Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/toNWqEoLUPPq5_8ALYdQW0Xntq8.roa
File: toNWqEoLUPPq5_8ALYdQW0Xntq8.roa (raw, json)
Hash identifier: 8Wii4zoz+YSaMNSaYXlW+Yb+HLtm4LWio2oWXGX/lyc=
Subject key identifier: B6:83:56:A8:4A:0B:50:F3:EA:E7:FF:00:2D:87:50:5B:45:E7:B6:AF
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019E975CA24636B87BE6DCCAA53CBED73E1E
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/toNWqEoLUPPq5_8ALYdQW0Xntq8.roa
Signing time: Fri 05 Jun 2026 10:38:10 +0000
ROA not before: Fri 05 Jun 2026 10:38:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 31.13.224.0/24 maxlen: 24
37.139.128.0/24 maxlen: 24
45.66.228.0/24 maxlen: 24
45.66.231.0/24 maxlen: 24
45.89.247.0/24 maxlen: 24
45.91.194.0/24 maxlen: 24
45.141.158.0/24 maxlen: 24
81.161.238.0/24 maxlen: 24
83.143.113.0/24 maxlen: 24
84.54.51.0/24 maxlen: 24
85.217.130.0/23 maxlen: 24
87.120.87.0/24 maxlen: 24
87.120.126.0/24 maxlen: 24
87.120.166.0/24 maxlen: 24
91.92.21.0/24 maxlen: 24
92.249.50.0/24 maxlen: 24
93.123.100.0/23 maxlen: 24
93.123.109.0/24 maxlen: 24
94.156.188.0/24 maxlen: 32
147.78.101.0/24 maxlen: 24
185.218.84.0/22 maxlen: 24
185.222.160.0/24 maxlen: 24
185.246.221.0/24 maxlen: 24
194.55.186.0/24 maxlen: 24
194.169.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 06 Jun 2026 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:97:5c:a2:46:36:b8:7b:e6:dc:ca:a5:3c:be:d7:3e:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jun 5 10:38:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b68356a84a0b50f3eae7ff002d87505b45e7b6af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:f7:a8:67:6f:ae:13:12:b8:d4:c9:bd:1b:ac:
eb:c4:e4:a0:8d:37:09:00:e2:52:94:db:72:59:bf:
e1:4f:d6:e0:b5:c1:24:cd:d3:97:e3:5a:82:12:18:
cc:48:91:8a:fd:d6:30:41:10:60:c0:bc:cb:49:74:
8e:81:92:e5:20:8a:9a:58:f9:42:20:93:13:f5:7b:
5f:8e:7b:0d:b8:4c:68:1d:16:a5:d2:8d:ab:8a:fc:
14:9f:3b:79:d8:72:34:f2:20:6e:63:e1:1a:98:c6:
19:59:fb:3f:62:7b:77:b8:d0:41:cc:01:cb:75:8d:
cc:9e:83:0f:1c:f7:a2:f6:b9:52:3f:0e:b1:c3:2e:
1b:cd:d3:11:b7:c2:37:17:5b:0b:13:f2:7f:d1:55:
e0:a7:07:c6:8f:2a:a1:ee:10:57:34:5f:d6:e2:7a:
4b:a7:98:7f:91:c9:dc:78:1b:15:8e:ef:b1:5c:6f:
a0:3a:1e:3a:f7:d9:29:54:ef:55:dc:96:06:ca:d4:
1b:6b:a4:87:9c:d6:fc:19:6b:73:dd:18:50:3b:de:
d3:b4:d7:a9:ce:23:d8:dd:06:f0:05:ad:db:29:af:
ab:6a:67:d1:09:8a:ed:df:cb:5a:56:26:dc:e7:89:
db:14:b1:11:49:da:47:7c:43:77:1c:d9:52:c6:32:
06:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:83:56:A8:4A:0B:50:F3:EA:E7:FF:00:2D:87:50:5B:45:E7:B6:AF
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/toNWqEoLUPPq5_8ALYdQW0Xntq8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.224.0/24
37.139.128.0/24
45.66.228.0/24
45.66.231.0/24
45.89.247.0/24
45.91.194.0/24
45.141.158.0/24
81.161.238.0/24
83.143.113.0/24
84.54.51.0/24
85.217.130.0/23
87.120.87.0/24
87.120.126.0/24
87.120.166.0/24
91.92.21.0/24
92.249.50.0/24
93.123.100.0/23
93.123.109.0/24
94.156.188.0/24
147.78.101.0/24
185.218.84.0/22
185.222.160.0/24
185.246.221.0/24
194.55.186.0/24
194.169.175.0/24
Signature Algorithm: sha256WithRSAEncryption
69:c5:19:95:58:c6:b0:c0:9f:41:ff:b1:10:c8:8e:06:29:0a:
0c:bf:96:7e:bf:dc:f6:cf:f4:ce:8a:c6:9e:af:2b:81:2f:d1:
bd:76:a4:2a:96:38:5c:86:55:12:7b:ed:57:5d:4f:52:4f:45:
59:2c:fb:27:5c:54:fb:70:55:24:2b:3f:aa:b0:f9:a5:cd:8e:
04:7b:b9:79:c4:cd:ac:32:e5:83:2c:85:13:b2:9d:11:ec:60:
eb:f9:92:01:32:66:db:82:c4:4a:75:67:5f:c5:b6:dc:bd:fc:
02:83:f5:78:5e:42:fa:bf:87:35:3f:05:3a:69:8a:5d:f6:f6:
b4:b1:7f:9b:a9:39:11:a3:9b:45:88:70:26:77:64:54:96:40:
38:25:8e:c6:c8:90:63:80:59:89:61:02:fb:70:bc:11:f3:5a:
a0:46:1e:e7:dc:2c:3e:2c:55:84:97:0b:3d:78:90:73:73:82:
84:3a:7d:30:c9:41:e4:89:83:da:8c:95:f1:d0:0a:fb:57:e7:
c4:40:66:fa:83:9a:cc:39:dd:df:1b:1c:be:95:14:99:2d:d0:
dd:82:55:36:15:9d:dd:28:e9:20:c0:3e:61:7d:19:c0:9e:ca:
e3:a5:a8:d1:e4:a0:4a:0c:39:0d:19:81:72:fc:63:6d:8a:ab:
53:e7:68:ea
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgISAZ6XXKJGNrh75tzKpTy+1z4eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjYwNjA1MTAzODEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjgzNTZhODRhMGI1MGYzZWFlN2ZmMDAyZDg3NTA1YjQ1ZTdiNmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7feoZ2+uExK41Mm9G6zrxOSgjTcJ
AOJSlNtyWb/hT9bgtcEkzdOX41qCEhjMSJGK/dYwQRBgwLzLSXSOgZLlIIqaWPlC
IJMT9XtfjnsNuExoHRal0o2rivwUnzt52HI08iBuY+EamMYZWfs/Ynt3uNBBzAHL
dY3MnoMPHPei9rlSPw6xwy4bzdMRt8I3F1sLE/J/0VXgpwfGjyqh7hBXNF/W4npL
p5h/kcnceBsVju+xXG+gOh4699kpVO9V3JYGytQba6SHnNb8GWtz3RhQO97TtNep
ziPY3QbwBa3bKa+ramfRCYrt38taVibc54nbFLERSdpHfEN3HNlSxjIGVwIDAQAB
o4ICnjCCApowHQYDVR0OBBYEFLaDVqhKC1Dz6uf/AC2HUFtF57avMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvdG9OV3FFb0xVUFBxNV84QUxZZFFXMFhudHE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGzBggrBgEFBQcBBwEB/wSBozCBoDCBnQQCAAEwgZYDBAAf
DeADBAAli4ADBAAtQuQDBAAtQucDBAAtWfcDBAAtW8IDBAAtjZ4DBABRoe4DBABT
j3EDBABUNjMDBAFV2YIDBABXeFcDBABXeH4DBABXeKYDBABbXBUDBABc+TIDBAFd
e2QDBABde20DBABenLwDBACTTmUDBAK52lQDBAC53qADBAC59t0DBADCN7oDBADC
qa8wDQYJKoZIhvcNAQELBQADggEBAGnFGZVYxrDAn0H/sRDIjgYpCgy/ln6/3PbP
9M6Kxp6vK4Ev0b12pCqWOFyGVRJ77VddT1JPRVks+ydcVPtwVSQrP6qw+aXNjgR7
uXnEzawy5YMshROynRHsYOv5kgEyZtuCxEp1Z1/Ftty9/AKD9XheQvq/hzU/BTpp
il329rSxf5upORGjm0WIcCZ3ZFSWQDgljsbIkGOAWYlhAvtwvBHzWqBGHufcLD4s
VYSXCz14kHNzgoQ6fTDJQeSJg9qMlfHQCvtX58RAZvqDmsw53d8bHL6VFJkt0N2C
VTYVnd0o6SDAPmF9GcCeyuOlqNHkoEoMOQ0ZgXL8Y22Kq1PnaOo=
-----END CERTIFICATE-----
Generated at Fri Jun 5 14:03:56 2026 by rpki-client