Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/RCQ1f8DPY3xN1CPfejUr3QTYDXQ.roa
File: RCQ1f8DPY3xN1CPfejUr3QTYDXQ.roa (raw, json)
Hash identifier: 2kF+W/t0xKLkBIa23aP+WElB73ZsAsSTwIpYEiPQA9c=
Subject key identifier: 44:24:35:7F:C0:CF:63:7C:4D:D4:23:DF:7A:35:2B:DD:04:D8:0D:74
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 019D519312D8390A24B730F47B173E02710D
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/RCQ1f8DPY3xN1CPfejUr3QTYDXQ.roa
Signing time: Fri 03 Apr 2026 04:21:26 +0000
ROA not before: Fri 03 Apr 2026 04:21:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 185.72.10.0/24 maxlen: 24
192.124.190.0/24 maxlen: 24
193.124.7.0/24 maxlen: 24
193.124.18.0/24 maxlen: 24
193.124.226.0/24 maxlen: 24
194.58.58.0/24 maxlen: 24
194.58.155.0/24 maxlen: 24
194.58.223.0/24 maxlen: 24
194.87.33.0/24 maxlen: 24
194.87.52.0/24 maxlen: 24
194.87.53.0/24 maxlen: 24
194.87.59.0/24 maxlen: 24
194.87.61.0/24 maxlen: 24
194.87.75.0/24 maxlen: 24
194.87.78.0/24 maxlen: 24
194.87.119.0/24 maxlen: 24
194.87.122.0/24 maxlen: 24
194.87.126.0/24 maxlen: 24
194.87.136.0/24 maxlen: 24
194.87.152.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
194.87.183.0/24 maxlen: 24
194.87.192.0/24 maxlen: 24
194.87.193.0/24 maxlen: 24
194.87.194.0/24 maxlen: 24
194.87.195.0/24 maxlen: 24
194.87.211.0/24 maxlen: 24
194.87.212.0/24 maxlen: 24
194.87.228.0/24 maxlen: 24
194.87.229.0/24 maxlen: 24
194.87.231.0/24 maxlen: 24
194.135.24.0/24 maxlen: 24
195.133.19.0/24 maxlen: 24
195.133.24.0/23 maxlen: 23
195.133.29.0/24 maxlen: 24
195.133.35.0/24 maxlen: 24
195.133.40.0/23 maxlen: 23
195.133.50.0/23 maxlen: 23
195.133.57.0/24 maxlen: 24
195.133.58.0/24 maxlen: 24
195.133.92.0/23 maxlen: 23
195.133.95.0/24 maxlen: 24
212.192.241.0/24 maxlen: 24
212.192.242.0/24 maxlen: 24
212.192.247.0/24 maxlen: 24
212.193.0.0/24 maxlen: 24
212.193.26.0/23 maxlen: 23
212.193.28.0/24 maxlen: 24
2a01:57c0::/29 maxlen: 29
2a0c:ff40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 Apr 2026 12:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:51:93:12:d8:39:0a:24:b7:30:f4:7b:17:3e:02:71:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Apr 3 04:21:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4424357fc0cf637c4dd423df7a352bdd04d80d74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:25:d3:53:de:08:6d:5e:2d:3b:b8:8b:92:34:
97:b7:36:42:33:ae:b4:75:a4:3c:4e:9f:6f:14:e9:
8e:5b:ec:3d:71:a8:07:9f:ec:bd:0e:93:18:77:6f:
66:45:d5:73:05:79:f7:be:d2:68:21:ab:bf:0b:72:
dd:a2:36:8f:c9:ee:29:b0:76:c9:7d:7c:43:47:3e:
ac:53:39:80:f9:f6:fc:3b:53:87:ae:53:c4:32:be:
42:94:6d:d5:d6:b9:a0:94:59:4a:db:01:d2:ba:a8:
83:eb:93:89:1f:79:0e:d0:04:a1:7f:97:34:84:7e:
bc:7c:f2:7c:6b:b0:6f:ae:ff:c2:65:45:ce:7e:d5:
e3:e8:1f:93:b6:c7:e1:43:72:fd:ef:b4:89:89:54:
c8:4e:a1:ae:43:53:ad:c9:98:8a:39:8b:99:a5:c3:
37:cc:0a:2b:4e:ec:03:b5:aa:ab:03:90:6b:56:fe:
cf:3d:63:cc:be:cf:d0:5c:65:85:fe:af:25:9c:ed:
d4:9e:fb:a4:57:86:62:73:ce:97:22:a0:e8:33:06:
90:78:22:63:7b:95:47:5b:5c:fd:41:fb:b9:f9:6e:
a2:ad:fa:be:1a:36:64:b4:89:e0:be:7f:b1:59:6b:
2f:30:8d:d0:6b:33:d2:04:d5:6d:c8:40:de:b3:a7:
99:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:24:35:7F:C0:CF:63:7C:4D:D4:23:DF:7A:35:2B:DD:04:D8:0D:74
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/RCQ1f8DPY3xN1CPfejUr3QTYDXQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.10.0/24
192.124.190.0/24
193.124.7.0/24
193.124.18.0/24
193.124.226.0/24
194.58.58.0/24
194.58.155.0/24
194.58.223.0/24
194.87.33.0/24
194.87.52.0/23
194.87.59.0/24
194.87.61.0/24
194.87.75.0/24
194.87.78.0/24
194.87.119.0/24
194.87.122.0/24
194.87.126.0/24
194.87.136.0/24
194.87.152.0/24
194.87.179.0/24
194.87.183.0/24
194.87.192.0/22
194.87.211.0-194.87.212.255
194.87.228.0/23
194.87.231.0/24
194.135.24.0/24
195.133.19.0/24
195.133.24.0/23
195.133.29.0/24
195.133.35.0/24
195.133.40.0/23
195.133.50.0/23
195.133.57.0-195.133.58.255
195.133.92.0/23
195.133.95.0/24
212.192.241.0-212.192.242.255
212.192.247.0/24
212.193.0.0/24
212.193.26.0-212.193.28.255
IPv6:
2a01:57c0::/29
2a0c:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
4c:36:b3:e4:ea:58:b6:74:d9:7f:01:54:f5:f4:ea:87:f4:48:
98:b7:d7:dd:c2:d0:25:1e:ae:35:6c:83:5a:38:b9:cd:c3:2c:
5e:f6:4c:2d:f1:c2:0d:4b:74:fd:08:d5:e2:70:9d:f3:f0:5a:
d3:9f:85:37:a7:49:6b:88:cd:81:b6:9f:ad:3a:19:8c:42:29:
a0:34:96:a4:b2:b8:8e:77:99:ee:54:72:b5:34:a6:32:ac:98:
2e:c2:a7:e5:e8:d0:9f:75:2b:c8:6e:40:b3:5f:b9:4e:15:9d:
ab:fd:6b:bc:a6:16:7c:8e:03:61:a0:b4:81:62:b4:cd:0d:ac:
3a:c8:90:2e:8d:7b:7d:21:41:8a:81:96:47:1b:4a:8b:a9:31:
3f:a3:e7:5a:84:c2:09:b7:d3:3d:8d:12:cb:f6:75:15:92:e7:
de:b5:0d:c9:36:18:c8:35:07:4d:07:56:1d:45:96:da:40:c8:
96:b7:1b:79:95:05:f9:41:86:7b:38:dc:45:fe:e1:4f:4c:55:
d3:3c:eb:77:cb:53:cb:a2:8e:27:cc:ba:8b:28:14:a6:61:f4:
82:b5:76:a0:40:ab:2b:27:98:c2:82:f8:04:c9:4f:d9:b7:f2:
6f:2e:4a:45:07:42:82:b2:83:2b:96:42:b3:c0:d6:f4:55:03:
cc:06:d5:d1
-----BEGIN CERTIFICATE-----
MIIGITCCBQmgAwIBAgISAZ1RkxLYOQoktzD0exc+AnENMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjYwNDAzMDQyMTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDI0MzU3ZmMwY2Y2MzdjNGRkNDIzZGY3YTM1MmJkZDA0ZDgwZDc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkyXTU94IbV4tO7iLkjSXtzZCM660
daQ8Tp9vFOmOW+w9cagHn+y9DpMYd29mRdVzBXn3vtJoIau/C3LdojaPye4psHbJ
fXxDRz6sUzmA+fb8O1OHrlPEMr5ClG3V1rmglFlK2wHSuqiD65OJH3kO0AShf5c0
hH68fPJ8a7Bvrv/CZUXOftXj6B+TtsfhQ3L977SJiVTITqGuQ1OtyZiKOYuZpcM3
zAorTuwDtaqrA5BrVv7PPWPMvs/QXGWF/q8lnO3UnvukV4Zic86XIqDoMwaQeCJj
e5VHW1z9Qfu5+W6irfq+GjZktIngvn+xWWsvMI3QazPSBNVtyEDes6eZBQIDAQAB
o4IDLTCCAykwHQYDVR0OBBYEFEQkNX/Az2N8TdQj33o1K90E2A10MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvUkNRMWY4RFBZM3hOMUNQZmVqVXIzUVRZRFhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBQQYIKwYBBQUHAQcBAf8EggEwMIIBLDCCARIEAgABMIIB
CgMEALlICgMEAMB8vgMEAMF8BwMEAMF8EgMEAMF84gMEAMI6OgMEAMI6mwMEAMI6
3wMEAMJXIQMEAcJXNAMEAMJXOwMEAMJXPQMEAMJXSwMEAMJXTgMEAMJXdwMEAMJX
egMEAMJXfgMEAMJXiAMEAMJXmAMEAMJXswMEAMJXtwMEAsJXwDAMAwQAwlfTAwQA
wlfUAwQBwlfkAwQAwlfnAwQAwocYAwQAw4UTAwQBw4UYAwQAw4UdAwQAw4UjAwQB
w4UoAwQBw4UyMAwDBADDhTkDBADDhToDBAHDhVwDBADDhV8wDAMEANTA8QMEANTA
8gMEANTA9wMEANTBADAMAwQB1MEaAwQA1MEcMBQEAgACMA4DBQMqAVfAAwUDKgz/
QDANBgkqhkiG9w0BAQsFAAOCAQEATDaz5OpYtnTZfwFU9fTqh/RImLfX3cLQJR6u
NWyDWji5zcMsXvZMLfHCDUt0/QjV4nCd8/Ba05+FN6dJa4jNgbafrToZjEIpoDSW
pLK4jneZ7lRytTSmMqyYLsKn5ejQn3UryG5As1+5ThWdq/1rvKYWfI4DYaC0gWK0
zQ2sOsiQLo17fSFBioGWRxtKi6kxP6PnWoTCCbfTPY0Sy/Z1FZLn3rUNyTYYyDUH
TQdWHUWW2kDIlrcbeZUF+UGGezjcRf7hT0xV0zzrd8tTy6KOJ8y6iygUpmH0grV2
oECrKyeYwoL4BMlP2bfyby5KRQdCgrKDK5ZCs8DW9FUDzAbV0Q==
-----END CERTIFICATE-----
Generated at Tue Apr 7 19:39:21 2026 by rpki-client