Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/7tK-Y_2zDn6v9bsNxgC2WC7pK58.roa
File: 7tK-Y_2zDn6v9bsNxgC2WC7pK58.roa (raw, json)
Hash identifier: cLZskeRMwGxHkUDQXpA7UBDzbVsdE10cl/owbtiDKLo=
Subject key identifier: EE:D2:BE:63:FD:B3:0E:7E:AF:F5:BB:0D:C6:00:B6:58:2E:E9:2B:9F
Certificate issuer: /CN=c44db8b0983acf97a3255152c2ea592adae7735b
Certificate serial: 019EA70875FF6A59349A4303FD4B8EB3A503
Authority key identifier: C4:4D:B8:B0:98:3A:CF:97:A3:25:51:52:C2:EA:59:2A:DA:E7:73:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xE24sJg6z5ejJVFSwupZKtrnc1s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/7tK-Y_2zDn6v9bsNxgC2WC7pK58.roa
Signing time: Mon 08 Jun 2026 11:40:10 +0000
ROA not before: Mon 08 Jun 2026 11:40:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 398781
IP address blocks: 31.13.211.0/24 maxlen: 32
45.81.39.0/24 maxlen: 32
45.112.248.0/22 maxlen: 24
67.211.224.0/20 maxlen: 32
69.160.128.0/20 maxlen: 32
69.160.144.0/20 maxlen: 32
80.76.48.0/24 maxlen: 32
81.31.193.0/24 maxlen: 32
82.158.232.0/21 maxlen: 32
82.158.240.0/21 maxlen: 32
82.158.248.0/21 maxlen: 32
85.136.224.0/20 maxlen: 32
85.136.240.0/20 maxlen: 32
85.217.222.0/23 maxlen: 32
87.120.4.0/24 maxlen: 32
87.120.38.0/24 maxlen: 32
87.120.59.0/24 maxlen: 32
87.120.60.0/24 maxlen: 32
87.120.98.0/24 maxlen: 32
87.120.236.0/24 maxlen: 32
87.121.20.0/24 maxlen: 32
87.121.21.0/24 maxlen: 32
87.121.45.0/24 maxlen: 32
87.121.87.0/24 maxlen: 32
91.92.230.0/24 maxlen: 32
93.123.47.0/24 maxlen: 32
93.123.73.0/24 maxlen: 32
93.123.117.0/24 maxlen: 32
93.123.119.0/24 maxlen: 32
94.156.12.0/24 maxlen: 32
94.156.130.0/24 maxlen: 32
94.156.239.0/24 maxlen: 32
94.156.248.0/24 maxlen: 32
103.52.124.0/22 maxlen: 24
103.210.200.0/22 maxlen: 24
132.243.0.0/20 maxlen: 24
132.243.96.0/20 maxlen: 24
139.84.96.0/19 maxlen: 24
140.209.128.0/18 maxlen: 24
151.123.192.0/19 maxlen: 24
152.114.224.0/22 maxlen: 24
152.114.240.0/21 maxlen: 24
153.79.128.0/19 maxlen: 24
153.79.192.0/19 maxlen: 24
157.239.32.0/19 maxlen: 24
160.20.0.0/22 maxlen: 24
165.217.0.0/18 maxlen: 24
165.217.64.0/19 maxlen: 24
185.207.13.0/24 maxlen: 32
194.180.51.0/24 maxlen: 32
203.81.192.0/20 maxlen: 24
213.254.64.0/18 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/xE24sJg6z5ejJVFSwupZKtrnc1s.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/xE24sJg6z5ejJVFSwupZKtrnc1s.mft
rsync://rpki.ripe.net/repository/DEFAULT/xE24sJg6z5ejJVFSwupZKtrnc1s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 11:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:a7:08:75:ff:6a:59:34:9a:43:03:fd:4b:8e:b3:a5:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c44db8b0983acf97a3255152c2ea592adae7735b
Validity
Not Before: Jun 8 11:40:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=eed2be63fdb30e7eaff5bb0dc600b6582ee92b9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:de:ae:22:d8:d7:d3:36:66:73:81:34:9d:d0:
40:33:22:cb:f0:4d:e5:19:97:6e:f7:d3:f9:c6:70:
60:79:b1:ef:fc:af:48:62:31:b2:f2:33:a2:96:bb:
68:3e:88:1d:41:a8:d0:85:2c:87:74:57:e8:01:8f:
ca:38:d9:e0:ba:b7:dc:92:ff:d8:5b:65:6f:b7:b5:
12:75:73:df:64:79:e8:a2:d3:4a:14:06:4c:31:fc:
49:46:2b:1b:8d:4b:0a:d9:c0:d8:ce:07:1e:7b:bb:
d3:14:e8:f0:3e:8c:17:4e:c3:fa:f8:dc:c5:5b:c0:
79:1c:f5:30:16:1b:32:fe:5a:44:bc:89:60:50:b5:
86:65:15:12:a0:58:ad:22:2f:0a:c2:b2:d0:40:04:
a7:a4:d5:13:3e:be:90:fc:30:9c:4f:95:c7:d0:a2:
34:e3:14:29:c8:13:7d:e4:f8:83:4a:2e:a3:de:42:
50:ed:8f:73:29:b2:75:b0:0c:74:0f:af:84:5b:86:
46:ae:be:af:09:7d:5c:10:8b:7d:f9:eb:58:40:3f:
9c:6f:cf:9e:7b:c7:ca:f0:07:96:e8:1a:07:63:4b:
f2:7a:7a:68:55:64:ed:3d:33:14:17:62:b9:a2:e9:
b4:e6:f6:aa:23:d1:34:69:96:94:a7:72:23:e8:72:
ff:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:D2:BE:63:FD:B3:0E:7E:AF:F5:BB:0D:C6:00:B6:58:2E:E9:2B:9F
X509v3 Authority Key Identifier:
keyid:C4:4D:B8:B0:98:3A:CF:97:A3:25:51:52:C2:EA:59:2A:DA:E7:73:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xE24sJg6z5ejJVFSwupZKtrnc1s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/7tK-Y_2zDn6v9bsNxgC2WC7pK58.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/xE24sJg6z5ejJVFSwupZKtrnc1s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.211.0/24
45.81.39.0/24
45.112.248.0/22
67.211.224.0/20
69.160.128.0/19
80.76.48.0/24
81.31.193.0/24
82.158.232.0-82.158.255.255
85.136.224.0/19
85.217.222.0/23
87.120.4.0/24
87.120.38.0/24
87.120.59.0-87.120.60.255
87.120.98.0/24
87.120.236.0/24
87.121.20.0/23
87.121.45.0/24
87.121.87.0/24
91.92.230.0/24
93.123.47.0/24
93.123.73.0/24
93.123.117.0/24
93.123.119.0/24
94.156.12.0/24
94.156.130.0/24
94.156.239.0/24
94.156.248.0/24
103.52.124.0/22
103.210.200.0/22
132.243.0.0/20
132.243.96.0/20
139.84.96.0/19
140.209.128.0/18
151.123.192.0/19
152.114.224.0/22
152.114.240.0/21
153.79.128.0/19
153.79.192.0/19
157.239.32.0/19
160.20.0.0/22
165.217.0.0-165.217.95.255
185.207.13.0/24
194.180.51.0/24
203.81.192.0/20
213.254.64.0/18
Signature Algorithm: sha256WithRSAEncryption
44:d1:47:ca:43:ac:1c:7a:29:e7:5a:bc:d8:01:be:92:75:bf:
02:c8:b9:6e:08:be:63:5b:f8:39:65:a4:80:0a:25:ed:29:23:
0c:d5:ad:78:48:1b:4b:7d:f0:ec:36:36:ed:ad:39:b3:10:72:
a0:02:6e:f9:17:d2:30:44:bf:7a:6b:74:fe:ae:53:55:dc:4a:
db:a2:19:a0:ec:7a:76:82:9b:e2:7e:f1:b6:1e:29:d9:cc:1d:
bd:0c:96:b8:a3:3d:97:6a:0c:86:5d:f2:4a:97:ba:29:61:4b:
dd:c8:18:40:56:8f:4d:de:56:27:07:98:af:58:07:76:d8:ef:
81:68:ca:12:05:ed:ec:e1:c0:ca:59:41:3f:5d:b4:c5:38:b2:
24:52:a6:84:d3:89:0b:02:4f:85:88:9b:40:69:2c:58:ba:09:
ed:43:61:0d:e7:ed:a0:7a:f3:47:82:a3:b9:8e:23:9b:8d:bf:
8a:23:c0:d5:b1:af:85:ea:77:56:55:44:e5:e5:30:47:bc:5a:
f7:d8:77:bc:e9:34:82:2c:fb:18:ef:74:1c:ce:1a:0d:48:0b:
c6:27:73:08:cb:0a:85:b1:cc:16:1e:18:18:b2:14:8f:40:8e:
d3:8d:9e:fc:8e:e4:13:16:f2:a8:d4:df:a0:53:3d:33:77:fa:
d1:4a:d7:a3
-----BEGIN CERTIFICATE-----
MIIGJTCCBQ2gAwIBAgISAZ6nCHX/alk0mkMD/UuOs6UDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0NGRiOGIwOTgzYWNmOTdhMzI1NTE1MmMyZWE1OTJhZGFl
NzczNWIwHhcNMjYwNjA4MTE0MDEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWQyYmU2M2ZkYjMwZTdlYWZmNWJiMGRjNjAwYjY1ODJlZTkyYjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz96uItjX0zZmc4E0ndBAMyLL8E3l
GZdu99P5xnBgebHv/K9IYjGy8jOilrtoPogdQajQhSyHdFfoAY/KONngurfckv/Y
W2Vvt7USdXPfZHnootNKFAZMMfxJRisbjUsK2cDYzgcee7vTFOjwPowXTsP6+NzF
W8B5HPUwFhsy/lpEvIlgULWGZRUSoFitIi8KwrLQQASnpNUTPr6Q/DCcT5XH0KI0
4xQpyBN95PiDSi6j3kJQ7Y9zKbJ1sAx0D6+EW4ZGrr6vCX1cEIt9+etYQD+cb8+e
e8fK8AeW6BoHY0vyenpoVWTtPTMUF2K5oum05vaqI9E0aZaUp3Ij6HL/LQIDAQAB
o4IDMTCCAy0wHQYDVR0OBBYEFO7SvmP9sw5+r/W7DcYAtlgu6SufMB8GA1UdIwQY
MBaAFMRNuLCYOs+XoyVRUsLqWSra53NbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEUyNHNKZzZ6NWVqSlZGU3d1cFpLdHJuYzFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC80Mzc4OTctYWY1OC00OTU5LThlNzYt
ZWVkZDk0ZWMxMjhjLzEvN3RLLVlfMnpEbjZ2OWJzTnhnQzJXQzdwSzU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC80Mzc4OTctYWY1OC00OTU5LThlNzYtZWVkZDk0ZWMxMjhj
LzEveEUyNHNKZzZ6NWVqSlZGU3d1cFpLdHJuYzFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBRQYIKwYBBQUHAQcBAf8EggE0MIIBMDCCASwEAgABMIIB
JAMEAB8N0wMEAC1RJwMEAi1w+AMEBEPT4AMEBUWggAMEAFBMMAMEAFEfwTALAwQD
Up7oAwMAUp4DBAVViOADBAFV2d4DBABXeAQDBABXeCYwDAMEAFd4OwMEAFd4PAME
AFd4YgMEAFd47AMEAVd5FAMEAFd5LQMEAFd5VwMEAFtc5gMEAF17LwMEAF17SQME
AF17dQMEAF17dwMEAF6cDAMEAF6cggMEAF6c7wMEAF6c+AMEAmc0fAMEAmfSyAME
BITzAAMEBITzYAMEBYtUYAMEBozRgAMEBZd7wAMEAphy4AMEA5hy8AMEBZlPgAME
BZlPwAMEBZ3vIAMEAqAUADALAwMApdkDBAWl2UADBAC5zw0DBADCtDMDBATLUcAD
BAbV/kAwDQYJKoZIhvcNAQELBQADggEBAETRR8pDrBx6KedavNgBvpJ1vwLIuW4I
vmNb+DllpIAKJe0pIwzVrXhIG0t98Ow2Nu2tObMQcqACbvkX0jBEv3prdP6uU1Xc
StuiGaDsenaCm+J+8bYeKdnMHb0MlrijPZdqDIZd8kqXuilhS93IGEBWj03eVicH
mK9YB3bY74FoyhIF7ezhwMpZQT9dtMU4siRSpoTTiQsCT4WIm0BpLFi6Ce1DYQ3n
7aB680eCo7mOI5uNv4ojwNWxr4Xqd1ZVROXlMEe8WvfYd7zpNIIs+xjvdBzOGg1I
C8YncwjLCoWxzBYeGBiyFI9AjtONnvyO5BMW8qjU36BTPTN3+tFK16M=
-----END CERTIFICATE-----
Generated at Thu Jun 11 17:02:37 2026 by rpki-client