Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/PbbUwTZ4TlwQgqFP0U4eIyvuXzI.roa
File: PbbUwTZ4TlwQgqFP0U4eIyvuXzI.roa (raw, json)
Hash identifier: VzMDNNEpb1oDGnTuFk8FRRst0Ceho9H6ITGIHecG9dg=
Subject key identifier: 3D:B6:D4:C1:36:78:4E:5C:10:82:A1:4F:D1:4E:1E:23:2B:EE:5F:32
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 019E6472AADD38171A943E0E2F8F71F7F5FA
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/PbbUwTZ4TlwQgqFP0U4eIyvuXzI.roa
Signing time: Tue 26 May 2026 13:21:36 +0000
ROA not before: Tue 26 May 2026 13:21:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 206150
IP address blocks: 64.43.72.0/24 maxlen: 24
91.200.135.0/24 maxlen: 24
91.224.212.0/24 maxlen: 24
91.232.56.0/24 maxlen: 24
91.232.57.0/24 maxlen: 24
91.234.120.0/24 maxlen: 24
91.234.121.0/24 maxlen: 24
91.238.42.0/23 maxlen: 23
91.238.42.0/24 maxlen: 24
91.238.43.0/24 maxlen: 24
91.245.91.0/24 maxlen: 24
176.103.121.0/24 maxlen: 24
176.115.237.0/24 maxlen: 24
176.115.238.0/24 maxlen: 24
176.115.239.0/24 maxlen: 24
176.116.230.0/24 maxlen: 24
178.213.180.0/24 maxlen: 24
178.213.181.0/24 maxlen: 24
195.80.143.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.mft
rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 05 Jun 2026 04:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:64:72:aa:dd:38:17:1a:94:3e:0e:2f:8f:71:f7:f5:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: May 26 13:21:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3db6d4c136784e5c1082a14fd14e1e232bee5f32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:45:f7:df:b8:5d:ac:08:e4:d6:3b:06:ab:61:
0f:da:fb:d5:e6:19:2b:c5:19:e9:c4:f2:1c:07:30:
13:89:7d:a0:c3:6c:36:44:e1:de:50:57:a5:3b:10:
61:37:71:59:28:c8:dd:99:72:c1:4f:36:92:6d:b6:
b2:1f:a9:c6:37:62:ad:77:0e:31:74:a8:ee:d2:35:
86:ef:3b:eb:4c:5a:4e:21:d2:89:d7:86:69:d9:5d:
0b:79:13:3e:e1:0b:e1:da:1b:f8:bd:a7:f9:34:3e:
35:45:cf:66:cf:e6:6a:43:3d:3c:06:79:64:c4:1f:
34:45:1a:df:94:58:fa:c6:2d:dc:a7:cc:5a:2f:c2:
29:b5:47:53:e2:82:3b:77:2c:92:ff:6c:18:40:32:
e6:b1:cf:05:0f:fe:cd:60:73:22:7d:5d:9e:77:3f:
2b:33:3e:21:a2:75:eb:71:66:69:68:11:c9:f8:71:
95:3d:fb:c4:f3:a2:37:ae:b4:f4:92:33:3c:44:04:
5a:91:45:02:83:b6:ac:fe:16:63:ff:24:30:a0:b2:
05:6d:62:18:94:10:de:a8:4c:b9:0f:b1:ce:04:d7:
b0:21:19:94:03:63:f8:e8:1e:2c:38:6c:4b:47:38:
84:76:4b:ca:fa:6e:b8:1e:6a:36:70:29:e2:23:23:
2c:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:B6:D4:C1:36:78:4E:5C:10:82:A1:4F:D1:4E:1E:23:2B:EE:5F:32
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/PbbUwTZ4TlwQgqFP0U4eIyvuXzI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.43.72.0/24
91.200.135.0/24
91.224.212.0/24
91.232.56.0/23
91.234.120.0/23
91.238.42.0/23
91.245.91.0/24
176.103.121.0/24
176.115.237.0-176.115.239.255
176.116.230.0/24
178.213.180.0/23
195.80.143.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:f1:a4:f7:73:bb:7b:4d:e1:95:f3:0e:20:1b:b8:f1:52:e2:
ae:82:75:98:1c:c7:2b:56:5e:75:55:65:61:57:05:c9:94:44:
c2:e2:91:d0:09:2a:19:55:49:f8:a8:70:4c:8c:1c:0b:78:fd:
7f:5f:f6:7b:12:4b:25:50:37:d2:aa:5a:a1:55:82:50:31:4e:
d6:c1:92:03:13:d7:81:f6:2c:7f:2e:77:bb:3c:27:54:a8:41:
2f:80:84:7d:d1:57:f5:70:f6:d8:89:9f:42:2a:99:0a:e3:d8:
c7:3f:34:06:f0:ad:3e:41:ea:9c:ec:33:6d:40:b5:b5:bb:c4:
17:a5:2c:11:ca:b5:6c:3a:3c:ee:90:c1:93:ae:44:91:3d:64:
cc:73:0f:b8:f1:72:aa:2d:03:af:e0:84:03:41:8c:47:d5:ff:
fb:61:4e:5d:0e:2d:89:fe:5b:2b:82:56:cd:98:40:e0:e4:c3:
e4:0c:a3:b8:ab:68:f2:0f:32:05:bd:b5:91:32:88:1f:c3:1f:
51:82:49:c3:97:85:d6:96:14:c7:bc:6d:f1:2f:5c:f4:12:66:
ec:dc:5e:e4:50:2d:a5:43:b5:2c:ea:90:bc:2e:ac:5d:50:4d:
7d:e3:52:7b:e5:57:59:c5:f0:f4:5e:f7:0a:c0:38:b3:8a:56:
10:a1:4c:b0
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAZ5kcqrdOBcalD4OL49x9/X6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjYwNTI2MTMyMTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGI2ZDRjMTM2Nzg0ZTVjMTA4MmExNGZkMTRlMWUyMzJiZWU1ZjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlEX337hdrAjk1jsGq2EP2vvV5hkr
xRnpxPIcBzATiX2gw2w2ROHeUFelOxBhN3FZKMjdmXLBTzaSbbayH6nGN2Ktdw4x
dKju0jWG7zvrTFpOIdKJ14Zp2V0LeRM+4Qvh2hv4vaf5ND41Rc9mz+ZqQz08Bnlk
xB80RRrflFj6xi3cp8xaL8IptUdT4oI7dyyS/2wYQDLmsc8FD/7NYHMifV2edz8r
Mz4honXrcWZpaBHJ+HGVPfvE86I3rrT0kjM8RARakUUCg7as/hZj/yQwoLIFbWIY
lBDeqEy5D7HOBNewIRmUA2P46B4sOGxLRziEdkvK+m64Hmo2cCniIyMsjQIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFD221ME2eE5cEIKhT9FOHiMr7l8yMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvUGJiVXdUWjRUbHdRZ3FGUDBVNGVJeXZ1WHpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQAQCtIAwQA
W8iHAwQAW+DUAwQBW+g4AwQBW+p4AwQBW+4qAwQAW/VbAwQAsGd5MAwDBACwc+0D
BASwc+ADBACwdOYDBAGy1bQDBADDUI8wDQYJKoZIhvcNAQELBQADggEBACvxpPdz
u3tN4ZXzDiAbuPFS4q6CdZgcxytWXnVVZWFXBcmURMLikdAJKhlVSfiocEyMHAt4
/X9f9nsSSyVQN9KqWqFVglAxTtbBkgMT14H2LH8ud7s8J1SoQS+AhH3RV/Vw9tiJ
n0IqmQrj2Mc/NAbwrT5B6pzsM21AtbW7xBelLBHKtWw6PO6QwZOuRJE9ZMxzD7jx
cqotA6/ghANBjEfV//thTl0OLYn+WyuCVs2YQODkw+QMo7iraPIPMgW9tZEyiB/D
H1GCScOXhdaWFMe8bfEvXPQSZuzcXuRQLaVDtSzqkLwurF1QTX3jUnvlV1nF8PRe
9wrAOLOKVhChTLA=
-----END CERTIFICATE-----
Generated at Thu Jun 4 09:59:25 2026 by rpki-client