Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/y_PilV-NWw2I30kpet9EDKee7k4.roa
File: y_PilV-NWw2I30kpet9EDKee7k4.roa (raw, json)
Hash identifier: 4yPwbAwTeHTxr4Q+lbBtbuu3XsI/JfECrlEzT/dFXDU=
Subject key identifier: CB:F3:E2:95:5F:8D:5B:0D:88:DF:49:29:7A:DF:44:0C:A7:9E:EE:4E
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 019D4EA9D56ECE4D7C6408F20D01646B1823
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/y_PilV-NWw2I30kpet9EDKee7k4.roa
Signing time: Thu 02 Apr 2026 14:47:26 +0000
ROA not before: Thu 02 Apr 2026 14:47:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 44559
IP address blocks: 31.222.248.0/24 maxlen: 24
45.142.39.0/24 maxlen: 24
157.22.0.0/24 maxlen: 24
157.22.1.0/24 maxlen: 24
157.22.2.0/24 maxlen: 24
157.22.3.0/24 maxlen: 24
157.22.4.0/24 maxlen: 24
157.22.5.0/24 maxlen: 24
157.22.6.0/24 maxlen: 24
157.22.7.0/24 maxlen: 24
157.22.8.0/24 maxlen: 24
157.22.9.0/24 maxlen: 24
157.22.10.0/24 maxlen: 24
157.22.11.0/24 maxlen: 24
157.22.12.0/24 maxlen: 24
157.22.13.0/24 maxlen: 24
157.22.14.0/24 maxlen: 24
157.22.15.0/24 maxlen: 24
157.22.20.0/24 maxlen: 24
157.22.21.0/24 maxlen: 24
157.22.22.0/24 maxlen: 24
157.22.23.0/24 maxlen: 24
157.22.24.0/24 maxlen: 24
157.22.25.0/24 maxlen: 24
157.22.26.0/24 maxlen: 24
157.22.27.0/24 maxlen: 24
157.22.28.0/24 maxlen: 24
157.22.29.0/24 maxlen: 24
157.22.30.0/24 maxlen: 24
157.22.31.0/24 maxlen: 24
157.22.32.0/24 maxlen: 24
157.22.33.0/24 maxlen: 24
157.22.34.0/24 maxlen: 24
157.22.35.0/24 maxlen: 24
157.22.36.0/24 maxlen: 24
157.22.37.0/24 maxlen: 24
157.22.38.0/24 maxlen: 24
157.22.39.0/24 maxlen: 24
157.22.40.0/24 maxlen: 24
157.22.42.0/24 maxlen: 24
157.22.43.0/24 maxlen: 24
157.22.48.0/24 maxlen: 24
157.22.49.0/24 maxlen: 24
157.22.51.0/24 maxlen: 24
157.22.52.0/24 maxlen: 24
157.22.53.0/24 maxlen: 24
157.22.54.0/24 maxlen: 24
157.22.55.0/24 maxlen: 24
157.22.56.0/24 maxlen: 24
157.22.57.0/24 maxlen: 24
157.22.59.0/24 maxlen: 24
157.22.60.0/24 maxlen: 24
157.22.61.0/24 maxlen: 24
157.22.62.0/24 maxlen: 24
157.22.63.0/24 maxlen: 24
157.22.64.0/24 maxlen: 24
157.22.66.0/24 maxlen: 24
157.22.67.0/24 maxlen: 24
157.22.68.0/24 maxlen: 24
157.22.69.0/24 maxlen: 24
157.22.70.0/24 maxlen: 24
157.22.71.0/24 maxlen: 24
157.22.76.0/24 maxlen: 24
157.22.77.0/24 maxlen: 24
157.22.78.0/24 maxlen: 24
157.22.79.0/24 maxlen: 24
157.22.80.0/24 maxlen: 24
157.22.81.0/24 maxlen: 24
157.22.82.0/24 maxlen: 24
157.22.83.0/24 maxlen: 24
157.22.84.0/24 maxlen: 24
157.22.85.0/24 maxlen: 24
157.22.86.0/24 maxlen: 24
157.22.87.0/24 maxlen: 24
157.22.88.0/24 maxlen: 24
157.22.89.0/24 maxlen: 24
157.22.90.0/24 maxlen: 24
157.22.91.0/24 maxlen: 24
157.22.92.0/24 maxlen: 24
157.22.93.0/24 maxlen: 24
157.22.94.0/24 maxlen: 24
157.22.95.0/24 maxlen: 24
157.22.96.0/24 maxlen: 24
157.22.98.0/24 maxlen: 24
157.22.99.0/24 maxlen: 24
157.22.104.0/24 maxlen: 24
157.22.105.0/24 maxlen: 24
157.22.107.0/24 maxlen: 24
157.22.108.0/24 maxlen: 24
157.22.109.0/24 maxlen: 24
157.22.110.0/24 maxlen: 24
157.22.111.0/24 maxlen: 24
157.22.112.0/24 maxlen: 24
157.22.113.0/24 maxlen: 24
157.22.114.0/24 maxlen: 24
157.22.115.0/24 maxlen: 24
157.22.117.0/24 maxlen: 24
157.22.118.0/24 maxlen: 24
157.22.120.0/24 maxlen: 24
157.22.121.0/24 maxlen: 24
157.22.122.0/24 maxlen: 24
157.22.123.0/24 maxlen: 24
176.56.37.0/24 maxlen: 24
178.212.143.0/24 maxlen: 24
185.46.175.0/24 maxlen: 24
185.92.211.0/24 maxlen: 24
185.161.79.0/24 maxlen: 24
193.33.66.0/24 maxlen: 24
193.56.29.0/24 maxlen: 24
194.32.238.0/24 maxlen: 24
194.32.239.0/24 maxlen: 24
194.56.180.0/24 maxlen: 24
195.64.110.0/24 maxlen: 24
195.96.146.0/24 maxlen: 24
212.18.103.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.mft
rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 Apr 2026 20:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:4e:a9:d5:6e:ce:4d:7c:64:08:f2:0d:01:64:6b:18:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Apr 2 14:47:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=cbf3e2955f8d5b0d88df49297adf440ca79eee4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:82:84:e3:43:a2:a6:45:91:45:5b:83:f1:45:
a9:53:1a:d1:7e:fe:d6:f9:8f:ac:83:c8:3f:88:22:
1d:ea:cb:c3:4e:d3:75:77:c4:24:b9:18:a5:97:a9:
a3:25:10:7d:98:e7:f1:7f:7c:97:c1:6a:c8:a8:05:
df:12:c6:01:b0:5c:56:97:96:d1:50:1b:bb:ee:77:
0d:bb:33:92:4c:33:e0:56:b9:7d:31:37:03:fc:9f:
2e:bb:88:5b:ec:e7:54:d2:a4:05:ed:70:62:5c:02:
5b:1a:70:09:32:1a:99:f3:a4:69:78:fc:07:bd:e7:
2f:33:a1:75:c2:b3:75:24:25:90:93:70:67:f7:9c:
83:9e:b0:c1:77:ee:bb:b2:b4:31:95:88:76:65:20:
2b:94:90:20:76:99:07:b9:1f:c6:b4:b8:c5:87:6f:
b2:dd:da:57:78:ab:cb:a3:c6:1a:4f:43:8e:2b:65:
3b:f5:1c:fa:a3:63:bd:f9:56:54:28:be:76:b2:30:
94:e4:87:31:0e:fe:f0:89:40:b7:38:2f:fe:35:26:
78:3f:fc:a1:05:21:86:d9:47:77:93:d3:a4:c3:70:
3d:d2:9b:25:24:e1:5d:45:9f:34:1e:43:84:7a:22:
2b:69:be:15:fb:18:7d:a0:40:b2:e3:94:91:d6:6f:
c9:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:F3:E2:95:5F:8D:5B:0D:88:DF:49:29:7A:DF:44:0C:A7:9E:EE:4E
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/y_PilV-NWw2I30kpet9EDKee7k4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.222.248.0/24
45.142.39.0/24
157.22.0.0/20
157.22.20.0-157.22.40.255
157.22.42.0/23
157.22.48.0/23
157.22.51.0-157.22.57.255
157.22.59.0-157.22.64.255
157.22.66.0-157.22.71.255
157.22.76.0-157.22.96.255
157.22.98.0/23
157.22.104.0/23
157.22.107.0-157.22.115.255
157.22.117.0-157.22.118.255
157.22.120.0/22
176.56.37.0/24
178.212.143.0/24
185.46.175.0/24
185.92.211.0/24
185.161.79.0/24
193.33.66.0/24
193.56.29.0/24
194.32.238.0/23
194.56.180.0/24
195.64.110.0/24
195.96.146.0/24
212.18.103.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:f4:82:ed:e2:b0:f0:61:61:c7:e0:72:94:21:eb:fc:b5:6f:
7e:d2:05:16:83:ce:58:98:db:c1:fb:88:7e:39:70:3c:88:d1:
4e:17:86:8d:2d:19:6e:e7:f7:15:21:86:f5:b1:c1:1b:1e:0b:
e5:7a:50:32:ca:24:8a:4e:57:93:6e:51:e4:7b:8b:bb:65:31:
ff:95:be:71:5d:94:68:35:57:4c:db:87:0f:8f:8a:08:5b:e7:
5e:6f:f4:78:5f:09:a8:d7:aa:6b:69:2a:b6:82:a1:72:ea:e0:
64:d1:85:95:b5:c5:61:e8:c2:3b:10:3d:71:e0:c3:3a:fc:0c:
de:fe:9d:56:1b:78:f4:e5:01:55:7d:ed:c7:d4:39:53:a0:3b:
1d:9f:19:f8:00:34:b8:49:43:c7:d2:ce:73:97:cd:bc:ca:21:
3e:08:33:59:35:a0:7c:22:d4:32:b8:2f:b4:8b:39:55:d8:37:
a1:f3:32:4d:fa:48:ae:37:c1:4d:4e:dd:a7:9a:ee:ee:2c:ee:
91:6f:ce:a2:28:fb:c2:ae:fc:62:38:8e:23:40:70:f0:2a:98:
00:10:c9:79:5c:79:c2:cf:82:85:b2:e6:dd:50:23:2d:cd:04:
ad:f3:10:df:eb:75:24:2b:f9:79:60:fa:f6:66:71:5c:47:72:
45:92:c7:f6
-----BEGIN CERTIFICATE-----
MIIF1jCCBL6gAwIBAgISAZ1OqdVuzk18ZAjyDQFkaxgjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjYwNDAyMTQ0NzI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmYzZTI5NTVmOGQ1YjBkODhkZjQ5Mjk3YWRmNDQwY2E3OWVlZTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnYKE40OipkWRRVuD8UWpUxrRfv7W
+Y+sg8g/iCId6svDTtN1d8QkuRill6mjJRB9mOfxf3yXwWrIqAXfEsYBsFxWl5bR
UBu77ncNuzOSTDPgVrl9MTcD/J8uu4hb7OdU0qQF7XBiXAJbGnAJMhqZ86RpePwH
vecvM6F1wrN1JCWQk3Bn95yDnrDBd+67srQxlYh2ZSArlJAgdpkHuR/GtLjFh2+y
3dpXeKvLo8YaT0OOK2U79Rz6o2O9+VZUKL52sjCU5IcxDv7wiUC3OC/+NSZ4P/yh
BSGG2Ud3k9Okw3A90pslJOFdRZ80HkOEeiIrab4V+xh9oECy45SR1m/JfwIDAQAB
o4IC4jCCAt4wHQYDVR0OBBYEFMvz4pVfjVsNiN9JKXrfRAynnu5OMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEveV9QaWxWLU5XdzJJMzBrcGV0OUVES2VlN2s0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH3BggrBgEFBQcBBwEB/wSB5zCB5DCB4QQCAAEwgdoDBAAf
3vgDBAAtjicDBASdFgAwDAMEAp0WFAMEAJ0WKAMEAZ0WKgMEAZ0WMDAMAwQAnRYz
AwQBnRY4MAwDBACdFjsDBACdFkAwDAMEAZ0WQgMEA50WQDAMAwQCnRZMAwQAnRZg
AwQBnRZiAwQBnRZoMAwDBACdFmsDBAKdFnAwDAMEAJ0WdQMEAJ0WdgMEAp0WeAME
ALA4JQMEALLUjwMEALkurwMEALlc0wMEALmhTwMEAMEhQgMEAME4HQMEAcIg7gME
AMI4tAMEAMNAbgMEAMNgkgMEANQSZzANBgkqhkiG9w0BAQsFAAOCAQEAavSC7eKw
8GFhx+BylCHr/LVvftIFFoPOWJjbwfuIfjlwPIjRTheGjS0Zbuf3FSGG9bHBGx4L
5XpQMsokik5Xk25R5HuLu2Ux/5W+cV2UaDVXTNuHD4+KCFvnXm/0eF8JqNeqa2kq
toKhcurgZNGFlbXFYejCOxA9ceDDOvwM3v6dVht49OUBVX3tx9Q5U6A7HZ8Z+AA0
uElDx9LOc5fNvMohPggzWTWgfCLUMrgvtIs5Vdg3ofMyTfpIrjfBTU7dp5ru7izu
kW/Ooij7wq78YjiOI0Bw8CqYABDJeVx5ws+ChbLm3VAjLc0ErfMQ3+t1JCv5eWD6
9mZxXEdyRZLH9g==
-----END CERTIFICATE-----
Generated at Thu Apr 9 06:29:28 2026 by rpki-client