Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/b8d400-e6e8-41ef-ad24-55c3a28e62c3/1/k98iLd2TDTlG_glIE-igNDZPOSo.roa
File: k98iLd2TDTlG_glIE-igNDZPOSo.roa (raw, json)
Hash identifier: yvMqTo9GCkZGR1iREAxYR1dq6wm8k9/GAAEFHuqnC5I=
Subject key identifier: 93:DF:22:2D:DD:93:0D:39:46:FE:09:48:13:E8:A0:34:36:4F:39:2A
Certificate issuer: /CN=660c32996ae12461897222e2d9cc093930927ddd
Certificate serial: 019D86139C9472A50CBBDC8B0A5F33678FC5
Authority key identifier: 66:0C:32:99:6A:E1:24:61:89:72:22:E2:D9:CC:09:39:30:92:7D:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZgwymWrhJGGJciLi2cwJOTCSfd0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/b8d400-e6e8-41ef-ad24-55c3a28e62c3/1/k98iLd2TDTlG_glIE-igNDZPOSo.roa
Signing time: Mon 13 Apr 2026 09:02:05 +0000
ROA not before: Mon 13 Apr 2026 09:02:05 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 198325
IP address blocks: 89.145.184.0/24 maxlen: 24
89.145.185.0/24 maxlen: 24
89.145.186.0/24 maxlen: 24
89.145.187.0/24 maxlen: 24
89.145.188.0/24 maxlen: 24
89.145.189.0/24 maxlen: 24
89.145.190.0/24 maxlen: 24
89.145.191.0/24 maxlen: 24
185.251.32.0/24 maxlen: 24
185.251.33.0/24 maxlen: 24
185.251.34.0/24 maxlen: 24
185.251.35.0/24 maxlen: 24
2a04:6680::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/b8d400-e6e8-41ef-ad24-55c3a28e62c3/1/ZgwymWrhJGGJciLi2cwJOTCSfd0.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/b8d400-e6e8-41ef-ad24-55c3a28e62c3/1/ZgwymWrhJGGJciLi2cwJOTCSfd0.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZgwymWrhJGGJciLi2cwJOTCSfd0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 00:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:86:13:9c:94:72:a5:0c:bb:dc:8b:0a:5f:33:67:8f:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=660c32996ae12461897222e2d9cc093930927ddd
Validity
Not Before: Apr 13 09:02:05 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=93df222ddd930d3946fe094813e8a034364f392a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:28:19:29:c7:34:9b:44:f1:a9:ea:36:38:05:
1f:07:7c:bc:07:1c:02:ee:3e:b0:35:23:9e:ed:4b:
4a:0c:bb:d7:c7:11:a9:bf:d1:4e:56:f5:6c:6b:91:
90:7a:3d:16:61:3a:81:fb:3e:0e:ba:2b:cd:54:c6:
1e:4b:65:6e:a8:7b:da:aa:75:40:e8:68:21:5c:c7:
07:d6:16:3a:e4:e7:63:ec:19:01:0c:35:27:b2:52:
bc:e4:6f:54:7f:12:92:61:54:3e:27:02:88:40:e2:
5d:d9:91:58:76:46:a4:e5:35:e3:c3:df:ea:a5:4e:
bc:16:f7:c2:73:d3:12:51:3f:45:16:09:67:1d:79:
44:b4:7f:6f:db:56:db:42:92:e7:7e:5e:7b:76:72:
7a:d2:49:bf:35:15:0c:cc:cc:c0:7b:88:dd:97:b7:
b6:20:bf:da:5d:c9:dd:44:99:24:87:77:e3:6c:c0:
e7:dd:7a:73:02:6f:4c:bf:71:8e:b0:3b:48:4f:d4:
60:fb:bb:02:52:e1:88:c8:e6:80:5b:a8:43:34:12:
0d:e3:db:d4:39:3a:29:d3:94:de:ac:3f:9b:bb:7f:
41:0c:bb:6f:ec:17:e4:9f:e2:85:23:ff:3f:36:8b:
24:ea:f4:ab:e9:0c:24:a8:f7:68:2b:33:52:4d:27:
84:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:DF:22:2D:DD:93:0D:39:46:FE:09:48:13:E8:A0:34:36:4F:39:2A
X509v3 Authority Key Identifier:
keyid:66:0C:32:99:6A:E1:24:61:89:72:22:E2:D9:CC:09:39:30:92:7D:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZgwymWrhJGGJciLi2cwJOTCSfd0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/b8d400-e6e8-41ef-ad24-55c3a28e62c3/1/k98iLd2TDTlG_glIE-igNDZPOSo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/b8d400-e6e8-41ef-ad24-55c3a28e62c3/1/ZgwymWrhJGGJciLi2cwJOTCSfd0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.145.184.0/21
185.251.32.0/22
IPv6:
2a04:6680::/48
Signature Algorithm: sha256WithRSAEncryption
51:e0:5e:46:67:e8:46:5f:f6:c6:1d:8d:1b:7c:82:67:57:d5:
8e:f7:d9:8b:5a:a1:c9:2c:6e:d1:d1:35:82:4f:06:9e:8f:79:
9f:46:66:a8:f4:5e:ee:2b:0e:a5:21:94:b9:d0:a5:a7:de:c8:
e7:a2:2c:2a:83:d2:23:94:a2:f9:13:04:47:78:9a:60:8b:95:
4e:a2:a5:fa:2e:f9:cb:48:d7:23:a5:02:d5:86:44:bb:38:3c:
de:de:c9:23:91:5a:98:70:61:19:eb:76:31:2a:56:3c:2d:d7:
af:4e:14:bf:41:d2:41:da:42:c8:6b:7c:0e:2c:5e:d2:da:2f:
53:b4:61:0e:c3:9a:c4:fb:69:4e:5c:9e:f2:0a:39:9a:12:15:
27:ff:13:ea:68:25:4a:03:b0:f0:14:5f:c7:bb:71:3a:82:c0:
e9:4b:8d:fa:75:16:52:fc:9e:fc:43:16:b2:5d:6a:d0:07:08:
e9:ad:3e:51:c7:e7:4f:ee:76:e0:c8:f2:b4:f2:20:b3:62:81:
9c:bb:2e:ed:a5:c4:a0:de:a5:76:1e:42:a0:4e:18:ba:d4:67:
72:0b:44:59:b1:7f:7d:4c:9f:9a:16:90:71:f5:6d:1e:24:a6:
92:27:70:c0:8e:0c:da:8e:53:9a:de:d5:4a:af:5f:18:63:12:
0b:66:dd:89
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZ2GE5yUcqUMu9yLCl8zZ4/FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2MGMzMjk5NmFlMTI0NjE4OTcyMjJlMmQ5Y2MwOTM5MzA5
MjdkZGQwHhcNMjYwNDEzMDkwMjA1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2RmMjIyZGRkOTMwZDM5NDZmZTA5NDgxM2U4YTAzNDM2NGYzOTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhSgZKcc0m0Txqeo2OAUfB3y8BxwC
7j6wNSOe7UtKDLvXxxGpv9FOVvVsa5GQej0WYTqB+z4OuivNVMYeS2VuqHvaqnVA
6GghXMcH1hY65Odj7BkBDDUnslK85G9UfxKSYVQ+JwKIQOJd2ZFYdkak5TXjw9/q
pU68FvfCc9MSUT9FFglnHXlEtH9v21bbQpLnfl57dnJ60km/NRUMzMzAe4jdl7e2
IL/aXcndRJkkh3fjbMDn3XpzAm9Mv3GOsDtIT9Rg+7sCUuGIyOaAW6hDNBIN49vU
OTop05TerD+bu39BDLtv7Bfkn+KFI/8/Nosk6vSr6QwkqPdoKzNSTSeEHwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFJPfIi3dkw05Rv4JSBPooDQ2TzkqMB8GA1UdIwQY
MBaAFGYMMplq4SRhiXIi4tnMCTkwkn3dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmd3eW1XcmhKR0dKY2lMaTJjd0pPVENTZmQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9iOGQ0MDAtZTZlOC00MWVmLWFkMjQt
NTVjM2EyOGU2MmMzLzEvazk4aUxkMlREVGxHX2dsSUUtaWdORFpQT1NvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9iOGQ0MDAtZTZlOC00MWVmLWFkMjQtNTVjM2EyOGU2MmMz
LzEvWmd3eW1XcmhKR0dKY2lMaTJjd0pPVENTZmQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQDWZG4AwQC
ufsgMA8EAgACMAkDBwAqBGaAAAAwDQYJKoZIhvcNAQELBQADggEBAFHgXkZn6EZf
9sYdjRt8gmdX1Y732YtaocksbtHRNYJPBp6PeZ9GZqj0Xu4rDqUhlLnQpafeyOei
LCqD0iOUovkTBEd4mmCLlU6ipfou+ctI1yOlAtWGRLs4PN7eySORWphwYRnrdjEq
Vjwt169OFL9B0kHaQshrfA4sXtLaL1O0YQ7DmsT7aU5cnvIKOZoSFSf/E+poJUoD
sPAUX8e7cTqCwOlLjfp1FlL8nvxDFrJdatAHCOmtPlHH50/uduDI8rTyILNigZy7
Lu2lxKDepXYeQqBOGLrUZ3ILRFmxf31Mn5oWkHH1bR4kppIncMCODNqOU5re1Uqv
XxhjEgtm3Yk=
-----END CERTIFICATE-----
Generated at Sun Apr 19 10:14:01 2026 by rpki-client