Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/a5d27b-26c0-4eb3-89bc-b9f298a798e4/1/1raBdrG8cJ9Bp5UTf1-3ySXpvNU.roa
File: 1raBdrG8cJ9Bp5UTf1-3ySXpvNU.roa (raw, json)
Hash identifier: nidyHf42+8qviczWax8TG8WbQgA/HNtQCPEG+F+WBIY=
Subject key identifier: D6:B6:81:76:B1:BC:70:9F:41:A7:95:13:7F:5F:B7:C9:25:E9:BC:D5
Certificate issuer: /CN=ad243dcff0cb38211f7fe7db3f913169b44cf456
Certificate serial: 019E028033CD6CF9C4B7D797ED4292BA8942
Authority key identifier: AD:24:3D:CF:F0:CB:38:21:1F:7F:E7:DB:3F:91:31:69:B4:4C:F4:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rSQ9z_DLOCEff-fbP5ExabRM9FY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/a5d27b-26c0-4eb3-89bc-b9f298a798e4/1/1raBdrG8cJ9Bp5UTf1-3ySXpvNU.roa
Signing time: Thu 07 May 2026 12:53:36 +0000
ROA not before: Thu 07 May 2026 12:53:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 25400
IP address blocks: 46.15.0.0/16 maxlen: 16
46.212.0.0/17 maxlen: 17
46.212.0.0/20 maxlen: 20
46.212.16.0/20 maxlen: 20
46.212.48.0/20 maxlen: 20
46.212.64.0/21 maxlen: 21
46.212.72.0/21 maxlen: 21
46.212.80.0/21 maxlen: 21
46.212.88.0/21 maxlen: 21
46.212.128.0/17 maxlen: 17
46.249.224.0/19 maxlen: 19
62.73.192.0/18 maxlen: 18
62.97.160.0/19 maxlen: 19
62.113.128.0/19 maxlen: 19
62.141.128.0/19 maxlen: 19
78.156.0.0/19 maxlen: 24
80.232.0.0/17 maxlen: 17
80.239.0.0/17 maxlen: 17
82.194.192.0/19 maxlen: 19
84.38.144.0/20 maxlen: 20
84.208.0.0/13 maxlen: 17
84.210.128.0/20 maxlen: 20
84.213.128.0/20 maxlen: 20
84.213.144.0/20 maxlen: 20
84.214.0.0/20 maxlen: 20
84.214.16.0/20 maxlen: 20
84.214.32.0/20 maxlen: 20
84.214.64.0/20 maxlen: 20
84.214.114.0/24 maxlen: 24
84.214.192.0/24 maxlen: 24
84.214.193.0/24 maxlen: 24
85.19.0.0/16 maxlen: 16
89.8.0.0/15 maxlen: 15
89.9.254.0/24 maxlen: 24
89.254.64.0/18 maxlen: 18
93.124.128.0/17 maxlen: 17
109.108.192.0/19 maxlen: 19
109.163.0.0/17 maxlen: 17
109.163.124.0/24 maxlen: 24
158.58.152.0/21 maxlen: 21
158.58.152.0/23 maxlen: 23
176.11.0.0/16 maxlen: 16
176.74.208.0/21 maxlen: 21
178.17.144.0/20 maxlen: 20
178.232.0.0/16 maxlen: 16
185.46.224.0/22 maxlen: 22
185.71.208.0/22 maxlen: 22
185.72.96.0/22 maxlen: 22
185.97.84.0/22 maxlen: 22
185.138.32.0/22 maxlen: 22
185.201.120.0/22 maxlen: 22
188.113.64.0/18 maxlen: 18
188.124.128.0/19 maxlen: 19
188.124.145.0/24 maxlen: 24
188.126.192.0/19 maxlen: 19
188.126.197.0/24 maxlen: 24
188.126.200.0/21 maxlen: 21
195.70.160.0/19 maxlen: 19
212.20.192.0/19 maxlen: 19
212.37.224.0/19 maxlen: 19
212.45.160.0/19 maxlen: 19
212.125.192.0/18 maxlen: 18
212.169.64.0/18 maxlen: 18
213.188.0.0/19 maxlen: 19
213.225.64.0/18 maxlen: 18
213.236.128.0/17 maxlen: 17
213.236.171.0/24 maxlen: 24
217.68.96.0/19 maxlen: 19
2a00:a540::/32 maxlen: 32
2a02:228::/29 maxlen: 29
2a02:fe0::/29 maxlen: 40
2a02:fe0:dd05::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/a5d27b-26c0-4eb3-89bc-b9f298a798e4/1/rSQ9z_DLOCEff-fbP5ExabRM9FY.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/a5d27b-26c0-4eb3-89bc-b9f298a798e4/1/rSQ9z_DLOCEff-fbP5ExabRM9FY.mft
rsync://rpki.ripe.net/repository/DEFAULT/rSQ9z_DLOCEff-fbP5ExabRM9FY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:02:80:33:cd:6c:f9:c4:b7:d7:97:ed:42:92:ba:89:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad243dcff0cb38211f7fe7db3f913169b44cf456
Validity
Not Before: May 7 12:53:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d6b68176b1bc709f41a795137f5fb7c925e9bcd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:fc:80:e4:3a:64:79:7c:0b:29:8c:ad:61:1a:
20:0b:7a:15:85:bb:89:60:ef:45:d1:55:28:27:07:
df:c6:25:68:eb:e9:1d:52:1a:aa:d1:f7:3e:5f:8c:
38:b8:53:71:1c:8a:6a:9c:d2:0c:32:6c:7c:ba:c4:
01:01:ab:1c:62:83:38:2e:d4:a4:b7:22:a6:64:1f:
a9:b3:17:fc:8f:4d:74:45:7e:c6:f6:33:30:1c:36:
7f:37:0a:7c:2e:9d:fd:79:d8:21:59:8c:23:55:b5:
f8:ba:a3:6a:39:da:a8:2a:c1:7a:11:98:fd:03:9b:
36:ea:9d:38:c5:b2:62:b4:c2:a1:2d:27:fe:f9:9a:
1e:0b:e5:30:9e:04:aa:b5:da:6c:0b:ac:f7:6f:a2:
72:02:f7:04:75:30:ec:ff:35:88:36:0c:66:8d:c0:
8f:19:9c:18:26:58:38:c3:2b:8b:be:2c:91:29:75:
d5:2b:24:8a:50:8e:f1:d0:9c:4c:f3:8a:0b:41:73:
34:49:ed:5b:ef:09:65:8b:2a:64:8c:35:22:5e:17:
c7:0a:91:53:99:96:93:98:23:dc:e2:25:52:5a:f7:
dc:59:ce:8d:54:e0:90:81:fc:01:0b:74:2a:99:a4:
f6:de:49:52:66:ae:eb:83:7f:32:95:5c:38:91:fc:
36:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:B6:81:76:B1:BC:70:9F:41:A7:95:13:7F:5F:B7:C9:25:E9:BC:D5
X509v3 Authority Key Identifier:
keyid:AD:24:3D:CF:F0:CB:38:21:1F:7F:E7:DB:3F:91:31:69:B4:4C:F4:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rSQ9z_DLOCEff-fbP5ExabRM9FY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/a5d27b-26c0-4eb3-89bc-b9f298a798e4/1/1raBdrG8cJ9Bp5UTf1-3ySXpvNU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/a5d27b-26c0-4eb3-89bc-b9f298a798e4/1/rSQ9z_DLOCEff-fbP5ExabRM9FY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.15.0.0/16
46.212.0.0/16
46.249.224.0/19
62.73.192.0/18
62.97.160.0/19
62.113.128.0/19
62.141.128.0/19
78.156.0.0/19
80.232.0.0/17
80.239.0.0/17
82.194.192.0/19
84.38.144.0/20
84.208.0.0/13
85.19.0.0/16
89.8.0.0/15
89.254.64.0/18
93.124.128.0/17
109.108.192.0/19
109.163.0.0/17
158.58.152.0/21
176.11.0.0/16
176.74.208.0/21
178.17.144.0/20
178.232.0.0/16
185.46.224.0/22
185.71.208.0/22
185.72.96.0/22
185.97.84.0/22
185.138.32.0/22
185.201.120.0/22
188.113.64.0/18
188.124.128.0/19
188.126.192.0/19
195.70.160.0/19
212.20.192.0/19
212.37.224.0/19
212.45.160.0/19
212.125.192.0/18
212.169.64.0/18
213.188.0.0/19
213.225.64.0/18
213.236.128.0/17
217.68.96.0/19
IPv6:
2a00:a540::/32
2a02:228::/29
2a02:fe0::/29
Signature Algorithm: sha256WithRSAEncryption
65:46:79:2e:35:1d:34:e0:06:7b:bc:7f:3a:73:66:c2:2d:f9:
7d:0c:36:8d:f4:74:3b:75:53:05:ea:c8:bc:28:56:23:b0:a0:
76:ce:64:e4:4d:07:03:37:4e:f0:f5:6a:ec:00:17:06:94:95:
e6:67:c3:ab:60:9a:64:17:44:17:bb:bf:78:28:b9:ac:75:78:
04:55:98:42:48:78:8b:70:82:d3:8d:b6:31:f6:03:77:08:17:
ea:08:9f:de:33:53:b6:5f:c4:6e:e0:ea:ea:bb:49:b8:0e:2c:
3a:e0:cf:1a:bc:cf:8a:82:21:13:b9:8e:85:97:b7:cb:70:1d:
71:85:ff:f5:7c:50:93:9e:eb:ff:9c:62:cc:f8:b0:4e:d9:f5:
b0:c9:24:74:cd:c5:23:1e:2d:74:53:53:47:38:d3:75:d6:79:
4e:1e:28:71:a2:e7:01:d6:a8:28:49:3d:3d:3d:e0:99:ee:25:
6e:b1:3b:82:4d:2e:96:1a:29:e7:7d:fb:85:40:38:bf:07:60:
55:ff:62:bf:80:f9:65:eb:3e:0d:d4:7f:c9:1d:e9:4b:a0:bb:
80:35:b2:8a:1f:70:46:a3:19:d5:b4:ce:33:9a:a4:b5:e6:af:
80:95:a2:9b:22:ad:01:75:b0:a3:a7:ca:76:e5:3f:7b:14:6e:
d2:c5:a5:4f
-----BEGIN CERTIFICATE-----
MIIGGDCCBQCgAwIBAgISAZ4CgDPNbPnEt9eX7UKSuolCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMjQzZGNmZjBjYjM4MjExZjdmZTdkYjNmOTEzMTY5YjQ0
Y2Y0NTYwHhcNMjYwNTA3MTI1MzM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmI2ODE3NmIxYmM3MDlmNDFhNzk1MTM3ZjVmYjdjOTI1ZTliY2Q1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/yA5DpkeXwLKYytYRogC3oVhbuJ
YO9F0VUoJwffxiVo6+kdUhqq0fc+X4w4uFNxHIpqnNIMMmx8usQBAascYoM4LtSk
tyKmZB+psxf8j010RX7G9jMwHDZ/Nwp8Lp39edghWYwjVbX4uqNqOdqoKsF6EZj9
A5s26p04xbJitMKhLSf++ZoeC+UwngSqtdpsC6z3b6JyAvcEdTDs/zWINgxmjcCP
GZwYJlg4wyuLviyRKXXVKySKUI7x0JxM84oLQXM0Se1b7wlliypkjDUiXhfHCpFT
mZaTmCPc4iVSWvfcWc6NVOCQgfwBC3QqmaT23klSZq7rg38ylVw4kfw2UQIDAQAB
o4IDJDCCAyAwHQYDVR0OBBYEFNa2gXaxvHCfQaeVE39ft8kl6bzVMB8GA1UdIwQY
MBaAFK0kPc/wyzghH3/n2z+RMWm0TPRWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclNROXpfRExPQ0VmZi1mYlA1RXhhYlJNOUZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9hNWQyN2ItMjZjMC00ZWIzLTg5YmMt
YjlmMjk4YTc5OGU0LzEvMXJhQmRyRzhjSjlCcDVVVGYxLTN5U1hwdk5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9hNWQyN2ItMjZjMC00ZWIzLTg5YmMtYjlmMjk4YTc5OGU0
LzEvclNROXpfRExPQ0VmZi1mYlA1RXhhYlJNOUZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBOAYIKwYBBQUHAQcBAf8EggEnMIIBIzCCAQIEAgABMIH7
AwMALg8DAwAu1AMEBS754AMEBj5JwAMEBT5hoAMEBT5xgAMEBT6NgAMEBU6cAAME
B1DoAAMEB1DvAAMEBVLCwAMEBFQmkAMDA1TQAwMAVRMDAwFZCAMEBln+QAMEB118
gAMEBW1swAMEB22jAAMEA546mAMDALALAwQDsErQAwQEshGQAwMAsugDBAK5LuAD
BAK5R9ADBAK5SGADBAK5YVQDBAK5iiADBAK5yXgDBAa8cUADBAW8fIADBAW8fsAD
BAXDRqADBAXUFMADBAXUJeADBAXULaADBAbUfcADBAbUqUADBAXVvAADBAbV4UAD
BAfV7IADBAXZRGAwGwQCAAIwFQMFACoApUADBQMqAgIoAwUDKgIP4DANBgkqhkiG
9w0BAQsFAAOCAQEAZUZ5LjUdNOAGe7x/OnNmwi35fQw2jfR0O3VTBerIvChWI7Cg
ds5k5E0HAzdO8PVq7AAXBpSV5mfDq2CaZBdEF7u/eCi5rHV4BFWYQkh4i3CC0422
MfYDdwgX6gif3jNTtl/EbuDq6rtJuA4sOuDPGrzPioIhE7mOhZe3y3AdcYX/9XxQ
k57r/5xizPiwTtn1sMkkdM3FIx4tdFNTRzjTddZ5Th4ocaLnAdaoKEk9PT3gme4l
brE7gk0ulhop5337hUA4vwdgVf9iv4D5Zes+DdR/yR3pS6C7gDWyih9wRqMZ1bTO
M5qkteavgJWimyKtAXWwo6fKduU/exRu0sWlTw==
-----END CERTIFICATE-----
Generated at Tue May 12 21:32:55 2026 by rpki-client