Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/X592uwt05oAZ6VZIQO9SpZfw_gI.roa
File: X592uwt05oAZ6VZIQO9SpZfw_gI.roa (raw, json)
Hash identifier: 0RauDiHKBdaL0HxQQv2plSQtZnF5VRoiRUDqPfG3Cqs=
Subject key identifier: 5F:9F:76:BB:0B:74:E6:80:19:E9:56:48:40:EF:52:A5:97:F0:FE:02
Certificate issuer: /CN=89056fa9625b6c87404267c6dc219924ac160045
Certificate serial: 019DE11EDCD7416BAD797917DAF55E98FC09
Authority key identifier: 89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/X592uwt05oAZ6VZIQO9SpZfw_gI.roa
Signing time: Fri 01 May 2026 01:19:49 +0000
ROA not before: Fri 01 May 2026 01:19:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 136258
IP address blocks: 46.16.128.0/24 maxlen: 24
46.16.129.0/24 maxlen: 24
46.16.130.0/24 maxlen: 24
46.16.131.0/24 maxlen: 24
109.104.152.0/24 maxlen: 24
109.104.153.0/24 maxlen: 24
109.104.155.0/24 maxlen: 24
147.78.0.0/24 maxlen: 24
147.78.1.0/24 maxlen: 24
147.78.2.0/24 maxlen: 24
147.78.3.0/24 maxlen: 24
185.126.236.0/24 maxlen: 24
185.126.237.0/24 maxlen: 24
185.126.238.0/24 maxlen: 24
185.126.239.0/24 maxlen: 24
185.213.20.0/24 maxlen: 24
185.213.21.0/24 maxlen: 24
185.213.23.0/24 maxlen: 24
2a11:840:1::/48 maxlen: 48
2a11:840:3::/48 maxlen: 48
2a11:840:4::/48 maxlen: 48
2a11:840:5::/48 maxlen: 48
2a11:840:6::/48 maxlen: 48
2a11:840:7::/48 maxlen: 48
2a11:840:8::/48 maxlen: 48
2a11:840:9::/48 maxlen: 48
2a11:840:10::/48 maxlen: 48
2a11:840:11::/48 maxlen: 48
2a11:840:12::/48 maxlen: 48
2a11:840:13::/48 maxlen: 48
2a11:840:14::/48 maxlen: 48
2a11:840:16::/48 maxlen: 48
2a11:840:17::/48 maxlen: 48
2a11:840:18::/48 maxlen: 48
2a11:840:19::/48 maxlen: 48
2a11:840:20::/48 maxlen: 48
2a11:840:21::/48 maxlen: 48
2a11:840:22::/48 maxlen: 48
2a11:840:23::/48 maxlen: 48
2a11:840:24::/48 maxlen: 48
2a11:840:25::/48 maxlen: 48
2a11:840:26::/48 maxlen: 48
2a11:840:28::/48 maxlen: 48
2a11:840:30::/48 maxlen: 48
2a11:840:31::/48 maxlen: 48
2a11:840:33::/48 maxlen: 48
2a11:840:40::/48 maxlen: 48
2a11:840:41::/48 maxlen: 48
2a11:840:47::/48 maxlen: 48
2a11:840:48::/48 maxlen: 48
2a11:840:53::/48 maxlen: 48
2a11:840:54::/48 maxlen: 48
2a11:840:57::/48 maxlen: 48
2a11:840:60::/48 maxlen: 48
2a11:840:61::/48 maxlen: 48
2a11:840:62::/48 maxlen: 48
2a11:840:63::/48 maxlen: 48
2a11:840:64::/48 maxlen: 48
2a11:840:65::/48 maxlen: 48
2a11:840:66::/48 maxlen: 48
2a11:840:67::/48 maxlen: 48
2a11:840:68::/48 maxlen: 48
2a11:840:69::/48 maxlen: 48
2a11:840:70::/48 maxlen: 48
2a11:840:71::/48 maxlen: 48
2a11:840:72::/48 maxlen: 48
2a11:840:73::/48 maxlen: 48
2a11:840:73:1b::/64 maxlen: 64
2a11:840:74::/48 maxlen: 48
2a11:840:75::/48 maxlen: 48
2a11:840:76::/48 maxlen: 48
2a11:840:77::/48 maxlen: 48
2a11:840:78::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/iQVvqWJbbIdAQmfG3CGZJKwWAEU.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/iQVvqWJbbIdAQmfG3CGZJKwWAEU.mft
rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 16:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:e1:1e:dc:d7:41:6b:ad:79:79:17:da:f5:5e:98:fc:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89056fa9625b6c87404267c6dc219924ac160045
Validity
Not Before: May 1 01:19:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5f9f76bb0b74e68019e9564840ef52a597f0fe02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:a8:9b:f8:43:e7:ac:c1:7f:69:35:1a:2a:c5:
21:4b:d5:21:74:83:5b:82:9a:9b:73:40:82:35:1a:
b3:00:b5:13:4e:84:ee:b1:6b:d5:77:34:2f:e5:4e:
32:60:e8:29:9d:80:ee:a5:8e:19:bf:7b:14:38:bd:
74:af:d7:e3:fd:19:d5:d9:06:ca:d9:9a:e8:bf:3f:
74:2f:16:e7:fd:e1:f6:0e:30:ec:ec:e0:c9:78:56:
99:97:a4:b5:45:ba:b9:cb:2c:52:e6:2e:9d:a1:66:
94:f6:e2:eb:76:25:ca:52:b4:21:a5:bf:e3:14:3f:
37:5b:7b:ec:78:9e:2f:a9:30:52:04:8b:41:da:07:
76:1a:99:1d:d5:cd:81:ff:82:39:fc:08:f9:97:47:
e1:be:03:1e:aa:b2:9f:80:12:95:2b:f0:ff:a7:dc:
12:f2:c6:5b:51:fc:e4:c6:63:24:fd:b0:8c:0f:da:
76:15:84:7f:2a:94:c3:8a:ce:ce:9e:3a:62:bd:f6:
7c:14:87:2d:0d:ff:f1:e0:8f:96:71:9c:6a:4b:ca:
4a:05:79:1d:62:f0:b5:20:27:0e:ef:a4:84:cd:74:
41:cd:ce:ab:f0:19:7b:ae:8a:cb:eb:1f:22:a6:bb:
af:e0:e9:05:e3:4f:eb:37:37:4f:74:08:c3:e9:b4:
64:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:9F:76:BB:0B:74:E6:80:19:E9:56:48:40:EF:52:A5:97:F0:FE:02
X509v3 Authority Key Identifier:
keyid:89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/X592uwt05oAZ6VZIQO9SpZfw_gI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/iQVvqWJbbIdAQmfG3CGZJKwWAEU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.16.128.0/22
109.104.152.0/23
109.104.155.0/24
147.78.0.0/22
185.126.236.0/22
185.213.20.0/23
185.213.23.0/24
IPv6:
2a11:840:1::/48
2a11:840:3::-2a11:840:9:ffff:ffff:ffff:ffff:ffff
2a11:840:10::-2a11:840:14:ffff:ffff:ffff:ffff:ffff
2a11:840:16::-2a11:840:19:ffff:ffff:ffff:ffff:ffff
2a11:840:20::-2a11:840:26:ffff:ffff:ffff:ffff:ffff
2a11:840:28::/48
2a11:840:30::/47
2a11:840:33::/48
2a11:840:40::/47
2a11:840:47::-2a11:840:48:ffff:ffff:ffff:ffff:ffff
2a11:840:53::-2a11:840:54:ffff:ffff:ffff:ffff:ffff
2a11:840:57::/48
2a11:840:60::-2a11:840:69:ffff:ffff:ffff:ffff:ffff
2a11:840:70::-2a11:840:78:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
02:be:ce:90:dc:34:6a:c0:47:63:cb:f8:fb:07:a4:e2:fc:7e:
81:64:5b:c7:80:98:11:46:68:8f:f8:e2:2d:96:81:5d:c2:fa:
9c:09:e5:eb:76:8c:ec:63:d9:53:1d:77:64:3c:d3:77:b7:91:
85:22:ad:61:42:cc:b1:28:c5:db:23:d7:ea:47:27:a4:58:c6:
1d:d2:6b:4e:f9:4c:1a:13:ec:66:97:1e:ea:7a:e2:65:67:45:
4a:40:ba:c6:13:83:4f:ed:c0:76:a1:98:3c:74:06:2b:e5:8a:
d2:97:6b:a3:e9:a0:f9:f0:80:35:82:ff:02:82:89:4b:c5:2e:
c1:43:a2:3a:0b:b7:08:20:b5:7b:4f:d1:07:2f:90:5f:8f:ca:
ae:0d:4a:70:db:44:ae:1a:66:6d:62:1e:49:0b:9a:4b:b5:74:
d5:6a:c4:71:64:1d:c1:1a:c9:37:7e:8e:f5:6b:9d:dc:1a:48:
db:80:8c:84:e0:84:3e:53:3e:81:87:28:b4:07:6f:07:82:44:
0b:cb:e5:63:d6:5b:7e:41:87:28:44:32:3f:2a:8e:83:e1:76:
c6:2c:e5:19:76:1d:a0:19:dd:63:dc:7e:ec:6f:5a:8d:d1:89:
ac:ee:04:22:f7:d5:92:36:ee:e6:4e:1e:d6:9c:6c:d7:31:98:
fd:10:0c:10
-----BEGIN CERTIFICATE-----
MIIGBzCCBO+gAwIBAgISAZ3hHtzXQWuteXkX2vVemPwJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MDU2ZmE5NjI1YjZjODc0MDQyNjdjNmRjMjE5OTI0YWMx
NjAwNDUwHhcNMjYwNTAxMDExOTQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjlmNzZiYjBiNzRlNjgwMTllOTU2NDg0MGVmNTJhNTk3ZjBmZTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiqib+EPnrMF/aTUaKsUhS9UhdINb
gpqbc0CCNRqzALUTToTusWvVdzQv5U4yYOgpnYDupY4Zv3sUOL10r9fj/RnV2QbK
2Zrovz90Lxbn/eH2DjDs7ODJeFaZl6S1Rbq5yyxS5i6doWaU9uLrdiXKUrQhpb/j
FD83W3vseJ4vqTBSBItB2gd2Gpkd1c2B/4I5/Aj5l0fhvgMeqrKfgBKVK/D/p9wS
8sZbUfzkxmMk/bCMD9p2FYR/KpTDis7OnjpivfZ8FIctDf/x4I+WcZxqS8pKBXkd
YvC1ICcO76SEzXRBzc6r8Bl7rorL6x8ipruv4OkF40/rNzdPdAjD6bRkTwIDAQAB
o4IDEzCCAw8wHQYDVR0OBBYEFF+fdrsLdOaAGelWSEDvUqWX8P4CMB8GA1UdIwQY
MBaAFIkFb6liW2yHQEJnxtwhmSSsFgBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQt
NTE5MjAzNzMzNTNjLzEvWDU5MnV3dDA1b0FaNlZaSVFPOVNwWmZ3X2dJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQtNTE5MjAzNzMzNTNj
LzEvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBJwYIKwYBBQUHAQcBAf8EggEWMIIBEjAwBAIAATAqAwQC
LhCAAwQBbWiYAwQAbWibAwQCk04AAwQCuX7sAwQBudUUAwQAudUXMIHdBAIAAjCB
1gMHACoRCEAAATASAwcAKhEIQAADAwcBKhEIQAAIMBIDBwQqEQhAABADBwAqEQhA
ABQwEgMHASoRCEAAFgMHASoRCEAAGDASAwcFKhEIQAAgAwcAKhEIQAAmAwcAKhEI
QAAoAwcBKhEIQAAwAwcAKhEIQAAzAwcBKhEIQABAMBIDBwAqEQhAAEcDBwAqEQhA
AEgwEgMHACoRCEAAUwMHACoRCEAAVAMHACoRCEAAVzASAwcFKhEIQABgAwcBKhEI
QABoMBIDBwQqEQhAAHADBwAqEQhAAHgwDQYJKoZIhvcNAQELBQADggEBAAK+zpDc
NGrAR2PL+PsHpOL8foFkW8eAmBFGaI/44i2WgV3C+pwJ5et2jOxj2VMdd2Q803e3
kYUirWFCzLEoxdsj1+pHJ6RYxh3Sa075TBoT7GaXHup64mVnRUpAusYTg0/twHah
mDx0BivlitKXa6PpoPnwgDWC/wKCiUvFLsFDojoLtwggtXtP0QcvkF+Pyq4NSnDb
RK4aZm1iHkkLmku1dNVqxHFkHcEayTd+jvVrndwaSNuAjITghD5TPoGHKLQHbweC
RAvL5WPWW35BhyhEMj8qjoPhdsYs5Rl2HaAZ3WPcfuxvWo3RiazuBCL31ZI27uZO
HtacbNcxmP0QDBA=
-----END CERTIFICATE-----
Generated at Wed May 13 02:59:04 2026 by rpki-client