Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/dc318b-9240-4775-a4ab-7d4266cf822a/1/IckkCSlpD90r3v7s4yAs8JcMlrc.roa
File: IckkCSlpD90r3v7s4yAs8JcMlrc.roa (raw, json)
Hash identifier: VMwqztpny28xBlD0i826FGCt4rfbxOi3vTre6sh06bY=
Subject key identifier: 21:C9:24:09:29:69:0F:DD:2B:DE:FE:EC:E3:20:2C:F0:97:0C:96:B7
Certificate issuer: /CN=9f26ac9eeb3a2cfa2f6ca3f413efb9cdffe9724e
Certificate serial: 019CDCE43BACBD46FFE4EC51DC1684FF44FF
Authority key identifier: 9F:26:AC:9E:EB:3A:2C:FA:2F:6C:A3:F4:13:EF:B9:CD:FF:E9:72:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nyasnus6LPovbKP0E--5zf_pck4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/dc318b-9240-4775-a4ab-7d4266cf822a/1/IckkCSlpD90r3v7s4yAs8JcMlrc.roa
Signing time: Wed 11 Mar 2026 12:34:30 +0000
ROA not before: Wed 11 Mar 2026 12:34:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 43915
IP address blocks: 5.181.104.0/22 maxlen: 22
45.66.36.0/22 maxlen: 22
45.80.160.0/22 maxlen: 22
45.130.56.0/22 maxlen: 22
45.143.112.0/22 maxlen: 22
45.152.28.0/22 maxlen: 22
62.169.148.0/23 maxlen: 23
79.135.122.0/23 maxlen: 24
87.117.64.0/22 maxlen: 22
87.117.68.0/23 maxlen: 23
91.239.57.0/24 maxlen: 24
94.154.184.0/22 maxlen: 24
109.224.216.0/22 maxlen: 22
109.224.224.0/22 maxlen: 24
109.224.224.0/23 maxlen: 23
109.224.226.0/23 maxlen: 24
109.224.234.0/23 maxlen: 24
109.224.236.0/22 maxlen: 22
109.224.240.0/23 maxlen: 24
144.178.104.0/23 maxlen: 23
144.178.118.0/23 maxlen: 23
144.178.252.0/23 maxlen: 23
147.189.156.0/22 maxlen: 24
147.189.214.0/24 maxlen: 24
150.251.120.0/22 maxlen: 22
176.116.116.0/22 maxlen: 22
178.248.128.0/21 maxlen: 21
185.23.254.0/23 maxlen: 24
185.147.184.0/22 maxlen: 22
185.161.4.0/22 maxlen: 22
185.231.136.0/21 maxlen: 21
188.214.236.0/22 maxlen: 22
193.35.146.0/23 maxlen: 23
194.105.134.0/23 maxlen: 24
194.145.242.0/23 maxlen: 24
194.146.160.0/22 maxlen: 24
194.169.152.0/22 maxlen: 22
195.72.56.0/22 maxlen: 22
195.184.250.0/23 maxlen: 23
195.206.172.0/22 maxlen: 24
195.242.148.0/23 maxlen: 23
195.244.2.0/23 maxlen: 23
212.59.72.0/21 maxlen: 24
212.108.90.0/23 maxlen: 23
213.225.224.0/22 maxlen: 24
217.14.184.0/21 maxlen: 21
217.20.244.0/22 maxlen: 24
217.171.100.0/22 maxlen: 22
217.171.104.0/22 maxlen: 22
2a07:5940::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/dc318b-9240-4775-a4ab-7d4266cf822a/1/nyasnus6LPovbKP0E--5zf_pck4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/dc318b-9240-4775-a4ab-7d4266cf822a/1/nyasnus6LPovbKP0E--5zf_pck4.mft
rsync://rpki.ripe.net/repository/DEFAULT/nyasnus6LPovbKP0E--5zf_pck4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 12:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:dc:e4:3b:ac:bd:46:ff:e4:ec:51:dc:16:84:ff:44:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f26ac9eeb3a2cfa2f6ca3f413efb9cdffe9724e
Validity
Not Before: Mar 11 12:34:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=21c9240929690fdd2bdefeece3202cf0970c96b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:9e:46:8c:6f:31:bb:9d:93:1b:50:1d:d4:f9:
d8:70:49:ed:23:c1:e8:24:38:e2:4d:a5:79:3c:5f:
a9:c7:9b:71:9b:ef:a8:5a:ee:ff:60:a7:a9:87:1b:
5d:fa:96:bc:73:fe:82:62:ee:cf:23:ce:17:66:d1:
97:99:15:93:09:1a:ff:45:ee:e3:9b:fd:1b:7d:c3:
72:8f:3f:90:dc:41:17:75:1f:ba:78:93:22:88:01:
f6:e8:bd:b5:38:5f:0f:90:0e:0b:a0:0f:f7:5b:02:
4b:2c:46:79:79:7e:54:1f:6e:46:b2:ff:f2:91:db:
a2:b9:df:57:48:97:35:5a:6e:43:b7:b2:ab:49:8e:
95:1f:6b:ee:29:7a:5d:12:fb:a3:84:3b:fd:b7:ef:
40:3d:bc:8d:96:bb:f1:54:f3:a6:10:a6:6d:9b:77:
cf:0a:e7:e4:05:99:88:10:42:16:33:72:3e:35:c1:
dd:22:e9:7a:e3:50:9a:a4:03:a7:33:6e:25:82:e6:
06:16:d8:68:02:46:f6:9d:db:fe:93:49:75:85:3d:
65:3d:2f:1c:f8:fe:54:0d:25:17:91:a7:d0:40:0b:
3f:35:aa:05:98:46:f5:04:41:33:07:c3:17:95:1a:
89:c4:d1:eb:8a:f4:dc:23:92:4c:41:cc:10:46:66:
3f:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:C9:24:09:29:69:0F:DD:2B:DE:FE:EC:E3:20:2C:F0:97:0C:96:B7
X509v3 Authority Key Identifier:
keyid:9F:26:AC:9E:EB:3A:2C:FA:2F:6C:A3:F4:13:EF:B9:CD:FF:E9:72:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nyasnus6LPovbKP0E--5zf_pck4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/dc318b-9240-4775-a4ab-7d4266cf822a/1/IckkCSlpD90r3v7s4yAs8JcMlrc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/dc318b-9240-4775-a4ab-7d4266cf822a/1/nyasnus6LPovbKP0E--5zf_pck4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.104.0/22
45.66.36.0/22
45.80.160.0/22
45.130.56.0/22
45.143.112.0/22
45.152.28.0/22
62.169.148.0/23
79.135.122.0/23
87.117.64.0-87.117.69.255
91.239.57.0/24
94.154.184.0/22
109.224.216.0/22
109.224.224.0/22
109.224.234.0-109.224.241.255
144.178.104.0/23
144.178.118.0/23
144.178.252.0/23
147.189.156.0/22
147.189.214.0/24
150.251.120.0/22
176.116.116.0/22
178.248.128.0/21
185.23.254.0/23
185.147.184.0/22
185.161.4.0/22
185.231.136.0/21
188.214.236.0/22
193.35.146.0/23
194.105.134.0/23
194.145.242.0/23
194.146.160.0/22
194.169.152.0/22
195.72.56.0/22
195.184.250.0/23
195.206.172.0/22
195.242.148.0/23
195.244.2.0/23
212.59.72.0/21
212.108.90.0/23
213.225.224.0/22
217.14.184.0/21
217.20.244.0/22
217.171.100.0-217.171.107.255
IPv6:
2a07:5940::/32
Signature Algorithm: sha256WithRSAEncryption
5f:98:1b:b2:7b:c5:79:d3:70:68:4d:23:07:75:6b:dc:7b:e7:
1a:d4:21:bf:95:b9:2b:ce:01:20:1e:66:d7:a7:b4:7b:75:50:
55:a9:9e:e3:0d:f3:86:1a:ec:e7:80:99:73:97:58:5b:94:45:
29:94:2e:9e:a7:02:c5:99:93:ab:22:a9:f6:de:8b:6e:06:bc:
bd:d7:46:a4:cb:c1:99:c7:3f:b7:9c:c4:c5:ce:e8:43:90:a7:
4c:8e:a1:c3:99:56:16:65:6b:06:3c:01:12:38:d3:fc:0a:12:
bf:ff:b7:96:55:6b:3e:91:36:f5:f7:bd:58:73:88:f2:5e:7d:
ef:2c:41:f9:69:9c:a1:30:12:24:a1:89:dd:e6:ef:10:a9:29:
e6:b6:32:6a:2b:01:49:e3:f8:87:db:b1:37:0f:38:8b:ea:d5:
84:52:ac:a2:0a:45:07:f9:42:48:b2:fa:bc:38:6c:7a:9e:d5:
82:98:3d:24:2b:c9:65:5d:49:4d:0a:69:a2:ec:1b:8e:f7:a3:
5b:bf:b9:d0:83:3e:3c:f9:27:f9:aa:69:5b:d3:9f:fe:93:aa:
b4:16:73:40:41:4d:95:ba:0d:e0:a0:8b:ba:cd:9e:9b:30:ea:
0d:b7:bf:6c:9d:eb:79:28:c4:1a:82:48:3c:85:2d:87:97:a6:
4c:05:fe:5c
-----BEGIN CERTIFICATE-----
MIIGKjCCBRKgAwIBAgISAZzc5DusvUb/5OxR3BaE/0T/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMjZhYzllZWIzYTJjZmEyZjZjYTNmNDEzZWZiOWNkZmZl
OTcyNGUwHhcNMjYwMzExMTIzNDMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWM5MjQwOTI5NjkwZmRkMmJkZWZlZWNlMzIwMmNmMDk3MGM5NmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs55GjG8xu52TG1Ad1PnYcEntI8Ho
JDjiTaV5PF+px5txm++oWu7/YKephxtd+pa8c/6CYu7PI84XZtGXmRWTCRr/Re7j
m/0bfcNyjz+Q3EEXdR+6eJMiiAH26L21OF8PkA4LoA/3WwJLLEZ5eX5UH25Gsv/y
kduiud9XSJc1Wm5Dt7KrSY6VH2vuKXpdEvujhDv9t+9APbyNlrvxVPOmEKZtm3fP
CufkBZmIEEIWM3I+NcHdIul641CapAOnM24lguYGFthoAkb2ndv+k0l1hT1lPS8c
+P5UDSUXkafQQAs/NaoFmEb1BEEzB8MXlRqJxNHrivTcI5JMQcwQRmY/iQIDAQAB
o4IDNjCCAzIwHQYDVR0OBBYEFCHJJAkpaQ/dK97+7OMgLPCXDJa3MB8GA1UdIwQY
MBaAFJ8mrJ7rOiz6L2yj9BPvuc3/6XJOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnlhc251czZMUG92YktQMEUtLTV6Zl9wY2s0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9kYzMxOGItOTI0MC00Nzc1LWE0YWIt
N2Q0MjY2Y2Y4MjJhLzEvSWNra0NTbHBEOTByM3Y3czR5QXM4SmNNbHJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9kYzMxOGItOTI0MC00Nzc1LWE0YWItN2Q0MjY2Y2Y4MjJh
LzEvbnlhc251czZMUG92YktQMEUtLTV6Zl9wY2s0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBSgYIKwYBBQUHAQcBAf8EggE5MIIBNTCCASIEAgABMIIB
GgMEAgW1aAMEAi1CJAMEAi1QoAMEAi2COAMEAi2PcAMEAi2YHAMEAT6plAMEAU+H
ejAMAwQGV3VAAwQBV3VEAwQAW+85AwQCXpq4AwQCbeDYAwQCbeDgMAwDBAFt4OoD
BAFt4PADBAGQsmgDBAGQsnYDBAGQsvwDBAKTvZwDBACTvdYDBAKW+3gDBAKwdHQD
BAOy+IADBAG5F/4DBAK5k7gDBAK5oQQDBAO554gDBAK81uwDBAHBI5IDBAHCaYYD
BAHCkfIDBALCkqADBALCqZgDBALDSDgDBAHDuPoDBALDzqwDBAHD8pQDBAHD9AID
BAPUO0gDBAHUbFoDBALV4eADBAPZDrgDBALZFPQwDAMEAtmrZAMEAtmraDANBAIA
AjAHAwUAKgdZQDANBgkqhkiG9w0BAQsFAAOCAQEAX5gbsnvFedNwaE0jB3Vr3Hvn
GtQhv5W5K84BIB5m16e0e3VQVame4w3zhhrs54CZc5dYW5RFKZQunqcCxZmTqyKp
9t6Lbga8vddGpMvBmcc/t5zExc7oQ5CnTI6hw5lWFmVrBjwBEjjT/AoSv/+3llVr
PpE29fe9WHOI8l597yxB+WmcoTASJKGJ3ebvEKkp5rYyaisBSeP4h9uxNw84i+rV
hFKsogpFB/lCSLL6vDhsep7Vgpg9JCvJZV1JTQppouwbjvejW7+50IM+PPkn+app
W9Of/pOqtBZzQEFNlboN4KCLus2emzDqDbe/bJ3reSjEGoJIPIUth5emTAX+XA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 21:51:55 2026 by rpki-client