Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/b9575b-b7c1-4c5c-9dab-c199c7b4cac2/1/m0gmPNIgnPQiOcpSUIvNpyX690M.roa
File: m0gmPNIgnPQiOcpSUIvNpyX690M.roa (raw, json)
Hash identifier: CpJvjfUdN7rFRz32OhTizxDvTNJv8yNfGS+CrGfqROI=
Subject key identifier: 9B:48:26:3C:D2:20:9C:F4:22:39:CA:52:50:8B:CD:A7:25:FA:F7:43
Certificate issuer: /CN=cfb75191978866f1fc97f523c7dda40a88f7e777
Certificate serial: 019E0217D4A1A8A2C7E3AE6B29F832F38C00
Authority key identifier: CF:B7:51:91:97:88:66:F1:FC:97:F5:23:C7:DD:A4:0A:88:F7:E7:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z7dRkZeIZvH8l_Ujx92kCoj353c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/b9575b-b7c1-4c5c-9dab-c199c7b4cac2/1/m0gmPNIgnPQiOcpSUIvNpyX690M.roa
Signing time: Thu 07 May 2026 10:59:36 +0000
ROA not before: Thu 07 May 2026 10:59:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 13150
IP address blocks: 85.255.16.0/24 maxlen: 24
85.255.17.0/24 maxlen: 24
85.255.18.0/24 maxlen: 24
85.255.19.0/24 maxlen: 24
85.255.20.0/24 maxlen: 24
85.255.21.0/24 maxlen: 24
85.255.22.0/24 maxlen: 24
85.255.23.0/24 maxlen: 24
85.255.24.0/24 maxlen: 24
85.255.25.0/24 maxlen: 24
85.255.26.0/24 maxlen: 24
85.255.27.0/24 maxlen: 24
85.255.28.0/24 maxlen: 24
85.255.29.0/24 maxlen: 24
85.255.30.0/24 maxlen: 24
85.255.31.0/24 maxlen: 24
159.117.224.0/24 maxlen: 24
159.117.225.0/24 maxlen: 24
159.117.226.0/24 maxlen: 24
159.117.227.0/24 maxlen: 24
159.117.228.0/24 maxlen: 24
159.117.229.0/24 maxlen: 24
159.117.230.0/24 maxlen: 24
159.117.231.0/24 maxlen: 24
159.117.232.0/24 maxlen: 24
159.117.233.0/24 maxlen: 24
159.117.234.0/24 maxlen: 24
159.117.235.0/24 maxlen: 24
159.117.236.0/24 maxlen: 24
159.117.237.0/24 maxlen: 24
159.117.238.0/24 maxlen: 24
159.117.239.0/24 maxlen: 24
159.117.240.0/24 maxlen: 24
159.117.241.0/24 maxlen: 24
159.117.242.0/24 maxlen: 24
159.117.243.0/24 maxlen: 24
185.114.120.0/24 maxlen: 24
185.114.121.0/24 maxlen: 24
185.114.122.0/24 maxlen: 24
185.114.123.0/24 maxlen: 24
209.206.0.0/24 maxlen: 24
209.206.1.0/24 maxlen: 24
209.206.2.0/24 maxlen: 24
209.206.3.0/24 maxlen: 24
209.206.4.0/24 maxlen: 24
209.206.5.0/24 maxlen: 24
209.206.6.0/24 maxlen: 24
209.206.7.0/24 maxlen: 24
209.206.8.0/24 maxlen: 24
209.206.9.0/24 maxlen: 24
209.206.10.0/24 maxlen: 24
209.206.11.0/24 maxlen: 24
209.206.12.0/24 maxlen: 24
209.206.13.0/24 maxlen: 24
209.206.14.0/24 maxlen: 24
209.206.15.0/24 maxlen: 24
209.206.16.0/24 maxlen: 24
209.206.17.0/24 maxlen: 24
209.206.18.0/24 maxlen: 24
209.206.19.0/24 maxlen: 24
209.206.20.0/24 maxlen: 24
209.206.21.0/24 maxlen: 24
209.206.22.0/24 maxlen: 24
209.206.23.0/24 maxlen: 24
209.206.24.0/24 maxlen: 24
209.206.25.0/24 maxlen: 24
209.206.26.0/24 maxlen: 24
209.206.27.0/24 maxlen: 24
209.206.28.0/24 maxlen: 24
209.206.29.0/24 maxlen: 24
209.206.30.0/24 maxlen: 24
209.206.31.0/24 maxlen: 24
216.252.176.0/24 maxlen: 24
216.252.177.0/24 maxlen: 24
216.252.178.0/24 maxlen: 24
216.252.179.0/24 maxlen: 24
216.252.180.0/24 maxlen: 24
216.252.181.0/24 maxlen: 24
216.252.182.0/24 maxlen: 24
216.252.183.0/24 maxlen: 24
216.252.184.0/24 maxlen: 24
216.252.185.0/24 maxlen: 24
216.252.186.0/24 maxlen: 24
216.252.187.0/24 maxlen: 24
216.252.188.0/24 maxlen: 24
216.252.189.0/24 maxlen: 24
216.252.190.0/24 maxlen: 24
216.252.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/b9575b-b7c1-4c5c-9dab-c199c7b4cac2/1/z7dRkZeIZvH8l_Ujx92kCoj353c.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/b9575b-b7c1-4c5c-9dab-c199c7b4cac2/1/z7dRkZeIZvH8l_Ujx92kCoj353c.mft
rsync://rpki.ripe.net/repository/DEFAULT/z7dRkZeIZvH8l_Ujx92kCoj353c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:02:17:d4:a1:a8:a2:c7:e3:ae:6b:29:f8:32:f3:8c:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfb75191978866f1fc97f523c7dda40a88f7e777
Validity
Not Before: May 7 10:59:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9b48263cd2209cf42239ca52508bcda725faf743
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:9b:94:8d:99:3f:20:06:79:54:63:81:aa:cf:
b6:28:b3:ee:e5:19:88:bb:aa:5f:4f:18:8d:13:78:
7c:f4:d6:95:30:66:41:b1:58:ae:bd:68:eb:45:fc:
0a:25:68:11:40:87:2f:e3:33:ad:2f:08:56:ff:2e:
b8:09:26:6b:a8:3c:dc:7d:0e:83:a5:b3:99:55:ae:
7a:bf:cd:a3:55:96:74:ba:89:7e:8c:d8:54:f2:cb:
68:0a:23:a9:b1:49:d3:72:15:22:d9:7e:e4:2f:00:
c8:89:99:b3:5b:8b:27:46:67:bf:d8:b0:c8:1b:15:
2f:99:d8:57:3c:f0:2d:c5:3a:c0:39:fa:78:c7:00:
b1:48:a7:ae:d5:ae:a3:bc:88:8b:c4:f3:74:ed:95:
f3:2d:e2:a1:2b:bf:6a:d0:b0:52:2a:e2:f1:cb:a8:
b6:eb:a4:98:95:f7:cf:a7:ff:0f:fe:94:c9:e9:8f:
f0:7d:e3:50:62:26:07:9f:1a:76:bc:54:f3:0e:78:
07:bc:96:bd:6a:55:38:55:18:87:8f:dd:47:8a:a2:
6a:c6:29:99:a4:d2:ea:99:08:de:67:08:3e:46:d0:
b0:ae:dd:c7:4a:a2:be:3c:89:0d:9b:8e:81:1c:de:
7d:74:1f:8b:ce:4e:cf:4c:ee:45:5e:fc:32:57:b8:
cf:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:48:26:3C:D2:20:9C:F4:22:39:CA:52:50:8B:CD:A7:25:FA:F7:43
X509v3 Authority Key Identifier:
keyid:CF:B7:51:91:97:88:66:F1:FC:97:F5:23:C7:DD:A4:0A:88:F7:E7:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z7dRkZeIZvH8l_Ujx92kCoj353c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/b9575b-b7c1-4c5c-9dab-c199c7b4cac2/1/m0gmPNIgnPQiOcpSUIvNpyX690M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/b9575b-b7c1-4c5c-9dab-c199c7b4cac2/1/z7dRkZeIZvH8l_Ujx92kCoj353c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.255.16.0/20
159.117.224.0-159.117.243.255
185.114.120.0/22
209.206.0.0/19
216.252.176.0/20
Signature Algorithm: sha256WithRSAEncryption
6f:45:c0:e4:1f:56:31:1a:d1:fb:42:63:c3:e4:d6:18:38:21:
d1:d1:f5:b1:5b:23:b2:5d:ba:b4:d1:b1:76:da:01:a5:c4:d9:
e5:12:09:22:e2:49:45:ea:2f:71:3a:95:1e:af:46:b6:cf:c6:
f7:87:87:fd:73:99:d3:f7:58:86:7e:80:73:be:95:82:90:a4:
e8:5f:bf:d1:45:e4:e1:5b:eb:26:70:ed:15:8f:69:fb:5f:bb:
df:0e:b5:f2:06:88:d8:60:9b:29:dc:dd:b9:25:ea:b2:f2:c4:
d2:a2:07:bf:73:e6:6c:09:23:9c:90:b3:b1:09:92:62:d8:09:
90:30:f4:d0:24:f0:b0:2e:8b:86:6d:9d:21:f5:45:05:87:5c:
c2:68:3d:38:9b:de:ce:7f:bd:3d:f3:16:2a:cb:c5:08:f3:36:
27:b1:5d:b9:26:8b:4d:72:7d:80:a6:18:9e:16:42:0d:30:4d:
eb:9a:e6:84:af:3f:07:a1:03:ee:ea:46:92:14:01:ab:d5:51:
61:f1:b3:59:2c:d1:61:e0:79:d2:a4:76:0b:22:92:11:bf:66:
da:0c:e1:64:e2:68:57:3f:48:b1:82:f1:4a:83:11:1a:5d:92:
54:5b:25:94:9b:35:f8:1e:f6:dd:43:79:bd:7f:2c:a2:aa:11:
e8:31:82:c3
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZ4CF9ShqKLH465rKfgy84wAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmYjc1MTkxOTc4ODY2ZjFmYzk3ZjUyM2M3ZGRhNDBhODhm
N2U3NzcwHhcNMjYwNTA3MTA1OTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjQ4MjYzY2QyMjA5Y2Y0MjIzOWNhNTI1MDhiY2RhNzI1ZmFmNzQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAupuUjZk/IAZ5VGOBqs+2KLPu5RmI
u6pfTxiNE3h89NaVMGZBsViuvWjrRfwKJWgRQIcv4zOtLwhW/y64CSZrqDzcfQ6D
pbOZVa56v82jVZZ0uol+jNhU8stoCiOpsUnTchUi2X7kLwDIiZmzW4snRme/2LDI
GxUvmdhXPPAtxTrAOfp4xwCxSKeu1a6jvIiLxPN07ZXzLeKhK79q0LBSKuLxy6i2
66SYlffPp/8P/pTJ6Y/wfeNQYiYHnxp2vFTzDngHvJa9alU4VRiHj91HiqJqximZ
pNLqmQjeZwg+RtCwrt3HSqK+PIkNm46BHN59dB+Lzk7PTO5FXvwyV7jPvwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFJtIJjzSIJz0IjnKUlCLzacl+vdDMB8GA1UdIwQY
MBaAFM+3UZGXiGbx/Jf1I8fdpAqI9+d3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejdkUmtaZUladkg4bF9Vang5MmtDb2ozNTNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9iOTU3NWItYjdjMS00YzVjLTlkYWIt
YzE5OWM3YjRjYWMyLzEvbTBnbVBOSWduUFFpT2NwU1VJdk5weVg2OTBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9iOTU3NWItYjdjMS00YzVjLTlkYWItYzE5OWM3YjRjYWMy
LzEvejdkUmtaZUladkg4bF9Vang5MmtDb2ozNTNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQEVf8QMAwD
BAWfdeADBAKfdfADBAK5cngDBAXRzgADBATY/LAwDQYJKoZIhvcNAQELBQADggEB
AG9FwOQfVjEa0ftCY8Pk1hg4IdHR9bFbI7JdurTRsXbaAaXE2eUSCSLiSUXqL3E6
lR6vRrbPxveHh/1zmdP3WIZ+gHO+lYKQpOhfv9FF5OFb6yZw7RWPaftfu98OtfIG
iNhgmync3bkl6rLyxNKiB79z5mwJI5yQs7EJkmLYCZAw9NAk8LAui4ZtnSH1RQWH
XMJoPTib3s5/vT3zFirLxQjzNiexXbkmi01yfYCmGJ4WQg0wTeua5oSvPwehA+7q
RpIUAavVUWHxs1ks0WHgedKkdgsikhG/ZtoM4WTiaFc/SLGC8UqDERpdklRbJZSb
Nfge9t1Deb1/LKKqEegxgsM=
-----END CERTIFICATE-----
Generated at Wed May 13 05:26:21 2026 by rpki-client