Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/icFNxm6-PTi48L2vXKiDHN-axp8.roa
File: icFNxm6-PTi48L2vXKiDHN-axp8.roa (raw, json)
Hash identifier: BdFj1k1TZoLMU1HBgixKhNdJTHKY90rp1IYePTyNxUE=
Subject key identifier: 89:C1:4D:C6:6E:BE:3D:38:B8:F0:BD:AF:5C:A8:83:1C:DF:9A:C6:9F
Certificate issuer: /CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Certificate serial: 019DF968DC6907F3965D8193384D28ED0E48
Authority key identifier: 6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/icFNxm6-PTi48L2vXKiDHN-axp8.roa
Signing time: Tue 05 May 2026 18:31:32 +0000
ROA not before: Tue 05 May 2026 18:31:32 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 199967
IP address blocks: 5.154.254.0/24 maxlen: 24
5.154.255.0/24 maxlen: 24
5.157.130.0/24 maxlen: 24
5.157.131.0/24 maxlen: 24
37.35.40.0/24 maxlen: 24
37.35.41.0/24 maxlen: 24
37.35.42.0/24 maxlen: 24
37.35.43.0/24 maxlen: 24
62.216.84.0/24 maxlen: 24
62.216.85.0/24 maxlen: 24
62.216.86.0/24 maxlen: 24
62.216.87.0/24 maxlen: 24
62.216.88.0/24 maxlen: 24
62.216.89.0/24 maxlen: 24
62.216.90.0/24 maxlen: 24
62.216.91.0/24 maxlen: 24
188.74.182.0/24 maxlen: 24
188.74.183.0/24 maxlen: 24
188.74.210.0/24 maxlen: 24
188.74.211.0/24 maxlen: 24
188.74.240.0/24 maxlen: 24
188.74.241.0/24 maxlen: 24
188.74.242.0/24 maxlen: 24
188.74.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 20:10:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:f9:68:dc:69:07:f3:96:5d:81:93:38:4d:28:ed:0e:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Validity
Not Before: May 5 18:31:32 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=89c14dc66ebe3d38b8f0bdaf5ca8831cdf9ac69f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:0b:5a:ae:c9:86:38:2e:fd:33:a3:04:82:d8:
b6:b6:6a:a3:96:43:19:a4:d4:2e:47:ec:de:97:19:
9c:27:ff:7c:da:27:2e:4b:c2:cd:e9:b4:07:a7:cc:
26:70:34:3a:0e:93:03:12:dd:d1:92:ce:12:b9:64:
64:8a:44:6f:52:10:2c:ea:0a:e1:b7:d4:17:73:5e:
9d:4a:a8:fc:47:b7:80:06:53:95:d4:f5:33:94:0c:
68:e7:a6:e4:cb:df:3d:b2:fb:52:eb:d3:1a:14:2a:
3f:95:c8:85:6b:75:1a:23:be:98:1e:b7:cc:82:34:
4b:4d:79:43:cc:2e:45:95:56:f9:dd:c7:ea:36:70:
2d:69:18:0e:39:ab:83:04:df:ba:9a:25:b8:64:47:
46:03:6f:b2:e1:91:81:37:5d:b5:29:c7:e9:51:1d:
75:a2:7f:42:fc:a6:11:8d:b0:22:e9:6d:c8:63:8a:
c0:2e:68:80:d4:c0:b2:ce:e9:dd:14:78:9f:6a:64:
15:4d:89:ca:0f:e4:e0:54:89:04:f0:75:c7:42:46:
c1:64:37:cb:da:4e:c2:c0:f7:07:d1:79:ae:d7:fb:
47:b5:b0:77:64:cc:bf:dd:95:b3:5b:f4:7d:53:eb:
02:58:2d:ff:ef:01:67:3d:75:55:60:78:6f:a5:6f:
a0:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:C1:4D:C6:6E:BE:3D:38:B8:F0:BD:AF:5C:A8:83:1C:DF:9A:C6:9F
X509v3 Authority Key Identifier:
keyid:6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/icFNxm6-PTi48L2vXKiDHN-axp8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.254.0/23
5.157.130.0/23
37.35.40.0/22
62.216.84.0-62.216.91.255
188.74.182.0/23
188.74.210.0/23
188.74.240.0/22
Signature Algorithm: sha256WithRSAEncryption
9c:5b:02:cb:7b:e1:1a:26:4a:d6:a0:aa:c0:17:60:a4:b7:19:
c4:41:e6:39:b1:15:f5:56:aa:91:11:d8:50:e6:5b:f5:57:0c:
62:b5:ef:df:ff:81:03:df:db:49:0d:93:ec:7e:59:a1:08:5e:
ec:3a:ff:6b:b0:64:23:85:82:9a:97:a6:4a:e5:e6:f4:42:ca:
f4:8d:e6:70:e5:f5:1f:17:65:6b:49:14:99:fa:b3:3d:c5:fa:
1a:83:8a:db:e7:4f:bb:5c:3a:e0:ac:6d:af:68:73:33:24:07:
88:7d:b6:c4:c7:5d:78:3f:75:28:32:64:19:1c:38:1c:83:6e:
bc:0e:3b:13:15:37:c7:ab:06:21:2f:09:2b:a9:46:6b:47:1d:
40:c6:7b:ec:de:d5:5c:15:67:4f:77:c3:8e:0d:c7:2c:d4:6f:
b0:f6:30:d1:43:42:d1:91:1d:d9:1b:9d:22:e8:37:2b:cc:a5:
a0:90:e1:13:e1:65:7b:34:d0:9a:05:63:a1:c7:64:22:5c:27:
e8:3e:05:c5:62:af:97:cb:fc:f3:9d:57:98:03:cc:5d:83:0a:
83:f4:69:1c:78:7e:b8:ff:d5:77:a1:18:f2:23:bb:e0:4d:2a:
75:2b:7c:1c:13:19:b9:b7:15:49:cb:28:9d:2b:1e:81:18:36:
cf:90:95:96
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZ35aNxpB/OWXYGTOE0o7Q5IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMjMzZDc1NTA4YjRlODVjY2NmNDQzNDlhN2NiNzAzMTk4
ZDFkMjYwHhcNMjYwNTA1MTgzMTMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWMxNGRjNjZlYmUzZDM4YjhmMGJkYWY1Y2E4ODMxY2RmOWFjNjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjQtarsmGOC79M6MEgti2tmqjlkMZ
pNQuR+zelxmcJ/982icuS8LN6bQHp8wmcDQ6DpMDEt3Rks4SuWRkikRvUhAs6grh
t9QXc16dSqj8R7eABlOV1PUzlAxo56bky989svtS69MaFCo/lciFa3UaI76YHrfM
gjRLTXlDzC5FlVb53cfqNnAtaRgOOauDBN+6miW4ZEdGA2+y4ZGBN121KcfpUR11
on9C/KYRjbAi6W3IY4rALmiA1MCyzundFHifamQVTYnKD+TgVIkE8HXHQkbBZDfL
2k7CwPcH0Xmu1/tHtbB3ZMy/3ZWzW/R9U+sCWC3/7wFnPXVVYHhvpW+gnQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFInBTcZuvj04uPC9r1yogxzfmsafMB8GA1UdIwQY
MBaAFGsjPXVQi06FzM9ENJp8twMZjR0mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEt
ZmE5Y2I1MWNkMGYxLzEvaWNGTnhtNi1QVGk0OEwydlhLaURITi1heHA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEtZmE5Y2I1MWNkMGYx
LzEvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQBBZr+AwQB
BZ2CAwQCJSMoMAwDBAI+2FQDBAI+2FgDBAG8SrYDBAG8StIDBAK8SvAwDQYJKoZI
hvcNAQELBQADggEBAJxbAst74RomStagqsAXYKS3GcRB5jmxFfVWqpER2FDmW/VX
DGK179//gQPf20kNk+x+WaEIXuw6/2uwZCOFgpqXpkrl5vRCyvSN5nDl9R8XZWtJ
FJn6sz3F+hqDitvnT7tcOuCsba9oczMkB4h9tsTHXXg/dSgyZBkcOByDbrwOOxMV
N8erBiEvCSupRmtHHUDGe+ze1VwVZ093w44NxyzUb7D2MNFDQtGRHdkbnSLoNyvM
paCQ4RPhZXs00JoFY6HHZCJcJ+g+BcVir5fL/POdV5gDzF2DCoP0aRx4frj/1Xeh
GPIju+BNKnUrfBwTGbm3FUnLKJ0rHoEYNs+QlZY=
-----END CERTIFICATE-----
Generated at Wed May 13 02:48:01 2026 by rpki-client