Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/agCupdVWAKBZRUVdxhWa5ycw2GY.roa
File: agCupdVWAKBZRUVdxhWa5ycw2GY.roa (raw, json)
Hash identifier: PcbRPZOlCL5rP/An25qZ069CR2VGd65r9MRUoaXIKxQ=
Subject key identifier: 6A:00:AE:A5:D5:56:00:A0:59:45:45:5D:C6:15:9A:E7:27:30:D8:66
Certificate issuer: /CN=57c670c8db32dd748df797c5c93013d8c91fa839
Certificate serial: 019D069E979A861C67358B3ECBBC10F8F5EC
Authority key identifier: 57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/agCupdVWAKBZRUVdxhWa5ycw2GY.roa
Signing time: Thu 19 Mar 2026 15:02:29 +0000
ROA not before: Thu 19 Mar 2026 15:02:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 200740
IP address blocks: 45.134.12.0/23 maxlen: 23
45.134.14.0/23 maxlen: 23
80.76.32.0/23 maxlen: 23
80.76.34.0/23 maxlen: 23
89.44.84.0/23 maxlen: 23
91.200.14.0/24 maxlen: 24
91.200.15.0/24 maxlen: 24
92.118.8.0/23 maxlen: 23
95.81.77.0/24 maxlen: 24
95.81.93.0/24 maxlen: 24
95.81.94.0/23 maxlen: 23
95.81.112.0/24 maxlen: 24
95.81.113.0/24 maxlen: 24
95.81.119.0/24 maxlen: 24
95.81.120.0/24 maxlen: 24
103.85.112.0/24 maxlen: 24
103.85.113.0/24 maxlen: 24
103.249.132.0/23 maxlen: 23
103.249.134.0/23 maxlen: 23
104.128.131.0/24 maxlen: 24
104.128.138.0/23 maxlen: 23
104.128.142.0/23 maxlen: 23
104.128.142.0/24 maxlen: 24
104.128.143.0/24 maxlen: 24
109.69.56.0/23 maxlen: 23
109.69.58.0/23 maxlen: 23
135.136.182.0/24 maxlen: 24
135.136.183.0/24 maxlen: 24
135.136.184.0/23 maxlen: 23
135.136.184.0/24 maxlen: 24
135.136.185.0/24 maxlen: 24
135.136.189.0/24 maxlen: 24
185.103.252.0/23 maxlen: 23
185.103.254.0/23 maxlen: 23
185.114.72.0/23 maxlen: 23
193.239.160.0/23 maxlen: 23
193.239.166.0/23 maxlen: 23
2a0c:5d00:3002::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl
rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.mft
rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 06:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:06:9e:97:9a:86:1c:67:35:8b:3e:cb:bc:10:f8:f5:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57c670c8db32dd748df797c5c93013d8c91fa839
Validity
Not Before: Mar 19 15:02:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6a00aea5d55600a05945455dc6159ae72730d866
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:fe:f7:87:bb:a0:f3:6e:2e:fe:01:a3:a7:67:
77:27:6f:e5:de:f4:3a:38:51:60:1d:03:31:41:f6:
ad:a8:25:23:e7:10:ad:09:7a:0b:d9:5c:15:0f:be:
9a:36:d9:61:c2:36:42:ec:77:c3:4c:0f:69:ac:e4:
b6:9e:de:44:83:75:10:64:f2:27:23:83:91:5a:a3:
b9:83:0c:33:f2:a0:9a:27:16:25:13:cc:ba:fd:7e:
21:ed:43:09:16:5f:aa:e7:8e:b6:5d:90:87:5f:a1:
3d:fa:c1:68:b0:ca:f1:6f:7f:3d:df:e3:39:cd:99:
f4:f8:74:1b:83:59:74:23:10:35:06:a7:d7:ed:47:
58:94:0d:5e:52:3d:c5:75:4e:6d:1d:79:28:dc:6b:
7f:28:b0:5e:74:f5:59:77:47:62:70:9d:9e:9f:07:
a0:5e:05:71:11:b7:22:93:b8:ae:f8:fb:0a:2e:d1:
ad:b1:b0:12:ec:85:0f:09:ad:a2:e6:d1:db:66:6d:
aa:43:7c:57:fa:6c:8b:fd:52:ef:37:fd:35:2b:a7:
93:b3:ce:36:72:7c:f3:df:db:bd:a8:a9:4a:e7:19:
3a:87:75:d7:e2:31:51:ba:6f:ac:72:96:ea:52:1a:
cc:42:29:fb:27:04:4b:ae:25:ac:fa:79:5b:c3:24:
75:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:00:AE:A5:D5:56:00:A0:59:45:45:5D:C6:15:9A:E7:27:30:D8:66
X509v3 Authority Key Identifier:
keyid:57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/agCupdVWAKBZRUVdxhWa5ycw2GY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.12.0/22
80.76.32.0/22
89.44.84.0/23
91.200.14.0/23
92.118.8.0/23
95.81.77.0/24
95.81.93.0-95.81.95.255
95.81.112.0/23
95.81.119.0-95.81.120.255
103.85.112.0/23
103.249.132.0/22
104.128.131.0/24
104.128.138.0/23
104.128.142.0/23
109.69.56.0/22
135.136.182.0-135.136.185.255
135.136.189.0/24
185.103.252.0/22
185.114.72.0/23
193.239.160.0/23
193.239.166.0/23
IPv6:
2a0c:5d00:3002::/48
Signature Algorithm: sha256WithRSAEncryption
31:93:65:29:7c:0b:1c:91:63:ee:3f:85:48:43:87:d4:1f:91:
1f:af:8d:3f:b5:a3:f8:e5:af:42:0d:78:5e:b8:07:67:ab:7f:
c6:ae:5a:78:e0:d3:a0:7d:3c:e7:68:56:42:75:c2:1e:49:f5:
47:b5:53:f6:51:6e:f0:84:6a:45:99:65:4e:d8:25:bb:e9:8d:
2d:55:87:4a:42:6c:00:ad:e5:db:af:56:71:b2:dc:24:da:f8:
bf:d7:11:3e:e3:50:94:42:a6:f2:74:90:69:ea:c4:11:c7:45:
6e:3d:a6:f7:dd:79:fd:c1:47:6b:66:f4:fe:0b:67:32:12:4e:
0a:07:47:b5:97:f2:f6:3a:ad:2e:01:b0:97:35:1f:7b:df:d6:
d6:9c:25:47:14:d1:6e:13:03:ab:44:10:5c:42:c9:46:f7:45:
7a:3e:a9:d6:d3:55:72:ac:b2:ff:9d:64:a8:a5:51:e4:d1:bc:
fe:72:82:94:c2:b7:52:0f:fe:e2:a8:3b:9f:72:55:81:ba:13:
66:12:af:f6:c7:7c:e6:8a:aa:c4:16:7f:d1:24:1e:52:30:d4:
3b:2d:5f:98:01:90:e9:38:09:1e:c5:bf:62:f0:9c:00:6a:e3:
ba:ed:31:14:c1:d5:1c:97:a1:85:48:c0:57:c6:cf:9f:74:74:
77:6d:c2:d6
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZ0GnpeahhxnNYs+y7wQ+PXsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3YzY3MGM4ZGIzMmRkNzQ4ZGY3OTdjNWM5MzAxM2Q4Yzkx
ZmE4MzkwHhcNMjYwMzE5MTUwMjI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTAwYWVhNWQ1NTYwMGEwNTk0NTQ1NWRjNjE1OWFlNzI3MzBkODY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyP73h7ug824u/gGjp2d3J2/l3vQ6
OFFgHQMxQfatqCUj5xCtCXoL2VwVD76aNtlhwjZC7HfDTA9prOS2nt5Eg3UQZPIn
I4ORWqO5gwwz8qCaJxYlE8y6/X4h7UMJFl+q5462XZCHX6E9+sFosMrxb3893+M5
zZn0+HQbg1l0IxA1BqfX7UdYlA1eUj3FdU5tHXko3Gt/KLBedPVZd0dicJ2enweg
XgVxEbcik7iu+PsKLtGtsbAS7IUPCa2i5tHbZm2qQ3xX+myL/VLvN/01K6eTs842
cnzz39u9qKlK5xk6h3XX4jFRum+scpbqUhrMQin7JwRLriWs+nlbwyR19QIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFGoArqXVVgCgWUVFXcYVmucnMNhmMB8GA1UdIwQY
MBaAFFfGcMjbMt10jfeXxckwE9jJH6g5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQt
MzA0OTVmNDAzNzg0LzEvYWdDdXBkVldBS0JaUlVWZHhoV2E1eWN3MkdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQtMzA0OTVmNDAzNzg0
LzEvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHEBggrBgEFBQcBBwEB/wSBtDCBsTCBnQQCAAEwgZYDBAIt
hgwDBAJQTCADBAFZLFQDBAFbyA4DBAFcdggDBABfUU0wDAMEAF9RXQMEBV9RQAME
AV9RcDAMAwQAX1F3AwQAX1F4AwQBZ1VwAwQCZ/mEAwQAaICDAwQBaICKAwQBaICO
AwQCbUU4MAwDBAGHiLYDBAGHiLgDBACHiL0DBAK5Z/wDBAG5ckgDBAHB76ADBAHB
76YwDwQCAAIwCQMHACoMXQAwAjANBgkqhkiG9w0BAQsFAAOCAQEAMZNlKXwLHJFj
7j+FSEOH1B+RH6+NP7Wj+OWvQg14XrgHZ6t/xq5aeODToH0852hWQnXCHkn1R7VT
9lFu8IRqRZllTtglu+mNLVWHSkJsAK3l269WcbLcJNr4v9cRPuNQlEKm8nSQaerE
EcdFbj2m9915/cFHa2b0/gtnMhJOCgdHtZfy9jqtLgGwlzUfe9/W1pwlRxTRbhMD
q0QQXELJRvdFej6p1tNVcqyy/51kqKVR5NG8/nKClMK3Ug/+4qg7n3JVgboTZhKv
9sd85oqqxBZ/0SQeUjDUOy1fmAGQ6TgJHsW/YvCcAGrjuu0xFMHVHJehhUjAV8bP
n3R0d23C1g==
-----END CERTIFICATE-----
Generated at Thu Mar 26 14:23:44 2026 by rpki-client