Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8Dn7VHaOAoPd4CUaLv5G4XmD4CE.roa
File: 8Dn7VHaOAoPd4CUaLv5G4XmD4CE.roa (raw, json)
Hash identifier: rbxcgKT0pRjRpXK+7sM11+/fBl9nAZEtuAjC3sWn8fU=
Subject key identifier: F0:39:FB:54:76:8E:02:83:DD:E0:25:1A:2E:FE:46:E1:79:83:E0:21
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 019EB588096D9385F861A29ADCC98F928886
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8Dn7VHaOAoPd4CUaLv5G4XmD4CE.roa
Signing time: Thu 11 Jun 2026 07:14:11 +0000
ROA not before: Thu 11 Jun 2026 07:14:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 137409
IP address blocks: 14.102.61.0/24 maxlen: 24
14.102.62.0/24 maxlen: 24
14.102.84.0/24 maxlen: 24
14.102.86.0/24 maxlen: 24
45.150.180.0/24 maxlen: 24
62.169.128.0/24 maxlen: 24
62.169.130.0/24 maxlen: 24
66.56.87.0/24 maxlen: 24
103.61.196.0/24 maxlen: 24
147.90.35.0/24 maxlen: 24
147.90.220.0/24 maxlen: 24
147.90.221.0/24 maxlen: 24
158.173.167.0/24 maxlen: 24
158.173.243.0/24 maxlen: 24
158.173.246.0/24 maxlen: 24
158.173.247.0/24 maxlen: 24
167.160.28.0/24 maxlen: 24
170.62.238.0/24 maxlen: 24
192.253.209.0/24 maxlen: 24
198.55.31.0/24 maxlen: 24
203.188.175.0/24 maxlen: 24
203.188.189.0/24 maxlen: 24
203.188.190.0/24 maxlen: 24
203.188.191.0/24 maxlen: 24
212.32.71.0/24 maxlen: 24
212.32.73.0/24 maxlen: 24
212.32.76.0/24 maxlen: 24
213.254.163.0/24 maxlen: 24
213.254.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.mft
rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 22:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:b5:88:09:6d:93:85:f8:61:a2:9a:dc:c9:8f:92:88:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Jun 11 07:14:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f039fb54768e0283dde0251a2efe46e17983e021
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:44:70:00:ff:f1:13:05:1d:87:3e:c3:03:86:
b7:46:c2:18:b2:cb:5c:68:34:0d:f3:c8:c6:d2:23:
fa:91:0e:a3:b0:9a:a1:d5:4d:a0:1b:41:f2:01:78:
82:77:2e:36:87:da:a5:0e:9b:ec:61:87:ed:01:10:
fc:75:ac:2b:32:5f:00:28:fc:1d:32:cc:34:7d:88:
64:9a:a9:94:bd:0c:ab:79:22:dd:92:85:54:1e:cf:
35:bc:bf:6e:0f:2d:35:fd:cf:b5:3f:26:ae:b7:25:
cd:6a:62:ed:f5:1d:22:63:d2:91:ed:27:a4:52:8a:
a1:1d:82:da:03:52:0f:8c:5c:25:92:04:3b:6a:2c:
83:b2:8f:4d:ca:d9:67:df:de:7a:34:4f:d0:2a:e9:
06:fc:7f:cc:cd:98:b7:8a:a4:f6:f3:54:6c:3b:78:
75:df:19:d7:ef:1b:95:00:15:36:08:b8:cb:d0:f8:
ae:31:44:10:01:d8:b6:24:cc:e8:e4:95:5e:63:eb:
d1:3f:a5:a7:5b:b9:38:65:29:ea:ae:61:0d:50:8a:
3e:6b:fe:0c:a6:e5:18:50:75:92:0a:a4:d0:9f:9d:
d7:62:51:34:68:71:50:13:78:21:0c:80:22:43:7b:
53:0c:b6:9b:69:26:19:e9:0f:3e:23:f1:26:19:8f:
0c:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:39:FB:54:76:8E:02:83:DD:E0:25:1A:2E:FE:46:E1:79:83:E0:21
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8Dn7VHaOAoPd4CUaLv5G4XmD4CE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.61.0-14.102.62.255
14.102.84.0/24
14.102.86.0/24
45.150.180.0/24
62.169.128.0/24
62.169.130.0/24
66.56.87.0/24
103.61.196.0/24
147.90.35.0/24
147.90.220.0/23
158.173.167.0/24
158.173.243.0/24
158.173.246.0/23
167.160.28.0/24
170.62.238.0/24
192.253.209.0/24
198.55.31.0/24
203.188.175.0/24
203.188.189.0-203.188.191.255
212.32.71.0/24
212.32.73.0/24
212.32.76.0/24
213.254.163.0/24
213.254.175.0/24
Signature Algorithm: sha256WithRSAEncryption
64:a5:5d:63:01:0e:37:c3:b0:db:5d:48:f9:60:f8:f0:2c:c5:
00:eb:5c:b1:a5:da:72:d0:8d:b0:b0:4e:c6:6f:f0:36:0c:37:
67:0a:77:4b:7b:99:ad:e2:2a:be:58:6b:83:3b:82:55:cc:eb:
15:b4:72:05:3a:7f:2b:56:68:c8:65:d9:01:89:b7:31:e1:e9:
2a:70:99:c1:8d:a4:b6:fc:76:cf:f5:2e:da:13:13:f2:5e:88:
65:2a:86:ad:f9:35:39:7f:c6:13:44:2b:69:d4:3c:c3:14:73:
10:27:bf:cd:5a:b8:b4:f8:27:88:e8:a3:d4:62:69:61:e6:6e:
15:83:f3:3a:37:42:1d:54:47:34:80:b7:a8:b3:79:78:00:a7:
21:03:22:d7:38:68:7d:b6:ff:d8:17:c9:66:fc:6f:e6:d9:29:
f1:53:b2:8e:65:ef:b9:e7:4a:73:b7:b8:90:43:37:b8:5b:3b:
39:75:5d:1d:ad:6a:3f:65:09:7d:55:75:43:cb:65:9b:d1:b2:
32:ca:bd:9f:45:f2:52:5b:47:e5:fc:b3:1e:c2:87:8a:8f:6c:
c0:06:b4:68:17:ad:e7:ea:81:7a:3c:7f:98:2e:06:68:5b:63:
ab:f3:10:9f:ab:25:3b:60:47:3f:d2:c9:4b:cf:60:6a:43:56:
b8:aa:d7:d9
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgISAZ61iAltk4X4YaKa3MmPkoiGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjYwNjExMDcxNDExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDM5ZmI1NDc2OGUwMjgzZGRlMDI1MWEyZWZlNDZlMTc5ODNlMDIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmkRwAP/xEwUdhz7DA4a3RsIYsstc
aDQN88jG0iP6kQ6jsJqh1U2gG0HyAXiCdy42h9qlDpvsYYftARD8dawrMl8AKPwd
Msw0fYhkmqmUvQyreSLdkoVUHs81vL9uDy01/c+1PyautyXNamLt9R0iY9KR7Sek
UoqhHYLaA1IPjFwlkgQ7aiyDso9Nytln3956NE/QKukG/H/MzZi3iqT281RsO3h1
3xnX7xuVABU2CLjL0PiuMUQQAdi2JMzo5JVeY+vRP6WnW7k4ZSnqrmENUIo+a/4M
puUYUHWSCqTQn53XYlE0aHFQE3ghDIAiQ3tTDLabaSYZ6Q8+I/EmGY8MgwIDAQAB
o4ICqDCCAqQwHQYDVR0OBBYEFPA5+1R2jgKD3eAlGi7+RuF5g+AhMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvOERuN1ZIYU9Bb1BkNENVYUx2NUc0WG1ENENFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG9BggrBgEFBQcBBwEB/wSBrTCBqjCBpwQCAAEwgaAwDAME
AA5mPQMEAA5mPgMEAA5mVAMEAA5mVgMEAC2WtAMEAD6pgAMEAD6pggMEAEI4VwME
AGc9xAMEAJNaIwMEAZNa3AMEAJ6tpwMEAJ6t8wMEAZ6t9gMEAKegHAMEAKo+7gME
AMD90QMEAMY3HwMEAMu8rzAMAwQAy7y9AwQGy7yAAwQA1CBHAwQA1CBJAwQA1CBM
AwQA1f6jAwQA1f6vMA0GCSqGSIb3DQEBCwUAA4IBAQBkpV1jAQ43w7DbXUj5YPjw
LMUA61yxpdpy0I2wsE7Gb/A2DDdnCndLe5mt4iq+WGuDO4JVzOsVtHIFOn8rVmjI
ZdkBibcx4ekqcJnBjaS2/HbP9S7aExPyXohlKoat+TU5f8YTRCtp1DzDFHMQJ7/N
Wri0+CeI6KPUYmlh5m4Vg/M6N0IdVEc0gLeos3l4AKchAyLXOGh9tv/YF8lm/G/m
2SnxU7KOZe+550pzt7iQQze4Wzs5dV0drWo/ZQl9VXVDy2Wb0bIyyr2fRfJSW0fl
/LMewoeKj2zABrRoF63n6oF6PH+YLgZoW2Or8xCfqyU7YEc/0slLz2BqQ1a4qtfZ
-----END CERTIFICATE-----
Generated at Sat Jun 13 06:38:40 2026 by rpki-client