Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/f27821-4ccf-4d2e-8b15-6e12774f851e/1/iAERyyADNkRh7t11PICWm-ALep4.roa
File: iAERyyADNkRh7t11PICWm-ALep4.roa (raw, json)
Hash identifier: Gs0IMRFAt2iHOW8BkO2nGyZushivLZn3vc6c0MIS3lQ=
Subject key identifier: 88:01:11:CB:20:03:36:44:61:EE:DD:75:3C:80:96:9B:E0:0B:7A:9E
Certificate issuer: /CN=210da9e7af01de75448f4906aac41bd2964e8847
Certificate serial: 019DAAF96F02AA2597980413CAA51192F580
Authority key identifier: 21:0D:A9:E7:AF:01:DE:75:44:8F:49:06:AA:C4:1B:D2:96:4E:88:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IQ2p568B3nVEj0kGqsQb0pZOiEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/f27821-4ccf-4d2e-8b15-6e12774f851e/1/iAERyyADNkRh7t11PICWm-ALep4.roa
Signing time: Mon 20 Apr 2026 12:59:26 +0000
ROA not before: Mon 20 Apr 2026 12:59:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 47524
IP address blocks: 24.133.0.0/16 maxlen: 24
24.133.152.0/22 maxlen: 24
24.133.156.0/22 maxlen: 24
46.196.0.0/15 maxlen: 24
83.138.192.0/18 maxlen: 24
94.54.0.0/15 maxlen: 24
94.55.64.0/20 maxlen: 24
94.55.80.0/21 maxlen: 24
94.55.88.0/22 maxlen: 24
94.55.96.0/22 maxlen: 24
94.55.112.0/22 maxlen: 24
94.55.116.0/22 maxlen: 24
94.55.120.0/23 maxlen: 24
94.55.122.0/23 maxlen: 24
94.55.124.0/23 maxlen: 24
94.55.126.0/24 maxlen: 24
94.55.127.0/24 maxlen: 24
153.56.160.0/21 maxlen: 24
176.240.0.0/16 maxlen: 24
178.233.0.0/16 maxlen: 24
185.26.68.0/22 maxlen: 24
185.26.68.0/24 maxlen: 24
185.26.69.0/24 maxlen: 24
185.26.70.0/24 maxlen: 24
185.26.71.0/24 maxlen: 24
2a00:1d58::/29 maxlen: 48
2a00:1d58::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/f27821-4ccf-4d2e-8b15-6e12774f851e/1/IQ2p568B3nVEj0kGqsQb0pZOiEc.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/f27821-4ccf-4d2e-8b15-6e12774f851e/1/IQ2p568B3nVEj0kGqsQb0pZOiEc.mft
rsync://rpki.ripe.net/repository/DEFAULT/IQ2p568B3nVEj0kGqsQb0pZOiEc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:aa:f9:6f:02:aa:25:97:98:04:13:ca:a5:11:92:f5:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=210da9e7af01de75448f4906aac41bd2964e8847
Validity
Not Before: Apr 20 12:59:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=880111cb2003364461eedd753c80969be00b7a9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:3d:d7:d4:36:06:b8:29:2d:81:b4:27:33:74:
9c:ea:d8:2b:28:c9:77:a3:db:f4:8f:90:00:6e:66:
9f:c9:ce:87:36:c3:f7:6d:74:f9:a4:48:b5:ff:61:
7d:ca:93:b9:c1:6c:c0:ea:18:3e:75:41:b3:ec:42:
34:e2:ac:02:56:13:c9:d8:22:bb:03:15:ee:27:9c:
e7:ec:a1:ca:50:12:4e:cd:90:bf:fd:eb:6b:95:a4:
35:e5:5e:91:67:7c:49:f3:d5:f1:cc:42:05:9e:0b:
3c:7c:1d:5d:5f:36:df:c5:0c:2f:aa:8e:8f:81:4a:
5a:f9:f7:86:cb:46:2e:ca:00:c8:bd:85:c6:59:3b:
9d:c0:01:ae:5b:aa:ea:bd:f7:b7:df:f4:a7:c2:57:
12:80:b5:fb:18:72:04:62:56:3f:a2:a6:7c:95:de:
e8:32:1d:9e:90:49:72:ee:a5:47:eb:65:b1:d7:72:
ca:af:56:6a:0a:e3:30:63:60:2a:90:40:73:63:a2:
da:d6:fa:0c:14:1e:c7:81:18:88:48:71:8b:97:a7:
60:fe:0c:4c:a2:b0:1b:78:2f:bc:b8:b8:62:66:21:
98:5d:8a:1d:de:36:39:23:5f:23:9a:a1:73:06:e5:
2b:ba:96:d6:2d:8e:da:76:b8:ee:61:cd:31:59:43:
f1:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:01:11:CB:20:03:36:44:61:EE:DD:75:3C:80:96:9B:E0:0B:7A:9E
X509v3 Authority Key Identifier:
keyid:21:0D:A9:E7:AF:01:DE:75:44:8F:49:06:AA:C4:1B:D2:96:4E:88:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQ2p568B3nVEj0kGqsQb0pZOiEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/f27821-4ccf-4d2e-8b15-6e12774f851e/1/iAERyyADNkRh7t11PICWm-ALep4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/f27821-4ccf-4d2e-8b15-6e12774f851e/1/IQ2p568B3nVEj0kGqsQb0pZOiEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
24.133.0.0/16
46.196.0.0/15
83.138.192.0/18
94.54.0.0/15
153.56.160.0/21
176.240.0.0/16
178.233.0.0/16
185.26.68.0/22
IPv6:
2a00:1d58::/29
Signature Algorithm: sha256WithRSAEncryption
2e:2c:43:ef:8c:46:fe:9b:22:6c:2b:17:87:ce:9b:f3:e5:e0:
2d:0c:09:fe:88:d3:3b:d4:d3:06:f3:f3:25:dd:cd:62:59:cb:
74:e1:3d:43:f8:2c:dd:f6:f6:ab:f9:59:27:c4:27:69:1d:69:
6f:88:98:dc:9b:bf:58:8a:c3:49:67:45:98:1e:15:d7:5e:93:
00:f7:a5:b2:e6:3a:2c:70:11:3e:a3:a3:73:ec:ef:c5:d9:a7:
38:d8:31:94:d1:44:64:aa:53:0c:db:65:f0:7a:f4:74:ea:92:
87:9c:11:e0:a5:73:f3:ed:81:38:7a:51:fc:ce:50:19:2a:6e:
21:6a:1d:3d:82:f7:b4:a3:23:61:47:00:83:f8:69:30:95:94:
aa:6a:63:b9:e2:f7:27:88:43:ac:d8:9e:dc:d0:28:aa:a2:58:
b2:bc:ca:84:5f:9e:32:73:06:dc:d6:24:f0:2d:b4:21:31:92:
05:b2:6c:9e:69:4b:bd:e2:de:f9:0a:6c:7f:b8:7a:6d:93:a2:
5a:2d:fd:01:a7:25:12:09:87:b1:6e:a6:ca:4d:e6:9c:f3:c2:
98:e8:95:70:a2:8f:ce:99:82:ac:68:1e:2d:bc:ef:36:d4:00:
4c:21:c7:b5:5a:57:2b:d2:40:20:cf:76:4c:b6:2d:b4:0d:17:
55:24:30:80
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZ2q+W8CqiWXmAQTyqURkvWAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMGRhOWU3YWYwMWRlNzU0NDhmNDkwNmFhYzQxYmQyOTY0
ZTg4NDcwHhcNMjYwNDIwMTI1OTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODAxMTFjYjIwMDMzNjQ0NjFlZWRkNzUzYzgwOTY5YmUwMGI3YTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0j3X1DYGuCktgbQnM3Sc6tgrKMl3
o9v0j5AAbmafyc6HNsP3bXT5pEi1/2F9ypO5wWzA6hg+dUGz7EI04qwCVhPJ2CK7
AxXuJ5zn7KHKUBJOzZC//etrlaQ15V6RZ3xJ89XxzEIFngs8fB1dXzbfxQwvqo6P
gUpa+feGy0YuygDIvYXGWTudwAGuW6rqvfe33/SnwlcSgLX7GHIEYlY/oqZ8ld7o
Mh2ekEly7qVH62Wx13LKr1ZqCuMwY2AqkEBzY6La1voMFB7HgRiISHGLl6dg/gxM
orAbeC+8uLhiZiGYXYod3jY5I18jmqFzBuUrupbWLY7adrjuYc0xWUPxDwIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFIgBEcsgAzZEYe7ddTyAlpvgC3qeMB8GA1UdIwQY
MBaAFCENqeevAd51RI9JBqrEG9KWTohHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVEycDU2OEIzblZFajBrR3FzUWIwcFpPaUVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9mMjc4MjEtNGNjZi00ZDJlLThiMTUt
NmUxMjc3NGY4NTFlLzEvaUFFUnl5QUROa1JoN3QxMVBJQ1dtLUFMZXA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9mMjc4MjEtNGNjZi00ZDJlLThiMTUtNmUxMjc3NGY4NTFl
LzEvSVEycDU2OEIzblZFajBrR3FzUWIwcFpPaUVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAxBAIAATArAwMAGIUDAwEu
xAMEBlOKwAMDAV42AwQDmTigAwMAsPADAwCy6QMEArkaRDANBAIAAjAHAwUDKgAd
WDANBgkqhkiG9w0BAQsFAAOCAQEALixD74xG/psibCsXh86b8+XgLQwJ/ojTO9TT
BvPzJd3NYlnLdOE9Q/gs3fb2q/lZJ8QnaR1pb4iY3Ju/WIrDSWdFmB4V116TAPel
suY6LHARPqOjc+zvxdmnONgxlNFEZKpTDNtl8Hr0dOqSh5wR4KVz8+2BOHpR/M5Q
GSpuIWodPYL3tKMjYUcAg/hpMJWUqmpjueL3J4hDrNie3NAoqqJYsrzKhF+eMnMG
3NYk8C20ITGSBbJsnmlLveLe+Qpsf7h6bZOiWi39AaclEgmHsW6myk3mnPPCmOiV
cKKPzpmCrGgeLbzvNtQATCHHtVpXK9JAIM92TLYttA0XVSQwgA==
-----END CERTIFICATE-----
Generated at Wed May 13 07:15:39 2026 by rpki-client