Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/cN_2pK3XYNnfOwG6JiwpIw0L7SQ.roa
File: cN_2pK3XYNnfOwG6JiwpIw0L7SQ.roa (raw, json)
Hash identifier: mr+1spDCnrSUOlyIeOL9tgcF2fQFhq0OF3omHEclXeA=
Subject key identifier: 70:DF:F6:A4:AD:D7:60:D9:DF:3B:01:BA:26:2C:29:23:0D:0B:ED:24
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 019E4F65DF684B783376E6C2F4E1143BF2BF
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/cN_2pK3XYNnfOwG6JiwpIw0L7SQ.roa
Signing time: Fri 22 May 2026 11:15:36 +0000
ROA not before: Fri 22 May 2026 11:15:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 44547
IP address blocks: 31.210.42.0/24 maxlen: 24
31.210.55.0/24 maxlen: 24
78.135.82.0/24 maxlen: 24
78.135.83.0/24 maxlen: 24
188.132.128.0/24 maxlen: 24
188.132.168.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.mft
rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 05 Jun 2026 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:4f:65:df:68:4b:78:33:76:e6:c2:f4:e1:14:3b:f2:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: May 22 11:15:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=70dff6a4add760d9df3b01ba262c29230d0bed24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:37:51:b7:c1:a6:72:74:fb:1f:d1:02:67:5d:
30:27:fe:cc:9e:2a:6d:13:fb:17:b2:66:f9:fb:02:
72:97:96:96:d8:60:47:ca:0b:1d:af:69:29:12:50:
49:92:d7:ac:10:16:4e:55:66:62:30:e2:3c:d0:5f:
e4:5b:93:53:c0:73:73:c2:b2:c7:55:d9:1f:54:1c:
52:bd:0b:7e:f4:9c:94:f7:67:e9:f9:94:84:48:aa:
d6:4e:c5:ad:59:07:35:8b:b5:12:6e:ae:db:6f:e4:
ba:06:20:a9:87:33:6f:cc:1f:ea:49:c1:09:ab:d4:
cf:03:6b:c7:43:57:0b:47:b4:9d:8e:15:1d:83:65:
4b:87:ca:aa:d2:a5:60:41:66:16:00:95:fc:77:aa:
c5:b8:96:e4:07:2d:e4:fb:ae:c0:f2:84:b9:b3:ed:
09:37:dd:6e:ce:dc:2f:83:ea:d3:fa:7a:43:c1:c2:
9e:62:8a:8d:78:bf:16:28:d3:c9:55:df:70:9a:ac:
85:55:fc:57:4e:06:79:d6:a4:2a:e6:69:76:9e:4e:
bd:82:df:ed:36:d5:18:b3:bb:56:56:af:c9:2a:d8:
e1:12:62:b8:6c:d2:11:5a:d0:43:d1:f3:04:2c:0e:
d6:34:b0:f2:cf:73:c3:ce:c0:99:b0:3b:26:14:1b:
b1:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:DF:F6:A4:AD:D7:60:D9:DF:3B:01:BA:26:2C:29:23:0D:0B:ED:24
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/cN_2pK3XYNnfOwG6JiwpIw0L7SQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.42.0/24
31.210.55.0/24
78.135.82.0/23
188.132.128.0/24
188.132.168.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:65:58:ef:cb:c7:97:27:80:c5:21:25:98:af:da:ee:0a:1a:
74:ce:a6:53:e8:c2:ae:fd:83:d8:b2:68:8f:92:38:90:0c:71:
8a:11:e6:20:8f:0e:f5:b7:b7:48:60:7e:f0:e0:bb:ef:09:02:
0d:8e:c6:78:2d:99:a5:9d:06:9f:74:a9:94:c5:44:fb:39:b8:
77:87:8e:80:c6:55:8d:22:a2:17:f4:bb:3d:1d:2c:ec:06:60:
cf:64:09:6a:5f:3c:01:14:04:a3:e9:02:36:b2:5b:8b:7f:f8:
ab:68:7e:f1:16:f6:30:bd:83:1f:55:7e:d2:88:bc:2e:73:60:
b2:90:65:24:d9:ea:d6:17:ba:0b:95:d3:b1:61:50:52:6c:0c:
b9:10:f8:d5:1d:e8:b7:9a:5d:d3:42:c4:d7:c9:d1:01:cf:54:
ce:6e:42:c5:37:3f:8f:6d:13:9c:c4:91:da:56:aa:20:ff:3d:
2d:81:00:d0:77:3f:93:7a:b2:df:7b:6e:5b:a0:43:5f:2b:32:
df:c3:40:9f:a2:5b:aa:bb:6b:d3:3e:52:b6:76:40:f6:a3:38:
f1:d3:eb:b7:3b:b8:dd:b9:a6:c6:c3:cc:96:9e:20:8c:d7:1f:
5e:31:cf:d6:74:13:57:c4:11:b2:bb:72:b8:4e:f9:7b:c8:0f:
2e:08:1d:ab
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZ5PZd9oS3gzdubC9OEUO/K/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjYwNTIyMTExNTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGRmZjZhNGFkZDc2MGQ5ZGYzYjAxYmEyNjJjMjkyMzBkMGJlZDI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsDdRt8GmcnT7H9ECZ10wJ/7Mnipt
E/sXsmb5+wJyl5aW2GBHygsdr2kpElBJktesEBZOVWZiMOI80F/kW5NTwHNzwrLH
VdkfVBxSvQt+9JyU92fp+ZSESKrWTsWtWQc1i7USbq7bb+S6BiCphzNvzB/qScEJ
q9TPA2vHQ1cLR7SdjhUdg2VLh8qq0qVgQWYWAJX8d6rFuJbkBy3k+67A8oS5s+0J
N91uztwvg+rT+npDwcKeYoqNeL8WKNPJVd9wmqyFVfxXTgZ51qQq5ml2nk69gt/t
NtUYs7tWVq/JKtjhEmK4bNIRWtBD0fMELA7WNLDyz3PDzsCZsDsmFBuxywIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHDf9qSt12DZ3zsBuiYsKSMNC+0kMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvY05fMnBLM1hZTm5mT3dHNkppd3BJdzBMN1NRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAH9IqAwQA
H9I3AwQBTodSAwQAvISAAwQAvISoMA0GCSqGSIb3DQEBCwUAA4IBAQAKZVjvy8eX
J4DFISWYr9ruChp0zqZT6MKu/YPYsmiPkjiQDHGKEeYgjw71t7dIYH7w4LvvCQIN
jsZ4LZmlnQafdKmUxUT7Obh3h46AxlWNIqIX9Ls9HSzsBmDPZAlqXzwBFASj6QI2
sluLf/iraH7xFvYwvYMfVX7SiLwuc2CykGUk2erWF7oLldOxYVBSbAy5EPjVHei3
ml3TQsTXydEBz1TObkLFNz+PbROcxJHaVqog/z0tgQDQdz+TerLfe25boENfKzLf
w0Cfoluqu2vTPlK2dkD2ozjx0+u3O7jduabGw8yWniCM1x9eMc/WdBNXxBGyu3K4
Tvl7yA8uCB2r
-----END CERTIFICATE-----
Generated at Thu Jun 4 19:02:49 2026 by rpki-client