Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/2b5f5f-bb96-4b31-8a6a-dd115f9e3301/1/Ifo6NwD56xJA6y61SpEQqvLf_R8.roa
File: Ifo6NwD56xJA6y61SpEQqvLf_R8.roa (raw, json)
Hash identifier: ArTm2IJOiT2dFcspxzA0JNm1iU6P54xELTMvSTOHQ8U=
Subject key identifier: 21:FA:3A:37:00:F9:EB:12:40:EB:2E:B5:4A:91:10:AA:F2:DF:FD:1F
Certificate issuer: /CN=e909ee3d618974da0cbd805a2da80410a4989881
Certificate serial: 019D2441B4035EC6B07BAA30ABD6E4392502
Authority key identifier: E9:09:EE:3D:61:89:74:DA:0C:BD:80:5A:2D:A8:04:10:A4:98:98:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6QnuPWGJdNoMvYBaLagEEKSYmIE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/2b5f5f-bb96-4b31-8a6a-dd115f9e3301/1/Ifo6NwD56xJA6y61SpEQqvLf_R8.roa
Signing time: Wed 25 Mar 2026 09:09:38 +0000
ROA not before: Wed 25 Mar 2026 09:09:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 30781
IP address blocks: 5.226.0.0/21 maxlen: 24
31.7.248.0/21 maxlen: 24
31.172.160.0/22 maxlen: 24
31.172.232.0/21 maxlen: 24
37.26.184.0/21 maxlen: 24
37.61.240.0/21 maxlen: 24
37.110.192.0/21 maxlen: 24
37.156.226.0/24 maxlen: 24
46.22.192.0/20 maxlen: 24
46.102.116.0/24 maxlen: 24
46.231.216.0/21 maxlen: 24
46.247.128.0/22 maxlen: 24
46.255.200.0/21 maxlen: 24
77.72.88.0/21 maxlen: 24
77.246.80.0/20 maxlen: 24
78.153.224.0/19 maxlen: 24
82.163.36.0/22 maxlen: 24
82.196.24.0/21 maxlen: 24
85.31.192.0/19 maxlen: 24
87.121.136.0/21 maxlen: 24
88.212.144.0/21 maxlen: 24
89.37.106.0/24 maxlen: 24
89.44.77.0/24 maxlen: 24
89.44.210.0/24 maxlen: 24
91.224.162.0/23 maxlen: 24
91.226.193.0/24 maxlen: 24
91.250.244.0/24 maxlen: 24
94.100.160.0/20 maxlen: 24
95.143.64.0/20 maxlen: 24
149.232.160.0/20 maxlen: 24
176.241.120.0/21 maxlen: 24
185.4.60.0/23 maxlen: 24
185.4.62.0/24 maxlen: 24
185.15.140.0/22 maxlen: 24
185.53.80.0/22 maxlen: 24
185.61.184.0/21 maxlen: 24
185.62.184.0/22 maxlen: 24
185.65.79.0/24 maxlen: 24
185.78.156.0/22 maxlen: 24
185.91.224.0/22 maxlen: 24
185.92.36.0/22 maxlen: 24
185.114.100.0/22 maxlen: 24
185.116.63.0/24 maxlen: 24
185.209.52.0/22 maxlen: 24
193.39.119.0/24 maxlen: 24
193.151.84.0/22 maxlen: 24
193.151.84.0/24 maxlen: 24
193.151.87.0/24 maxlen: 24
193.189.124.0/23 maxlen: 24
194.42.100.0/23 maxlen: 24
194.116.142.0/23 maxlen: 24
195.43.64.0/23 maxlen: 24
195.128.147.0/24 maxlen: 24
195.189.186.0/23 maxlen: 24
195.234.35.0/24 maxlen: 24
212.18.240.0/21 maxlen: 24
212.85.229.0/24 maxlen: 24
212.85.230.0/23 maxlen: 24
2a00:68c0::/32 maxlen: 48
2a00:78c0::/29 maxlen: 48
2a01:240::/32 maxlen: 48
2a01:290::/32 maxlen: 48
2a02:398::/32 maxlen: 48
2a03:bdc0::/32 maxlen: 48
2a04:cc00::/29 maxlen: 48
2a07:5300::/29 maxlen: 48
2a0b:41c0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/2b5f5f-bb96-4b31-8a6a-dd115f9e3301/1/6QnuPWGJdNoMvYBaLagEEKSYmIE.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/2b5f5f-bb96-4b31-8a6a-dd115f9e3301/1/6QnuPWGJdNoMvYBaLagEEKSYmIE.mft
rsync://rpki.ripe.net/repository/DEFAULT/6QnuPWGJdNoMvYBaLagEEKSYmIE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:24:41:b4:03:5e:c6:b0:7b:aa:30:ab:d6:e4:39:25:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e909ee3d618974da0cbd805a2da80410a4989881
Validity
Not Before: Mar 25 09:09:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=21fa3a3700f9eb1240eb2eb54a9110aaf2dffd1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:43:57:10:89:3c:d2:00:44:d4:c4:c6:b1:26:
90:13:e0:f5:b5:44:71:b1:ef:77:9b:53:eb:bf:44:
c2:d4:78:56:4d:0d:ab:94:34:96:25:c2:38:9e:d1:
c1:03:ac:ff:79:f5:6a:8a:25:5d:fb:c4:b4:63:8a:
bf:bf:e4:94:aa:08:47:cb:35:44:c9:63:5b:a1:b8:
7c:95:0f:29:e0:d1:92:8e:db:f5:9a:41:91:ee:8e:
83:3b:4b:d8:da:94:92:b3:4f:02:1d:ac:7a:25:67:
22:d4:f2:c6:1a:e8:ee:10:a8:a2:3d:ac:4e:48:fe:
9d:0a:0b:28:80:d8:78:7d:28:ce:e3:3c:ac:2f:22:
40:34:a2:59:7c:05:4b:d2:5e:a1:80:b7:8d:85:39:
d1:04:43:ff:6f:0b:48:db:df:0e:89:2f:7c:33:fe:
e6:3d:03:9f:50:59:dc:df:57:4e:0f:2a:99:81:01:
23:9d:87:12:f5:74:41:da:75:6f:7b:bb:62:27:6f:
ed:9e:79:a6:4f:c6:30:78:0c:e5:63:bb:93:20:b0:
a7:1c:d3:bf:5f:f9:23:ce:03:a9:8a:bb:41:f1:7c:
2f:3a:e8:05:93:f0:bb:b8:c9:3a:97:66:d8:d7:c0:
0a:f7:c1:87:d9:8e:9d:1c:80:2d:cd:2e:95:07:2d:
be:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:FA:3A:37:00:F9:EB:12:40:EB:2E:B5:4A:91:10:AA:F2:DF:FD:1F
X509v3 Authority Key Identifier:
keyid:E9:09:EE:3D:61:89:74:DA:0C:BD:80:5A:2D:A8:04:10:A4:98:98:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6QnuPWGJdNoMvYBaLagEEKSYmIE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/2b5f5f-bb96-4b31-8a6a-dd115f9e3301/1/Ifo6NwD56xJA6y61SpEQqvLf_R8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/2b5f5f-bb96-4b31-8a6a-dd115f9e3301/1/6QnuPWGJdNoMvYBaLagEEKSYmIE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.226.0.0/21
31.7.248.0/21
31.172.160.0/22
31.172.232.0/21
37.26.184.0/21
37.61.240.0/21
37.110.192.0/21
37.156.226.0/24
46.22.192.0/20
46.102.116.0/24
46.231.216.0/21
46.247.128.0/22
46.255.200.0/21
77.72.88.0/21
77.246.80.0/20
78.153.224.0/19
82.163.36.0/22
82.196.24.0/21
85.31.192.0/19
87.121.136.0/21
88.212.144.0/21
89.37.106.0/24
89.44.77.0/24
89.44.210.0/24
91.224.162.0/23
91.226.193.0/24
91.250.244.0/24
94.100.160.0/20
95.143.64.0/20
149.232.160.0/20
176.241.120.0/21
185.4.60.0-185.4.62.255
185.15.140.0/22
185.53.80.0/22
185.61.184.0/21
185.62.184.0/22
185.65.79.0/24
185.78.156.0/22
185.91.224.0/22
185.92.36.0/22
185.114.100.0/22
185.116.63.0/24
185.209.52.0/22
193.39.119.0/24
193.151.84.0/22
193.189.124.0/23
194.42.100.0/23
194.116.142.0/23
195.43.64.0/23
195.128.147.0/24
195.189.186.0/23
195.234.35.0/24
212.18.240.0/21
212.85.229.0-212.85.231.255
IPv6:
2a00:68c0::/32
2a00:78c0::/29
2a01:240::/32
2a01:290::/32
2a02:398::/32
2a03:bdc0::/32
2a04:cc00::/29
2a07:5300::/29
2a0b:41c0::/29
Signature Algorithm: sha256WithRSAEncryption
0e:a5:4a:6e:12:55:1b:d4:30:6b:7b:40:68:41:0c:fb:7a:df:
0a:01:9c:d3:d2:cf:1a:3e:56:16:eb:1c:00:e6:07:22:c8:3f:
2a:b3:94:59:e1:3b:00:5f:a6:1f:3a:cc:fe:b4:a1:75:d6:49:
6b:72:3f:3a:d1:c8:ad:b1:23:08:ea:d3:03:a8:c4:a7:95:c8:
5c:f0:e2:5c:35:72:8a:65:39:b5:6a:80:a8:b0:34:26:0c:2a:
89:f2:76:ab:09:00:95:eb:34:b9:9d:90:f6:58:16:a0:ca:9d:
85:9b:45:4f:7a:02:6d:e2:55:00:68:bf:26:21:9b:00:d1:75:
6c:f2:71:1a:02:b5:e7:59:bf:b9:98:b0:b1:6e:43:92:e3:f8:
3c:d6:78:1c:d5:96:80:d9:e3:8a:b2:19:f9:32:4b:f9:92:be:
2d:81:ce:ed:b9:e4:e8:bc:bc:51:4f:32:d0:68:9b:6b:7f:64:
c7:93:31:8c:14:07:f6:6c:e5:a1:1a:24:72:c5:12:dd:1b:8a:
85:90:fb:45:82:b2:28:60:8b:ad:13:75:47:a7:a8:1c:65:65:
97:7f:12:ef:0f:84:b9:5b:b1:f0:f5:c4:6d:fc:77:8e:ba:87:
8d:89:95:4b:2d:d8:e6:cf:8e:20:1a:8e:99:f9:f7:f3:62:f3:
db:3d:a4:73
-----BEGIN CERTIFICATE-----
MIIGnDCCBYSgAwIBAgISAZ0kQbQDXsawe6owq9bkOSUCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5MDllZTNkNjE4OTc0ZGEwY2JkODA1YTJkYTgwNDEwYTQ5
ODk4ODEwHhcNMjYwMzI1MDkwOTM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWZhM2EzNzAwZjllYjEyNDBlYjJlYjU0YTkxMTBhYWYyZGZmZDFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlkNXEIk80gBE1MTGsSaQE+D1tURx
se93m1Prv0TC1HhWTQ2rlDSWJcI4ntHBA6z/efVqiiVd+8S0Y4q/v+SUqghHyzVE
yWNbobh8lQ8p4NGSjtv1mkGR7o6DO0vY2pSSs08CHax6JWci1PLGGujuEKiiPaxO
SP6dCgsogNh4fSjO4zysLyJANKJZfAVL0l6hgLeNhTnRBEP/bwtI298OiS98M/7m
PQOfUFnc31dODyqZgQEjnYcS9XRB2nVve7tiJ2/tnnmmT8YweAzlY7uTILCnHNO/
X/kjzgOpirtB8XwvOugFk/C7uMk6l2bY18AK98GH2Y6dHIAtzS6VBy2+kQIDAQAB
o4IDqDCCA6QwHQYDVR0OBBYEFCH6OjcA+esSQOsutUqREKry3/0fMB8GA1UdIwQY
MBaAFOkJ7j1hiXTaDL2AWi2oBBCkmJiBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlFudVBXR0pkTm9NdllCYUxhZ0VFS1NZbUlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8yYjVmNWYtYmI5Ni00YjMxLThhNmEt
ZGQxMTVmOWUzMzAxLzEvSWZvNk53RDU2eEpBNnk2MVNwRVFxdkxmX1I4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8yYjVmNWYtYmI5Ni00YjMxLThhNmEtZGQxMTVmOWUzMzAx
LzEvNlFudVBXR0pkTm9NdllCYUxhZ0VFS1NZbUlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBvAYIKwYBBQUHAQcBAf8EggGrMIIBpzCCAVwEAgABMIIB
VAMEAwXiAAMEAx8H+AMEAh+soAMEAx+s6AMEAyUauAMEAyU98AMEAyVuwAMEACWc
4gMEBC4WwAMEAC5mdAMEAy7n2AMEAi73gAMEAy7/yAMEA01IWAMEBE32UAMEBU6Z
4AMEAlKjJAMEA1LEGAMEBVUfwAMEA1d5iAMEA1jUkAMEAFklagMEAFksTQMEAFks
0gMEAVvgogMEAFviwQMEAFv69AMEBF5koAMEBF+PQAMEBJXooAMEA7DxeDAMAwQC
uQQ8AwQAuQQ+AwQCuQ+MAwQCuTVQAwQDuT24AwQCuT64AwQAuUFPAwQCuU6cAwQC
uVvgAwQCuVwkAwQCuXJkAwQAuXQ/AwQCudE0AwQAwSd3AwQCwZdUAwQBwb18AwQB
wipkAwQBwnSOAwQBwytAAwQAw4CTAwQBw726AwQAw+ojAwQD1BLwMAwDBADUVeUD
BAPUVeAwRQQCAAIwPwMFACoAaMADBQMqAHjAAwUAKgECQAMFACoBApADBQAqAgOY
AwUAKgO9wAMFAyoEzAADBQMqB1MAAwUDKgtBwDANBgkqhkiG9w0BAQsFAAOCAQEA
DqVKbhJVG9Qwa3tAaEEM+3rfCgGc09LPGj5WFuscAOYHIsg/KrOUWeE7AF+mHzrM
/rShddZJa3I/OtHIrbEjCOrTA6jEp5XIXPDiXDVyimU5tWqAqLA0JgwqifJ2qwkA
les0uZ2Q9lgWoMqdhZtFT3oCbeJVAGi/JiGbANF1bPJxGgK151m/uZiwsW5DkuP4
PNZ4HNWWgNnjirIZ+TJL+ZK+LYHO7bnk6Ly8UU8y0Giba39kx5MxjBQH9mzloRok
csUS3RuKhZD7RYKyKGCLrRN1R6eoHGVll38S7w+EuVux8PXEbfx3jrqHjYmVSy3Y
5s+OIBqOmfn382Lz2z2kcw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 05:26:19 2026 by rpki-client