Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/t_OuFx9bNfldLaBmeTvfVud6p64.roa
File: t_OuFx9bNfldLaBmeTvfVud6p64.roa (raw, json)
Hash identifier: 2BjtGI/Gis6D6TJY/gQyjzGVRU8J6sEuT+SYA6voCgc=
Subject key identifier: B7:F3:AE:17:1F:5B:35:F9:5D:2D:A0:66:79:3B:DF:56:E7:7A:A7:AE
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 019D2C250A2A1406F99F5C1D4AE6D214CA6F
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/t_OuFx9bNfldLaBmeTvfVud6p64.roa
Signing time: Thu 26 Mar 2026 21:55:18 +0000
ROA not before: Thu 26 Mar 2026 21:55:18 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 12722
IP address blocks: 2.59.48.0/24 maxlen: 24
31.222.240.0/24 maxlen: 24
31.222.243.0/24 maxlen: 24
31.222.250.0/24 maxlen: 24
37.221.80.0/24 maxlen: 24
45.11.22.0/24 maxlen: 24
45.14.220.0/24 maxlen: 24
45.14.221.0/24 maxlen: 24
45.80.120.0/22 maxlen: 22
45.89.68.0/24 maxlen: 24
45.89.71.0/24 maxlen: 24
91.188.220.0/24 maxlen: 24
94.158.188.0/24 maxlen: 24
176.56.35.0/24 maxlen: 24
176.56.36.0/24 maxlen: 24
176.124.34.0/24 maxlen: 24
185.212.112.0/24 maxlen: 24
185.234.8.0/24 maxlen: 24
193.201.114.0/24 maxlen: 24
194.32.240.0/24 maxlen: 24
195.69.148.0/24 maxlen: 24
195.69.150.0/24 maxlen: 24
195.225.96.0/24 maxlen: 24
213.109.206.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.mft
rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2c:25:0a:2a:14:06:f9:9f:5c:1d:4a:e6:d2:14:ca:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Mar 26 21:55:18 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b7f3ae171f5b35f95d2da066793bdf56e77aa7ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:85:3e:72:dc:9f:f8:25:5d:5f:87:c0:53:ea:
f1:ae:41:73:e0:6c:0c:5a:15:e7:9d:52:d0:6c:74:
31:df:fb:a1:79:3a:cb:2c:d3:e9:3a:3c:1b:a1:47:
3f:1f:19:6d:51:2f:6d:0e:44:8e:ed:62:ed:ec:5f:
43:05:bc:9d:1b:bd:24:0a:08:aa:73:89:cd:14:4e:
cc:8a:0b:4f:10:3e:81:29:7c:c4:61:d8:c4:c4:bc:
4a:a0:da:46:3e:70:72:e7:66:d9:be:45:2d:9a:2b:
e2:22:1d:8d:53:73:99:c2:34:9c:2f:13:fb:ff:79:
67:92:03:32:52:8a:a0:65:a7:91:13:ff:91:71:59:
6b:67:ca:80:3a:f6:e6:3b:d2:ca:68:d6:e3:c8:4f:
28:3a:94:26:34:f6:8c:78:8f:ac:71:f6:14:1d:61:
20:90:e5:35:b9:d0:55:90:64:b4:cb:cd:e3:60:b5:
a9:1c:27:0b:0c:36:69:20:43:9a:7b:e8:74:bb:7e:
ff:01:bd:0f:3d:31:4a:e9:3c:cc:bc:6d:c2:cb:08:
76:3e:97:fe:f4:2f:a3:2d:46:a9:ce:41:64:3a:ef:
b2:e2:0e:e7:6b:5c:9e:63:52:e0:53:11:f5:ca:99:
ed:1e:0a:53:2c:69:3d:c6:0f:4e:60:8d:3f:7a:6f:
06:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:F3:AE:17:1F:5B:35:F9:5D:2D:A0:66:79:3B:DF:56:E7:7A:A7:AE
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/t_OuFx9bNfldLaBmeTvfVud6p64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.48.0/24
31.222.240.0/24
31.222.243.0/24
31.222.250.0/24
37.221.80.0/24
45.11.22.0/24
45.14.220.0/23
45.80.120.0/22
45.89.68.0/24
45.89.71.0/24
91.188.220.0/24
94.158.188.0/24
176.56.35.0-176.56.36.255
176.124.34.0/24
185.212.112.0/24
185.234.8.0/24
193.201.114.0/24
194.32.240.0/24
195.69.148.0/24
195.69.150.0/24
195.225.96.0/24
213.109.206.0/24
Signature Algorithm: sha256WithRSAEncryption
06:cb:70:0d:0c:df:85:8b:10:f3:1a:df:f6:83:a6:07:a9:33:
35:63:42:a4:6f:e0:f3:95:81:f0:3b:69:f1:02:8f:e2:c2:b4:
8c:7b:16:4d:08:4c:ab:34:fb:5e:a3:7e:d1:67:17:59:a6:52:
a1:a8:a0:31:d0:0c:c7:58:0d:53:c7:a0:71:6f:04:da:a5:f0:
50:86:a7:4e:22:db:7d:ad:d2:fc:93:86:b1:91:bb:33:d9:89:
c2:94:ab:9b:fb:dc:cc:68:7d:2c:6a:68:d1:6a:db:90:a5:55:
7f:60:ad:7d:c1:d4:85:6c:b6:92:65:d2:bd:a6:dc:c3:df:cc:
d6:48:17:fa:f1:6a:5f:7a:69:62:91:33:bb:30:1f:66:4b:32:
c7:e2:3f:66:30:c1:d6:02:37:70:ab:50:08:23:4b:70:2f:f1:
c7:2c:ab:60:06:bd:c9:fd:63:03:6b:eb:0a:00:41:2d:52:dc:
02:5f:ce:88:09:df:01:3b:e7:ea:ae:3a:85:0d:bd:28:0e:a4:
ad:cc:52:42:14:24:64:b3:be:84:51:0b:97:08:68:59:de:8d:
14:45:0e:70:f1:45:77:a3:8b:81:31:f7:5b:66:95:33:c5:37:
a9:db:8c:2f:5e:01:2e:87:49:ae:4c:31:e4:28:82:50:f3:2e:
f0:f1:b6:c0
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgISAZ0sJQoqFAb5n1wdSubSFMpvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjYwMzI2MjE1NTE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2YzYWUxNzFmNWIzNWY5NWQyZGEwNjY3OTNiZGY1NmU3N2FhN2FlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0YU+ctyf+CVdX4fAU+rxrkFz4GwM
WhXnnVLQbHQx3/uheTrLLNPpOjwboUc/HxltUS9tDkSO7WLt7F9DBbydG70kCgiq
c4nNFE7MigtPED6BKXzEYdjExLxKoNpGPnBy52bZvkUtmiviIh2NU3OZwjScLxP7
/3lnkgMyUoqgZaeRE/+RcVlrZ8qAOvbmO9LKaNbjyE8oOpQmNPaMeI+scfYUHWEg
kOU1udBVkGS0y83jYLWpHCcLDDZpIEOae+h0u37/Ab0PPTFK6TzMvG3Cywh2Ppf+
9C+jLUapzkFkOu+y4g7na1yeY1LgUxH1ypntHgpTLGk9xg9OYI0/em8GCwIDAQAB
o4IClDCCApAwHQYDVR0OBBYEFLfzrhcfWzX5XS2gZnk731bneqeuMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvdF9PdUZ4OWJOZmxkTGFCbWVUdmZWdWQ2cDY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljCBkwQCAAEwgYwDBAAC
OzADBAAf3vADBAAf3vMDBAAf3voDBAAl3VADBAAtCxYDBAEtDtwDBAItUHgDBAAt
WUQDBAAtWUcDBABbvNwDBABenrwwDAMEALA4IwMEALA4JAMEALB8IgMEALnUcAME
ALnqCAMEAMHJcgMEAMIg8AMEAMNFlAMEAMNFlgMEAMPhYAMEANVtzjANBgkqhkiG
9w0BAQsFAAOCAQEABstwDQzfhYsQ8xrf9oOmB6kzNWNCpG/g85WB8Dtp8QKP4sK0
jHsWTQhMqzT7XqN+0WcXWaZSoaigMdAMx1gNU8egcW8E2qXwUIanTiLbfa3S/JOG
sZG7M9mJwpSrm/vczGh9LGpo0WrbkKVVf2CtfcHUhWy2kmXSvabcw9/M1kgX+vFq
X3ppYpEzuzAfZksyx+I/ZjDB1gI3cKtQCCNLcC/xxyyrYAa9yf1jA2vrCgBBLVLc
Al/OiAnfATvn6q46hQ29KA6krcxSQhQkZLO+hFELlwhoWd6NFEUOcPFFd6OLgTH3
W2aVM8U3qduML14BLodJrkwx5CiCUPMu8PG2wA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 08:54:26 2026 by rpki-client