Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/bKHtiUrBeJPFCE2Ftt-lCO4oMX0.roa
File: bKHtiUrBeJPFCE2Ftt-lCO4oMX0.roa (raw, json)
Hash identifier: wuA7wX2Lve2pm6p0CCnQL9Tbg1l/H+dFRlqmr5b7DEA=
Subject key identifier: 6C:A1:ED:89:4A:C1:78:93:C5:08:4D:85:B6:DF:A5:08:EE:28:31:7D
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 019E1B251B13CA45D77921A57A714773CFFD
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/bKHtiUrBeJPFCE2Ftt-lCO4oMX0.roa
Signing time: Tue 12 May 2026 07:44:36 +0000
ROA not before: Tue 12 May 2026 07:44:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 6079
IP address blocks: 89.34.228.0/24 maxlen: 24
89.34.231.0/24 maxlen: 24
89.37.119.0/24 maxlen: 24
89.38.228.0/24 maxlen: 24
89.38.229.0/24 maxlen: 24
89.40.82.0/24 maxlen: 24
89.42.80.0/24 maxlen: 24
89.42.81.0/24 maxlen: 24
89.42.82.0/24 maxlen: 24
89.42.86.0/24 maxlen: 24
89.42.143.0/24 maxlen: 24
89.43.140.0/24 maxlen: 24
89.43.143.0/24 maxlen: 24
89.46.0.0/24 maxlen: 24
89.46.2.0/24 maxlen: 24
89.46.3.0/24 maxlen: 24
89.47.99.0/24 maxlen: 24
89.47.115.0/24 maxlen: 24
89.47.117.0/24 maxlen: 24
89.47.119.0/24 maxlen: 24
89.47.125.0/24 maxlen: 24
89.47.126.0/24 maxlen: 24
89.47.127.0/24 maxlen: 24
93.113.181.0/24 maxlen: 24
93.114.74.0/24 maxlen: 24
93.114.75.0/24 maxlen: 24
93.114.76.0/24 maxlen: 24
93.114.77.0/24 maxlen: 24
93.114.78.0/24 maxlen: 24
93.114.79.0/24 maxlen: 24
185.101.105.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.mft
rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:1b:25:1b:13:ca:45:d7:79:21:a5:7a:71:47:73:cf:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: May 12 07:44:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6ca1ed894ac17893c5084d85b6dfa508ee28317d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:e9:6a:a7:eb:23:c6:1c:46:19:73:04:d1:8a:
cc:d8:f0:34:30:df:1b:fc:20:cb:5f:fa:51:48:18:
cb:ed:b8:20:61:2b:5f:cb:8c:3a:4e:ea:a1:ee:4a:
cc:c8:18:dc:f5:31:28:f8:c6:79:37:de:9c:16:7e:
cd:63:77:da:0d:4e:50:a5:da:3d:fa:04:81:82:53:
af:52:82:e8:ef:12:71:75:f1:b6:12:e0:20:d3:01:
2b:b3:d5:77:45:e1:08:31:66:9b:92:a9:bf:f6:d1:
67:a9:e9:12:6a:8c:b7:07:5c:48:08:34:e8:27:59:
b8:1d:c4:84:d8:fb:79:84:8d:49:9a:46:ed:cb:bd:
b3:de:d2:9f:7d:cc:9d:34:6c:90:91:d7:0b:1c:b9:
14:21:40:1d:a6:82:d1:4c:1b:23:00:f0:8c:09:33:
dd:a6:20:40:ea:6b:20:aa:09:70:16:9e:84:f4:17:
3e:a6:de:e9:f7:d5:7d:22:f9:de:20:6e:b5:6a:5a:
ba:09:64:82:4d:c8:2e:a0:21:23:b4:be:75:47:b8:
a6:79:d8:bb:72:56:10:21:36:3b:8f:1e:bf:b8:3f:
6e:cd:a1:36:89:2b:1d:5c:e6:74:df:e9:43:4f:27:
13:00:07:ca:68:9b:92:00:3c:ef:ac:4a:61:4d:ec:
6c:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:A1:ED:89:4A:C1:78:93:C5:08:4D:85:B6:DF:A5:08:EE:28:31:7D
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/bKHtiUrBeJPFCE2Ftt-lCO4oMX0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.228.0/24
89.34.231.0/24
89.37.119.0/24
89.38.228.0/23
89.40.82.0/24
89.42.80.0-89.42.82.255
89.42.86.0/24
89.42.143.0/24
89.43.140.0/24
89.43.143.0/24
89.46.0.0/24
89.46.2.0/23
89.47.99.0/24
89.47.115.0/24
89.47.117.0/24
89.47.119.0/24
89.47.125.0-89.47.127.255
93.113.181.0/24
93.114.74.0-93.114.79.255
185.101.105.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:49:bd:ea:d1:16:e4:89:97:bf:15:15:36:9e:29:03:49:0b:
5e:f8:31:81:aa:e2:88:de:c7:51:20:d5:10:74:95:a1:2f:d8:
c3:f5:ef:21:5f:c0:c9:36:e3:1a:6e:7e:69:9c:65:f9:cb:f9:
b4:91:79:3e:f7:e5:50:6b:52:a1:2f:ba:15:8a:b0:4b:02:2d:
15:12:26:58:7f:85:90:b4:1e:6c:fa:15:e6:df:95:5d:60:48:
1d:73:96:20:4e:af:69:51:e3:6a:81:e1:dc:79:ca:3e:50:22:
78:b0:04:8a:14:f2:45:21:e1:7e:4d:7a:59:31:99:1e:bb:22:
21:93:8a:1e:5d:1a:36:2c:65:aa:8b:e2:07:13:14:2d:e0:be:
6e:8a:1f:79:a6:0a:04:ff:02:0e:97:cb:6e:d3:7c:2a:1d:a3:
3f:13:a1:02:75:d4:55:d7:d1:e4:9c:1f:e5:a2:2a:ac:16:a0:
de:85:dd:37:69:32:34:3e:71:0e:63:88:da:1e:83:45:a8:46:
0e:20:0d:90:ed:14:2c:1c:2d:67:c8:17:35:8b:83:07:1b:d7:
af:8a:9f:f2:85:6a:56:ca:91:04:14:60:98:b4:8d:89:bf:da:
b7:6d:d4:40:54:80:04:70:ac:21:c6:71:d0:8f:b5:68:09:e2:
d9:a7:70:1f
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgISAZ4bJRsTykXXeSGlenFHc8/9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjYwNTEyMDc0NDM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2ExZWQ4OTRhYzE3ODkzYzUwODRkODViNmRmYTUwOGVlMjgzMTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx+lqp+sjxhxGGXME0YrM2PA0MN8b
/CDLX/pRSBjL7bggYStfy4w6Tuqh7krMyBjc9TEo+MZ5N96cFn7NY3faDU5Qpdo9
+gSBglOvUoLo7xJxdfG2EuAg0wErs9V3ReEIMWabkqm/9tFnqekSaoy3B1xICDTo
J1m4HcSE2Pt5hI1Jmkbty72z3tKffcydNGyQkdcLHLkUIUAdpoLRTBsjAPCMCTPd
piBA6msgqglwFp6E9Bc+pt7p99V9IvneIG61alq6CWSCTcguoCEjtL51R7imedi7
clYQITY7jx6/uD9uzaE2iSsdXOZ03+lDTycTAAfKaJuSADzvrEphTexsdwIDAQAB
o4ICmDCCApQwHQYDVR0OBBYEFGyh7YlKwXiTxQhNhbbfpQjuKDF9MB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvYktIdGlVckJlSlBGQ0UyRnR0LWxDTzRvTVgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGtBggrBgEFBQcBBwEB/wSBnTCBmjCBlwQCAAEwgZADBABZ
IuQDBABZIucDBABZJXcDBAFZJuQDBABZKFIwDAMEBFkqUAMEAFkqUgMEAFkqVgME
AFkqjwMEAFkrjAMEAFkrjwMEAFkuAAMEAVkuAgMEAFkvYwMEAFkvcwMEAFkvdQME
AFkvdzAMAwQAWS99AwQHWS8AAwQAXXG1MAwDBAFdckoDBARdckADBAC5ZWkwDQYJ
KoZIhvcNAQELBQADggEBAExJverRFuSJl78VFTaeKQNJC174MYGq4ojex1Eg1RB0
laEv2MP17yFfwMk24xpufmmcZfnL+bSReT735VBrUqEvuhWKsEsCLRUSJlh/hZC0
Hmz6FebflV1gSB1zliBOr2lR42qB4dx5yj5QIniwBIoU8kUh4X5NelkxmR67IiGT
ih5dGjYsZaqL4gcTFC3gvm6KH3mmCgT/Ag6Xy27TfCodoz8ToQJ11FXX0eScH+Wi
KqwWoN6F3TdpMjQ+cQ5jiNoeg0WoRg4gDZDtFCwcLWfIFzWLgwcb16+Kn/KFalbK
kQQUYJi0jYm/2rdt1EBUgARwrCHGcdCPtWgJ4tmncB8=
-----END CERTIFICATE-----
Generated at Wed May 13 01:35:56 2026 by rpki-client