Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/8w9TbktUDckGFMT_qaJ1onJV3CI.roa
File: 8w9TbktUDckGFMT_qaJ1onJV3CI.roa (raw, json)
Hash identifier: uVhgTAs1M/P9SGDSnJF+7dpI5Wsuu/hr05E0P83szyY=
Subject key identifier: F3:0F:53:6E:4B:54:0D:C9:06:14:C4:FF:A9:A2:75:A2:72:55:DC:22
Certificate issuer: /CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Certificate serial: 019DFD92B3D1F9EECF2453ECD4A15BDDA738
Authority key identifier: 27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/8w9TbktUDckGFMT_qaJ1onJV3CI.roa
Signing time: Wed 06 May 2026 13:55:43 +0000
ROA not before: Wed 06 May 2026 13:55:43 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 30058
IP address blocks: 62.105.210.0/23 maxlen: 23
62.105.212.0/23 maxlen: 23
62.192.98.0/23 maxlen: 23
62.192.104.0/23 maxlen: 23
62.192.116.0/23 maxlen: 23
62.192.118.0/23 maxlen: 23
135.196.6.0/24 maxlen: 24
135.196.9.0/24 maxlen: 24
135.196.23.0/24 maxlen: 24
135.196.27.0/24 maxlen: 24
135.196.31.0/24 maxlen: 24
135.196.35.0/24 maxlen: 24
135.196.98.0/24 maxlen: 24
135.196.105.0/24 maxlen: 24
135.196.116.0/24 maxlen: 24
135.196.186.0/23 maxlen: 23
213.169.208.0/22 maxlen: 22
213.169.212.0/22 maxlen: 22
213.169.216.0/23 maxlen: 23
213.169.224.0/23 maxlen: 23
213.169.228.0/23 maxlen: 23
213.169.230.0/23 maxlen: 23
213.169.246.0/23 maxlen: 23
213.169.250.0/23 maxlen: 23
213.169.252.0/23 maxlen: 23
217.117.160.0/24 maxlen: 24
217.117.164.0/22 maxlen: 22
217.117.168.0/22 maxlen: 22
217.117.172.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.mft
rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:fd:92:b3:d1:f9:ee:cf:24:53:ec:d4:a1:5b:dd:a7:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Validity
Not Before: May 6 13:55:43 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f30f536e4b540dc90614c4ffa9a275a27255dc22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:b6:28:23:ec:1c:3d:77:49:ad:6d:4e:33:7c:
27:f9:03:46:be:7c:1e:92:ce:63:e3:98:1a:ce:fe:
20:13:99:b0:8f:6c:8d:52:79:08:d2:c9:d3:c5:d9:
89:79:6e:f7:84:02:f7:8c:16:e0:b2:f0:4a:8a:6d:
be:41:7b:2e:31:50:90:d8:77:ed:da:5a:47:fe:d1:
a7:ba:a1:ba:43:4e:7e:33:a6:2c:19:45:36:69:c7:
e1:47:3f:67:d7:44:9b:f6:eb:dd:f5:9c:d6:d0:4a:
02:49:1b:9d:73:2c:a1:41:c7:67:cf:40:35:aa:ce:
8e:f6:af:d6:3a:79:9e:bf:f1:97:31:c6:ba:db:94:
96:29:13:50:f9:2d:94:b5:4e:2e:1c:c5:9c:54:d3:
bf:76:f6:0e:1a:37:7e:93:0b:eb:f0:25:0f:7e:ec:
d6:04:1f:32:8e:6e:4b:23:b6:84:84:f3:1c:97:8c:
1a:9a:02:a4:bb:dd:f3:2b:36:4f:b7:f5:32:97:e6:
92:36:68:78:4b:69:bf:a0:95:fe:6c:85:d3:82:6b:
14:8d:2f:d4:75:b5:a1:00:e6:85:22:ed:35:8b:31:
e3:25:b7:b3:81:15:41:c2:b6:8d:92:7d:bd:e4:43:
a9:66:03:45:0e:59:3d:8c:11:f6:2e:c3:e2:26:6c:
de:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:0F:53:6E:4B:54:0D:C9:06:14:C4:FF:A9:A2:75:A2:72:55:DC:22
X509v3 Authority Key Identifier:
keyid:27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/8w9TbktUDckGFMT_qaJ1onJV3CI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.105.210.0-62.105.213.255
62.192.98.0/23
62.192.104.0/23
62.192.116.0/22
135.196.6.0/24
135.196.9.0/24
135.196.23.0/24
135.196.27.0/24
135.196.31.0/24
135.196.35.0/24
135.196.98.0/24
135.196.105.0/24
135.196.116.0/24
135.196.186.0/23
213.169.208.0-213.169.217.255
213.169.224.0/23
213.169.228.0/22
213.169.246.0/23
213.169.250.0-213.169.253.255
217.117.160.0/24
217.117.164.0-217.117.175.255
Signature Algorithm: sha256WithRSAEncryption
89:c5:2a:87:da:e9:d6:30:cf:52:88:c7:f7:70:aa:79:4b:5a:
b1:a3:d3:5b:b6:48:1d:e7:cc:5a:0f:a1:3f:57:e8:dd:98:a3:
d7:23:af:75:2c:a3:5f:e9:d6:b9:6b:6b:3d:a4:da:30:45:29:
23:7b:19:f2:10:e0:10:aa:dc:ba:66:b0:76:d0:cd:d5:fb:a6:
71:ab:96:42:07:16:57:a7:ab:2f:40:38:ed:02:44:7b:6d:a4:
ef:43:a6:9a:11:ce:ea:27:72:05:31:76:07:4f:13:3b:6e:8b:
d9:f3:39:ed:6e:40:62:df:7d:b5:91:5e:93:b3:72:93:53:11:
31:8f:19:43:de:d4:20:87:2b:75:14:11:ec:85:5d:44:b7:da:
1c:05:91:b3:5a:38:00:4e:ce:ed:fa:6c:d5:0b:1c:19:36:8a:
be:6c:76:11:66:7b:26:54:41:3b:1a:bd:af:ca:a8:7f:9c:49:
aa:5c:1b:53:7e:8e:59:f6:a9:9f:d2:cc:d2:68:cb:10:26:a6:
c4:92:12:2c:5f:a3:be:fd:cc:b6:bc:c8:68:86:70:5e:69:c9:
48:c8:8e:26:1b:03:69:a0:83:bc:94:c2:9d:43:b6:de:44:4f:
a5:c1:e6:dd:bb:69:ec:f3:87:e5:5c:34:b6:43:4d:16:fa:d8:
a5:e8:24:6f
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgISAZ39krPR+e7PJFPs1KFb3ac4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OWRiZmRmNGMyMGJkYWU4ZDYxMTg1NjZlY2U3NjQ0NGU0
NmQxNzEwHhcNMjYwNTA2MTM1NTQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzBmNTM2ZTRiNTQwZGM5MDYxNGM0ZmZhOWEyNzVhMjcyNTVkYzIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAurYoI+wcPXdJrW1OM3wn+QNGvnwe
ks5j45gazv4gE5mwj2yNUnkI0snTxdmJeW73hAL3jBbgsvBKim2+QXsuMVCQ2Hft
2lpH/tGnuqG6Q05+M6YsGUU2acfhRz9n10Sb9uvd9ZzW0EoCSRudcyyhQcdnz0A1
qs6O9q/WOnmev/GXMca625SWKRNQ+S2UtU4uHMWcVNO/dvYOGjd+kwvr8CUPfuzW
BB8yjm5LI7aEhPMcl4wamgKku93zKzZPt/Uyl+aSNmh4S2m/oJX+bIXTgmsUjS/U
dbWhAOaFIu01izHjJbezgRVBwraNkn295EOpZgNFDlk9jBH2LsPiJmzeNwIDAQAB
o4ICpjCCAqIwHQYDVR0OBBYEFPMPU25LVA3JBhTE/6midaJyVdwiMB8GA1UdIwQY
MBaAFCedv99MIL2ujWEYVm7OdkRORtFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEt
MGNmMTA5M2Q0NTQ4LzEvOHc5VGJrdFVEY2tHRk1UX3FhSjFvbkpWM0NJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEtMGNmMTA5M2Q0NTQ4
LzEvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG7BggrBgEFBQcBBwEB/wSBqzCBqDCBpQQCAAEwgZ4wDAME
AT5p0gMEAT5p1AMEAT7AYgMEAT7AaAMEAj7AdAMEAIfEBgMEAIfECQMEAIfEFwME
AIfEGwMEAIfEHwMEAIfEIwMEAIfEYgMEAIfEaQMEAIfEdAMEAYfEujAMAwQE1anQ
AwQB1anYAwQB1angAwQC1ankAwQB1an2MAwDBAHVqfoDBAHVqfwDBADZdaAwDAME
Atl1pAMEBNl1oDANBgkqhkiG9w0BAQsFAAOCAQEAicUqh9rp1jDPUojH93CqeUta
saPTW7ZIHefMWg+hP1fo3Zij1yOvdSyjX+nWuWtrPaTaMEUpI3sZ8hDgEKrcumaw
dtDN1fumcauWQgcWV6erL0A47QJEe22k70OmmhHO6idyBTF2B08TO26L2fM57W5A
Yt99tZFek7Nyk1MRMY8ZQ97UIIcrdRQR7IVdRLfaHAWRs1o4AE7O7fps1QscGTaK
vmx2EWZ7JlRBOxq9r8qof5xJqlwbU36OWfapn9LM0mjLECamxJISLF+jvv3MtrzI
aIZwXmnJSMiOJhsDaaCDvJTCnUO23kRPpcHm3btp7POH5Vw0tkNNFvrYpegkbw==
-----END CERTIFICATE-----
Generated at Wed May 13 00:54:00 2026 by rpki-client