Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/v0rm7JAWFrDr-tQL6p44_xNGcu4.roa
File: v0rm7JAWFrDr-tQL6p44_xNGcu4.roa (raw, json)
Hash identifier: LVasldFT8mllppPTmEI8e2HsHPomDrXRhtUGEkEi680=
Subject key identifier: BF:4A:E6:EC:90:16:16:B0:EB:FA:D4:0B:EA:9E:38:FF:13:46:72:EE
Certificate issuer: /CN=21021b252222997bfe33b7e4b315ac8d5e067954
Certificate serial: 019D77AFC14243C72AC7153E305FD3597F11
Authority key identifier: 21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/v0rm7JAWFrDr-tQL6p44_xNGcu4.roa
Signing time: Fri 10 Apr 2026 13:58:20 +0000
ROA not before: Fri 10 Apr 2026 13:58:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212238
IP address blocks: 45.117.53.0/24 maxlen: 24
45.123.145.0/24 maxlen: 24
72.63.110.0/23 maxlen: 23
189.81.0.0/23 maxlen: 23
189.81.32.0/23 maxlen: 23
189.81.68.0/23 maxlen: 23
189.81.104.0/23 maxlen: 23
189.81.140.0/23 maxlen: 23
189.81.168.0/23 maxlen: 23
189.81.202.0/23 maxlen: 23
189.81.232.0/23 maxlen: 23
189.104.2.0/23 maxlen: 23
189.104.32.0/23 maxlen: 23
189.104.64.0/23 maxlen: 23
189.104.98.0/23 maxlen: 23
189.104.130.0/23 maxlen: 23
189.104.170.0/23 maxlen: 23
189.104.200.0/23 maxlen: 23
189.104.254.0/23 maxlen: 23
203.78.166.0/23 maxlen: 23
205.188.4.0/23 maxlen: 23
205.188.12.0/22 maxlen: 22
205.188.24.0/22 maxlen: 22
205.188.28.0/22 maxlen: 22
205.188.32.0/22 maxlen: 22
205.188.36.0/22 maxlen: 22
205.188.40.0/22 maxlen: 22
205.188.48.0/22 maxlen: 22
205.188.56.0/22 maxlen: 22
205.188.64.0/22 maxlen: 22
205.188.68.0/22 maxlen: 22
205.188.72.0/22 maxlen: 22
205.188.76.0/23 maxlen: 23
205.188.78.0/23 maxlen: 23
205.188.84.0/22 maxlen: 22
205.188.88.0/22 maxlen: 22
205.188.94.0/23 maxlen: 23
205.188.214.0/23 maxlen: 23
205.188.240.0/22 maxlen: 22
205.188.252.0/22 maxlen: 22
2a0d:3900::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:77:af:c1:42:43:c7:2a:c7:15:3e:30:5f:d3:59:7f:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21021b252222997bfe33b7e4b315ac8d5e067954
Validity
Not Before: Apr 10 13:58:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=bf4ae6ec901616b0ebfad40bea9e38ff134672ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:c0:e9:58:7f:c8:ed:25:1e:62:98:8f:dc:87:
66:66:85:67:77:6b:76:4a:68:fd:90:1e:94:c1:3e:
23:33:79:96:4f:22:c8:7c:4a:fd:e7:f1:bd:bc:d0:
ff:f9:bf:69:6e:95:0f:bb:6d:a9:6e:9b:ab:18:c7:
78:e9:3a:71:e3:74:87:35:0d:e5:f2:8c:13:08:ba:
5d:d9:29:9a:05:ed:77:aa:56:db:e6:74:b9:69:5a:
f3:76:5c:be:b2:fb:54:1b:be:7d:f2:29:6d:08:10:
9f:31:7c:7b:2d:b4:b1:bd:df:b4:5f:79:28:1b:fe:
02:69:c6:97:3f:d1:a5:bc:d8:1b:48:67:90:25:ce:
b6:3d:e3:6c:6f:dc:b8:e5:aa:d3:31:61:c1:c0:a2:
dc:19:43:52:9b:a3:50:bc:0e:17:c8:80:40:1c:84:
bc:f5:88:72:c3:09:66:62:a9:82:9a:38:b8:1a:93:
ed:91:21:5e:5f:cc:f1:b7:59:54:04:e1:a6:83:90:
f9:01:b7:31:3c:5a:e0:9c:9d:f7:9d:48:a0:8e:93:
11:91:8a:d3:62:2d:c8:58:97:a2:83:f3:2b:7a:35:
74:30:40:df:b1:11:af:18:d2:75:00:3f:76:4b:c6:
97:cb:58:16:09:a1:0c:a0:68:1c:51:e4:b7:98:e5:
18:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:4A:E6:EC:90:16:16:B0:EB:FA:D4:0B:EA:9E:38:FF:13:46:72:EE
X509v3 Authority Key Identifier:
keyid:21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/v0rm7JAWFrDr-tQL6p44_xNGcu4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.117.53.0/24
45.123.145.0/24
72.63.110.0/23
189.81.0.0/23
189.81.32.0/23
189.81.68.0/23
189.81.104.0/23
189.81.140.0/23
189.81.168.0/23
189.81.202.0/23
189.81.232.0/23
189.104.2.0/23
189.104.32.0/23
189.104.64.0/23
189.104.98.0/23
189.104.130.0/23
189.104.170.0/23
189.104.200.0/23
189.104.254.0/23
203.78.166.0/23
205.188.4.0/23
205.188.12.0/22
205.188.24.0-205.188.43.255
205.188.48.0/22
205.188.56.0/22
205.188.64.0/20
205.188.84.0-205.188.91.255
205.188.94.0/23
205.188.214.0/23
205.188.240.0/22
205.188.252.0/22
IPv6:
2a0d:3900::/29
Signature Algorithm: sha256WithRSAEncryption
17:00:64:44:be:fa:29:9c:e8:a4:17:d1:9f:13:1e:85:8d:df:
9c:5c:9e:b5:48:c8:35:75:4a:b4:a6:ae:31:6c:94:43:9e:14:
2b:0b:9e:bf:d8:55:90:6f:5e:60:9c:c0:04:85:d3:4e:d3:bb:
50:ac:a8:7b:34:df:8c:1b:53:a5:6e:9b:4d:cb:f1:27:f4:20:
df:73:1f:99:80:bb:1b:4a:04:a9:ba:a3:cb:12:1c:cd:74:f7:
0b:53:81:cf:1f:a8:f2:f3:47:0b:f5:38:8a:55:56:78:dc:6f:
fb:34:54:fb:90:07:10:7a:e6:75:01:9a:d9:81:5b:96:d4:23:
4f:2b:68:be:45:ac:b0:34:f3:b6:18:b5:97:86:27:bb:08:bd:
19:67:ac:b7:a8:00:6f:ea:5c:cd:1b:57:d6:24:da:61:34:9d:
61:a9:e2:b9:08:8b:6e:bb:56:a4:d8:78:2c:e4:ee:09:f2:db:
e6:ce:0a:ac:78:70:f1:49:dc:e8:8f:77:61:7a:78:ba:33:3f:
c7:4f:ee:d0:69:4a:cf:85:55:fc:d1:93:7c:c4:b5:af:5b:03:
76:76:04:cf:72:2e:d9:60:e0:51:11:b3:01:c9:31:5d:5d:03:
e9:ff:32:11:5f:99:39:2e:a9:fb:c3:a8:24:cf:05:3b:22:7f:
94:38:d3:5f
-----BEGIN CERTIFICATE-----
MIIF1TCCBL2gAwIBAgISAZ13r8FCQ8cqxxU+MF/TWX8RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMDIxYjI1MjIyMjk5N2JmZTMzYjdlNGIzMTVhYzhkNWUw
Njc5NTQwHhcNMjYwNDEwMTM1ODIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjRhZTZlYzkwMTYxNmIwZWJmYWQ0MGJlYTllMzhmZjEzNDY3MmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApMDpWH/I7SUeYpiP3IdmZoVnd2t2
Smj9kB6UwT4jM3mWTyLIfEr95/G9vND/+b9pbpUPu22pbpurGMd46Tpx43SHNQ3l
8owTCLpd2SmaBe13qlbb5nS5aVrzdly+svtUG7598iltCBCfMXx7LbSxvd+0X3ko
G/4CacaXP9GlvNgbSGeQJc62PeNsb9y45arTMWHBwKLcGUNSm6NQvA4XyIBAHIS8
9YhywwlmYqmCmji4GpPtkSFeX8zxt1lUBOGmg5D5AbcxPFrgnJ33nUigjpMRkYrT
Yi3IWJeig/MrejV0MEDfsRGvGNJ1AD92S8aXy1gWCaEMoGgcUeS3mOUY0QIDAQAB
o4IC4TCCAt0wHQYDVR0OBBYEFL9K5uyQFhaw6/rUC+qeOP8TRnLuMB8GA1UdIwQY
MBaAFCECGyUiIpl7/jO35LMVrI1eBnlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMt
NmVhYzYyZTYwZGY3LzEvdjBybTdKQVdGckRyLXRRTDZwNDRfeE5HY3U0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMtNmVhYzYyZTYwZGY3
LzEvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH2BggrBgEFBQcBBwEB/wSB5jCB4zCB0QQCAAEwgcoDBAAt
dTUDBAAte5EDBAFIP24DBAG9UQADBAG9USADBAG9UUQDBAG9UWgDBAG9UYwDBAG9
UagDBAG9UcoDBAG9UegDBAG9aAIDBAG9aCADBAG9aEADBAG9aGIDBAG9aIIDBAG9
aKoDBAG9aMgDBAG9aP4DBAHLTqYDBAHNvAQDBALNvAwwDAMEA828GAMEAs28KAME
As28MAMEAs28OAMEBM28QDAMAwQCzbxUAwQCzbxYAwQBzbxeAwQBzbzWAwQCzbzw
AwQCzbz8MA0EAgACMAcDBQMqDTkAMA0GCSqGSIb3DQEBCwUAA4IBAQAXAGREvvop
nOikF9GfEx6Fjd+cXJ61SMg1dUq0pq4xbJRDnhQrC56/2FWQb15gnMAEhdNO07tQ
rKh7NN+MG1OlbptNy/En9CDfcx+ZgLsbSgSpuqPLEhzNdPcLU4HPH6jy80cL9TiK
VVZ43G/7NFT7kAcQeuZ1AZrZgVuW1CNPK2i+RaywNPO2GLWXhie7CL0ZZ6y3qABv
6lzNG1fWJNphNJ1hqeK5CItuu1ak2Hgs5O4J8tvmzgqseHDxSdzoj3dheni6Mz/H
T+7QaUrPhVX80ZN8xLWvWwN2dgTPci7ZYOBREbMByTFdXQPp/zIRX5k5Lqn7w6gk
zwU7In+UONNf
-----END CERTIFICATE-----
Generated at Fri Apr 17 06:51:40 2026 by rpki-client