Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/bk63SnoD0XmRKgezVX_1ZlBe1Xc.roa
File: bk63SnoD0XmRKgezVX_1ZlBe1Xc.roa (raw, json)
Hash identifier: 4X8Zl9xAcbJpKFSJFscxowDkPN7bnsZtV08o9on740E=
Subject key identifier: 6E:4E:B7:4A:7A:03:D1:79:91:2A:07:B3:55:7F:F5:66:50:5E:D5:77
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 019E5E868EC66F6EBA138307DF3B4D98CB28
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/bk63SnoD0XmRKgezVX_1ZlBe1Xc.roa
Signing time: Mon 25 May 2026 09:45:37 +0000
ROA not before: Mon 25 May 2026 09:45:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 198961
IP address blocks: 37.221.176.0/24 maxlen: 24
37.221.177.0/24 maxlen: 24
37.221.178.0/24 maxlen: 24
37.221.179.0/24 maxlen: 24
37.221.181.0/24 maxlen: 24
37.221.182.0/24 maxlen: 24
37.221.183.0/24 maxlen: 24
77.105.15.0/24 maxlen: 24
79.175.85.0/24 maxlen: 24
188.255.131.0/24 maxlen: 24
188.255.132.0/24 maxlen: 24
188.255.237.0/24 maxlen: 24
212.69.22.0/23 maxlen: 23
212.69.24.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.mft
rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:5e:86:8e:c6:6f:6e:ba:13:83:07:df:3b:4d:98:cb:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: May 25 09:45:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6e4eb74a7a03d179912a07b3557ff566505ed577
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:e5:7e:d1:ab:86:95:40:88:6b:75:8b:f7:54:
1d:9f:e8:08:b7:ef:23:4e:cd:95:22:b0:f6:11:11:
b9:93:21:9d:c8:da:ec:f6:a4:92:8b:6b:05:f1:05:
de:db:43:25:5e:ea:ff:e5:ea:5a:3c:fc:c3:95:d3:
f7:a8:38:3b:8d:d1:02:c0:e3:92:38:ad:61:da:15:
45:a0:9b:44:c1:7a:38:c4:da:b1:7e:ad:59:e2:cc:
ff:84:49:27:a9:82:9a:68:05:d8:bf:d6:29:7e:77:
de:84:00:d7:e6:4f:b3:e0:31:e2:bb:52:bb:f0:c3:
bb:7e:b2:17:28:51:30:d1:30:09:90:46:75:35:4f:
48:1c:fd:f3:62:66:c1:77:61:db:34:3a:e3:cf:3b:
3f:fe:b0:b3:28:fa:49:03:fa:79:a7:7b:76:a8:07:
44:6b:10:14:ce:3d:3d:b7:25:f4:57:22:1a:16:d8:
92:82:33:40:d1:3d:62:5b:3c:f7:01:ee:db:1d:b8:
ec:ac:16:f4:ae:5f:78:57:d3:2c:07:f7:53:9a:22:
6e:ac:09:5b:17:26:24:f4:90:ce:b9:d8:6f:a7:63:
35:56:9f:a4:d4:7c:f5:ce:dd:af:82:de:f7:e1:17:
96:14:68:14:b7:0c:83:16:6b:95:93:57:83:4d:2d:
ba:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:4E:B7:4A:7A:03:D1:79:91:2A:07:B3:55:7F:F5:66:50:5E:D5:77
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/bk63SnoD0XmRKgezVX_1ZlBe1Xc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.176.0/22
37.221.181.0-37.221.183.255
77.105.15.0/24
79.175.85.0/24
188.255.131.0-188.255.132.255
188.255.237.0/24
212.69.22.0-212.69.27.255
Signature Algorithm: sha256WithRSAEncryption
5a:83:42:09:7b:42:97:26:dd:82:15:f9:4d:56:4c:77:11:b8:
54:1f:0e:22:1e:53:e4:f8:60:30:22:99:6e:d9:7b:64:48:e1:
a8:d9:ba:dc:2a:06:4d:56:f5:10:e9:dc:a7:bc:11:42:26:5f:
c1:4e:79:80:00:40:d9:07:08:de:d1:ab:da:0b:2d:56:ec:f7:
9d:59:e2:29:c7:54:07:20:a9:9c:c1:7a:8d:a8:7a:76:6c:90:
68:d9:53:45:8f:2b:30:9a:e5:50:de:76:71:ef:b6:37:35:26:
86:aa:b1:54:57:78:40:99:10:a4:a2:10:89:32:48:bc:ae:5b:
35:a5:c6:a4:2d:af:06:b7:cc:4a:4e:6d:26:bc:71:46:26:f4:
62:6d:b3:0a:8a:59:34:47:12:9f:23:14:13:64:e7:f9:a5:ce:
ce:a0:94:69:b4:26:46:2e:28:01:8f:42:74:99:87:72:65:dd:
67:d1:bb:33:1f:eb:d0:f1:f4:7f:d7:14:47:52:98:6a:4d:b8:
17:1f:db:7d:5f:02:5a:9c:29:00:83:17:3c:89:71:08:7e:8c:
22:0f:f2:0a:88:43:86:ad:fc:2f:d6:a9:ae:18:c6:e0:d6:6b:
d4:67:2c:a8:be:d6:5b:ef:49:5a:7c:3e:20:cf:34:f8:71:ee:
8e:a2:e9:a0
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZ5eho7Gb266E4MH3ztNmMsoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjYwNTI1MDk0NTM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTRlYjc0YTdhMDNkMTc5OTEyYTA3YjM1NTdmZjU2NjUwNWVkNTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3uV+0auGlUCIa3WL91Qdn+gIt+8j
Ts2VIrD2ERG5kyGdyNrs9qSSi2sF8QXe20MlXur/5epaPPzDldP3qDg7jdECwOOS
OK1h2hVFoJtEwXo4xNqxfq1Z4sz/hEknqYKaaAXYv9YpfnfehADX5k+z4DHiu1K7
8MO7frIXKFEw0TAJkEZ1NU9IHP3zYmbBd2HbNDrjzzs//rCzKPpJA/p5p3t2qAdE
axAUzj09tyX0VyIaFtiSgjNA0T1iWzz3Ae7bHbjsrBb0rl94V9MsB/dTmiJurAlb
FyYk9JDOudhvp2M1Vp+k1Hz1zt2vgt734ReWFGgUtwyDFmuVk1eDTS26gQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFG5Ot0p6A9F5kSoHs1V/9WZQXtV3MB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvYms2M1Nub0QwWG1SS2dlelZYXzFabEJlMVhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQCJd2wMAwD
BAAl3bUDBAMl3bADBABNaQ8DBABPr1UwDAMEALz/gwMEALz/hAMEALz/7TAMAwQB
1EUWAwQC1EUYMA0GCSqGSIb3DQEBCwUAA4IBAQBag0IJe0KXJt2CFflNVkx3EbhU
Hw4iHlPk+GAwIplu2XtkSOGo2brcKgZNVvUQ6dynvBFCJl/BTnmAAEDZBwje0ava
Cy1W7PedWeIpx1QHIKmcwXqNqHp2bJBo2VNFjyswmuVQ3nZx77Y3NSaGqrFUV3hA
mRCkohCJMki8rls1pcakLa8Gt8xKTm0mvHFGJvRibbMKilk0RxKfIxQTZOf5pc7O
oJRptCZGLigBj0J0mYdyZd1n0bszH+vQ8fR/1xRHUphqTbgXH9t9XwJanCkAgxc8
iXEIfowiD/IKiEOGrfwv1qmuGMbg1mvUZyyovtZb70lafD4gzzT4ce6Ooumg
-----END CERTIFICATE-----
Generated at Thu Jun 4 05:16:56 2026 by rpki-client