Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/O3jp2k_xm9NQA8S4p0Mt-DTuuQQ.roa
File: O3jp2k_xm9NQA8S4p0Mt-DTuuQQ.roa (raw, json)
Hash identifier: ddh6hceXd0gXCdLmApUTcn8W+XZEh8JEADaun9I3j7c=
Subject key identifier: 3B:78:E9:DA:4F:F1:9B:D3:50:03:C4:B8:A7:43:2D:F8:34:EE:B9:04
Certificate issuer: /CN=12be29c956894c49c6d4be0ed98882b90d1bc77f
Certificate serial: 019E4163C043794BA902D402B46F6417B062
Authority key identifier: 12:BE:29:C9:56:89:4C:49:C6:D4:BE:0E:D9:88:82:B9:0D:1B:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/O3jp2k_xm9NQA8S4p0Mt-DTuuQQ.roa
Signing time: Tue 19 May 2026 17:58:36 +0000
ROA not before: Tue 19 May 2026 17:58:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 51202
IP address blocks: 31.22.72.0/24 maxlen: 24
31.22.73.0/24 maxlen: 24
31.22.75.0/24 maxlen: 24
31.25.11.0/24 maxlen: 24
62.169.152.0/24 maxlen: 24
89.36.32.0/24 maxlen: 24
89.36.35.0/24 maxlen: 24
95.175.150.0/24 maxlen: 24
109.175.211.0/24 maxlen: 24
185.79.19.0/24 maxlen: 24
185.121.132.0/24 maxlen: 24
185.121.133.0/24 maxlen: 24
185.121.135.0/24 maxlen: 24
185.144.70.0/24 maxlen: 24
185.144.71.0/24 maxlen: 24
185.230.160.0/24 maxlen: 24
192.40.69.0/24 maxlen: 24
194.117.225.0/24 maxlen: 24
195.234.126.0/24 maxlen: 24
212.232.18.0/24 maxlen: 24
212.232.19.0/24 maxlen: 24
2a0c:2500::/29 maxlen: 48
2a0c:2501::/32 maxlen: 48
2a0c:2502::/32 maxlen: 48
2a0c:2503::/32 maxlen: 48
2a14:6781::/32 maxlen: 48
2a14:6781:305::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/Er4pyVaJTEnG1L4O2YiCuQ0bx38.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/Er4pyVaJTEnG1L4O2YiCuQ0bx38.mft
rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jun 2026 23:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:41:63:c0:43:79:4b:a9:02:d4:02:b4:6f:64:17:b0:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12be29c956894c49c6d4be0ed98882b90d1bc77f
Validity
Not Before: May 19 17:58:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3b78e9da4ff19bd35003c4b8a7432df834eeb904
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:46:07:7b:30:60:6b:51:35:32:23:70:dc:7c:
a3:ea:b2:2f:db:19:07:5d:d2:20:fa:c2:1b:56:e4:
e6:9d:a2:b3:b9:c8:1d:28:ef:83:f7:fe:50:d4:bd:
3f:c7:fa:12:df:f2:f1:05:33:80:9a:58:fa:e6:d3:
41:d4:a4:79:7c:cf:a1:3a:30:61:67:aa:49:b3:14:
c9:86:6a:a8:4f:10:ac:40:81:e2:4d:f6:8e:99:56:
72:c6:bd:1e:aa:50:82:46:b0:d9:d1:0d:e3:54:5c:
cd:08:4b:04:95:4f:ac:ae:b9:4a:59:d8:45:f2:43:
ac:19:8f:97:c9:03:cc:d3:9a:46:74:6e:a7:15:70:
c0:3d:3d:1e:2a:58:6d:69:b7:5f:a9:60:c1:c3:1e:
8b:47:6e:67:7d:3e:e1:bd:7b:84:ca:4b:5e:b8:a3:
94:70:e6:6e:b3:48:5a:cd:a2:c2:12:26:a3:d6:c4:
d6:49:9f:4b:5c:4d:8a:9f:d3:83:2f:dc:9c:2d:34:
8d:d9:43:15:12:54:4d:43:ef:07:84:b9:2c:42:cd:
f2:d7:08:f9:99:bc:34:09:20:52:4b:a4:57:9c:77:
82:4e:94:5d:d3:d0:45:57:c0:89:a9:35:7f:ef:a6:
18:cd:75:8f:06:ab:65:20:4f:b9:2a:10:7d:e2:f7:
03:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:78:E9:DA:4F:F1:9B:D3:50:03:C4:B8:A7:43:2D:F8:34:EE:B9:04
X509v3 Authority Key Identifier:
keyid:12:BE:29:C9:56:89:4C:49:C6:D4:BE:0E:D9:88:82:B9:0D:1B:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/O3jp2k_xm9NQA8S4p0Mt-DTuuQQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/Er4pyVaJTEnG1L4O2YiCuQ0bx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.22.72.0/23
31.22.75.0/24
31.25.11.0/24
62.169.152.0/24
89.36.32.0/24
89.36.35.0/24
95.175.150.0/24
109.175.211.0/24
185.79.19.0/24
185.121.132.0/23
185.121.135.0/24
185.144.70.0/23
185.230.160.0/24
192.40.69.0/24
194.117.225.0/24
195.234.126.0/24
212.232.18.0/23
IPv6:
2a0c:2500::/29
2a14:6781::/32
Signature Algorithm: sha256WithRSAEncryption
4a:1b:fd:b2:28:66:7b:93:c2:f6:83:cf:db:12:10:26:7c:72:
d6:ef:08:fb:22:c1:c4:6a:7b:f5:7f:92:f5:2c:5b:5f:09:17:
d7:3f:05:ba:83:c7:66:55:f6:e3:e4:27:51:15:01:e6:55:08:
00:5b:d0:95:cc:fa:db:e4:c9:6e:4e:f4:f3:00:e3:15:76:bf:
2e:38:40:39:9e:d1:33:38:2b:df:5d:42:c6:f5:5a:f7:10:57:
e5:2c:ad:f5:53:0f:c7:ff:c8:9a:f1:ea:2c:09:84:50:7c:a3:
52:32:0a:b2:51:e5:82:9d:91:30:2c:45:7f:ab:58:db:78:3a:
ac:7e:05:1f:f8:3a:85:26:6c:6f:47:b7:05:1f:81:49:cb:8f:
6a:a9:8d:41:4a:4f:56:4c:d6:5b:a6:ff:f1:e6:5c:89:bc:28:
e3:30:99:64:b9:85:df:10:b0:83:7b:b6:88:5f:76:fc:57:e8:
3c:86:ff:57:4f:3a:52:27:c0:2b:da:18:00:37:0b:ec:73:ef:
22:3e:60:78:a9:f1:0f:24:73:0b:ca:e3:60:af:32:34:6c:c0:
bf:e5:45:10:4a:8c:e7:60:af:a2:cc:65:85:f7:c6:27:ec:84:
06:7a:ea:cc:ee:43:9d:39:c8:1b:d5:82:28:86:2b:d0:da:e5:
cb:70:8b:90
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgISAZ5BY8BDeUupAtQCtG9kF7BiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyYmUyOWM5NTY4OTRjNDljNmQ0YmUwZWQ5ODg4MmI5MGQx
YmM3N2YwHhcNMjYwNTE5MTc1ODM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjc4ZTlkYTRmZjE5YmQzNTAwM2M0YjhhNzQzMmRmODM0ZWViOTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu0YHezBga1E1MiNw3Hyj6rIv2xkH
XdIg+sIbVuTmnaKzucgdKO+D9/5Q1L0/x/oS3/LxBTOAmlj65tNB1KR5fM+hOjBh
Z6pJsxTJhmqoTxCsQIHiTfaOmVZyxr0eqlCCRrDZ0Q3jVFzNCEsElU+srrlKWdhF
8kOsGY+XyQPM05pGdG6nFXDAPT0eKlhtabdfqWDBwx6LR25nfT7hvXuEykteuKOU
cOZus0hazaLCEiaj1sTWSZ9LXE2Kn9ODL9ycLTSN2UMVElRNQ+8HhLksQs3y1wj5
mbw0CSBSS6RXnHeCTpRd09BFV8CJqTV/76YYzXWPBqtlIE+5KhB94vcDmwIDAQAB
o4ICgjCCAn4wHQYDVR0OBBYEFDt46dpP8ZvTUAPEuKdDLfg07rkEMB8GA1UdIwQY
MBaAFBK+KclWiUxJxtS+DtmIgrkNG8d/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXI0cHlWYUpURW5HMUw0TzJZaUN1UTBieDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9jMjc4OGYtOGM4Yy00N2JiLWI5MjIt
YWE2ZWQ0ZGFmYjNiLzEvTzNqcDJrX3htOU5RQThTNHAwTXQtRFR1dVFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9jMjc4OGYtOGM4Yy00N2JiLWI5MjItYWE2ZWQ0ZGFmYjNi
LzEvRXI0cHlWYUpURW5HMUw0TzJZaUN1UTBieDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGXBggrBgEFBQcBBwEB/wSBhzCBhDBsBAIAATBmAwQBHxZI
AwQAHxZLAwQAHxkLAwQAPqmYAwQAWSQgAwQAWSQjAwQAX6+WAwQAba/TAwQAuU8T
AwQBuXmEAwQAuXmHAwQBuZBGAwQAueagAwQAwChFAwQAwnXhAwQAw+p+AwQB1OgS
MBQEAgACMA4DBQMqDCUAAwUAKhRngTANBgkqhkiG9w0BAQsFAAOCAQEAShv9sihm
e5PC9oPP2xIQJnxy1u8I+yLBxGp79X+S9SxbXwkX1z8FuoPHZlX24+QnURUB5lUI
AFvQlcz62+TJbk708wDjFXa/LjhAOZ7RMzgr311CxvVa9xBX5Syt9VMPx//ImvHq
LAmEUHyjUjIKslHlgp2RMCxFf6tY23g6rH4FH/g6hSZsb0e3BR+BScuPaqmNQUpP
VkzWW6b/8eZcibwo4zCZZLmF3xCwg3u2iF92/FfoPIb/V086UifAK9oYADcL7HPv
Ij5geKnxDyRzC8rjYK8yNGzAv+VFEEqM52CvosxlhffGJ+yEBnrqzO5DnTnIG9WC
KIYr0Nrly3CLkA==
-----END CERTIFICATE-----
Generated at Wed Jun 3 04:12:17 2026 by rpki-client