Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/ickWcAe1l9GYdvD89DsaSTLuRPE.roa
File: ickWcAe1l9GYdvD89DsaSTLuRPE.roa (raw, json)
Hash identifier: +AXAf0AHqmzlYnDD3MWET1IBdMnkq6xq3IZ2gl+sMAU=
Subject key identifier: 89:C9:16:70:07:B5:97:D1:98:76:F0:FC:F4:3B:1A:49:32:EE:44:F1
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 019E1C6590BE23F80A2EE96BE2D39595503A
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/ickWcAe1l9GYdvD89DsaSTLuRPE.roa
Signing time: Tue 12 May 2026 13:34:38 +0000
ROA not before: Tue 12 May 2026 13:34:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 47690
IP address blocks: 104.233.59.0/24 maxlen: 24
104.238.12.0/24 maxlen: 24
104.238.13.0/24 maxlen: 24
104.239.56.0/24 maxlen: 24
104.249.9.0/24 maxlen: 24
104.249.17.0/24 maxlen: 24
104.249.46.0/24 maxlen: 24
104.249.47.0/24 maxlen: 24
104.249.48.0/24 maxlen: 24
104.249.49.0/24 maxlen: 24
104.249.50.0/24 maxlen: 24
104.249.51.0/24 maxlen: 24
104.249.52.0/24 maxlen: 24
104.249.53.0/24 maxlen: 24
104.249.54.0/24 maxlen: 24
216.173.91.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.mft
rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:1c:65:90:be:23:f8:0a:2e:e9:6b:e2:d3:95:95:50:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: May 12 13:34:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=89c9167007b597d19876f0fcf43b1a4932ee44f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:16:06:7b:e5:d5:80:98:4a:bc:9a:93:3a:1f:
d0:81:97:76:1a:2e:1a:6d:03:36:40:57:c6:94:76:
54:3a:48:f5:94:68:e0:9f:fe:dd:e0:2a:2f:d8:a5:
b1:cd:11:ef:b1:7e:c3:d3:be:bb:f1:07:dd:9c:16:
38:f3:0a:03:e3:ab:67:5d:e2:ea:e1:ce:01:5e:46:
fc:b9:55:22:cc:3f:7f:07:e3:64:62:37:2f:00:c5:
6e:97:09:5a:f1:d5:28:5a:ea:e4:af:16:09:40:ac:
16:95:65:f5:f1:1f:6b:6c:f0:da:5b:43:2e:bb:13:
81:c8:30:33:39:93:3b:b5:66:0c:81:8a:54:32:78:
72:e8:d8:68:f9:11:3f:f9:70:fa:73:a2:4d:c6:5a:
73:23:19:3e:a0:68:2a:13:8e:6a:f1:d2:d5:95:2a:
70:0b:f3:f8:19:f7:f4:dd:79:2e:9b:a8:7d:ed:8e:
c8:4b:1d:dc:35:b0:af:5a:bb:26:b4:92:02:be:36:
a2:88:e9:14:cf:b9:64:33:c7:7e:f0:4f:ad:08:0e:
77:81:e5:ba:32:ef:25:d5:9b:ba:75:9b:2f:fd:ef:
d3:5a:e0:53:47:0a:e2:13:38:2f:c9:3a:00:f4:df:
1e:14:e3:14:62:46:5f:28:92:80:3a:c3:10:3b:c7:
dc:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:C9:16:70:07:B5:97:D1:98:76:F0:FC:F4:3B:1A:49:32:EE:44:F1
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/ickWcAe1l9GYdvD89DsaSTLuRPE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.233.59.0/24
104.238.12.0/23
104.239.56.0/24
104.249.9.0/24
104.249.17.0/24
104.249.46.0-104.249.54.255
216.173.91.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:1e:7c:9b:f9:25:4d:fe:a4:56:75:57:2d:15:56:34:73:5d:
b7:9a:88:80:a1:12:4a:a1:f4:da:28:29:55:51:93:15:11:da:
9e:9b:3c:ef:88:b0:62:b4:3a:65:90:d4:3e:f4:fb:54:2c:5c:
33:f6:2b:7b:39:eb:82:20:22:fc:de:2e:29:98:31:a6:98:32:
dd:50:8e:8d:cb:53:00:c2:6b:0b:9f:b9:cb:c5:fe:90:a4:ac:
a4:3f:cd:dd:41:3a:a9:73:c8:65:76:18:9b:b3:0e:04:03:5b:
f3:dd:12:91:ae:50:06:ca:c0:a9:df:e2:88:22:ff:8f:15:e2:
13:4d:17:91:91:2e:d3:4e:a6:ff:f5:3d:6d:bd:57:b7:f3:82:
15:67:f3:c2:ca:df:43:26:40:19:eb:fb:30:a8:0b:e0:22:55:
65:70:52:7c:68:0f:6b:8f:71:e9:21:1a:d5:fb:b8:22:ad:70:
a2:0c:08:4d:e0:9b:91:01:b8:26:7e:05:ee:ee:8d:9f:c1:a6:
f8:1b:28:95:22:e0:db:c8:1d:6a:3e:f7:33:d4:34:d3:19:ee:
de:f3:16:e2:9a:8d:ca:62:61:4b:28:80:76:42:99:2c:d5:4e:
eb:8f:11:66:9e:cb:9f:08:f3:fe:f6:7b:70:77:20:0d:e0:8f:
30:61:2c:71
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZ4cZZC+I/gKLulr4tOVlVA6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjYwNTEyMTMzNDM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWM5MTY3MDA3YjU5N2QxOTg3NmYwZmNmNDNiMWE0OTMyZWU0NGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqRYGe+XVgJhKvJqTOh/QgZd2Gi4a
bQM2QFfGlHZUOkj1lGjgn/7d4Cov2KWxzRHvsX7D07678QfdnBY48woD46tnXeLq
4c4BXkb8uVUizD9/B+NkYjcvAMVulwla8dUoWurkrxYJQKwWlWX18R9rbPDaW0Mu
uxOByDAzOZM7tWYMgYpUMnhy6Nho+RE/+XD6c6JNxlpzIxk+oGgqE45q8dLVlSpw
C/P4Gff03Xkum6h97Y7ISx3cNbCvWrsmtJICvjaiiOkUz7lkM8d+8E+tCA53geW6
Mu8l1Zu6dZsv/e/TWuBTRwriEzgvyToA9N8eFOMUYkZfKJKAOsMQO8fc0wIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFInJFnAHtZfRmHbw/PQ7Gkky7kTxMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvaWNrV2NBZTFsOUdZZHZEODlEc2FTVEx1UlBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQAaOk7AwQB
aO4MAwQAaO84AwQAaPkJAwQAaPkRMAwDBAFo+S4DBABo+TYDBADYrVswDQYJKoZI
hvcNAQELBQADggEBAH4efJv5JU3+pFZ1Vy0VVjRzXbeaiIChEkqh9NooKVVRkxUR
2p6bPO+IsGK0OmWQ1D70+1QsXDP2K3s564IgIvzeLimYMaaYMt1Qjo3LUwDCawuf
ucvF/pCkrKQ/zd1BOqlzyGV2GJuzDgQDW/PdEpGuUAbKwKnf4ogi/48V4hNNF5GR
LtNOpv/1PW29V7fzghVn88LK30MmQBnr+zCoC+AiVWVwUnxoD2uPcekhGtX7uCKt
cKIMCE3gm5EBuCZ+Be7ujZ/BpvgbKJUi4NvIHWo+9zPUNNMZ7t7zFuKajcpiYUso
gHZCmSzVTuuPEWaey58I8/72e3B3IA3gjzBhLHE=
-----END CERTIFICATE-----
Generated at Wed May 13 01:06:34 2026 by rpki-client