Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/1--GKrf9ODrgFNJ35G1BzJDqgfuY.roa
File: 1--GKrf9ODrgFNJ35G1BzJDqgfuY.roa (raw, json)
Hash identifier: OrVo1bCm+hU5GD3Tlbk/dMM0PnOKS4QUlD8B0InYRfo=
Subject key identifier: FB:E1:8A:AD:FF:4E:0E:B8:05:34:9D:F9:1B:50:73:24:3A:A0:7E:E6
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 019E1B8D7A354A46BB6C4701C66440E92C98
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/1--GKrf9ODrgFNJ35G1BzJDqgfuY.roa
Signing time: Tue 12 May 2026 09:38:37 +0000
ROA not before: Tue 12 May 2026 09:38:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 45.8.23.0/24 maxlen: 24
45.90.17.0/24 maxlen: 24
45.131.134.0/24 maxlen: 24
45.131.135.0/24 maxlen: 24
185.108.204.0/24 maxlen: 24
185.126.82.0/24 maxlen: 24
185.199.54.0/24 maxlen: 24
185.199.158.0/24 maxlen: 24
185.199.159.0/24 maxlen: 24
185.206.251.0/24 maxlen: 24
185.209.38.0/24 maxlen: 24
185.209.73.0/24 maxlen: 24
185.209.74.0/24 maxlen: 24
185.209.75.0/24 maxlen: 24
185.210.154.0/24 maxlen: 24
185.210.233.0/24 maxlen: 24
185.210.235.0/24 maxlen: 24
185.214.103.0/24 maxlen: 24
185.214.108.0/24 maxlen: 24
185.218.20.0/24 maxlen: 24
185.218.101.0/24 maxlen: 24
185.220.248.0/24 maxlen: 24
185.220.249.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.221.20.0/24 maxlen: 24
185.222.28.0/24 maxlen: 24
185.222.29.0/24 maxlen: 24
185.223.80.0/24 maxlen: 24
185.223.155.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.225.1.0/24 maxlen: 24
185.225.2.0/24 maxlen: 24
185.225.3.0/24 maxlen: 24
185.225.22.0/24 maxlen: 24
185.226.104.0/24 maxlen: 24
185.226.105.0/24 maxlen: 24
185.226.107.0/24 maxlen: 24
185.227.144.0/24 maxlen: 24
185.227.146.0/23 maxlen: 24
185.227.147.0/24 maxlen: 24
185.228.72.0/24 maxlen: 24
185.228.75.0/24 maxlen: 24
185.230.53.0/24 maxlen: 24
185.230.67.0/24 maxlen: 24
185.232.206.0/24 maxlen: 24
185.234.22.0/24 maxlen: 24
185.240.120.0/23 maxlen: 24
185.246.112.0/24 maxlen: 24
193.8.112.0/23 maxlen: 24
193.8.112.0/24 maxlen: 24
193.8.113.0/24 maxlen: 24
193.8.114.0/24 maxlen: 24
193.58.144.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
193.58.146.0/24 maxlen: 24
194.5.65.0/24 maxlen: 24
194.5.67.0/24 maxlen: 24
194.76.169.0/24 maxlen: 24
194.124.69.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 18:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:1b:8d:7a:35:4a:46:bb:6c:47:01:c6:64:40:e9:2c:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: May 12 09:38:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=fbe18aadff4e0eb805349df91b5073243aa07ee6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:1f:68:69:16:1e:60:85:c3:0c:a9:35:37:dc:
9d:24:91:1c:b6:2e:2c:dd:77:f1:07:50:f6:d7:74:
3f:94:13:30:30:4e:a9:ec:70:04:cc:bc:46:e4:ac:
b5:7a:4b:dd:82:11:9f:eb:13:f5:8e:5d:ce:f8:09:
c5:6c:0a:e3:a7:44:94:2e:7e:4c:02:ee:46:e9:33:
c4:7b:af:36:73:ad:cc:7c:8d:dc:71:2a:4c:a3:e6:
78:00:ce:e1:61:2e:dd:4c:ad:28:99:7c:ca:48:b1:
16:6b:79:6e:dc:0a:6b:45:f3:34:9e:a9:24:be:43:
c6:09:25:3b:ca:ac:f9:36:07:c4:e5:6b:b3:39:43:
8c:c8:fd:64:12:04:5f:3d:f7:eb:86:82:b0:76:60:
86:42:8c:6a:b3:e3:d5:64:2c:ac:cf:03:a1:d7:6b:
62:2f:29:66:e4:c3:19:16:38:f8:a0:3d:07:e3:3f:
ae:24:88:a0:d5:f0:44:87:a0:e7:77:7b:02:69:bb:
78:da:ff:30:a7:20:7f:7f:a2:7a:c6:30:4c:64:37:
c8:e3:d4:0e:9b:11:c7:c4:75:85:84:85:a3:c4:d8:
83:a8:88:ab:2c:99:e2:9c:10:4f:21:d6:81:38:d9:
22:63:a1:b4:9b:99:5d:74:19:5f:e8:d8:7c:69:0f:
17:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:E1:8A:AD:FF:4E:0E:B8:05:34:9D:F9:1B:50:73:24:3A:A0:7E:E6
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/1--GKrf9ODrgFNJ35G1BzJDqgfuY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.23.0/24
45.90.17.0/24
45.131.134.0/23
185.108.204.0/24
185.126.82.0/24
185.199.54.0/24
185.199.158.0/23
185.206.251.0/24
185.209.38.0/24
185.209.73.0-185.209.75.255
185.210.154.0/24
185.210.233.0/24
185.210.235.0/24
185.214.103.0/24
185.214.108.0/24
185.218.20.0/24
185.218.101.0/24
185.220.248.0/22
185.221.20.0/24
185.222.28.0/23
185.223.80.0/24
185.223.155.0/24
185.225.0.0/22
185.225.22.0/24
185.226.104.0/23
185.226.107.0/24
185.227.144.0/24
185.227.146.0/23
185.228.72.0/24
185.228.75.0/24
185.230.53.0/24
185.230.67.0/24
185.232.206.0/24
185.234.22.0/24
185.240.120.0/23
185.246.112.0/24
193.8.112.0-193.8.114.255
193.58.144.0/24
193.58.146.0/23
194.5.65.0/24
194.5.67.0/24
194.76.169.0/24
194.124.69.0/24
Signature Algorithm: sha256WithRSAEncryption
b9:89:3a:00:0c:4c:4e:60:e4:80:86:23:36:c0:ec:0b:aa:de:
0f:54:01:04:35:a8:11:f5:8c:bf:f6:be:7e:95:a4:2e:da:3a:
36:e8:22:92:c2:8f:09:78:7e:69:ae:90:1c:99:52:23:0b:c7:
9a:b8:8f:ce:9c:e2:8d:db:a8:49:99:29:2c:4c:60:0c:6f:31:
0a:c3:dc:9a:e6:bc:33:30:51:35:56:6c:bb:df:c3:0d:19:d0:
1c:63:2c:4a:0f:7a:29:b0:5b:17:2b:63:dd:14:af:4e:50:90:
b3:43:d5:58:79:21:3d:b6:da:a5:21:b8:e1:13:35:7a:b6:93:
4f:51:3c:a3:4b:21:3e:2e:34:c4:77:bd:73:c1:df:da:ab:f3:
30:ad:d0:50:b8:a1:b0:cc:9b:9b:f6:62:9d:46:fa:ed:21:b0:
07:03:6d:9f:40:5e:54:5c:44:5c:fa:14:cd:6e:d9:29:33:b0:
c1:ec:96:00:2b:fc:b3:77:69:b9:3d:f0:19:83:ae:52:95:86:
e2:5e:01:0c:bf:b5:54:a3:6a:13:f2:e2:0d:52:c0:e3:6c:f1:
a9:48:6d:d9:6c:0b:85:56:6d:2a:4b:20:d8:45:23:7c:62:27:
7a:14:bf:44:6e:04:ad:48:86:3a:ee:ac:4a:85:20:7b:67:79:
b1:83:18:fd
-----BEGIN CERTIFICATE-----
MIIGFDCCBPygAwIBAgISAZ4bjXo1Ska7bEcBxmRA6SyYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjYwNTEyMDkzODM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmUxOGFhZGZmNGUwZWI4MDUzNDlkZjkxYjUwNzMyNDNhYTA3ZWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxB9oaRYeYIXDDKk1N9ydJJEcti4s
3XfxB1D213Q/lBMwME6p7HAEzLxG5Ky1ekvdghGf6xP1jl3O+AnFbArjp0SULn5M
Au5G6TPEe682c63MfI3ccSpMo+Z4AM7hYS7dTK0omXzKSLEWa3lu3AprRfM0nqkk
vkPGCSU7yqz5NgfE5WuzOUOMyP1kEgRfPffrhoKwdmCGQoxqs+PVZCyszwOh12ti
Lylm5MMZFjj4oD0H4z+uJIig1fBEh6Dnd3sCabt42v8wpyB/f6J6xjBMZDfI49QO
mxHHxHWFhIWjxNiDqIirLJninBBPIdaBONkiY6G0m5lddBlf6Nh8aQ8X6QIDAQAB
o4IDIDCCAxwwHQYDVR0OBBYEFPvhiq3/Tg64BTSd+RtQcyQ6oH7mMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvMS0tR0tyZjlPRHJnRk5KMzVHMUJ6SkRxZ2Z1WS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZDAvMmI4MzRlLWJhZDItNDlmZi1iYTM4LWI0MzQyYmE5MWFi
Yy8xL1lHZUV3UVVJVzUxcTFmYzZBN0lObWx3UlRLOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCATMGCCsGAQUFBwEHAQH/BIIBIjCCAR4wggEaBAIAATCC
ARIDBAAtCBcDBAAtWhEDBAEtg4YDBAC5bMwDBAC5flIDBAC5xzYDBAG5x54DBAC5
zvsDBAC50SYwDAMEALnRSQMEArnRSAMEALnSmgMEALnS6QMEALnS6wMEALnWZwME
ALnWbAMEALnaFAMEALnaZQMEArnc+AMEALndFAMEAbneHAMEALnfUAMEALnfmwME
ArnhAAMEALnhFgMEAbniaAMEALniawMEALnjkAMEAbnjkgMEALnkSAMEALnkSwME
ALnmNQMEALnmQwMEALnozgMEALnqFgMEAbnweAMEALn2cDAMAwQEwQhwAwQAwQhy
AwQAwTqQAwQBwTqSAwQAwgVBAwQAwgVDAwQAwkypAwQAwnxFMA0GCSqGSIb3DQEB
CwUAA4IBAQC5iToADExOYOSAhiM2wOwLqt4PVAEENagR9Yy/9r5+laQu2jo26CKS
wo8JeH5prpAcmVIjC8eauI/OnOKN26hJmSksTGAMbzEKw9ya5rwzMFE1Vmy738MN
GdAcYyxKD3opsFsXK2PdFK9OUJCzQ9VYeSE9ttqlIbjhEzV6tpNPUTyjSyE+LjTE
d71zwd/aq/MwrdBQuKGwzJub9mKdRvrtIbAHA22fQF5UXERc+hTNbtkpM7DB7JYA
K/yzd2m5PfAZg65SlYbiXgEMv7VUo2oT8uINUsDjbPGpSG3ZbAuFVm0qSyDYRSN8
Yid6FL9EbgStSIY67qxKhSB7Z3mxgxj9
-----END CERTIFICATE-----
Generated at Wed May 13 02:48:55 2026 by rpki-client