Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/2SIXUZTGLSsuNmHnmH_XZgRCYVY.roa
File: 2SIXUZTGLSsuNmHnmH_XZgRCYVY.roa (raw, json)
Hash identifier: kuoWaUJI+dAA7ih84KRN5TqDkuF9bUAxQjQzkKOCjIc=
Subject key identifier: D9:22:17:51:94:C6:2D:2B:2E:36:61:E7:98:7F:D7:66:04:42:61:56
Certificate issuer: /CN=4444c7c3ad34b6977fa18a2237ca306b9bee08e0
Certificate serial: 019CD7A045C509ECC5C36EF502AD5C3F5B71
Authority key identifier: 44:44:C7:C3:AD:34:B6:97:7F:A1:8A:22:37:CA:30:6B:9B:EE:08:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RETHw600tpd_oYoiN8owa5vuCOA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/2SIXUZTGLSsuNmHnmH_XZgRCYVY.roa
Signing time: Tue 10 Mar 2026 12:02:10 +0000
ROA not before: Tue 10 Mar 2026 12:02:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 50130
IP address blocks: 31.129.224.0/22 maxlen: 22
31.129.224.0/23 maxlen: 23
31.129.224.0/24 maxlen: 24
31.129.225.0/24 maxlen: 24
31.129.226.0/23 maxlen: 23
31.129.226.0/24 maxlen: 24
31.129.227.0/24 maxlen: 24
31.129.228.0/23 maxlen: 23
31.129.228.0/24 maxlen: 24
31.129.229.0/24 maxlen: 24
31.129.234.0/24 maxlen: 24
31.129.240.0/23 maxlen: 23
31.129.242.0/23 maxlen: 23
31.129.248.0/23 maxlen: 23
31.129.248.0/24 maxlen: 24
31.129.249.0/24 maxlen: 24
31.129.250.0/24 maxlen: 24
31.129.252.0/22 maxlen: 22
31.129.252.0/23 maxlen: 23
31.129.252.0/24 maxlen: 24
31.129.253.0/24 maxlen: 24
31.129.254.0/23 maxlen: 23
31.129.254.0/24 maxlen: 24
31.129.255.0/24 maxlen: 24
213.5.198.0/23 maxlen: 23
213.5.198.0/24 maxlen: 24
213.5.199.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/RETHw600tpd_oYoiN8owa5vuCOA.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/RETHw600tpd_oYoiN8owa5vuCOA.mft
rsync://rpki.ripe.net/repository/DEFAULT/RETHw600tpd_oYoiN8owa5vuCOA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 13 Mar 2026 09:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:d7:a0:45:c5:09:ec:c5:c3:6e:f5:02:ad:5c:3f:5b:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4444c7c3ad34b6977fa18a2237ca306b9bee08e0
Validity
Not Before: Mar 10 12:02:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d922175194c62d2b2e3661e7987fd76604426156
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:62:cf:07:62:27:e5:73:2d:58:ad:ad:3d:da:
4c:4e:e5:40:fb:f1:0e:1a:37:f1:76:54:1a:fe:28:
2d:86:99:1f:62:e5:0d:9d:d3:d3:57:66:88:74:92:
b2:58:13:8f:7d:60:aa:79:bb:d3:7c:01:a8:a6:46:
13:05:5e:a6:18:aa:e5:38:05:56:1b:ad:67:15:76:
64:91:14:3d:66:44:62:7c:84:c3:8a:9f:4d:d1:e1:
85:c9:91:c4:6b:c3:65:f7:5e:e7:1b:31:1d:b1:d9:
59:a0:88:0b:ed:42:48:1d:b6:4b:14:26:54:62:e6:
e1:0d:52:28:76:ab:38:cb:f5:c9:54:7e:63:98:85:
67:67:01:99:c4:02:45:42:7a:91:fd:af:d2:ba:d8:
1e:c2:94:38:d1:cf:57:03:fd:26:6e:d5:cf:df:0c:
3e:1c:9d:c3:04:44:8c:56:88:49:d5:48:a9:96:03:
c7:f2:d4:c7:6e:b6:98:fb:98:1e:3a:aa:ae:0f:1f:
c6:43:d4:b3:9c:a9:64:a4:d5:77:87:47:9a:3d:67:
93:24:f8:90:ad:7b:13:ba:e4:f0:98:3d:71:b6:00:
92:b2:c5:5f:7e:bd:53:d0:a2:63:53:6d:de:f8:3d:
7f:e5:62:e5:f7:af:9d:aa:45:ea:39:56:26:19:bd:
2d:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:22:17:51:94:C6:2D:2B:2E:36:61:E7:98:7F:D7:66:04:42:61:56
X509v3 Authority Key Identifier:
keyid:44:44:C7:C3:AD:34:B6:97:7F:A1:8A:22:37:CA:30:6B:9B:EE:08:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RETHw600tpd_oYoiN8owa5vuCOA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/2SIXUZTGLSsuNmHnmH_XZgRCYVY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/RETHw600tpd_oYoiN8owa5vuCOA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.129.224.0-31.129.229.255
31.129.234.0/24
31.129.240.0/22
31.129.248.0-31.129.250.255
31.129.252.0/22
213.5.198.0/23
Signature Algorithm: sha256WithRSAEncryption
9f:3d:ca:2a:b7:f8:33:64:b2:27:9b:81:1c:09:2f:c3:b6:06:
65:fa:01:9b:d2:4c:7d:f1:93:32:18:11:ee:9c:a9:b2:6a:c6:
6c:35:8a:11:45:c7:c0:9f:85:d8:5b:cf:7e:94:54:6d:7c:37:
9f:ac:69:c1:42:2f:97:c2:bb:00:73:8f:f2:e9:11:56:ad:d6:
cf:18:7b:6b:53:24:d8:b4:77:06:f2:e9:2f:4f:4a:55:1a:b4:
af:9b:3c:ce:0a:95:95:69:8b:62:11:99:54:9d:8a:c3:f3:1e:
49:4b:92:8b:7c:81:51:34:9a:14:87:47:74:00:57:d4:6e:03:
3b:a7:a9:4e:7b:bf:c4:ec:37:2d:33:f2:79:08:61:48:8d:82:
5b:95:f2:96:f8:0d:f1:9e:6d:2d:c2:af:0c:e8:6e:85:ba:91:
58:e4:27:1b:0b:96:fe:ac:bf:7c:04:a2:7f:54:5d:c1:1c:3b:
67:25:22:69:53:67:d9:25:a1:db:12:77:28:b9:d2:84:6b:9f:
3f:0e:0b:e0:a4:d8:f6:c9:11:17:96:a1:19:c6:66:77:6a:03:
d8:72:e4:7e:7f:4f:c1:ca:05:d4:0c:03:1e:19:48:94:db:3e:
d7:45:5e:e9:1a:4f:48:a7:c9:67:d0:ad:2a:d3:4d:47:7d:e1:
99:ba:3a:97
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZzXoEXFCezFw271Aq1cP1txMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NDRjN2MzYWQzNGI2OTc3ZmExOGEyMjM3Y2EzMDZiOWJl
ZTA4ZTAwHhcNMjYwMzEwMTIwMjEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTIyMTc1MTk0YzYyZDJiMmUzNjYxZTc5ODdmZDc2NjA0NDI2MTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwGLPB2In5XMtWK2tPdpMTuVA+/EO
GjfxdlQa/igthpkfYuUNndPTV2aIdJKyWBOPfWCqebvTfAGopkYTBV6mGKrlOAVW
G61nFXZkkRQ9ZkRifITDip9N0eGFyZHEa8Nl917nGzEdsdlZoIgL7UJIHbZLFCZU
YubhDVIodqs4y/XJVH5jmIVnZwGZxAJFQnqR/a/SutgewpQ40c9XA/0mbtXP3ww+
HJ3DBESMVohJ1UiplgPH8tTHbraY+5geOqquDx/GQ9SznKlkpNV3h0eaPWeTJPiQ
rXsTuuTwmD1xtgCSssVffr1T0KJjU23e+D1/5WLl96+dqkXqOVYmGb0tDwIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFNkiF1GUxi0rLjZh55h/12YEQmFWMB8GA1UdIwQY
MBaAFEREx8OtNLaXf6GKIjfKMGub7gjgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkVUSHc2MDB0cGRfb1lvaU44b3dhNXZ1Q09BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9jOWM5ZmMtNTg2NC00MTRlLWFlMmEt
ODYzYzliM2QzMmIwLzEvMlNJWFVaVEdMU3N1Tm1Ibm1IX1haZ1JDWVZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9jOWM5ZmMtNTg2NC00MTRlLWFlMmEtODYzYzliM2QzMmIw
LzEvUkVUSHc2MDB0cGRfb1lvaU44b3dhNXZ1Q09BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0MAwDBAUfgeAD
BAEfgeQDBAAfgeoDBAIfgfAwDAMEAx+B+AMEAB+B+gMEAh+B/AMEAdUFxjANBgkq
hkiG9w0BAQsFAAOCAQEAnz3KKrf4M2SyJ5uBHAkvw7YGZfoBm9JMffGTMhgR7pyp
smrGbDWKEUXHwJ+F2FvPfpRUbXw3n6xpwUIvl8K7AHOP8ukRVq3Wzxh7a1Mk2LR3
BvLpL09KVRq0r5s8zgqVlWmLYhGZVJ2Kw/MeSUuSi3yBUTSaFIdHdABX1G4DO6ep
Tnu/xOw3LTPyeQhhSI2CW5XylvgN8Z5tLcKvDOhuhbqRWOQnGwuW/qy/fASif1Rd
wRw7ZyUiaVNn2SWh2xJ3KLnShGufPw4L4KTY9skRF5ahGcZmd2oD2HLkfn9PwcoF
1AwDHhlIlNs+10Ve6RpPSKfJZ9CtKtNNR33hmbo6lw==
-----END CERTIFICATE-----
Generated at Thu Mar 12 19:04:15 2026 by rpki-client