Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/rvpDnB8UAWvBQKb1wVyAuurIS8g.roa
File: rvpDnB8UAWvBQKb1wVyAuurIS8g.roa (raw, json)
Hash identifier: dPyfoPmxlD/kk3O56/dfTd/Z/b49yJsNvFWgI8CHJNo=
Subject key identifier: AE:FA:43:9C:1F:14:01:6B:C1:40:A6:F5:C1:5C:80:BA:EA:C8:4B:C8
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 019E04037B2E3B8BA4F946BF05FF84033846
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/rvpDnB8UAWvBQKb1wVyAuurIS8g.roa
Signing time: Thu 07 May 2026 19:56:37 +0000
ROA not before: Thu 07 May 2026 19:56:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212667
IP address blocks: 2.59.48.0/24 maxlen: 24
31.222.240.0/24 maxlen: 24
31.222.243.0/24 maxlen: 24
37.221.80.0/24 maxlen: 24
45.11.22.0/24 maxlen: 24
45.14.221.0/24 maxlen: 24
45.89.68.0/24 maxlen: 24
45.89.71.0/24 maxlen: 24
45.147.168.0/22 maxlen: 22
91.188.220.0/24 maxlen: 24
94.158.188.0/24 maxlen: 24
176.56.35.0/24 maxlen: 24
176.56.36.0/24 maxlen: 24
176.124.34.0/24 maxlen: 24
185.212.112.0/24 maxlen: 24
185.234.8.0/24 maxlen: 24
193.201.114.0/24 maxlen: 24
194.32.240.0/24 maxlen: 24
195.69.148.0/24 maxlen: 24
195.69.150.0/24 maxlen: 24
195.96.150.0/24 maxlen: 24
195.225.96.0/24 maxlen: 24
212.18.100.0/24 maxlen: 24
212.18.122.0/24 maxlen: 24
212.52.4.0/24 maxlen: 24
213.109.206.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.mft
rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 10 May 2026 07:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:04:03:7b:2e:3b:8b:a4:f9:46:bf:05:ff:84:03:38:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: May 7 19:56:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=aefa439c1f14016bc140a6f5c15c80baeac84bc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:a7:da:b3:0e:e8:5d:e2:18:5b:02:7e:c4:cc:
f6:bb:95:db:9a:d1:e9:51:1d:8e:c1:82:1a:eb:5d:
cd:1b:7a:04:f9:33:43:9f:4b:b2:ef:d1:09:82:45:
c7:8e:0f:08:aa:36:d9:6c:5a:61:31:4c:bb:4d:35:
d9:55:11:c6:2d:5d:38:ff:4d:04:30:b1:0b:d0:79:
9b:98:de:1b:c2:32:11:f2:c6:d6:3f:f9:07:ac:b2:
d0:82:5f:33:88:1c:c5:aa:d7:4e:1c:60:93:ed:3e:
18:83:24:b9:67:a1:7d:a3:d4:c8:f3:64:d7:51:7f:
23:3f:5f:3c:e6:71:21:d7:66:35:01:04:2b:12:99:
3a:a9:11:05:1b:7f:ca:cb:a6:0e:14:64:7d:8c:31:
f4:89:fc:4a:f3:5d:da:89:31:b1:3a:00:3b:3c:d2:
ff:03:64:b3:ea:85:26:8c:d1:37:3e:21:be:00:02:
64:a8:33:7c:fb:a2:78:2f:21:94:6d:f2:d8:03:cc:
af:a3:c5:25:fa:d5:52:1d:b5:1c:fe:f1:74:ac:f0:
fa:ce:f2:eb:3c:53:78:8d:e1:e7:bc:5a:4f:37:0e:
83:35:cb:f4:ca:0d:c7:d1:2d:5d:90:ee:23:ef:ce:
bb:c6:2c:78:4c:53:f0:18:99:60:d1:10:05:30:1b:
a4:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:FA:43:9C:1F:14:01:6B:C1:40:A6:F5:C1:5C:80:BA:EA:C8:4B:C8
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/rvpDnB8UAWvBQKb1wVyAuurIS8g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.48.0/24
31.222.240.0/24
31.222.243.0/24
37.221.80.0/24
45.11.22.0/24
45.14.221.0/24
45.89.68.0/24
45.89.71.0/24
45.147.168.0/22
91.188.220.0/24
94.158.188.0/24
176.56.35.0-176.56.36.255
176.124.34.0/24
185.212.112.0/24
185.234.8.0/24
193.201.114.0/24
194.32.240.0/24
195.69.148.0/24
195.69.150.0/24
195.96.150.0/24
195.225.96.0/24
212.18.100.0/24
212.18.122.0/24
212.52.4.0/24
213.109.206.0/24
Signature Algorithm: sha256WithRSAEncryption
45:88:34:df:e8:89:74:42:86:e9:5d:ce:03:8d:46:55:4d:ed:
d4:00:6e:db:5e:1d:8e:c4:41:ce:ff:07:b0:b8:29:fa:6d:86:
da:67:96:68:51:af:34:f5:c1:7f:eb:0a:57:47:58:35:d0:ac:
f6:94:56:87:49:41:12:00:ec:00:c4:d4:14:8e:19:b2:d8:48:
5c:80:88:4f:87:5e:8e:01:c1:4b:fe:ea:5c:39:41:bc:3a:fb:
1e:0b:64:3b:20:5e:e8:e2:c2:b0:da:4f:4d:98:f8:6c:3c:4e:
d6:30:8c:56:e1:4f:2c:1b:cc:c0:ae:5b:5d:42:c9:5d:15:7c:
b5:fe:a4:7f:1f:9a:45:07:10:cf:32:1d:e3:f0:4c:25:46:88:
c7:23:d3:17:b6:3a:e6:92:fc:59:03:ea:7b:57:0f:23:4c:ef:
0e:e1:c1:69:38:bc:77:d4:99:cb:58:a4:0e:a8:f8:95:a1:8a:
6f:58:06:3c:5f:7b:9d:ff:43:d3:bd:46:1d:54:bd:65:b5:62:
ac:e5:f0:4a:3e:d0:47:f6:68:a4:dc:4b:3e:17:7a:f0:15:32:
d7:6f:44:17:00:66:c5:9b:b1:4b:db:61:e0:2a:03:1e:9e:0f:
ab:40:bf:e4:48:9b:eb:71:f9:53:99:01:61:3f:b1:61:66:00:
a1:9e:40:bf
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgISAZ4EA3suO4uk+Ua/Bf+EAzhGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjYwNTA3MTk1NjM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWZhNDM5YzFmMTQwMTZiYzE0MGE2ZjVjMTVjODBiYWVhYzg0YmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsqfasw7oXeIYWwJ+xMz2u5XbmtHp
UR2OwYIa613NG3oE+TNDn0uy79EJgkXHjg8IqjbZbFphMUy7TTXZVRHGLV04/00E
MLEL0HmbmN4bwjIR8sbWP/kHrLLQgl8ziBzFqtdOHGCT7T4YgyS5Z6F9o9TI82TX
UX8jP1885nEh12Y1AQQrEpk6qREFG3/Ky6YOFGR9jDH0ifxK813aiTGxOgA7PNL/
A2Sz6oUmjNE3PiG+AAJkqDN8+6J4LyGUbfLYA8yvo8Ul+tVSHbUc/vF0rPD6zvLr
PFN4jeHnvFpPNw6DNcv0yg3H0S1dkO4j7867xix4TFPwGJlg0RAFMBukxQIDAQAB
o4ICpjCCAqIwHQYDVR0OBBYEFK76Q5wfFAFrwUCm9cFcgLrqyEvIMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvcnZwRG5COFVBV3ZCUUtiMXdWeUF1dXJJUzhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG7BggrBgEFBQcBBwEB/wSBqzCBqDCBpQQCAAEwgZ4DBAAC
OzADBAAf3vADBAAf3vMDBAAl3VADBAAtCxYDBAAtDt0DBAAtWUQDBAAtWUcDBAIt
k6gDBABbvNwDBABenrwwDAMEALA4IwMEALA4JAMEALB8IgMEALnUcAMEALnqCAME
AMHJcgMEAMIg8AMEAMNFlAMEAMNFlgMEAMNglgMEAMPhYAMEANQSZAMEANQSegME
ANQ0BAMEANVtzjANBgkqhkiG9w0BAQsFAAOCAQEARYg03+iJdEKG6V3OA41GVU3t
1ABu214djsRBzv8HsLgp+m2G2meWaFGvNPXBf+sKV0dYNdCs9pRWh0lBEgDsAMTU
FI4ZsthIXICIT4dejgHBS/7qXDlBvDr7HgtkOyBe6OLCsNpPTZj4bDxO1jCMVuFP
LBvMwK5bXULJXRV8tf6kfx+aRQcQzzId4/BMJUaIxyPTF7Y65pL8WQPqe1cPI0zv
DuHBaTi8d9SZy1ikDqj4laGKb1gGPF97nf9D071GHVS9ZbVirOXwSj7QR/ZopNxL
Phd68BUy129EFwBmxZuxS9th4CoDHp4Pq0C/5Eib63H5U5kBYT+xYWYAoZ5Avw==
-----END CERTIFICATE-----
Generated at Sat May 9 17:48:18 2026 by rpki-client