Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/JWQS_G0UFZx3QuPZOTGxg1qvEz4.roa
File: JWQS_G0UFZx3QuPZOTGxg1qvEz4.roa (raw, json)
Hash identifier: EY/6Bg0MTFnpdKXxUkbSSCAlhGDkkCzuChVoiMDOUcE=
Subject key identifier: 25:64:12:FC:6D:14:15:9C:77:42:E3:D9:39:31:B1:83:5A:AF:13:3E
Certificate issuer: /CN=21021b252222997bfe33b7e4b315ac8d5e067954
Certificate serial: 019E17468107223A9C5E66F07F88B9AF8241
Authority key identifier: 21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/JWQS_G0UFZx3QuPZOTGxg1qvEz4.roa
Signing time: Mon 11 May 2026 13:42:36 +0000
ROA not before: Mon 11 May 2026 13:42:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212238
IP address blocks: 45.117.53.0/24 maxlen: 24
45.123.145.0/24 maxlen: 24
72.63.110.0/23 maxlen: 23
189.81.0.0/23 maxlen: 23
189.81.26.0/23 maxlen: 23
189.81.32.0/23 maxlen: 23
189.81.60.0/23 maxlen: 23
189.81.68.0/23 maxlen: 23
189.81.104.0/23 maxlen: 23
189.81.112.0/23 maxlen: 23
189.81.122.0/23 maxlen: 23
189.81.132.0/23 maxlen: 23
189.81.140.0/23 maxlen: 23
189.81.160.0/23 maxlen: 23
189.81.168.0/23 maxlen: 23
189.81.194.0/23 maxlen: 23
189.81.202.0/23 maxlen: 23
189.81.218.0/23 maxlen: 23
189.81.226.0/23 maxlen: 23
189.81.232.0/23 maxlen: 23
189.104.2.0/23 maxlen: 23
189.104.12.0/23 maxlen: 23
189.104.16.0/23 maxlen: 23
189.104.22.0/23 maxlen: 23
189.104.32.0/23 maxlen: 23
189.104.48.0/23 maxlen: 23
189.104.60.0/23 maxlen: 23
189.104.64.0/23 maxlen: 23
189.104.94.0/23 maxlen: 23
189.104.96.0/23 maxlen: 23
189.104.98.0/23 maxlen: 23
189.104.106.0/23 maxlen: 23
189.104.112.0/23 maxlen: 23
189.104.114.0/23 maxlen: 23
189.104.120.0/23 maxlen: 23
189.104.122.0/23 maxlen: 23
189.104.126.0/23 maxlen: 23
189.104.130.0/23 maxlen: 23
189.104.138.0/23 maxlen: 23
189.104.144.0/23 maxlen: 23
189.104.146.0/23 maxlen: 23
189.104.150.0/23 maxlen: 23
189.104.168.0/23 maxlen: 23
189.104.170.0/23 maxlen: 23
189.104.182.0/23 maxlen: 23
189.104.192.0/23 maxlen: 23
189.104.200.0/23 maxlen: 23
189.104.242.0/23 maxlen: 23
189.104.254.0/23 maxlen: 23
203.78.166.0/23 maxlen: 23
205.188.4.0/23 maxlen: 23
205.188.12.0/22 maxlen: 22
205.188.24.0/22 maxlen: 22
205.188.28.0/22 maxlen: 22
205.188.32.0/22 maxlen: 22
205.188.36.0/22 maxlen: 22
205.188.40.0/22 maxlen: 22
205.188.48.0/22 maxlen: 22
205.188.56.0/22 maxlen: 22
205.188.64.0/22 maxlen: 22
205.188.68.0/22 maxlen: 22
205.188.72.0/22 maxlen: 22
205.188.76.0/23 maxlen: 23
205.188.78.0/23 maxlen: 23
205.188.84.0/22 maxlen: 22
205.188.88.0/22 maxlen: 22
205.188.92.0/23 maxlen: 23
205.188.94.0/23 maxlen: 23
205.188.124.0/22 maxlen: 22
205.188.132.0/22 maxlen: 22
205.188.214.0/23 maxlen: 23
205.188.216.0/22 maxlen: 22
205.188.240.0/22 maxlen: 22
205.188.252.0/22 maxlen: 22
2a0d:3900::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 06:33:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:17:46:81:07:22:3a:9c:5e:66:f0:7f:88:b9:af:82:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21021b252222997bfe33b7e4b315ac8d5e067954
Validity
Not Before: May 11 13:42:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=256412fc6d14159c7742e3d93931b1835aaf133e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:15:a3:71:e0:72:cc:0c:6c:5d:cb:c8:e5:a0:
54:fb:73:38:ee:e0:a6:80:c7:54:a3:70:66:d2:eb:
97:36:54:cf:b0:ef:53:65:62:6b:bc:f1:38:40:11:
3e:76:19:5f:6a:29:80:11:b9:e9:9a:ee:42:af:82:
09:ac:21:92:d7:b8:01:7a:b0:fc:5b:93:33:75:ee:
61:f9:d8:0f:85:91:75:f5:5a:ea:14:03:f5:78:1a:
a1:b4:cb:f3:12:f2:0f:9c:c7:c9:4e:d3:27:7a:79:
1f:98:d3:5f:2f:e7:a1:e7:c2:70:78:d9:41:1f:e1:
41:4a:ed:23:39:6a:60:28:4d:6f:fb:17:2c:14:fb:
cf:ba:ac:9d:5c:5b:41:b3:60:5a:fb:f5:d6:d7:a4:
cd:fc:c2:b8:55:cc:be:4d:23:78:4e:58:cb:86:44:
96:7b:ab:97:ec:cb:31:fe:66:22:9d:4f:a1:d0:c4:
06:cc:52:11:00:f0:05:cf:6d:d1:27:68:7f:92:c7:
21:bd:9a:9f:e2:05:77:4c:10:3f:df:5c:04:3f:21:
bc:23:70:a4:3b:8d:59:ee:e3:75:a5:38:42:59:62:
b1:87:f6:62:22:63:91:2c:d2:f2:08:9a:02:16:cc:
37:ec:9b:03:14:0c:27:1f:00:cf:d0:d9:e4:23:34:
c4:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:64:12:FC:6D:14:15:9C:77:42:E3:D9:39:31:B1:83:5A:AF:13:3E
X509v3 Authority Key Identifier:
keyid:21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/JWQS_G0UFZx3QuPZOTGxg1qvEz4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.117.53.0/24
45.123.145.0/24
72.63.110.0/23
189.81.0.0/23
189.81.26.0/23
189.81.32.0/23
189.81.60.0/23
189.81.68.0/23
189.81.104.0/23
189.81.112.0/23
189.81.122.0/23
189.81.132.0/23
189.81.140.0/23
189.81.160.0/23
189.81.168.0/23
189.81.194.0/23
189.81.202.0/23
189.81.218.0/23
189.81.226.0/23
189.81.232.0/23
189.104.2.0/23
189.104.12.0/23
189.104.16.0/23
189.104.22.0/23
189.104.32.0/23
189.104.48.0/23
189.104.60.0/23
189.104.64.0/23
189.104.94.0-189.104.99.255
189.104.106.0/23
189.104.112.0/22
189.104.120.0/22
189.104.126.0/23
189.104.130.0/23
189.104.138.0/23
189.104.144.0/22
189.104.150.0/23
189.104.168.0/22
189.104.182.0/23
189.104.192.0/23
189.104.200.0/23
189.104.242.0/23
189.104.254.0/23
203.78.166.0/23
205.188.4.0/23
205.188.12.0/22
205.188.24.0-205.188.43.255
205.188.48.0/22
205.188.56.0/22
205.188.64.0/20
205.188.84.0-205.188.95.255
205.188.124.0/22
205.188.132.0/22
205.188.214.0-205.188.219.255
205.188.240.0/22
205.188.252.0/22
IPv6:
2a0d:3900::/29
Signature Algorithm: sha256WithRSAEncryption
25:20:98:49:dc:fe:38:06:de:86:a6:a0:dd:d0:7e:2e:f2:66:
66:f0:da:ac:12:6d:ca:eb:39:74:7d:cd:e1:86:42:58:15:0b:
30:1b:30:1e:df:b5:f8:25:92:38:23:19:e9:d9:0e:30:82:79:
4b:f0:bf:99:78:52:a6:1b:ed:1a:3c:98:77:ce:7c:22:e3:01:
41:32:f1:6f:41:27:e4:71:16:57:3b:d8:81:35:af:87:8b:7d:
bf:82:19:47:36:30:62:55:22:06:2a:03:bf:c5:6d:35:19:d0:
90:8c:6b:27:61:62:ca:89:9e:fd:97:31:a0:c9:1a:8e:75:9a:
b2:12:dc:d3:93:ca:88:9b:6a:f2:62:89:f5:ea:49:f0:ca:a3:
d7:72:99:39:dc:5e:ea:d0:2e:ba:ea:9f:45:c1:97:68:24:02:
ec:07:79:ef:9c:a2:97:ae:f1:49:d5:b1:f2:52:e7:01:46:79:
1e:aa:29:1d:ce:c8:7f:7e:ac:1e:79:b0:3f:3b:85:2b:d2:c9:
b5:b0:da:bb:28:77:36:ba:6c:19:63:e2:d9:56:ee:11:1c:a0:
fe:89:20:4e:5d:58:48:55:4c:b9:b5:e1:8a:07:4f:50:ed:3a:
70:8e:b3:23:9f:b6:07:ab:a1:30:bf:00:c2:49:b8:51:78:26:
f6:b1:d2:25
-----BEGIN CERTIFICATE-----
MIIGgDCCBWigAwIBAgISAZ4XRoEHIjqcXmbwf4i5r4JBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMDIxYjI1MjIyMjk5N2JmZTMzYjdlNGIzMTVhYzhkNWUw
Njc5NTQwHhcNMjYwNTExMTM0MjM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTY0MTJmYzZkMTQxNTljNzc0MmUzZDkzOTMxYjE4MzVhYWYxMzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzRWjceByzAxsXcvI5aBU+3M47uCm
gMdUo3Bm0uuXNlTPsO9TZWJrvPE4QBE+dhlfaimAEbnpmu5Cr4IJrCGS17gBerD8
W5Mzde5h+dgPhZF19VrqFAP1eBqhtMvzEvIPnMfJTtMnenkfmNNfL+eh58JweNlB
H+FBSu0jOWpgKE1v+xcsFPvPuqydXFtBs2Ba+/XW16TN/MK4Vcy+TSN4TljLhkSW
e6uX7Msx/mYinU+h0MQGzFIRAPAFz23RJ2h/kschvZqf4gV3TBA/31wEPyG8I3Ck
O41Z7uN1pThCWWKxh/ZiImORLNLyCJoCFsw37JsDFAwnHwDP0NnkIzTEMwIDAQAB
o4IDjDCCA4gwHQYDVR0OBBYEFCVkEvxtFBWcd0Lj2TkxsYNarxM+MB8GA1UdIwQY
MBaAFCECGyUiIpl7/jO35LMVrI1eBnlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMt
NmVhYzYyZTYwZGY3LzEvSldRU19HMFVGWngzUXVQWk9UR3hnMXF2RXo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMtNmVhYzYyZTYwZGY3
LzEvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBoAYIKwYBBQUHAQcBAf8EggGPMIIBizCCAXgEAgABMIIB
cAMEAC11NQMEAC17kQMEAUg/bgMEAb1RAAMEAb1RGgMEAb1RIAMEAb1RPAMEAb1R
RAMEAb1RaAMEAb1RcAMEAb1RegMEAb1RhAMEAb1RjAMEAb1RoAMEAb1RqAMEAb1R
wgMEAb1RygMEAb1R2gMEAb1R4gMEAb1R6AMEAb1oAgMEAb1oDAMEAb1oEAMEAb1o
FgMEAb1oIAMEAb1oMAMEAb1oPAMEAb1oQDAMAwQBvWheAwQCvWhgAwQBvWhqAwQC
vWhwAwQCvWh4AwQBvWh+AwQBvWiCAwQBvWiKAwQCvWiQAwQBvWiWAwQCvWioAwQB
vWi2AwQBvWjAAwQBvWjIAwQBvWjyAwQBvWj+AwQBy06mAwQBzbwEAwQCzbwMMAwD
BAPNvBgDBALNvCgDBALNvDADBALNvDgDBATNvEAwDAMEAs28VAMEBc28QAMEAs28
fAMEAs28hDAMAwQBzbzWAwQCzbzYAwQCzbzwAwQCzbz8MA0EAgACMAcDBQMqDTkA
MA0GCSqGSIb3DQEBCwUAA4IBAQAlIJhJ3P44Bt6GpqDd0H4u8mZm8NqsEm3K6zl0
fc3hhkJYFQswGzAe37X4JZI4Ixnp2Q4wgnlL8L+ZeFKmG+0aPJh3znwi4wFBMvFv
QSfkcRZXO9iBNa+Hi32/ghlHNjBiVSIGKgO/xW01GdCQjGsnYWLKiZ79lzGgyRqO
dZqyEtzTk8qIm2ryYon16knwyqPXcpk53F7q0C666p9FwZdoJALsB3nvnKKXrvFJ
1bHyUucBRnkeqikdzsh/fqweebA/O4Ur0sm1sNq7KHc2umwZY+LZVu4RHKD+iSBO
XVhIVUy5teGKB09Q7TpwjrMjn7YHq6EwvwDCSbhReCb2sdIl
-----END CERTIFICATE-----
Generated at Wed May 13 15:07:19 2026 by rpki-client