Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/9a2Pj-aJJ2Xmb74pv9d46ix61Jo.roa
File: 9a2Pj-aJJ2Xmb74pv9d46ix61Jo.roa (raw, json)
Hash identifier: 9+GrnEcXAUfD1EzI6nsKKu9BX5cFG3wYnwV5UDSQa1I=
Subject key identifier: F5:AD:8F:8F:E6:89:27:65:E6:6F:BE:29:BF:D7:78:EA:2C:7A:D4:9A
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 019D2026BEE1E0EF70DF01B575C3ECA6A4D6
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/9a2Pj-aJJ2Xmb74pv9d46ix61Jo.roa
Signing time: Tue 24 Mar 2026 14:01:43 +0000
ROA not before: Tue 24 Mar 2026 14:01:43 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 12722
IP address blocks: 2.59.48.0/24 maxlen: 24
31.222.240.0/24 maxlen: 24
31.222.243.0/24 maxlen: 24
31.222.250.0/24 maxlen: 24
37.221.80.0/24 maxlen: 24
45.11.22.0/24 maxlen: 24
45.14.220.0/24 maxlen: 24
45.14.221.0/24 maxlen: 24
45.80.120.0/22 maxlen: 22
45.89.68.0/24 maxlen: 24
45.89.71.0/24 maxlen: 24
91.188.220.0/24 maxlen: 24
94.158.188.0/24 maxlen: 24
176.56.35.0/24 maxlen: 24
176.56.36.0/24 maxlen: 24
176.124.34.0/24 maxlen: 24
185.212.112.0/24 maxlen: 24
185.234.8.0/24 maxlen: 24
193.3.18.0/24 maxlen: 24
193.201.114.0/24 maxlen: 24
194.32.240.0/24 maxlen: 24
195.69.148.0/24 maxlen: 24
195.69.150.0/24 maxlen: 24
195.225.96.0/24 maxlen: 24
213.109.206.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.mft
rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 05:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:20:26:be:e1:e0:ef:70:df:01:b5:75:c3:ec:a6:a4:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Mar 24 14:01:43 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f5ad8f8fe6892765e66fbe29bfd778ea2c7ad49a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:24:10:70:5f:91:d4:bf:20:4a:7d:0a:87:02:
ef:cd:2f:bb:76:95:e0:bf:9d:8f:e1:82:1e:e8:65:
d2:30:8d:55:05:ad:b9:6c:7f:66:1a:9b:26:4b:91:
c4:01:28:b6:4a:13:0b:42:3c:ec:51:c5:66:13:52:
a4:1b:f6:79:d7:5f:f3:4e:e6:b6:fd:70:5a:ad:8c:
d0:c0:95:99:5b:20:21:e6:75:27:d6:a2:1e:29:b5:
9b:06:d5:23:e5:c7:34:5f:72:55:ff:67:e7:f5:f8:
2d:a1:3e:9e:56:62:eb:e8:d4:ca:4c:1b:5c:68:9f:
e5:33:a3:ff:7a:34:3d:81:e9:9c:f9:3b:f9:8c:a3:
4b:c0:7a:02:67:2f:7f:bf:eb:54:93:20:a9:2f:0d:
5b:e5:67:e7:0f:74:99:93:b8:9e:41:32:af:a1:5f:
4a:f5:d3:9c:96:89:20:98:85:69:b1:e0:c4:dd:b3:
6d:4c:5a:e7:b5:86:a5:8a:5e:cd:4e:56:35:b5:13:
a2:c2:82:19:8d:8c:93:ee:c9:8b:b1:bc:3e:9f:94:
6e:27:28:12:e8:bc:f1:70:bf:96:4e:00:87:10:ac:
e7:da:10:9a:74:b4:2e:21:49:71:78:c2:ce:ee:bf:
ac:f2:d7:1e:73:2a:c3:44:03:7e:35:6f:58:fb:68:
9f:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:AD:8F:8F:E6:89:27:65:E6:6F:BE:29:BF:D7:78:EA:2C:7A:D4:9A
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/9a2Pj-aJJ2Xmb74pv9d46ix61Jo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.48.0/24
31.222.240.0/24
31.222.243.0/24
31.222.250.0/24
37.221.80.0/24
45.11.22.0/24
45.14.220.0/23
45.80.120.0/22
45.89.68.0/24
45.89.71.0/24
91.188.220.0/24
94.158.188.0/24
176.56.35.0-176.56.36.255
176.124.34.0/24
185.212.112.0/24
185.234.8.0/24
193.3.18.0/24
193.201.114.0/24
194.32.240.0/24
195.69.148.0/24
195.69.150.0/24
195.225.96.0/24
213.109.206.0/24
Signature Algorithm: sha256WithRSAEncryption
59:f9:36:bb:76:f1:09:ef:1f:94:48:1a:6c:9e:7c:9e:a2:54:
f8:66:0b:0e:f9:12:4a:7f:74:be:dd:ac:3e:b6:ec:3a:dd:d8:
c6:71:63:41:bf:83:21:a2:cc:66:8b:a0:01:2c:cb:64:51:62:
ae:6a:7c:23:23:03:3c:08:c4:9b:25:00:49:bd:f7:d1:df:bb:
b4:2e:46:7b:48:cb:81:42:23:16:3b:5f:d1:77:13:c4:a0:8e:
9b:98:7c:9c:c7:9f:62:dd:89:01:2e:04:2d:23:e9:c1:ea:32:
7d:ee:bd:c0:27:7e:d3:b6:4e:1c:c4:4f:61:4d:be:91:de:aa:
fb:12:83:85:bc:df:d1:5d:d7:f6:1e:1f:b5:58:b3:c2:35:d7:
a3:e1:6e:1a:04:2d:05:50:24:bb:6c:e8:60:c4:25:bb:a5:bc:
db:a5:e6:5f:98:38:3e:cc:79:3e:1d:e8:1e:fb:93:d2:64:08:
38:74:af:f2:6f:66:b3:9f:56:28:3a:d8:79:a8:2a:40:3d:21:
c9:df:a6:81:ef:ab:4e:cf:8b:68:6b:55:f7:73:e8:21:0f:1e:
e9:f4:b0:f5:31:1d:ac:04:65:e4:1a:fe:00:d3:d3:c5:d0:54:
1c:25:4d:cf:ab:e6:59:3f:a4:93:ca:23:aa:07:37:88:59:17:
b0:a3:b1:7b
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgISAZ0gJr7h4O9w3wG1dcPspqTWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjYwMzI0MTQwMTQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWFkOGY4ZmU2ODkyNzY1ZTY2ZmJlMjliZmQ3NzhlYTJjN2FkNDlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAryQQcF+R1L8gSn0KhwLvzS+7dpXg
v52P4YIe6GXSMI1VBa25bH9mGpsmS5HEASi2ShMLQjzsUcVmE1KkG/Z511/zTua2
/XBarYzQwJWZWyAh5nUn1qIeKbWbBtUj5cc0X3JV/2fn9fgtoT6eVmLr6NTKTBtc
aJ/lM6P/ejQ9gemc+Tv5jKNLwHoCZy9/v+tUkyCpLw1b5WfnD3SZk7ieQTKvoV9K
9dOclokgmIVpseDE3bNtTFrntYalil7NTlY1tROiwoIZjYyT7smLsbw+n5RuJygS
6LzxcL+WTgCHEKzn2hCadLQuIUlxeMLO7r+s8tcecyrDRAN+NW9Y+2ifPQIDAQAB
o4ICmjCCApYwHQYDVR0OBBYEFPWtj4/miSdl5m++Kb/XeOosetSaMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvOWEyUGotYUpKMlhtYjc0cHY5ZDQ2aXg2MUpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGvBggrBgEFBQcBBwEB/wSBnzCBnDCBmQQCAAEwgZIDBAAC
OzADBAAf3vADBAAf3vMDBAAf3voDBAAl3VADBAAtCxYDBAEtDtwDBAItUHgDBAAt
WUQDBAAtWUcDBABbvNwDBABenrwwDAMEALA4IwMEALA4JAMEALB8IgMEALnUcAME
ALnqCAMEAMEDEgMEAMHJcgMEAMIg8AMEAMNFlAMEAMNFlgMEAMPhYAMEANVtzjAN
BgkqhkiG9w0BAQsFAAOCAQEAWfk2u3bxCe8flEgabJ58nqJU+GYLDvkSSn90vt2s
PrbsOt3YxnFjQb+DIaLMZougASzLZFFirmp8IyMDPAjEmyUASb330d+7tC5Ge0jL
gUIjFjtf0XcTxKCOm5h8nMefYt2JAS4ELSPpweoyfe69wCd+07ZOHMRPYU2+kd6q
+xKDhbzf0V3X9h4ftVizwjXXo+FuGgQtBVAku2zoYMQlu6W826XmX5g4Psx5Ph3o
HvuT0mQIOHSv8m9ms59WKDrYeagqQD0hyd+mge+rTs+LaGtV93PoIQ8e6fSw9TEd
rARl5Br+ANPTxdBUHCVNz6vmWT+kk8ojqgc3iFkXsKOxew==
-----END CERTIFICATE-----
Generated at Wed Mar 25 12:12:27 2026 by rpki-client