Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/c8010e-3289-4a36-a2b8-12b2bc58053a/1/4IJKBLLcf574nRPV1X6-t9HD8MM.roa
File: 4IJKBLLcf574nRPV1X6-t9HD8MM.roa (raw, json)
Hash identifier: Wu4e9F97wqMZS5XnRmmcELznemadsbUgvs1t7TmxIxo=
Subject key identifier: E0:82:4A:04:B2:DC:7F:9E:F8:9D:13:D5:D5:7E:BE:B7:D1:C3:F0:C3
Certificate issuer: /CN=dba12207af4d186c44da2533c0b8f1fd1f55d8db
Certificate serial: 019D8C1730F4D3EB36AE5B927A3D17C4BD20
Authority key identifier: DB:A1:22:07:AF:4D:18:6C:44:DA:25:33:C0:B8:F1:FD:1F:55:D8:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/26EiB69NGGxE2iUzwLjx_R9V2Ns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/c8010e-3289-4a36-a2b8-12b2bc58053a/1/4IJKBLLcf574nRPV1X6-t9HD8MM.roa
Signing time: Tue 14 Apr 2026 13:03:43 +0000
ROA not before: Tue 14 Apr 2026 13:03:43 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 41960
IP address blocks: 2.56.216.0/22 maxlen: 24
5.183.132.0/22 maxlen: 24
37.148.184.0/21 maxlen: 24
45.10.126.0/23 maxlen: 24
45.95.252.0/22 maxlen: 24
45.140.156.0/22 maxlen: 24
45.151.116.0/22 maxlen: 24
77.73.224.0/21 maxlen: 24
85.184.8.0/21 maxlen: 24
91.202.210.0/24 maxlen: 24
93.188.64.0/22 maxlen: 24
94.142.253.0/24 maxlen: 24
151.248.16.0/22 maxlen: 24
171.22.176.0/22 maxlen: 24
185.112.73.0/24 maxlen: 24
185.116.12.0/22 maxlen: 24
185.234.152.0/23 maxlen: 24
185.234.154.0/24 maxlen: 24
185.239.168.0/23 maxlen: 24
185.239.170.0/24 maxlen: 24
185.249.136.0/22 maxlen: 24
185.251.152.0/22 maxlen: 24
185.253.48.0/22 maxlen: 24
194.61.84.0/24 maxlen: 24
194.61.86.0/24 maxlen: 24
195.184.86.0/23 maxlen: 24
195.184.90.0/23 maxlen: 24
195.238.86.0/23 maxlen: 24
212.18.105.0/24 maxlen: 24
212.19.192.0/19 maxlen: 24
212.26.192.0/19 maxlen: 24
212.57.48.0/20 maxlen: 24
213.156.0.0/20 maxlen: 24
213.173.56.0/22 maxlen: 24
217.8.96.0/20 maxlen: 24
2001:6e0::/29 maxlen: 48
2a02:690::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/c8010e-3289-4a36-a2b8-12b2bc58053a/1/26EiB69NGGxE2iUzwLjx_R9V2Ns.crl
rsync://rpki.ripe.net/repository/DEFAULT/e9/c8010e-3289-4a36-a2b8-12b2bc58053a/1/26EiB69NGGxE2iUzwLjx_R9V2Ns.mft
rsync://rpki.ripe.net/repository/DEFAULT/26EiB69NGGxE2iUzwLjx_R9V2Ns.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:8c:17:30:f4:d3:eb:36:ae:5b:92:7a:3d:17:c4:bd:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dba12207af4d186c44da2533c0b8f1fd1f55d8db
Validity
Not Before: Apr 14 13:03:43 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e0824a04b2dc7f9ef89d13d5d57ebeb7d1c3f0c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:00:74:c2:b7:32:b8:94:9f:5c:3d:b7:11:38:
6e:32:91:27:f4:a6:ea:9d:29:2b:37:21:1b:78:71:
93:3d:3c:20:bc:04:71:6a:be:33:59:1c:bf:ac:c3:
45:95:25:46:8e:1d:46:59:6b:47:63:42:1a:1d:31:
d1:23:44:0e:c6:a6:25:00:6f:b5:82:96:8e:b2:c5:
b9:9c:fb:ae:22:a6:08:7f:31:3d:2c:b3:61:f3:ba:
00:d5:6b:97:a5:e2:86:c9:08:a8:e8:07:5a:fb:87:
07:b7:3e:e9:33:1f:94:67:00:91:68:45:bc:c7:e1:
35:ba:9b:86:fc:f1:c7:6f:a1:83:11:8b:b2:c4:21:
c2:4c:ed:06:b0:0c:b7:af:c5:27:95:d0:47:f4:9f:
34:71:8b:cc:f0:b2:b1:5e:e8:59:bc:48:16:59:6f:
9b:d6:38:38:37:0e:81:0a:0b:7c:83:db:b8:19:2c:
40:e2:11:0d:9a:aa:5e:b4:a0:59:f2:69:15:c3:88:
10:34:87:1b:e0:aa:30:9e:56:fa:7a:4f:db:55:11:
98:56:91:3b:3c:48:c1:4c:33:14:c8:f2:36:d6:b6:
80:84:95:cd:d2:80:4f:4c:ba:05:ee:9c:34:7d:8a:
04:bf:71:6a:9a:09:39:a9:fc:2b:de:7b:4f:9f:41:
f8:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:82:4A:04:B2:DC:7F:9E:F8:9D:13:D5:D5:7E:BE:B7:D1:C3:F0:C3
X509v3 Authority Key Identifier:
keyid:DB:A1:22:07:AF:4D:18:6C:44:DA:25:33:C0:B8:F1:FD:1F:55:D8:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/26EiB69NGGxE2iUzwLjx_R9V2Ns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/c8010e-3289-4a36-a2b8-12b2bc58053a/1/4IJKBLLcf574nRPV1X6-t9HD8MM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/c8010e-3289-4a36-a2b8-12b2bc58053a/1/26EiB69NGGxE2iUzwLjx_R9V2Ns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.216.0/22
5.183.132.0/22
37.148.184.0/21
45.10.126.0/23
45.95.252.0/22
45.140.156.0/22
45.151.116.0/22
77.73.224.0/21
85.184.8.0/21
91.202.210.0/24
93.188.64.0/22
94.142.253.0/24
151.248.16.0/22
171.22.176.0/22
185.112.73.0/24
185.116.12.0/22
185.234.152.0-185.234.154.255
185.239.168.0-185.239.170.255
185.249.136.0/22
185.251.152.0/22
185.253.48.0/22
194.61.84.0/24
194.61.86.0/24
195.184.86.0/23
195.184.90.0/23
195.238.86.0/23
212.18.105.0/24
212.19.192.0/19
212.26.192.0/19
212.57.48.0/20
213.156.0.0/20
213.173.56.0/22
217.8.96.0/20
IPv6:
2001:6e0::/29
2a02:690::/29
Signature Algorithm: sha256WithRSAEncryption
64:0f:84:7c:a0:41:fc:65:9c:d7:9d:6e:a5:15:56:a9:10:e9:
18:b7:0d:ce:3d:c4:8e:ff:70:e1:1c:53:95:e1:89:56:89:00:
29:9d:ee:d1:bd:99:e1:85:c9:26:1b:e3:ee:69:80:af:dd:c2:
37:b4:36:a8:02:0c:92:60:d7:c4:17:89:75:64:38:45:ec:0a:
4a:94:08:56:54:a4:d9:cc:1c:5f:26:45:53:f7:ca:fe:61:85:
69:f9:e8:d2:15:b0:b0:cd:64:ca:15:f9:af:0f:0b:62:7e:37:
3a:06:8e:04:92:e2:4a:0c:0b:44:7c:1f:5a:20:e5:64:8d:b6:
22:77:e6:23:f0:ab:ee:b9:86:b1:c5:05:01:98:fb:83:9b:1c:
21:bf:6f:d7:cc:37:c5:df:2d:4c:c9:29:ec:60:37:b2:fe:63:
ac:fa:42:b8:65:70:97:56:fb:e5:01:cd:f1:db:4a:b0:e4:cf:
7f:85:e6:2b:b6:40:7a:51:fa:91:57:13:60:54:60:ca:75:34:
d2:20:86:57:c3:62:dd:b8:1f:ac:d1:de:59:bb:a9:a3:27:eb:
38:4d:57:af:33:af:39:66:fe:bb:23:70:b0:2a:fe:76:75:08:
b5:a3:fc:80:2f:44:13:42:34:1b:2c:ad:9f:84:ce:ea:19:5b:
3c:cc:d0:0a
-----BEGIN CERTIFICATE-----
MIIF6TCCBNGgAwIBAgISAZ2MFzD00+s2rluSej0XxL0gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiYTEyMjA3YWY0ZDE4NmM0NGRhMjUzM2MwYjhmMWZkMWY1
NWQ4ZGIwHhcNMjYwNDE0MTMwMzQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDgyNGEwNGIyZGM3ZjllZjg5ZDEzZDVkNTdlYmViN2QxYzNmMGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAogB0wrcyuJSfXD23EThuMpEn9Kbq
nSkrNyEbeHGTPTwgvARxar4zWRy/rMNFlSVGjh1GWWtHY0IaHTHRI0QOxqYlAG+1
gpaOssW5nPuuIqYIfzE9LLNh87oA1WuXpeKGyQio6Ada+4cHtz7pMx+UZwCRaEW8
x+E1upuG/PHHb6GDEYuyxCHCTO0GsAy3r8UnldBH9J80cYvM8LKxXuhZvEgWWW+b
1jg4Nw6BCgt8g9u4GSxA4hENmqpetKBZ8mkVw4gQNIcb4Kownlb6ek/bVRGYVpE7
PEjBTDMUyPI21raAhJXN0oBPTLoF7pw0fYoEv3Fqmgk5qfwr3ntPn0H4IwIDAQAB
o4IC9TCCAvEwHQYDVR0OBBYEFOCCSgSy3H+e+J0T1dV+vrfRw/DDMB8GA1UdIwQY
MBaAFNuhIgevTRhsRNolM8C48f0fVdjbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjZFaUI2OU5HR3hFMmlVendManhfUjlWMk5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9jODAxMGUtMzI4OS00YTM2LWEyYjgt
MTJiMmJjNTgwNTNhLzEvNElKS0JMTGNmNTc0blJQVjFYNi10OUhEOE1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9jODAxMGUtMzI4OS00YTM2LWEyYjgtMTJiMmJjNTgwNTNh
LzEvMjZFaUI2OU5HR3hFMmlVendManhfUjlWMk5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBCQYIKwYBBQUHAQcBAf8EgfkwgfYwgd0EAgABMIHWAwQC
AjjYAwQCBbeEAwQDJZS4AwQBLQp+AwQCLV/8AwQCLYycAwQCLZd0AwQDTUngAwQD
VbgIAwQAW8rSAwQCXbxAAwQAXo79AwQCl/gQAwQCqxawAwQAuXBJAwQCuXQMMAwD
BAO56pgDBAC56powDAMEA7nvqAMEALnvqgMEArn5iAMEArn7mAMEArn9MAMEAMI9
VAMEAMI9VgMEAcO4VgMEAcO4WgMEAcPuVgMEANQSaQMEBdQTwAMEBdQawAMEBNQ5
MAMEBNWcAAMEAtWtOAMEBNkIYDAUBAIAAjAOAwUDIAEG4AMFAyoCBpAwDQYJKoZI
hvcNAQELBQADggEBAGQPhHygQfxlnNedbqUVVqkQ6Ri3Dc49xI7/cOEcU5XhiVaJ
ACmd7tG9meGFySYb4+5pgK/dwje0NqgCDJJg18QXiXVkOEXsCkqUCFZUpNnMHF8m
RVP3yv5hhWn56NIVsLDNZMoV+a8PC2J+NzoGjgSS4koMC0R8H1og5WSNtiJ35iPw
q+65hrHFBQGY+4ObHCG/b9fMN8XfLUzJKexgN7L+Y6z6QrhlcJdW++UBzfHbSrDk
z3+F5iu2QHpR+pFXE2BUYMp1NNIghlfDYt24H6zR3lm7qaMn6zhNV68zrzlm/rsj
cLAq/nZ1CLWj/IAvRBNCNBssrZ+EzuoZWzzM0Ao=
-----END CERTIFICATE-----
Generated at Fri Apr 17 17:11:57 2026 by rpki-client