Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/vEGsYuYY06TvYutYs-QyPdXXq4Q.roa
File: vEGsYuYY06TvYutYs-QyPdXXq4Q.roa (raw, json)
Hash identifier: UCMk3rT/wVrhtk6MMSMiEAtXXbsHSrVjnWedze014rg=
Subject key identifier: BC:41:AC:62:E6:18:D3:A4:EF:62:EB:58:B3:E4:32:3D:D5:D7:AB:84
Certificate issuer: /CN=d3cb5cecc213b9f86dbba518521e8546ec93861c
Certificate serial: 019EB6E4D8C5A09D518D08CA0FA5FD3D667D
Authority key identifier: D3:CB:5C:EC:C2:13:B9:F8:6D:BB:A5:18:52:1E:85:46:EC:93:86:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/vEGsYuYY06TvYutYs-QyPdXXq4Q.roa
Signing time: Thu 11 Jun 2026 13:35:11 +0000
ROA not before: Thu 11 Jun 2026 13:35:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 31034
IP address blocks: 5.249.128.0/19 maxlen: 24
31.11.32.0/21 maxlen: 24
31.14.128.0/20 maxlen: 24
46.37.0.0/19 maxlen: 24
62.149.128.0/17 maxlen: 24
66.71.128.0/18 maxlen: 24
77.81.224.0/20 maxlen: 24
80.73.224.0/21 maxlen: 24
80.88.80.0/20 maxlen: 24
80.211.0.0/16 maxlen: 24
85.235.128.0/19 maxlen: 24
89.36.208.0/22 maxlen: 24
89.46.64.0/20 maxlen: 24
89.46.104.0/21 maxlen: 24
89.46.192.0/21 maxlen: 24
93.186.240.0/21 maxlen: 24
93.186.248.0/21 maxlen: 24
94.177.160.0/19 maxlen: 24
94.177.192.0/18 maxlen: 24
95.110.128.0/17 maxlen: 24
109.70.240.0/22 maxlen: 24
109.70.244.0/22 maxlen: 24
176.107.144.0/21 maxlen: 24
185.56.8.0/22 maxlen: 24
185.58.116.0/22 maxlen: 24
185.58.192.0/22 maxlen: 24
188.213.160.0/20 maxlen: 24
193.254.240.0/23 maxlen: 24
194.182.110.0/23 maxlen: 24
195.128.234.0/23 maxlen: 24
195.225.168.0/22 maxlen: 24
195.231.0.0/17 maxlen: 24
195.231.64.0/20 maxlen: 24
195.231.80.0/21 maxlen: 24
195.231.88.0/21 maxlen: 24
195.234.171.0/24 maxlen: 24
195.250.34.0/24 maxlen: 24
209.227.224.0/20 maxlen: 24
212.237.0.0/18 maxlen: 24
217.61.0.0/18 maxlen: 24
217.61.56.0/21 maxlen: 24
217.61.120.0/21 maxlen: 24
217.73.224.0/20 maxlen: 24
2a00:6d40::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/08tc7MITufhtu6UYUh6FRuyThhw.crl
rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/08tc7MITufhtu6UYUh6FRuyThhw.mft
rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:b6:e4:d8:c5:a0:9d:51:8d:08:ca:0f:a5:fd:3d:66:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cb5cecc213b9f86dbba518521e8546ec93861c
Validity
Not Before: Jun 11 13:35:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=bc41ac62e618d3a4ef62eb58b3e4323dd5d7ab84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:db:c9:1f:68:84:02:e5:c6:84:7c:ec:5e:2b:
ac:1f:2a:99:9a:40:e2:d5:f0:1b:39:05:e3:b4:58:
0c:44:3c:e8:2c:b6:32:7e:6a:3a:bb:18:d7:ad:25:
bc:a2:0c:15:7d:31:fa:0c:df:d2:26:86:eb:a8:85:
65:5b:e0:c3:85:51:88:59:46:30:0a:60:28:bf:00:
b7:a7:1e:f9:a0:12:1b:81:06:06:27:ab:c9:be:8c:
cf:98:bc:64:6c:c3:12:32:66:7d:21:f1:59:0d:7c:
6b:7f:a7:a9:d5:05:d6:d9:be:71:95:a8:44:80:d9:
15:1f:0e:69:f8:8c:0d:8f:e8:7a:fd:af:66:b6:6e:
6b:a8:0d:02:dc:76:56:7f:28:91:5a:aa:89:c8:45:
20:a9:30:24:d9:c8:a9:1e:6c:46:6d:53:8d:65:ad:
08:79:87:ea:9b:11:6d:a1:53:75:02:3b:e3:1f:a6:
52:2d:77:64:f3:f2:79:af:70:48:c0:3e:e3:c8:b3:
a6:4f:fe:52:d6:34:e2:f6:32:75:68:ef:70:4f:d5:
9c:2e:33:8b:79:95:5d:c1:7d:7f:e6:9d:28:03:56:
16:35:e8:1a:40:8d:cd:4d:95:df:71:e6:91:c1:ac:
f6:22:67:97:3d:dd:f6:78:b8:80:70:c1:98:80:d0:
26:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:41:AC:62:E6:18:D3:A4:EF:62:EB:58:B3:E4:32:3D:D5:D7:AB:84
X509v3 Authority Key Identifier:
keyid:D3:CB:5C:EC:C2:13:B9:F8:6D:BB:A5:18:52:1E:85:46:EC:93:86:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/vEGsYuYY06TvYutYs-QyPdXXq4Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/08tc7MITufhtu6UYUh6FRuyThhw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.249.128.0/19
31.11.32.0/21
31.14.128.0/20
46.37.0.0/19
62.149.128.0/17
66.71.128.0/18
77.81.224.0/20
80.73.224.0/21
80.88.80.0/20
80.211.0.0/16
85.235.128.0/19
89.36.208.0/22
89.46.64.0/20
89.46.104.0/21
89.46.192.0/21
93.186.240.0/20
94.177.160.0-94.177.255.255
95.110.128.0/17
109.70.240.0/21
176.107.144.0/21
185.56.8.0/22
185.58.116.0/22
185.58.192.0/22
188.213.160.0/20
193.254.240.0/23
194.182.110.0/23
195.128.234.0/23
195.225.168.0/22
195.231.0.0/17
195.234.171.0/24
195.250.34.0/24
209.227.224.0/20
212.237.0.0/18
217.61.0.0/18
217.61.120.0/21
217.73.224.0/20
IPv6:
2a00:6d40::/29
Signature Algorithm: sha256WithRSAEncryption
93:1c:e8:ad:65:a8:9d:6c:9e:08:29:b8:11:be:6e:5f:44:b4:
7c:d9:1d:d2:f3:88:26:c7:9b:b8:5d:8b:32:0f:e5:9d:97:48:
f6:97:dc:9d:47:da:10:54:a1:ca:ae:60:ef:d3:b4:c9:62:c0:
53:6c:a5:78:9c:25:5c:8f:f1:f9:77:22:31:f5:3f:d2:0b:c7:
07:36:10:a7:e8:f0:b0:2d:43:de:cb:a8:88:f2:22:56:72:77:
3a:19:1a:76:37:99:8f:75:5b:9f:12:5c:f6:1b:8e:aa:51:be:
53:bf:54:16:8b:ff:12:80:48:00:94:60:7f:69:c2:a4:bd:bf:
89:f0:9f:95:7d:ea:93:5f:5a:a3:05:10:c8:e7:7c:7e:68:bd:
05:7b:c4:e2:6c:0c:55:a4:b6:4f:b4:da:52:bb:ed:9d:56:92:
d3:12:01:ef:be:c2:24:52:96:06:61:09:27:99:a5:e7:6b:b7:
1a:0a:3a:4e:79:5e:91:78:4f:42:f3:6d:03:08:57:a6:80:85:
b7:a5:db:64:7c:51:3f:ce:9b:72:e7:ad:36:76:54:43:a2:5e:
01:a5:ab:e7:48:af:3e:2f:bd:2a:9e:75:cb:fe:df:65:e7:6f:
ed:4a:70:17:40:ae:9b:11:18:59:22:55:a4:2a:22:6e:5b:a6:
fc:37:71:9f
-----BEGIN CERTIFICATE-----
MIIF6jCCBNKgAwIBAgISAZ625NjFoJ1RjQjKD6X9PWZ9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2I1Y2VjYzIxM2I5Zjg2ZGJiYTUxODUyMWU4NTQ2ZWM5
Mzg2MWMwHhcNMjYwNjExMTMzNTExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzQxYWM2MmU2MThkM2E0ZWY2MmViNThiM2U0MzIzZGQ1ZDdhYjg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk9vJH2iEAuXGhHzsXiusHyqZmkDi
1fAbOQXjtFgMRDzoLLYyfmo6uxjXrSW8ogwVfTH6DN/SJobrqIVlW+DDhVGIWUYw
CmAovwC3px75oBIbgQYGJ6vJvozPmLxkbMMSMmZ9IfFZDXxrf6ep1QXW2b5xlahE
gNkVHw5p+IwNj+h6/a9mtm5rqA0C3HZWfyiRWqqJyEUgqTAk2cipHmxGbVONZa0I
eYfqmxFtoVN1AjvjH6ZSLXdk8/J5r3BIwD7jyLOmT/5S1jTi9jJ1aO9wT9WcLjOL
eZVdwX1/5p0oA1YWNegaQI3NTZXfceaRwaz2ImeXPd32eLiAcMGYgNAmvwIDAQAB
o4IC9jCCAvIwHQYDVR0OBBYEFLxBrGLmGNOk72LrWLPkMj3V16uEMB8GA1UdIwQY
MBaAFNPLXOzCE7n4bbulGFIehUbsk4YcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDh0YzdNSVR1Zmh0dTZVWVVoNkZSdXlUaGh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9lMTE3ZmUtYzllNy00ZDQxLTk0ZGYt
ODQyNjk0MTJkNTYxLzEvdkVHc1l1WVkwNlR2WXV0WXMtUXlQZFhYcTRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9lMTE3ZmUtYzllNy00ZDQxLTk0ZGYtODQyNjk0MTJkNTYx
LzEvMDh0YzdNSVR1Zmh0dTZVWVVoNkZSdXlUaGh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBCgYIKwYBBQUHAQcBAf8EgfowgfcwgeUEAgABMIHeAwQF
BfmAAwQDHwsgAwQEHw6AAwQFLiUAAwQHPpWAAwQGQkeAAwQETVHgAwQDUEngAwQE
UFhQAwMAUNMDBAVV64ADBAJZJNADBARZLkADBANZLmgDBANZLsADBARduvAwCwME
BV6xoAMDAV6wAwQHX26AAwQDbUbwAwQDsGuQAwQCuTgIAwQCuTp0AwQCuTrAAwQE
vNWgAwQBwf7wAwQBwrZuAwQBw4DqAwQCw+GoAwQHw+cAAwQAw+qrAwQAw/oiAwQE
0ePgAwQG1O0AAwQG2T0AAwQD2T14AwQE2UngMA0EAgACMAcDBQMqAG1AMA0GCSqG
SIb3DQEBCwUAA4IBAQCTHOitZaidbJ4IKbgRvm5fRLR82R3S84gmx5u4XYsyD+Wd
l0j2l9ydR9oQVKHKrmDv07TJYsBTbKV4nCVcj/H5dyIx9T/SC8cHNhCn6PCwLUPe
y6iI8iJWcnc6GRp2N5mPdVufElz2G46qUb5Tv1QWi/8SgEgAlGB/acKkvb+J8J+V
feqTX1qjBRDI53x+aL0Fe8TibAxVpLZPtNpSu+2dVpLTEgHvvsIkUpYGYQknmaXn
a7caCjpOeV6ReE9C820DCFemgIW3pdtkfFE/zpty5602dlRDol4BpavnSK8+L70q
nnXL/t9l52/tSnAXQK6bERhZIlWkKiJuW6b8N3Gf
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:22:57 2026 by rpki-client