Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/IfL5Mjp5CDHPxiU9gEldpFUq7aQ.roa
File: IfL5Mjp5CDHPxiU9gEldpFUq7aQ.roa (raw, json)
Hash identifier: nX8G4MLR5V//Krj8l/RDMKC2RqXXJEZAIWk0WOEFt90=
Subject key identifier: 21:F2:F9:32:3A:79:08:31:CF:C6:25:3D:80:49:5D:A4:55:2A:ED:A4
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 019D3112A216D352B743C40E96282ED40F67
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/IfL5Mjp5CDHPxiU9gEldpFUq7aQ.roa
Signing time: Fri 27 Mar 2026 20:53:17 +0000
ROA not before: Fri 27 Mar 2026 20:53:17 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 58061
IP address blocks: 2.56.112.0/24 maxlen: 24
2.56.113.0/24 maxlen: 24
5.183.128.0/24 maxlen: 24
45.132.48.0/24 maxlen: 24
45.157.136.0/24 maxlen: 24
62.68.83.0/24 maxlen: 24
62.68.86.0/24 maxlen: 24
62.68.87.0/24 maxlen: 24
62.204.36.0/24 maxlen: 24
62.204.57.0/24 maxlen: 24
62.233.35.0/24 maxlen: 24
62.233.45.0/24 maxlen: 24
62.233.49.0/24 maxlen: 24
62.233.56.0/24 maxlen: 24
62.233.60.0/24 maxlen: 24
80.68.145.0/24 maxlen: 24
80.68.158.0/24 maxlen: 24
80.91.209.0/24 maxlen: 24
80.91.210.0/24 maxlen: 24
91.213.117.0/24 maxlen: 24
91.226.247.0/24 maxlen: 24
91.242.236.0/24 maxlen: 24
93.177.104.0/24 maxlen: 24
93.177.107.0/24 maxlen: 24
94.143.226.0/24 maxlen: 24
94.158.191.0/24 maxlen: 24
130.193.79.0/24 maxlen: 24
130.255.169.0/24 maxlen: 24
146.19.137.0/24 maxlen: 24
146.19.148.0/24 maxlen: 24
146.19.150.0/24 maxlen: 24
146.19.152.0/24 maxlen: 24
146.19.187.0/24 maxlen: 24
146.19.190.0/24 maxlen: 24
176.56.38.0/24 maxlen: 24
185.122.206.0/24 maxlen: 24
185.155.101.0/24 maxlen: 24
185.218.1.0/24 maxlen: 24
185.232.47.0/24 maxlen: 24
193.3.22.0/24 maxlen: 24
193.141.53.0/24 maxlen: 24
193.239.209.0/24 maxlen: 24
194.26.221.0/24 maxlen: 24
195.64.112.0/24 maxlen: 24
195.64.114.0/24 maxlen: 24
195.93.249.0/24 maxlen: 24
195.96.136.0/24 maxlen: 24
195.96.157.0/24 maxlen: 24
212.18.96.0/24 maxlen: 24
212.52.5.0/24 maxlen: 24
217.114.32.0/24 maxlen: 24
217.119.130.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.mft
rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:31:12:a2:16:d3:52:b7:43:c4:0e:96:28:2e:d4:0f:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Mar 27 20:53:17 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=21f2f9323a790831cfc6253d80495da4552aeda4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:47:a0:e2:f1:4a:85:ff:18:06:43:b6:30:68:
89:ca:b6:f6:bb:c4:30:52:80:a6:a6:86:71:da:1c:
91:3a:09:77:51:a5:f2:3a:36:a9:c7:b8:56:83:ff:
ca:bf:a8:4a:00:f5:0d:74:cc:42:3b:28:1c:6b:d1:
c5:7f:17:34:78:4a:ba:58:0b:9c:3c:39:01:c8:1f:
c1:07:9f:12:00:5e:91:80:73:86:f5:1e:13:90:50:
17:3e:6a:00:4f:24:36:20:41:49:f5:b8:41:81:11:
ec:95:eb:45:6e:fa:ae:1a:88:d2:27:4d:eb:a5:02:
37:cd:0f:0c:e0:55:37:9e:ac:9e:bb:c5:51:c7:42:
7d:ce:57:21:00:5f:f3:f3:7a:f5:e9:80:4a:1e:a4:
6c:0e:74:33:5d:cc:8b:96:e1:46:ee:59:2e:57:7c:
aa:f6:2d:13:75:5e:a1:7b:42:e1:30:2e:02:97:61:
2c:11:85:5f:04:4e:0d:c5:0b:ee:ce:50:66:ab:fe:
7b:3c:e4:03:84:07:aa:03:12:d6:d7:62:e1:b4:7b:
06:33:c9:15:a8:02:78:74:05:c9:40:9c:0c:df:c5:
6e:19:22:ee:c8:73:81:a6:5c:14:69:6c:4c:7f:19:
27:b3:77:89:76:b2:62:5f:46:26:66:08:de:b9:a8:
25:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:F2:F9:32:3A:79:08:31:CF:C6:25:3D:80:49:5D:A4:55:2A:ED:A4
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/IfL5Mjp5CDHPxiU9gEldpFUq7aQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.112.0/23
5.183.128.0/24
45.132.48.0/24
45.157.136.0/24
62.68.83.0/24
62.68.86.0/23
62.204.36.0/24
62.204.57.0/24
62.233.35.0/24
62.233.45.0/24
62.233.49.0/24
62.233.56.0/24
62.233.60.0/24
80.68.145.0/24
80.68.158.0/24
80.91.209.0-80.91.210.255
91.213.117.0/24
91.226.247.0/24
91.242.236.0/24
93.177.104.0/24
93.177.107.0/24
94.143.226.0/24
94.158.191.0/24
130.193.79.0/24
130.255.169.0/24
146.19.137.0/24
146.19.148.0/24
146.19.150.0/24
146.19.152.0/24
146.19.187.0/24
146.19.190.0/24
176.56.38.0/24
185.122.206.0/24
185.155.101.0/24
185.218.1.0/24
185.232.47.0/24
193.3.22.0/24
193.141.53.0/24
193.239.209.0/24
194.26.221.0/24
195.64.112.0/24
195.64.114.0/24
195.93.249.0/24
195.96.136.0/24
195.96.157.0/24
212.18.96.0/24
212.52.5.0/24
217.114.32.0/24
217.119.130.0/24
Signature Algorithm: sha256WithRSAEncryption
95:50:10:a7:4a:cc:51:d9:d0:be:1c:dd:c0:bd:b6:69:fc:27:
23:27:6b:2c:cc:19:18:57:e6:53:a3:48:be:be:1f:57:69:12:
a4:5e:79:50:21:3d:36:65:34:24:d4:4d:77:55:d8:14:50:93:
a8:ec:74:7d:f6:d8:5d:83:27:d1:70:6f:6f:33:db:f4:c5:c7:
1d:2f:c8:68:14:ce:76:7a:4d:32:20:69:e8:69:77:50:19:cd:
9d:6c:82:25:d5:d0:c7:17:97:50:8c:73:da:7d:ff:c6:e1:ca:
6a:a0:5e:34:52:a1:27:da:69:26:5d:31:7c:75:b8:bd:81:c3:
c5:25:c4:b1:7a:ab:ea:ec:1d:ce:39:a4:99:23:9a:8d:4f:00:
3e:aa:cf:0c:e3:c5:4f:ee:39:a0:05:f1:16:e6:e9:98:dc:76:
59:c0:cd:b5:cd:5f:56:50:f3:06:f8:e7:68:86:81:4e:ea:4a:
63:1a:75:79:e9:00:f9:63:4a:31:72:7a:b0:d0:e1:ae:38:52:
71:45:22:8e:30:fb:cf:9c:ed:a7:c7:c0:2a:d7:98:a1:3d:88:
4f:50:84:51:33:6d:6d:a8:ab:f1:ee:57:4a:c6:87:7b:d9:76:
06:42:ad:68:f0:10:a3:89:38:a9:8f:99:75:e7:b1:3d:ac:f5:
2d:3d:62:70
-----BEGIN CERTIFICATE-----
MIIGLzCCBRegAwIBAgISAZ0xEqIW01K3Q8QOligu1A9nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjYwMzI3MjA1MzE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWYyZjkzMjNhNzkwODMxY2ZjNjI1M2Q4MDQ5NWRhNDU1MmFlZGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv0eg4vFKhf8YBkO2MGiJyrb2u8Qw
UoCmpoZx2hyROgl3UaXyOjapx7hWg//Kv6hKAPUNdMxCOygca9HFfxc0eEq6WAuc
PDkByB/BB58SAF6RgHOG9R4TkFAXPmoATyQ2IEFJ9bhBgRHsletFbvquGojSJ03r
pQI3zQ8M4FU3nqyeu8VRx0J9zlchAF/z83r16YBKHqRsDnQzXcyLluFG7lkuV3yq
9i0TdV6he0LhMC4Cl2EsEYVfBE4NxQvuzlBmq/57POQDhAeqAxLW12LhtHsGM8kV
qAJ4dAXJQJwM38VuGSLuyHOBplwUaWxMfxkns3eJdrJiX0YmZgjeuaglHwIDAQAB
o4IDOzCCAzcwHQYDVR0OBBYEFCHy+TI6eQgxz8YlPYBJXaRVKu2kMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvSWZMNU1qcDVDREhQeGlVOWdFbGRwRlVxN2FRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBTwYIKwYBBQUHAQcBAf8EggE+MIIBOjCCATYEAgABMIIB
LgMEAQI4cAMEAAW3gAMEAC2EMAMEAC2diAMEAD5EUwMEAT5EVgMEAD7MJAMEAD7M
OQMEAD7pIwMEAD7pLQMEAD7pMQMEAD7pOAMEAD7pPAMEAFBEkQMEAFBEnjAMAwQA
UFvRAwQAUFvSAwQAW9V1AwQAW+L3AwQAW/LsAwQAXbFoAwQAXbFrAwQAXo/iAwQA
Xp6/AwQAgsFPAwQAgv+pAwQAkhOJAwQAkhOUAwQAkhOWAwQAkhOYAwQAkhO7AwQA
khO+AwQAsDgmAwQAuXrOAwQAuZtlAwQAudoBAwQAuegvAwQAwQMWAwQAwY01AwQA
we/RAwQAwhrdAwQAw0BwAwQAw0ByAwQAw135AwQAw2CIAwQAw2CdAwQA1BJgAwQA
1DQFAwQA2XIgAwQA2XeCMA0GCSqGSIb3DQEBCwUAA4IBAQCVUBCnSsxR2dC+HN3A
vbZp/CcjJ2sszBkYV+ZTo0i+vh9XaRKkXnlQIT02ZTQk1E13VdgUUJOo7HR99thd
gyfRcG9vM9v0xccdL8hoFM52ek0yIGnoaXdQGc2dbIIl1dDHF5dQjHPaff/G4cpq
oF40UqEn2mkmXTF8dbi9gcPFJcSxeqvq7B3OOaSZI5qNTwA+qs8M48VP7jmgBfEW
5umY3HZZwM21zV9WUPMG+OdohoFO6kpjGnV56QD5Y0oxcnqw0OGuOFJxRSKOMPvP
nO2nx8Aq15ihPYhPUIRRM21tqKvx7ldKxod72XYGQq1o8BCjiTipj5l157E9rPUt
PWJw
-----END CERTIFICATE-----
Generated at Sun Mar 29 08:47:54 2026 by rpki-client