Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/b10562-26a1-4645-8d2b-16f146bef995/1/PDvrlF5cZUVVXIvgqmk7oS8dm3Q.roa
File: PDvrlF5cZUVVXIvgqmk7oS8dm3Q.roa (raw, json)
Hash identifier: 7gGCi2qAmOzTYdKwx/6vZAz2nUy/KttdyCAr1Ufyljg=
Subject key identifier: 3C:3B:EB:94:5E:5C:65:45:55:5C:8B:E0:AA:69:3B:A1:2F:1D:9B:74
Certificate issuer: /CN=2e252a477242fb45f20bb08020a403a2bb466a9b
Certificate serial: 019E5E4F9E6E728886FA69C4F1893580006E
Authority key identifier: 2E:25:2A:47:72:42:FB:45:F2:0B:B0:80:20:A4:03:A2:BB:46:6A:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LiUqR3JC-0XyC7CAIKQDortGaps.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/b10562-26a1-4645-8d2b-16f146bef995/1/PDvrlF5cZUVVXIvgqmk7oS8dm3Q.roa
Signing time: Mon 25 May 2026 08:45:36 +0000
ROA not before: Mon 25 May 2026 08:45:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 206977
IP address blocks: 31.170.232.0/24 maxlen: 24
31.170.233.0/24 maxlen: 24
31.170.234.0/24 maxlen: 24
31.170.235.0/24 maxlen: 24
31.170.236.0/24 maxlen: 24
31.170.237.0/24 maxlen: 24
31.170.238.0/24 maxlen: 24
31.170.239.0/24 maxlen: 24
31.171.112.0/24 maxlen: 24
31.171.113.0/24 maxlen: 24
31.171.114.0/24 maxlen: 24
31.171.115.0/24 maxlen: 24
85.132.24.0/24 maxlen: 24
85.132.26.0/24 maxlen: 24
85.132.27.0/24 maxlen: 24
85.132.58.0/24 maxlen: 24
85.132.65.0/24 maxlen: 24
85.132.66.0/24 maxlen: 24
85.132.70.0/24 maxlen: 24
85.132.121.0/24 maxlen: 24
85.132.122.0/24 maxlen: 24
94.20.63.0/24 maxlen: 24
94.20.157.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/b10562-26a1-4645-8d2b-16f146bef995/1/LiUqR3JC-0XyC7CAIKQDortGaps.crl
rsync://rpki.ripe.net/repository/DEFAULT/71/b10562-26a1-4645-8d2b-16f146bef995/1/LiUqR3JC-0XyC7CAIKQDortGaps.mft
rsync://rpki.ripe.net/repository/DEFAULT/LiUqR3JC-0XyC7CAIKQDortGaps.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 20:26:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:5e:4f:9e:6e:72:88:86:fa:69:c4:f1:89:35:80:00:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e252a477242fb45f20bb08020a403a2bb466a9b
Validity
Not Before: May 25 08:45:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3c3beb945e5c6545555c8be0aa693ba12f1d9b74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:40:c4:5d:14:92:1e:8a:3d:e6:d3:a7:6d:15:
c5:cc:eb:0e:db:19:c9:0a:eb:e3:17:e2:e1:85:fb:
b5:85:78:dc:e3:84:12:aa:ee:79:6a:f7:ad:76:34:
44:22:d5:18:ee:3b:44:52:91:5f:58:3a:4b:55:08:
41:d7:29:cf:24:2e:53:06:0d:ef:8d:d4:8f:c5:ca:
9c:f1:e5:7e:16:98:bc:e7:60:86:a4:ad:3c:1e:67:
91:d5:94:46:70:aa:e2:a6:2b:9f:bc:5b:ad:bd:92:
3d:68:39:b7:2f:f7:47:05:2c:d7:ad:32:ee:79:ba:
a6:61:6a:7a:25:32:3b:10:fe:5f:f9:60:ff:a9:f1:
5b:ba:30:83:3b:08:ad:cc:da:33:65:fb:0f:af:5a:
c3:7b:7d:a4:c1:8a:c3:70:be:43:1f:ef:41:2d:65:
08:85:7a:a8:49:fc:50:35:ab:58:bd:29:87:d0:a6:
83:6e:52:b1:02:1f:dc:ff:03:45:56:e3:70:cd:31:
f8:4c:a2:c3:94:65:84:53:f6:36:0d:fd:4d:c2:d9:
5c:5e:ed:41:4d:8a:ff:18:b2:0e:ac:03:72:af:f1:
ff:0d:ab:43:f0:a6:9c:dd:13:cd:94:22:c1:28:1a:
43:57:74:2f:90:f5:bd:d7:27:95:cc:07:09:26:13:
16:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:3B:EB:94:5E:5C:65:45:55:5C:8B:E0:AA:69:3B:A1:2F:1D:9B:74
X509v3 Authority Key Identifier:
keyid:2E:25:2A:47:72:42:FB:45:F2:0B:B0:80:20:A4:03:A2:BB:46:6A:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LiUqR3JC-0XyC7CAIKQDortGaps.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/b10562-26a1-4645-8d2b-16f146bef995/1/PDvrlF5cZUVVXIvgqmk7oS8dm3Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/b10562-26a1-4645-8d2b-16f146bef995/1/LiUqR3JC-0XyC7CAIKQDortGaps.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.232.0/21
31.171.112.0/22
85.132.24.0/24
85.132.26.0/23
85.132.58.0/24
85.132.65.0-85.132.66.255
85.132.70.0/24
85.132.121.0-85.132.122.255
94.20.63.0/24
94.20.157.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:65:82:84:8d:e2:50:b2:44:31:03:ac:8d:f7:b1:c1:59:e3:
6d:dd:9f:ce:13:0e:26:27:05:5c:77:ee:36:c0:1c:fc:f1:1b:
89:2b:01:91:2a:99:36:fe:c9:c4:fe:a6:61:74:84:c2:aa:84:
4e:8d:0e:83:76:04:89:01:4d:99:5e:21:38:c7:16:19:70:ce:
29:56:d5:d5:31:1b:7c:99:80:da:d9:4e:e4:37:72:08:68:fd:
3f:e1:43:98:06:4e:35:32:7f:0c:4b:2c:5d:0a:49:7b:c6:f2:
fc:0d:dd:03:25:4c:ec:b5:b8:55:3c:70:86:36:65:1e:b3:e4:
82:4f:69:d6:db:c0:7f:f8:f6:8a:ea:d6:64:22:02:a6:ca:c1:
b2:2e:99:c3:8f:1a:54:8f:89:72:76:54:2b:70:26:81:95:75:
a9:f6:07:45:01:d2:3d:e4:11:e2:97:4d:a5:8c:72:a5:24:3d:
3b:47:96:e7:b2:53:79:42:e2:1c:d8:83:5f:67:91:f7:ee:1a:
5a:bd:60:e4:3d:35:9b:06:7d:e1:f7:24:48:e1:bf:c0:06:2f:
85:87:3d:a7:2e:98:fe:1b:63:b2:55:5e:50:46:b0:13:c7:e1:
8f:15:4e:e2:f5:6d:a3:16:96:fe:88:4a:c1:2e:28:c2:f6:93:
b9:44:17:ee
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZ5eT55ucoiG+mnE8Yk1gABuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlMjUyYTQ3NzI0MmZiNDVmMjBiYjA4MDIwYTQwM2EyYmI0
NjZhOWIwHhcNMjYwNTI1MDg0NTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzNiZWI5NDVlNWM2NTQ1NTU1YzhiZTBhYTY5M2JhMTJmMWQ5Yjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAskDEXRSSHoo95tOnbRXFzOsO2xnJ
CuvjF+Lhhfu1hXjc44QSqu55avetdjREItUY7jtEUpFfWDpLVQhB1ynPJC5TBg3v
jdSPxcqc8eV+Fpi852CGpK08HmeR1ZRGcKripiufvFutvZI9aDm3L/dHBSzXrTLu
ebqmYWp6JTI7EP5f+WD/qfFbujCDOwitzNozZfsPr1rDe32kwYrDcL5DH+9BLWUI
hXqoSfxQNatYvSmH0KaDblKxAh/c/wNFVuNwzTH4TKLDlGWEU/Y2Df1NwtlcXu1B
TYr/GLIOrANyr/H/DatD8Kac3RPNlCLBKBpDV3QvkPW91yeVzAcJJhMWswIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFDw765ReXGVFVVyL4KppO6EvHZt0MB8GA1UdIwQY
MBaAFC4lKkdyQvtF8guwgCCkA6K7RmqbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGlVcVIzSkMtMFh5QzdDQUlLUURvcnRHYXBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9iMTA1NjItMjZhMS00NjQ1LThkMmIt
MTZmMTQ2YmVmOTk1LzEvUER2cmxGNWNaVVZWWEl2Z3FtazdvUzhkbTNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS9iMTA1NjItMjZhMS00NjQ1LThkMmItMTZmMTQ2YmVmOTk1
LzEvTGlVcVIzSkMtMFh5QzdDQUlLUURvcnRHYXBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAATBMAwQDH6roAwQC
H6twAwQAVYQYAwQBVYQaAwQAVYQ6MAwDBABVhEEDBABVhEIDBABVhEYwDAMEAFWE
eQMEAFWEegMEAF4UPwMEAF4UnTANBgkqhkiG9w0BAQsFAAOCAQEAXWWChI3iULJE
MQOsjfexwVnjbd2fzhMOJicFXHfuNsAc/PEbiSsBkSqZNv7JxP6mYXSEwqqETo0O
g3YEiQFNmV4hOMcWGXDOKVbV1TEbfJmA2tlO5DdyCGj9P+FDmAZONTJ/DEssXQpJ
e8by/A3dAyVM7LW4VTxwhjZlHrPkgk9p1tvAf/j2iurWZCICpsrBsi6Zw48aVI+J
cnZUK3AmgZV1qfYHRQHSPeQR4pdNpYxypSQ9O0eW57JTeULiHNiDX2eR9+4aWr1g
5D01mwZ94fckSOG/wAYvhYc9py6Y/htjslVeUEawE8fhjxVO4vVtoxaW/ohKwS4o
wvaTuUQX7g==
-----END CERTIFICATE-----
Generated at Fri Jun 12 02:40:46 2026 by rpki-client