe1o6ALKYc6c8EQuf
3A/XpYLjore5LthcMf/dRiUdbmU=
-----END CERTIFICATE-----
Generated at Sat Jun 13 17:30:00 2026 by rpki-client