Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/eef557-0e10-40ce-a48f-ee0603949f93/1/0dN9Mw_SVc9UrLh7Uzul0ybYib4.roa
File: 0dN9Mw_SVc9UrLh7Uzul0ybYib4.roa (raw, json)
Hash identifier: Ozze1PaR8dnxp7WXTJwbhtmGtE60CJrs8z/f9pdCjvo=
Subject key identifier: D1:D3:7D:33:0F:D2:55:CF:54:AC:B8:7B:53:3B:A5:D3:26:D8:89:BE
Certificate issuer: /CN=237f7db033314c473cda194e0df79f1c375da3f4
Certificate serial: 019ED41EEACAC53E7E4298EC9F6D1F2E6DFD
Authority key identifier: 23:7F:7D:B0:33:31:4C:47:3C:DA:19:4E:0D:F7:9F:1C:37:5D:A3:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I399sDMxTEc82hlODfefHDddo_Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/eef557-0e10-40ce-a48f-ee0603949f93/1/0dN9Mw_SVc9UrLh7Uzul0ybYib4.roa
Signing time: Wed 17 Jun 2026 05:47:36 +0000
ROA not before: Wed 17 Jun 2026 05:47:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 3225
IP address blocks: 91.140.128.0/17 maxlen: 24
91.140.128.0/22 maxlen: 24
91.140.132.0/22 maxlen: 24
91.140.140.0/22 maxlen: 24
91.140.148.0/22 maxlen: 24
91.140.152.0/22 maxlen: 24
91.140.160.0/22 maxlen: 24
91.140.164.0/22 maxlen: 24
91.140.172.0/22 maxlen: 24
91.140.180.0/22 maxlen: 24
91.140.188.0/22 maxlen: 24
91.140.192.0/22 maxlen: 24
91.140.196.0/22 maxlen: 24
91.140.200.0/22 maxlen: 24
91.140.201.0/24 maxlen: 24
91.140.202.0/24 maxlen: 24
91.140.203.0/24 maxlen: 24
91.140.204.0/22 maxlen: 24
91.140.207.0/24 maxlen: 24
91.140.208.0/22 maxlen: 24
91.140.212.0/22 maxlen: 24
91.140.216.0/22 maxlen: 24
91.140.219.0/24 maxlen: 24
91.140.220.0/24 maxlen: 24
91.140.221.0/24 maxlen: 24
91.140.222.0/24 maxlen: 24
91.140.223.0/24 maxlen: 24
91.140.224.0/22 maxlen: 24
91.140.224.0/24 maxlen: 24
91.140.226.0/24 maxlen: 24
91.140.228.0/22 maxlen: 24
91.140.232.0/24 maxlen: 24
91.140.233.0/24 maxlen: 24
91.140.234.0/24 maxlen: 24
91.140.235.0/24 maxlen: 24
91.140.236.0/22 maxlen: 22
91.140.236.0/24 maxlen: 24
91.140.237.0/24 maxlen: 24
91.140.238.0/24 maxlen: 24
91.140.239.0/24 maxlen: 24
91.140.240.0/24 maxlen: 24
91.140.241.0/24 maxlen: 24
91.140.242.0/24 maxlen: 24
91.140.244.0/22 maxlen: 24
91.140.244.0/24 maxlen: 24
91.140.246.0/24 maxlen: 24
91.140.248.0/22 maxlen: 24
91.140.248.0/24 maxlen: 24
91.140.249.0/24 maxlen: 24
91.140.250.0/24 maxlen: 24
91.140.251.0/24 maxlen: 24
91.140.252.0/22 maxlen: 24
91.140.252.0/24 maxlen: 24
91.140.253.0/24 maxlen: 24
91.140.254.0/24 maxlen: 24
91.140.255.0/24 maxlen: 24
94.187.224.0/19 maxlen: 24
94.187.224.0/24 maxlen: 24
94.187.225.0/24 maxlen: 24
94.187.226.0/24 maxlen: 24
94.187.227.0/24 maxlen: 24
94.187.228.0/22 maxlen: 24
94.187.228.0/24 maxlen: 24
94.187.232.0/22 maxlen: 24
94.187.236.0/22 maxlen: 24
94.187.240.0/22 maxlen: 24
94.187.244.0/22 maxlen: 24
94.187.248.0/22 maxlen: 24
94.187.252.0/22 maxlen: 24
185.16.4.0/22 maxlen: 24
194.54.192.0/18 maxlen: 24
194.54.192.0/19 maxlen: 24
194.54.194.0/23 maxlen: 24
194.54.196.0/22 maxlen: 24
194.54.200.0/22 maxlen: 24
194.54.202.0/24 maxlen: 24
194.54.204.0/22 maxlen: 24
194.54.208.0/22 maxlen: 24
194.54.208.0/24 maxlen: 24
194.54.209.0/24 maxlen: 24
194.54.212.0/22 maxlen: 24
194.54.216.0/22 maxlen: 24
194.54.220.0/22 maxlen: 24
194.54.220.0/24 maxlen: 24
194.54.224.0/19 maxlen: 24
194.54.224.0/22 maxlen: 24
194.54.228.0/22 maxlen: 24
194.54.232.0/22 maxlen: 24
194.54.234.0/24 maxlen: 24
194.54.236.0/22 maxlen: 24
194.54.240.0/22 maxlen: 24
194.54.241.0/24 maxlen: 24
194.54.243.0/24 maxlen: 24
194.54.244.0/22 maxlen: 24
194.54.248.0/22 maxlen: 24
194.54.252.0/22 maxlen: 24
213.132.224.0/19 maxlen: 19
213.132.224.0/22 maxlen: 22
213.132.224.0/24 maxlen: 24
213.132.228.0/22 maxlen: 22
213.132.228.0/24 maxlen: 24
213.132.229.0/24 maxlen: 24
213.132.230.0/24 maxlen: 24
213.132.231.0/24 maxlen: 24
213.132.232.0/22 maxlen: 22
213.132.236.0/22 maxlen: 22
213.132.240.0/22 maxlen: 22
213.132.244.0/22 maxlen: 22
213.132.244.0/24 maxlen: 24
213.132.245.0/24 maxlen: 24
213.132.246.0/24 maxlen: 24
213.132.247.0/24 maxlen: 24
213.132.248.0/22 maxlen: 22
213.132.248.0/24 maxlen: 24
213.132.249.0/24 maxlen: 24
213.132.251.0/24 maxlen: 24
213.132.252.0/22 maxlen: 22
213.132.252.0/24 maxlen: 24
213.132.254.0/24 maxlen: 24
213.132.255.0/24 maxlen: 24
2a01:7780::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/88/eef557-0e10-40ce-a48f-ee0603949f93/1/I399sDMxTEc82hlODfefHDddo_Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/88/eef557-0e10-40ce-a48f-ee0603949f93/1/I399sDMxTEc82hlODfefHDddo_Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/I399sDMxTEc82hlODfefHDddo_Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 17 Jun 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:d4:1e:ea:ca:c5:3e:7e:42:98:ec:9f:6d:1f:2e:6d:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=237f7db033314c473cda194e0df79f1c375da3f4
Validity
Not Before: Jun 17 05:47:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d1d37d330fd255cf54acb87b533ba5d326d889be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:e1:7f:7c:31:f6:b6:70:72:c5:86:55:ec:7c:
b9:91:fc:cd:c4:d1:95:09:45:cb:d6:8b:6b:4e:6c:
04:c4:e5:3f:9e:db:2f:82:76:04:73:d4:ff:0a:86:
da:d5:a3:b3:01:55:2e:14:b5:27:05:29:55:f4:19:
f1:25:21:ea:4c:b4:8b:9c:75:cc:99:1f:23:02:37:
b7:49:f3:77:62:e1:03:72:21:a8:9c:db:dc:d2:b2:
74:4d:f8:4c:8f:e5:e8:51:1f:dc:05:95:cb:69:35:
28:8a:25:39:f0:fa:44:5e:96:5d:9f:eb:1d:c8:33:
18:a1:51:4b:4a:ee:df:1f:53:85:67:90:99:ec:a4:
c8:51:cd:b9:26:8e:05:44:01:f5:cb:35:d9:56:f4:
e5:69:7c:ab:f9:ac:60:55:d0:5b:9e:7f:4e:fe:e2:
60:a2:81:1b:c5:ec:7e:8c:4b:70:26:f9:b0:53:d8:
fd:c2:bc:66:b8:37:7e:9d:66:48:56:c7:cf:ed:28:
ab:53:09:d4:5f:86:18:b3:f1:ad:45:54:9c:fc:1b:
4a:35:39:ff:a2:86:d9:c4:65:37:f7:d5:31:7f:14:
94:fa:a1:0e:d9:44:c5:c1:fb:4d:7b:49:af:1d:29:
01:93:4c:de:bf:20:8d:80:75:8f:29:a1:30:33:3c:
f9:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:D3:7D:33:0F:D2:55:CF:54:AC:B8:7B:53:3B:A5:D3:26:D8:89:BE
X509v3 Authority Key Identifier:
keyid:23:7F:7D:B0:33:31:4C:47:3C:DA:19:4E:0D:F7:9F:1C:37:5D:A3:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I399sDMxTEc82hlODfefHDddo_Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/eef557-0e10-40ce-a48f-ee0603949f93/1/0dN9Mw_SVc9UrLh7Uzul0ybYib4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/eef557-0e10-40ce-a48f-ee0603949f93/1/I399sDMxTEc82hlODfefHDddo_Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.140.128.0/17
94.187.224.0/19
185.16.4.0/22
194.54.192.0/18
213.132.224.0/19
IPv6:
2a01:7780::/32
Signature Algorithm: sha256WithRSAEncryption
69:d2:86:a4:e7:35:46:00:fa:35:2b:ab:14:57:46:00:93:06:
79:1e:f4:3d:2b:a2:05:31:aa:5a:0a:86:82:08:e8:ca:d2:e3:
11:07:74:20:14:2f:12:29:12:61:05:f6:9c:5c:db:46:ba:6e:
89:9a:71:60:55:aa:dd:3a:db:c8:b1:b7:6f:99:49:05:68:c1:
de:33:45:17:78:e2:45:74:e3:11:a8:10:04:a0:e1:96:73:27:
a1:7a:f7:ef:07:0b:c1:33:3f:3f:60:6c:3c:4e:39:01:c6:80:
cc:ea:c2:31:6a:67:93:b2:b1:1c:c0:e8:a1:20:74:a3:e2:18:
4e:e4:69:34:dc:62:62:36:cb:0a:1f:36:48:cc:d6:d1:44:56:
09:39:9b:97:d7:af:01:ee:55:52:44:5c:7d:a4:57:dc:cc:57:
f0:e8:3e:ae:b5:a3:50:5d:28:3a:85:ff:04:e3:9e:73:ab:72:
ca:cc:e9:50:e8:05:f7:98:d3:68:d9:e4:42:d9:4d:57:20:e4:
f0:7f:5b:a8:e6:c0:e4:9c:a9:56:4c:56:e9:19:af:40:7d:88:
d6:db:3a:06:0c:01:16:be:c1:cd:8a:0b:3e:c6:9a:38:7a:4e:
43:6a:06:a8:04:ed:b6:3c:4b:97:59:46:4b:8f:00:49:32:dd:
6f:85:05:b2
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZ7UHurKxT5+Qpjsn20fLm39MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzN2Y3ZGIwMzMzMTRjNDczY2RhMTk0ZTBkZjc5ZjFjMzc1
ZGEzZjQwHhcNMjYwNjE3MDU0NzM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWQzN2QzMzBmZDI1NWNmNTRhY2I4N2I1MzNiYTVkMzI2ZDg4OWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoeF/fDH2tnByxYZV7Hy5kfzNxNGV
CUXL1otrTmwExOU/ntsvgnYEc9T/Coba1aOzAVUuFLUnBSlV9BnxJSHqTLSLnHXM
mR8jAje3SfN3YuEDciGonNvc0rJ0TfhMj+XoUR/cBZXLaTUoiiU58PpEXpZdn+sd
yDMYoVFLSu7fH1OFZ5CZ7KTIUc25Jo4FRAH1yzXZVvTlaXyr+axgVdBbnn9O/uJg
ooEbxex+jEtwJvmwU9j9wrxmuDd+nWZIVsfP7SirUwnUX4YYs/GtRVSc/BtKNTn/
oobZxGU399UxfxSU+qEO2UTFwftNe0mvHSkBk0zevyCNgHWPKaEwMzz51wIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFNHTfTMP0lXPVKy4e1M7pdMm2Im+MB8GA1UdIwQY
MBaAFCN/fbAzMUxHPNoZTg33nxw3XaP0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTM5OXNETXhURWM4MmhsT0RmZWZIRGRkb19RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9lZWY1NTctMGUxMC00MGNlLWE0OGYt
ZWUwNjAzOTQ5ZjkzLzEvMGROOU13X1NWYzlVckxoN1V6dWwweWJZaWI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9lZWY1NTctMGUxMC00MGNlLWE0OGYtZWUwNjAzOTQ5Zjkz
LzEvSTM5OXNETXhURWM4MmhsT0RmZWZIRGRkb19RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQHW4yAAwQF
XrvgAwQCuRAEAwQGwjbAAwQF1YTgMA0EAgACMAcDBQAqAXeAMA0GCSqGSIb3DQEB
CwUAA4IBAQBp0oak5zVGAPo1K6sUV0YAkwZ5HvQ9K6IFMapaCoaCCOjK0uMRB3Qg
FC8SKRJhBfacXNtGum6JmnFgVardOtvIsbdvmUkFaMHeM0UXeOJFdOMRqBAEoOGW
cyehevfvBwvBMz8/YGw8TjkBxoDM6sIxameTsrEcwOihIHSj4hhO5Gk03GJiNssK
HzZIzNbRRFYJOZuX168B7lVSRFx9pFfczFfw6D6utaNQXSg6hf8E455zq3LKzOlQ
6AX3mNNo2eRC2U1XIOTwf1uo5sDknKlWTFbpGa9AfYjW2zoGDAEWvsHNigs+xpo4
ek5DagaoBO22PEuXWUZLjwBJMt1vhQWy
-----END CERTIFICATE-----
Generated at Wed Jun 17 09:56:53 2026 by rpki-client