Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/fb7a7d-0655-4587-8af9-7700e25ff769/1/iKaObausadYfw9kPgxecbJ9r-pc.roa
File: iKaObausadYfw9kPgxecbJ9r-pc.roa (raw, json)
Hash identifier: Oqhnf7OZmJjBnoTR4PKybtGL6ocdLnBasrpV7eemX80=
Subject key identifier: 88:A6:8E:6D:AB:AC:69:D6:1F:C3:D9:0F:83:17:9C:6C:9F:6B:FA:97
Certificate issuer: /CN=aa44eb091b3a33a87beb8e004ab15ef178fbaa00
Certificate serial: 019DD88503C266E09195E041D8240AA01949
Authority key identifier: AA:44:EB:09:1B:3A:33:A8:7B:EB:8E:00:4A:B1:5E:F1:78:FB:AA:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qkTrCRs6M6h7644ASrFe8Xj7qgA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/fb7a7d-0655-4587-8af9-7700e25ff769/1/iKaObausadYfw9kPgxecbJ9r-pc.roa
Signing time: Wed 29 Apr 2026 09:14:49 +0000
ROA not before: Wed 29 Apr 2026 09:14:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 209974
IP address blocks: 46.243.180.0/24 maxlen: 24
46.243.181.0/24 maxlen: 24
46.243.182.0/24 maxlen: 24
46.243.184.0/24 maxlen: 24
46.243.185.0/24 maxlen: 24
77.105.148.0/24 maxlen: 24
77.105.152.0/23 maxlen: 23
77.105.154.0/23 maxlen: 23
78.140.240.0/22 maxlen: 22
89.169.20.0/24 maxlen: 24
89.169.21.0/24 maxlen: 24
89.169.22.0/24 maxlen: 24
89.169.23.0/24 maxlen: 24
93.183.72.0/24 maxlen: 24
93.183.73.0/24 maxlen: 24
93.183.74.0/24 maxlen: 24
93.183.75.0/24 maxlen: 24
93.183.76.0/24 maxlen: 24
93.183.78.0/24 maxlen: 24
178.170.224.0/24 maxlen: 24
185.5.204.0/24 maxlen: 24
185.5.205.0/24 maxlen: 24
188.227.32.0/24 maxlen: 24
188.227.33.0/24 maxlen: 24
188.227.34.0/24 maxlen: 24
195.88.192.0/23 maxlen: 23
2a0e:aac0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/fb7a7d-0655-4587-8af9-7700e25ff769/1/qkTrCRs6M6h7644ASrFe8Xj7qgA.crl
rsync://rpki.ripe.net/repository/DEFAULT/97/fb7a7d-0655-4587-8af9-7700e25ff769/1/qkTrCRs6M6h7644ASrFe8Xj7qgA.mft
rsync://rpki.ripe.net/repository/DEFAULT/qkTrCRs6M6h7644ASrFe8Xj7qgA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 13:01:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:d8:85:03:c2:66:e0:91:95:e0:41:d8:24:0a:a0:19:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa44eb091b3a33a87beb8e004ab15ef178fbaa00
Validity
Not Before: Apr 29 09:14:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=88a68e6dabac69d61fc3d90f83179c6c9f6bfa97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:95:d9:44:50:66:56:0a:94:93:f2:68:85:dc:
30:bf:0e:6f:d5:91:98:05:2b:63:2b:d3:60:d6:c5:
f2:a3:3f:23:9e:8c:bb:e9:3c:45:7e:a2:ab:b4:1b:
95:5b:64:5b:34:cb:93:6a:d1:22:75:4c:a2:00:21:
fa:9c:aa:3d:3d:9b:ac:eb:07:f6:0b:56:b8:82:7b:
11:6a:a5:b1:6e:22:ff:d9:35:22:d4:64:23:94:03:
39:ef:9b:65:a9:f4:a2:3d:b5:24:ee:12:26:fe:60:
9b:62:a4:09:ad:f5:e9:17:74:fa:2a:47:98:74:ad:
3a:90:a1:db:6f:48:95:7b:0f:de:e6:16:8a:6c:2c:
e2:18:a3:05:4b:9b:2c:0e:1b:e1:92:5c:79:e2:61:
68:fd:8d:00:37:ec:2d:f2:93:c8:30:0c:33:4b:80:
8f:82:64:d4:2f:fd:92:a0:c0:87:0f:4b:f4:9c:d8:
60:39:b8:7a:ec:22:ae:af:1b:16:63:61:37:06:d1:
53:ad:96:e5:cd:95:1e:52:a8:ef:40:b4:bb:ec:97:
89:d1:80:e0:8c:28:00:fe:ca:e9:12:01:f0:cc:ec:
12:77:9d:5f:e9:cd:b9:0b:e7:34:e7:ad:8c:a0:a7:
b8:dd:7b:8f:55:95:04:e9:0b:00:04:5b:24:0e:fc:
14:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:A6:8E:6D:AB:AC:69:D6:1F:C3:D9:0F:83:17:9C:6C:9F:6B:FA:97
X509v3 Authority Key Identifier:
keyid:AA:44:EB:09:1B:3A:33:A8:7B:EB:8E:00:4A:B1:5E:F1:78:FB:AA:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qkTrCRs6M6h7644ASrFe8Xj7qgA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/fb7a7d-0655-4587-8af9-7700e25ff769/1/iKaObausadYfw9kPgxecbJ9r-pc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/fb7a7d-0655-4587-8af9-7700e25ff769/1/qkTrCRs6M6h7644ASrFe8Xj7qgA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.243.180.0-46.243.182.255
46.243.184.0/23
77.105.148.0/24
77.105.152.0/22
78.140.240.0/22
89.169.20.0/22
93.183.72.0-93.183.76.255
93.183.78.0/24
178.170.224.0/24
185.5.204.0/23
188.227.32.0-188.227.34.255
195.88.192.0/23
IPv6:
2a0e:aac0::/32
Signature Algorithm: sha256WithRSAEncryption
b8:66:6d:7a:0e:24:ef:0f:47:35:80:fe:67:54:e5:f8:1f:11:
59:b9:2d:54:ed:17:d1:5d:ae:0a:83:86:0e:a3:60:1a:a5:c7:
71:ad:ee:df:f7:42:55:0f:19:f4:7f:bd:c1:70:80:dc:a4:7e:
18:f4:1c:a2:ca:2f:37:f2:35:70:38:60:d4:c6:f7:4b:7c:e4:
f9:94:4e:3a:ab:58:bd:f8:76:8e:4a:76:17:de:7a:6e:e0:87:
24:e9:f2:da:95:55:5f:35:fe:78:a1:c9:db:d8:c2:9a:0a:09:
30:6f:2b:9d:1f:dd:b1:97:43:c8:01:69:1d:c5:cb:66:77:4a:
9d:a0:37:f1:a2:e6:c5:34:f0:69:7b:e2:f4:43:e9:25:a4:0f:
c0:d8:df:93:7a:18:2e:a3:ec:47:2d:66:a3:76:94:d3:47:c8:
61:2e:c1:21:1e:53:48:0f:3e:65:07:2d:f0:10:3c:e1:d1:9c:
53:c5:66:f9:2a:98:30:6f:02:65:0f:d5:59:16:d2:f7:8a:05:
34:ef:44:19:29:b6:3e:09:e0:eb:46:77:70:f2:f8:11:ee:9c:
d8:6d:f2:69:c5:57:9b:65:51:76:0e:94:a6:87:9e:90:91:3d:
7b:2d:d4:f4:fb:b7:aa:19:3b:ac:67:0d:13:fe:12:99:62:9b:
fe:e9:bd:41
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgISAZ3YhQPCZuCRleBB2CQKoBlJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhNDRlYjA5MWIzYTMzYTg3YmViOGUwMDRhYjE1ZWYxNzhm
YmFhMDAwHhcNMjYwNDI5MDkxNDQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGE2OGU2ZGFiYWM2OWQ2MWZjM2Q5MGY4MzE3OWM2YzlmNmJmYTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv5XZRFBmVgqUk/Johdwwvw5v1ZGY
BStjK9Ng1sXyoz8jnoy76TxFfqKrtBuVW2RbNMuTatEidUyiACH6nKo9PZus6wf2
C1a4gnsRaqWxbiL/2TUi1GQjlAM575tlqfSiPbUk7hIm/mCbYqQJrfXpF3T6KkeY
dK06kKHbb0iVew/e5haKbCziGKMFS5ssDhvhklx54mFo/Y0AN+wt8pPIMAwzS4CP
gmTUL/2SoMCHD0v0nNhgObh67CKurxsWY2E3BtFTrZblzZUeUqjvQLS77JeJ0YDg
jCgA/srpEgHwzOwSd51f6c25C+c0562MoKe43XuPVZUE6QsABFskDvwUEQIDAQAB
o4ICczCCAm8wHQYDVR0OBBYEFIimjm2rrGnWH8PZD4MXnGyfa/qXMB8GA1UdIwQY
MBaAFKpE6wkbOjOoe+uOAEqxXvF4+6oAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWtUckNSczZNNmg3NjQ0QVNyRmU4WGo3cWdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mYjdhN2QtMDY1NS00NTg3LThhZjkt
NzcwMGUyNWZmNzY5LzEvaUthT2JhdXNhZFlmdzlrUGd4ZWNiSjlyLXBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mYjdhN2QtMDY1NS00NTg3LThhZjktNzcwMGUyNWZmNzY5
LzEvcWtUckNSczZNNmg3NjQ0QVNyRmU4WGo3cWdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGIBggrBgEFBQcBBwEB/wR5MHcwZgQCAAEwYDAMAwQCLvO0
AwQALvO2AwQBLvO4AwQATWmUAwQCTWmYAwQCTozwAwQCWakUMAwDBANdt0gDBABd
t0wDBABdt04DBACyquADBAG5BcwwDAMEBbzjIAMEALzjIgMEAcNYwDANBAIAAjAH
AwUAKg6qwDANBgkqhkiG9w0BAQsFAAOCAQEAuGZteg4k7w9HNYD+Z1Tl+B8RWbkt
VO0X0V2uCoOGDqNgGqXHca3u3/dCVQ8Z9H+9wXCA3KR+GPQcosovN/I1cDhg1Mb3
S3zk+ZROOqtYvfh2jkp2F956buCHJOny2pVVXzX+eKHJ29jCmgoJMG8rnR/dsZdD
yAFpHcXLZndKnaA38aLmxTTwaXvi9EPpJaQPwNjfk3oYLqPsRy1mo3aU00fIYS7B
IR5TSA8+ZQct8BA84dGcU8Vm+SqYMG8CZQ/VWRbS94oFNO9EGSm2Pgng60Z3cPL4
Ee6c2G3yacVXm2VRdg6UpoeekJE9ey3U9Pu3qhk7rGcNE/4SmWKb/um9QQ==
-----END CERTIFICATE-----
Generated at Tue May 12 21:53:07 2026 by rpki-client