Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/F0FylVqmPAndLCuqSfvRMZbje_I.roa
File: F0FylVqmPAndLCuqSfvRMZbje_I.roa (raw, json)
Hash identifier: 3QpkAFXOGZ4HtA9vtY78cnnFmriuwpZejoCUyGOkRTw=
Subject key identifier: 17:41:72:95:5A:A6:3C:09:DD:2C:2B:AA:49:FB:D1:31:96:E3:7B:F2
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 019E8DED76DA08665126DC75D3D1B6E0A3B9
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/F0FylVqmPAndLCuqSfvRMZbje_I.roa
Signing time: Wed 03 Jun 2026 14:40:10 +0000
ROA not before: Wed 03 Jun 2026 14:40:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 42910
IP address blocks: 31.210.51.0/24 maxlen: 24
77.92.148.0/24 maxlen: 24
78.135.111.0/24 maxlen: 24
188.132.170.0/24 maxlen: 24
188.132.191.0/24 maxlen: 24
188.132.227.0/24 maxlen: 24
212.68.36.0/24 maxlen: 24
212.68.49.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.mft
rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Jun 2026 04:00:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:8d:ed:76:da:08:66:51:26:dc:75:d3:d1:b6:e0:a3:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Jun 3 14:40:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=174172955aa63c09dd2c2baa49fbd13196e37bf2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:a8:9d:a3:4a:41:a7:b6:71:f2:6b:54:9a:90:
cf:fa:cc:3e:f7:87:c4:78:fe:64:b0:2e:20:7e:ee:
91:37:ba:e0:72:ac:dd:26:c7:4c:c6:eb:cf:19:1d:
8a:f5:40:09:ff:22:c2:88:83:0e:a3:ef:d8:6d:e6:
3e:b1:de:0d:4c:f3:d5:f7:a1:2f:b5:de:68:82:10:
e3:20:ac:fe:21:04:4f:be:1b:90:20:e8:40:55:09:
76:d4:0b:ac:52:b4:be:52:f5:c7:10:86:1f:43:34:
fe:3b:b2:5c:09:fe:c5:48:60:f2:40:a7:21:ad:12:
e3:31:f1:58:93:15:b9:14:7c:fa:ab:ca:b6:a9:2d:
0e:3b:e0:d5:71:18:5e:31:82:45:a7:fb:19:65:72:
95:ea:7d:61:9b:57:a2:56:44:89:37:12:ce:35:5e:
41:4d:a8:5c:3e:3c:6d:36:67:6c:2e:ac:8d:e2:31:
2b:db:c8:8b:61:9d:51:16:05:29:11:25:28:bb:c2:
15:7a:61:da:85:3b:04:47:63:f2:b4:be:23:64:7c:
10:0b:fe:9b:85:1c:28:ab:f7:a6:0c:67:f7:f9:96:
a4:bc:cd:d4:96:a4:84:02:f4:7e:23:61:88:51:a5:
aa:af:42:40:c8:be:fa:cc:16:c4:41:2c:da:89:1f:
b5:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:41:72:95:5A:A6:3C:09:DD:2C:2B:AA:49:FB:D1:31:96:E3:7B:F2
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/F0FylVqmPAndLCuqSfvRMZbje_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.51.0/24
77.92.148.0/24
78.135.111.0/24
188.132.170.0/24
188.132.191.0/24
188.132.227.0/24
212.68.36.0/24
212.68.49.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:0b:81:76:3c:18:c3:d7:aa:63:75:60:3d:ca:ef:33:c0:cd:
08:7d:c6:00:0e:4f:10:bf:51:5e:65:eb:3e:41:16:9b:2a:6e:
e4:83:ed:f5:ad:53:8b:81:f2:81:c4:26:3c:44:f6:9b:be:62:
3e:7c:2d:9f:3f:5e:fd:90:57:43:fb:0d:da:c0:02:96:a5:40:
dc:7c:a2:39:8c:88:a6:c9:d9:26:0b:ee:18:33:ff:ad:b1:c3:
78:23:19:f7:6d:8e:e0:59:af:9b:26:8e:7e:43:b2:fc:55:f1:
7f:0f:bb:61:67:5a:d6:33:95:d8:48:49:30:d1:f3:e0:e5:e8:
c7:31:da:d7:ad:15:d8:e7:d5:08:9e:e5:d3:c0:9f:33:f2:fd:
96:33:8f:be:dc:4d:76:32:fb:62:65:b2:ea:ca:b5:27:16:a1:
07:0a:51:54:60:dc:eb:a1:9d:7e:04:f9:22:52:39:36:f4:39:
16:16:71:d7:af:bd:7f:07:66:da:cc:50:fd:20:51:8a:8f:0f:
27:8f:bc:5b:d6:14:1d:1e:68:a7:57:ea:9b:f9:8f:d3:18:42:
c0:16:22:8d:91:5f:b6:a3:18:71:c2:4f:d2:47:8a:09:5d:6d:
5b:a8:d8:84:19:75:f3:7d:bd:68:b0:0c:02:20:4e:a2:03:9a:
67:c1:1f:41
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZ6N7XbaCGZRJtx109G24KO5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjYwNjAzMTQ0MDEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzQxNzI5NTVhYTYzYzA5ZGQyYzJiYWE0OWZiZDEzMTk2ZTM3YmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxaido0pBp7Zx8mtUmpDP+sw+94fE
eP5ksC4gfu6RN7rgcqzdJsdMxuvPGR2K9UAJ/yLCiIMOo+/YbeY+sd4NTPPV96Ev
td5oghDjIKz+IQRPvhuQIOhAVQl21AusUrS+UvXHEIYfQzT+O7JcCf7FSGDyQKch
rRLjMfFYkxW5FHz6q8q2qS0OO+DVcRheMYJFp/sZZXKV6n1hm1eiVkSJNxLONV5B
TahcPjxtNmdsLqyN4jEr28iLYZ1RFgUpESUou8IVemHahTsER2PytL4jZHwQC/6b
hRwoq/emDGf3+ZakvM3UlqSEAvR+I2GIUaWqr0JAyL76zBbEQSzaiR+1WQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFBdBcpVapjwJ3Swrqkn70TGW43vyMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvRjBGeWxWcW1QQW5kTEN1cVNmdlJNWmJqZV9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAH9IzAwQA
TVyUAwQATodvAwQAvISqAwQAvIS/AwQAvITjAwQA1EQkAwQA1EQxMA0GCSqGSIb3
DQEBCwUAA4IBAQA6C4F2PBjD16pjdWA9yu8zwM0IfcYADk8Qv1FeZes+QRabKm7k
g+31rVOLgfKBxCY8RPabvmI+fC2fP179kFdD+w3awAKWpUDcfKI5jIimydkmC+4Y
M/+tscN4Ixn3bY7gWa+bJo5+Q7L8VfF/D7thZ1rWM5XYSEkw0fPg5ejHMdrXrRXY
59UInuXTwJ8z8v2WM4++3E12MvtiZbLqyrUnFqEHClFUYNzroZ1+BPkiUjk29DkW
FnHXr71/B2bazFD9IFGKjw8nj7xb1hQdHminV+qb+Y/TGELAFiKNkV+2oxhxwk/S
R4oJXW1bqNiEGXXzfb1osAwCIE6iA5pnwR9B
-----END CERTIFICATE-----
Generated at Sat Jun 6 13:16:48 2026 by rpki-client