Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/be3c40-1210-4272-a5ea-7835d3208396/1/atC9_7KH84YKhxeQMKIpdCgSOAE.roa
File: atC9_7KH84YKhxeQMKIpdCgSOAE.roa (raw, json)
Hash identifier: 895MfjfFbrM39ld+SYg/OsAZrEdBttPSgsek5g05vWU=
Subject key identifier: 6A:D0:BD:FF:B2:87:F3:86:0A:87:17:90:30:A2:29:74:28:12:38:01
Certificate issuer: /CN=15fd3804e00b9e06a82ced9f07b34fe3fd80394e
Certificate serial: 019E5DA63F1BB1F41776047FDE5960093AD5
Authority key identifier: 15:FD:38:04:E0:0B:9E:06:A8:2C:ED:9F:07:B3:4F:E3:FD:80:39:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ff04BOALngaoLO2fB7NP4_2AOU4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/be3c40-1210-4272-a5ea-7835d3208396/1/atC9_7KH84YKhxeQMKIpdCgSOAE.roa
Signing time: Mon 25 May 2026 05:40:36 +0000
ROA not before: Mon 25 May 2026 05:40:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 61173
IP address blocks: 5.182.44.0/24 maxlen: 24
5.182.45.0/24 maxlen: 24
5.182.46.0/24 maxlen: 24
45.159.112.0/24 maxlen: 24
45.159.113.0/24 maxlen: 24
45.159.114.0/24 maxlen: 24
45.159.115.0/24 maxlen: 24
62.3.42.0/24 maxlen: 24
85.208.252.0/24 maxlen: 24
85.208.253.0/24 maxlen: 24
85.208.254.0/24 maxlen: 24
85.208.255.0/24 maxlen: 24
185.4.28.0/24 maxlen: 24
185.4.29.0/24 maxlen: 24
185.4.30.0/24 maxlen: 24
185.4.31.0/24 maxlen: 24
185.50.37.0/24 maxlen: 24
185.50.38.0/24 maxlen: 24
185.50.39.0/24 maxlen: 24
185.116.160.0/24 maxlen: 24
185.116.161.0/24 maxlen: 24
185.116.162.0/24 maxlen: 24
185.116.163.0/24 maxlen: 24
185.213.164.0/24 maxlen: 24
185.213.165.0/24 maxlen: 24
185.213.166.0/24 maxlen: 24
185.213.167.0/24 maxlen: 24
185.255.88.0/24 maxlen: 24
185.255.89.0/24 maxlen: 24
185.255.90.0/24 maxlen: 24
185.255.91.0/24 maxlen: 24
193.141.64.0/24 maxlen: 24
193.141.65.0/24 maxlen: 24
193.141.127.0/24 maxlen: 24
2a05:ab80::/48 maxlen: 48
2a05:ab80:1::/48 maxlen: 48
2a05:ab80:3::/48 maxlen: 48
2a05:ab80:4::/48 maxlen: 48
2a05:ab80:100::/48 maxlen: 48
2a05:ab80:200::/48 maxlen: 48
2a05:ab80:300::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/be3c40-1210-4272-a5ea-7835d3208396/1/Ff04BOALngaoLO2fB7NP4_2AOU4.crl
rsync://rpki.ripe.net/repository/DEFAULT/f9/be3c40-1210-4272-a5ea-7835d3208396/1/Ff04BOALngaoLO2fB7NP4_2AOU4.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ff04BOALngaoLO2fB7NP4_2AOU4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 23:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:5d:a6:3f:1b:b1:f4:17:76:04:7f:de:59:60:09:3a:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15fd3804e00b9e06a82ced9f07b34fe3fd80394e
Validity
Not Before: May 25 05:40:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6ad0bdffb287f3860a87179030a2297428123801
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:91:00:c2:08:0a:8a:f7:c2:6f:c5:a8:1b:a5:
62:14:6f:1d:0a:61:09:02:ff:70:55:90:b4:5c:83:
a4:2c:17:77:41:3e:97:04:8d:1f:50:5d:fa:12:c0:
4a:5a:36:37:1f:f5:60:46:42:b3:84:eb:49:0f:b3:
5d:9f:da:87:0e:0e:36:d2:0e:2c:12:3a:83:12:68:
b4:83:4e:da:76:2e:49:af:32:e4:73:e0:1f:b2:1b:
35:a8:c8:2e:16:a0:3a:05:3f:17:0c:69:ba:13:4c:
2c:64:a3:c2:e2:3b:5a:f5:1e:75:15:90:1c:7e:0a:
7d:1b:8a:80:cf:88:6b:a1:7f:5d:5a:28:a3:0c:45:
41:5a:7b:fb:4e:4c:f3:b7:c2:a0:0b:82:79:36:63:
a3:88:96:ed:ce:18:41:1c:9b:29:55:c7:bd:e1:bd:
b9:06:ba:ea:14:6e:e5:0d:9b:6c:d7:27:db:a2:28:
1a:b6:c0:c5:b5:05:65:1a:31:f7:dc:df:b8:47:3d:
5e:56:10:7c:af:86:06:87:d2:a7:58:26:ae:40:a1:
1e:fc:fe:d9:8a:5e:66:26:a4:c0:1f:2d:e1:c3:64:
2d:b5:94:64:40:bf:0b:71:11:e5:a2:3d:94:15:44:
c8:92:33:90:38:ea:f5:7c:56:6d:7a:72:52:cb:c1:
c4:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:D0:BD:FF:B2:87:F3:86:0A:87:17:90:30:A2:29:74:28:12:38:01
X509v3 Authority Key Identifier:
keyid:15:FD:38:04:E0:0B:9E:06:A8:2C:ED:9F:07:B3:4F:E3:FD:80:39:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ff04BOALngaoLO2fB7NP4_2AOU4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/be3c40-1210-4272-a5ea-7835d3208396/1/atC9_7KH84YKhxeQMKIpdCgSOAE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/be3c40-1210-4272-a5ea-7835d3208396/1/Ff04BOALngaoLO2fB7NP4_2AOU4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.44.0-5.182.46.255
45.159.112.0/22
62.3.42.0/24
85.208.252.0/22
185.4.28.0/22
185.50.37.0-185.50.39.255
185.116.160.0/22
185.213.164.0/22
185.255.88.0/22
193.141.64.0/23
193.141.127.0/24
IPv6:
2a05:ab80::/47
2a05:ab80:3::-2a05:ab80:4:ffff:ffff:ffff:ffff:ffff
2a05:ab80:100::/48
2a05:ab80:200::/48
2a05:ab80:300::/48
Signature Algorithm: sha256WithRSAEncryption
04:56:f4:e0:e7:13:ad:40:c9:1f:ac:79:3f:e7:93:fc:bc:46:
a3:19:84:2c:9b:1d:81:b2:0c:9d:53:ef:91:78:e3:c4:3e:1c:
28:c2:66:b7:31:9b:9c:01:79:c0:2e:86:f9:51:f3:93:5d:e6:
4d:eb:c8:b7:cf:0b:25:b1:26:1b:0e:47:3d:3e:52:3a:01:32:
60:68:0e:79:f0:6c:ac:66:1c:b8:e9:25:aa:bd:46:cb:7c:98:
3c:dd:ed:89:ec:41:73:b0:db:e2:84:16:b8:91:ba:be:4b:58:
9d:69:a7:ba:82:f4:57:fa:d5:07:b1:68:a6:bf:cd:c3:7a:00:
a4:77:b8:f1:c6:bc:99:bb:42:a4:37:b9:f7:03:fe:c4:3f:ee:
6a:cb:b3:75:5f:58:f6:5e:1c:44:c7:6b:e8:0b:be:7a:73:16:
da:65:eb:87:7b:ba:66:a2:02:6c:a1:5d:2e:a4:3d:59:04:f7:
6c:cd:77:13:d4:58:17:64:6d:df:79:6a:25:0e:cc:61:79:63:
0a:e5:7e:2b:14:ed:96:8e:d8:e9:85:d5:0d:2a:62:5e:ed:b6:
c7:58:06:f3:f8:f2:ef:ce:23:3f:56:31:54:c1:7b:9a:17:eb:
a3:ae:0b:73:f9:07:d9:6c:8b:d6:25:c2:18:0a:24:1a:65:19:
d8:fe:d6:27
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgISAZ5dpj8bsfQXdgR/3llgCTrVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZmQzODA0ZTAwYjllMDZhODJjZWQ5ZjA3YjM0ZmUzZmQ4
MDM5NGUwHhcNMjYwNTI1MDU0MDM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWQwYmRmZmIyODdmMzg2MGE4NzE3OTAzMGEyMjk3NDI4MTIzODAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsJEAwggKivfCb8WoG6ViFG8dCmEJ
Av9wVZC0XIOkLBd3QT6XBI0fUF36EsBKWjY3H/VgRkKzhOtJD7Ndn9qHDg420g4s
EjqDEmi0g07adi5JrzLkc+Afshs1qMguFqA6BT8XDGm6E0wsZKPC4jta9R51FZAc
fgp9G4qAz4hroX9dWiijDEVBWnv7Tkzzt8KgC4J5NmOjiJbtzhhBHJspVce94b25
BrrqFG7lDZts1yfboigatsDFtQVlGjH33N+4Rz1eVhB8r4YGh9KnWCauQKEe/P7Z
il5mJqTAHy3hw2QttZRkQL8LcRHloj2UFUTIkjOQOOr1fFZtenJSy8HEqwIDAQAB
o4ICmDCCApQwHQYDVR0OBBYEFGrQvf+yh/OGCocXkDCiKXQoEjgBMB8GA1UdIwQY
MBaAFBX9OATgC54GqCztnwezT+P9gDlOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmYwNEJPQUxuZ2FvTE8yZkI3TlA0XzJBT1U0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS9iZTNjNDAtMTIxMC00MjcyLWE1ZWEt
NzgzNWQzMjA4Mzk2LzEvYXRDOV83S0g4NFlLaHhlUU1LSXBkQ2dTT0FFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS9iZTNjNDAtMTIxMC00MjcyLWE1ZWEtNzgzNWQzMjA4Mzk2
LzEvRmYwNEJPQUxuZ2FvTE8yZkI3TlA0XzJBT1U0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGtBggrBgEFBQcBBwEB/wSBnTCBmjBYBAIAATBSMAwDBAIF
tiwDBAAFti4DBAItn3ADBAA+AyoDBAJV0PwDBAK5BBwwDAMEALkyJQMEA7kyIAME
Arl0oAMEArnVpAMEArn/WAMEAcGNQAMEAMGNfzA+BAIAAjA4AwcBKgWrgAAAMBID
BwAqBauAAAMDBwAqBauAAAQDBwAqBauAAQADBwAqBauAAgADBwAqBauAAwAwDQYJ
KoZIhvcNAQELBQADggEBAARW9ODnE61AyR+seT/nk/y8RqMZhCybHYGyDJ1T75F4
48Q+HCjCZrcxm5wBecAuhvlR85Nd5k3ryLfPCyWxJhsORz0+UjoBMmBoDnnwbKxm
HLjpJaq9Rst8mDzd7YnsQXOw2+KEFriRur5LWJ1pp7qC9Ff61QexaKa/zcN6AKR3
uPHGvJm7QqQ3ufcD/sQ/7mrLs3VfWPZeHETHa+gLvnpzFtpl64d7umaiAmyhXS6k
PVkE92zNdxPUWBdkbd95aiUOzGF5YwrlfisU7ZaO2OmF1Q0qYl7ttsdYBvP48u/O
Iz9WMVTBe5oX66OuC3P5B9lsi9YlwhgKJBplGdj+1ic=
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:56:30 2026 by rpki-client