Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/8C2rNpK0bo-5H3n_8Vdac41pV-s.roa
File: 8C2rNpK0bo-5H3n_8Vdac41pV-s.roa (raw, json)
Hash identifier: RN3A9BXDyd9+c1D+7ZirRXgWPXfUFRbvjrZAwDHi/G0=
Subject key identifier: F0:2D:AB:36:92:B4:6E:8F:B9:1F:79:FF:F1:57:5A:73:8D:69:57:EB
Certificate issuer: /CN=505127723ea0cfd0724713b291734caa353e20ea
Certificate serial: 019DF506B029BD4D6B7137EFBC315DD3071F
Authority key identifier: 50:51:27:72:3E:A0:CF:D0:72:47:13:B2:91:73:4C:AA:35:3E:20:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UFEncj6gz9ByRxOykXNMqjU-IOo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/8C2rNpK0bo-5H3n_8Vdac41pV-s.roa
Signing time: Mon 04 May 2026 22:05:49 +0000
ROA not before: Mon 04 May 2026 22:05:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 25693
IP address blocks: 59.152.124.0/22 maxlen: 24
62.3.10.0/24 maxlen: 24
62.106.64.0/24 maxlen: 24
85.8.149.0/24 maxlen: 24
85.8.151.0/24 maxlen: 24
91.242.232.0/24 maxlen: 24
146.19.197.0/24 maxlen: 24
185.118.133.0/24 maxlen: 24
185.118.134.0/24 maxlen: 24
185.147.156.0/24 maxlen: 24
185.147.158.0/24 maxlen: 24
185.213.17.0/24 maxlen: 24
185.214.143.0/24 maxlen: 24
185.214.241.0/24 maxlen: 24
185.214.242.0/24 maxlen: 24
193.9.50.0/24 maxlen: 24
193.163.204.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/UFEncj6gz9ByRxOykXNMqjU-IOo.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/UFEncj6gz9ByRxOykXNMqjU-IOo.mft
rsync://rpki.ripe.net/repository/DEFAULT/UFEncj6gz9ByRxOykXNMqjU-IOo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 04:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:f5:06:b0:29:bd:4d:6b:71:37:ef:bc:31:5d:d3:07:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=505127723ea0cfd0724713b291734caa353e20ea
Validity
Not Before: May 4 22:05:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f02dab3692b46e8fb91f79fff1575a738d6957eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:55:bf:5f:2e:d3:c2:4d:9f:99:f4:16:bc:56:
dd:64:62:06:b9:81:7b:6f:d0:ef:b2:f7:c6:6b:ca:
37:3d:cb:1a:94:5c:1f:93:a7:72:bb:ae:21:4b:91:
4f:fe:82:9d:ae:b6:29:e5:d9:4f:51:9e:e9:ef:67:
50:4a:2e:2f:c2:1d:e7:60:71:d6:94:7f:eb:79:48:
b2:63:33:5b:bd:e3:7f:fb:51:18:dd:0e:9e:21:a9:
8f:b2:a5:f0:4e:8a:ad:05:3d:86:91:db:8e:9d:10:
79:e0:1c:7b:ef:54:be:21:80:6c:d1:00:9e:3c:e0:
3b:30:c7:02:55:aa:8d:c3:d6:35:9c:a1:04:d1:55:
1f:7a:7d:55:21:ae:2e:42:fb:d2:aa:11:fa:fe:0a:
9d:32:7d:1f:20:85:29:d5:a3:8e:6f:2b:ea:e2:29:
6c:ef:db:07:66:d9:00:0c:e0:a6:91:2f:0b:62:42:
42:f0:8c:43:8e:07:1a:f7:14:2a:15:a2:89:dd:75:
c4:62:14:b4:fd:2c:9b:0f:f1:e9:67:4d:0d:71:d7:
ba:7d:93:ba:58:2c:1e:b4:91:77:48:bb:ea:b6:c4:
6d:3b:3b:6d:8a:dc:fa:b3:3c:ed:be:02:1e:47:18:
5e:7c:11:19:88:c4:b6:96:eb:29:98:d8:04:bc:13:
70:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:2D:AB:36:92:B4:6E:8F:B9:1F:79:FF:F1:57:5A:73:8D:69:57:EB
X509v3 Authority Key Identifier:
keyid:50:51:27:72:3E:A0:CF:D0:72:47:13:B2:91:73:4C:AA:35:3E:20:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UFEncj6gz9ByRxOykXNMqjU-IOo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/8C2rNpK0bo-5H3n_8Vdac41pV-s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/UFEncj6gz9ByRxOykXNMqjU-IOo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
59.152.124.0/22
62.3.10.0/24
62.106.64.0/24
85.8.149.0/24
85.8.151.0/24
91.242.232.0/24
146.19.197.0/24
185.118.133.0-185.118.134.255
185.147.156.0/24
185.147.158.0/24
185.213.17.0/24
185.214.143.0/24
185.214.241.0-185.214.242.255
193.9.50.0/24
193.163.204.0/24
Signature Algorithm: sha256WithRSAEncryption
43:5e:9e:71:ff:59:5e:85:be:2b:04:32:6c:cd:b3:1c:33:41:
76:f0:5e:58:9f:16:97:41:e2:38:01:68:59:72:0e:a6:f1:42:
0a:39:05:89:f4:ea:8c:17:3e:e5:0f:28:18:b1:7c:0a:d6:71:
0a:98:c9:f2:ea:4a:3e:37:65:0e:00:f2:67:a0:2d:38:c2:d1:
25:06:8a:bd:60:e0:d2:44:34:fb:c2:e3:80:a6:b9:42:d2:43:
dc:0c:e3:5d:fc:59:01:d9:6c:77:d6:2b:e7:c1:32:84:3c:31:
0f:7e:be:42:68:43:40:36:0b:f8:80:49:fb:ca:70:53:d9:71:
22:21:cf:af:bb:86:09:a3:a6:eb:4f:80:8d:dc:97:ed:9f:93:
c7:cc:57:d4:f5:5a:ee:2e:2a:f1:09:d3:1f:6d:3e:14:c1:b4:
fc:c9:5d:a8:d2:39:85:57:89:99:b8:2e:72:1b:44:c0:54:10:
ed:be:af:53:f5:5a:0c:f9:35:0d:74:31:03:8b:cf:83:03:85:
1d:fa:e8:31:d6:37:70:5e:3b:31:87:d8:e1:a2:69:5c:fd:b3:
90:4f:da:47:4f:36:9f:00:09:09:14:b3:97:74:58:cb:d5:9b:
67:68:44:ed:93:1a:41:c9:2d:de:2f:9d:18:5f:ca:84:66:85:
0a:78:fc:16
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAZ31BrApvU1rcTfvvDFd0wcfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNTEyNzcyM2VhMGNmZDA3MjQ3MTNiMjkxNzM0Y2FhMzUz
ZTIwZWEwHhcNMjYwNTA0MjIwNTQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDJkYWIzNjkyYjQ2ZThmYjkxZjc5ZmZmMTU3NWE3MzhkNjk1N2ViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwlW/Xy7Twk2fmfQWvFbdZGIGuYF7
b9DvsvfGa8o3PcsalFwfk6dyu64hS5FP/oKdrrYp5dlPUZ7p72dQSi4vwh3nYHHW
lH/reUiyYzNbveN/+1EY3Q6eIamPsqXwToqtBT2GkduOnRB54Bx771S+IYBs0QCe
POA7MMcCVaqNw9Y1nKEE0VUfen1VIa4uQvvSqhH6/gqdMn0fIIUp1aOObyvq4ils
79sHZtkADOCmkS8LYkJC8IxDjgca9xQqFaKJ3XXEYhS0/SybD/HpZ00Ncde6fZO6
WCwetJF3SLvqtsRtOzttitz6szztvgIeRxhefBEZiMS2luspmNgEvBNwdQIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFPAtqzaStG6PuR95//FXWnONaVfrMB8GA1UdIwQY
MBaAFFBRJ3I+oM/QckcTspFzTKo1PiDqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUZFbmNqNmd6OUJ5UnhPeWtYTk1xalUtSU9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC9hOTA0MjMtMGI0Yi00OTlmLWJlNjYt
NTU2MDhiNjk0NDU2LzEvOEMyck5wSzBiby01SDNuXzhWZGFjNDFwVi1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC9hOTA0MjMtMGI0Yi00OTlmLWJlNjYtNTU2MDhiNjk0NDU2
LzEvVUZFbmNqNmd6OUJ5UnhPeWtYTk1xalUtSU9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwcAQCAAEwagMEAjuYfAME
AD4DCgMEAD5qQAMEAFUIlQMEAFUIlwMEAFvy6AMEAJITxTAMAwQAuXaFAwQAuXaG
AwQAuZOcAwQAuZOeAwQAudURAwQAudaPMAwDBAC51vEDBAC51vIDBADBCTIDBADB
o8wwDQYJKoZIhvcNAQELBQADggEBAENennH/WV6FvisEMmzNsxwzQXbwXlifFpdB
4jgBaFlyDqbxQgo5BYn06owXPuUPKBixfArWcQqYyfLqSj43ZQ4A8megLTjC0SUG
ir1g4NJENPvC44CmuULSQ9wM4138WQHZbHfWK+fBMoQ8MQ9+vkJoQ0A2C/iASfvK
cFPZcSIhz6+7hgmjputPgI3cl+2fk8fMV9T1Wu4uKvEJ0x9tPhTBtPzJXajSOYVX
iZm4LnIbRMBUEO2+r1P1Wgz5NQ10MQOLz4MDhR366DHWN3BeOzGH2OGiaVz9s5BP
2kdPNp8ACQkUs5d0WMvVm2doRO2TGkHJLd4vnRhfyoRmhQp4/BY=
-----END CERTIFICATE-----
Generated at Wed May 13 13:08:41 2026 by rpki-client