Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/sSLLwcm6sl1Ngv2mGShzzGnvf50.roa
File: sSLLwcm6sl1Ngv2mGShzzGnvf50.roa (raw, json)
Hash identifier: BlDA1BuOaxWJTOBi2IsdbrihaSFEXx2scYBPokSlrL8=
Subject key identifier: B1:22:CB:C1:C9:BA:B2:5D:4D:82:FD:A6:19:28:73:CC:69:EF:7F:9D
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019E06CF6F5E60494053957EAC2E3F534CA4
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/sSLLwcm6sl1Ngv2mGShzzGnvf50.roa
Signing time: Fri 08 May 2026 08:58:38 +0000
ROA not before: Fri 08 May 2026 08:58:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 215439
IP address blocks: 31.13.208.0/24 maxlen: 24
45.8.93.0/24 maxlen: 24
45.66.228.0/24 maxlen: 24
45.84.222.0/24 maxlen: 24
45.133.251.0/24 maxlen: 24
83.143.112.0/24 maxlen: 24
84.21.173.0/24 maxlen: 24
87.120.84.0/24 maxlen: 24
87.120.165.0/24 maxlen: 24
87.120.166.0/24 maxlen: 24
87.120.186.0/24 maxlen: 24
87.120.187.0/24 maxlen: 24
87.121.82.0/24 maxlen: 32
87.121.89.0/24 maxlen: 24
87.121.105.0/24 maxlen: 24
93.123.84.0/24 maxlen: 24
94.156.102.0/24 maxlen: 24
94.156.106.0/24 maxlen: 24
94.156.112.0/24 maxlen: 24
94.156.114.0/24 maxlen: 24
94.156.115.0/24 maxlen: 24
94.156.159.0/24 maxlen: 32
94.156.170.0/24 maxlen: 24
94.156.179.0/24 maxlen: 24
94.156.237.0/24 maxlen: 24
141.98.7.0/24 maxlen: 24
171.22.31.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
178.215.238.0/24 maxlen: 24
185.216.71.0/24 maxlen: 24
185.246.223.0/24 maxlen: 24
193.25.216.0/24 maxlen: 24
193.35.17.0/24 maxlen: 24
193.58.121.0/24 maxlen: 24
193.58.122.0/24 maxlen: 24
193.222.99.0/24 maxlen: 24
194.31.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 10 May 2026 04:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:06:cf:6f:5e:60:49:40:53:95:7e:ac:2e:3f:53:4c:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 8 08:58:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b122cbc1c9bab25d4d82fda6192873cc69ef7f9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:af:fb:3b:43:8a:6e:03:e2:ef:cf:13:31:e0:
41:9b:9e:9a:71:ba:a0:ea:6a:08:52:d8:ec:ea:f1:
69:19:c9:9d:13:78:96:c3:77:dd:1c:2b:9b:34:ef:
52:e7:18:01:7f:66:52:9c:f2:9e:80:cf:29:ca:48:
69:22:4f:b5:b3:4f:74:71:5a:06:6a:e0:58:24:b8:
32:55:49:2a:ac:1f:a0:2f:4b:99:de:fe:00:9e:fc:
a6:33:fc:dc:8d:af:ff:ce:36:4d:9a:9d:f2:a1:e5:
70:4b:27:35:a0:82:b1:4a:fd:67:d2:9f:02:5f:85:
be:f0:f8:16:37:04:ac:19:02:f3:99:f1:84:d4:fb:
b9:4d:a1:0d:3a:99:96:29:59:fa:9d:35:a7:67:c2:
9a:ae:0e:d1:c9:c1:42:50:96:f7:7e:38:8f:91:ed:
74:c8:ce:38:4d:2c:6f:93:69:d2:3a:d1:23:87:9a:
6c:58:91:24:b2:ad:5d:7d:09:2e:ae:cb:15:9f:09:
a4:54:81:14:ee:8e:c8:54:70:ef:a5:93:bd:c8:88:
12:f8:33:cd:64:6b:e1:8c:db:d8:72:96:5b:8e:0e:
4d:d7:ae:26:51:88:55:f3:0c:8f:98:d4:d4:07:73:
6c:e7:8b:b3:ec:55:a7:76:b6:30:f7:6f:64:48:3a:
78:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:22:CB:C1:C9:BA:B2:5D:4D:82:FD:A6:19:28:73:CC:69:EF:7F:9D
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/sSLLwcm6sl1Ngv2mGShzzGnvf50.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.208.0/24
45.8.93.0/24
45.66.228.0/24
45.84.222.0/24
45.133.251.0/24
83.143.112.0/24
84.21.173.0/24
87.120.84.0/24
87.120.165.0-87.120.166.255
87.120.186.0/23
87.121.82.0/24
87.121.89.0/24
87.121.105.0/24
93.123.84.0/24
94.156.102.0/24
94.156.106.0/24
94.156.112.0/24
94.156.114.0/23
94.156.159.0/24
94.156.170.0/24
94.156.179.0/24
94.156.237.0/24
141.98.7.0/24
171.22.31.0/24
178.215.236.0/24
178.215.238.0/24
185.216.71.0/24
185.246.223.0/24
193.25.216.0/24
193.35.17.0/24
193.58.121.0-193.58.122.255
193.222.99.0/24
194.31.223.0/24
Signature Algorithm: sha256WithRSAEncryption
14:79:db:a1:d1:73:c0:e3:51:28:ab:26:de:d4:d9:b5:1f:34:
c8:3e:04:7a:82:83:8f:3e:36:04:e8:bf:46:40:f1:7a:f5:40:
1c:f8:07:d8:65:32:25:d8:07:1a:d9:40:af:d1:db:75:f0:aa:
9c:00:bb:0f:8d:0e:fd:36:19:13:8b:db:1b:7a:01:9e:e5:1f:
e8:22:d5:9b:72:af:65:8e:87:82:c6:77:66:cd:a8:fc:63:bd:
f8:e0:58:1a:8e:28:45:dc:3f:f0:29:33:5a:52:6e:33:48:da:
12:98:3e:e6:05:03:0d:8d:43:9e:66:5d:05:12:e8:26:40:9a:
34:f0:f3:c7:4a:0f:25:72:6e:fc:f4:d4:e7:0f:45:a0:93:7b:
2c:28:39:ba:38:96:1e:c5:2a:42:61:c3:ac:02:9b:29:ee:1c:
74:d2:3b:1b:37:8a:7d:02:47:3f:40:4a:52:82:4f:68:05:8c:
18:5f:e6:db:8e:0b:a7:2f:ba:60:d4:82:4e:a6:b5:b1:e5:e3:
04:32:80:55:bf:ef:41:84:bd:40:f1:fd:27:e6:23:f1:1f:a2:
36:54:1c:41:87:64:1b:66:27:f8:2c:b7:9c:26:e4:3e:fe:7a:
07:68:2a:ec:d1:4c:5c:76:2f:9b:94:2e:4a:26:8f:85:2e:35:
54:c9:74:34
-----BEGIN CERTIFICATE-----
MIIF0jCCBLqgAwIBAgISAZ4Gz29eYElAU5V+rC4/U0ykMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjYwNTA4MDg1ODM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTIyY2JjMWM5YmFiMjVkNGQ4MmZkYTYxOTI4NzNjYzY5ZWY3ZjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw6/7O0OKbgPi788TMeBBm56acbqg
6moIUtjs6vFpGcmdE3iWw3fdHCubNO9S5xgBf2ZSnPKegM8pykhpIk+1s090cVoG
auBYJLgyVUkqrB+gL0uZ3v4AnvymM/zcja//zjZNmp3yoeVwSyc1oIKxSv1n0p8C
X4W+8PgWNwSsGQLzmfGE1Pu5TaENOpmWKVn6nTWnZ8Karg7RycFCUJb3fjiPke10
yM44TSxvk2nSOtEjh5psWJEksq1dfQkurssVnwmkVIEU7o7IVHDvpZO9yIgS+DPN
ZGvhjNvYcpZbjg5N164mUYhV8wyPmNTUB3Ns54uz7FWndrYw929kSDp4mwIDAQAB
o4IC3jCCAtowHQYDVR0OBBYEFLEiy8HJurJdTYL9phkoc8xp73+dMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvc1NMTHdjbTZzbDFOZ3YybUdTaHp6R252ZjUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHzBggrBgEFBQcBBwEB/wSB4zCB4DCB3QQCAAEwgdYDBAAf
DdADBAAtCF0DBAAtQuQDBAAtVN4DBAAthfsDBABTj3ADBABUFa0DBABXeFQwDAME
AFd4pQMEAFd4pgMEAVd4ugMEAFd5UgMEAFd5WQMEAFd5aQMEAF17VAMEAF6cZgME
AF6cagMEAF6ccAMEAV6ccgMEAF6cnwMEAF6cqgMEAF6cswMEAF6c7QMEAI1iBwME
AKsWHwMEALLX7AMEALLX7gMEALnYRwMEALn23wMEAMEZ2AMEAMEjETAMAwQAwTp5
AwQAwTp6AwQAwd5jAwQAwh/fMA0GCSqGSIb3DQEBCwUAA4IBAQAUeduh0XPA41Eo
qybe1Nm1HzTIPgR6goOPPjYE6L9GQPF69UAc+AfYZTIl2Aca2UCv0dt18KqcALsP
jQ79NhkTi9sbegGe5R/oItWbcq9ljoeCxndmzaj8Y7344FgajihF3D/wKTNaUm4z
SNoSmD7mBQMNjUOeZl0FEugmQJo08PPHSg8lcm789NTnD0Wgk3ssKDm6OJYexSpC
YcOsApsp7hx00jsbN4p9Akc/QEpSgk9oBYwYX+bbjgunL7pg1IJOprWx5eMEMoBV
v+9BhL1A8f0n5iPxH6I2VBxBh2QbZif4LLecJuQ+/noHaCrs0Uxcdi+blC5KJo+F
LjVUyXQ0
-----END CERTIFICATE-----
Generated at Sat May 9 14:09:55 2026 by rpki-client