Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/4d7f40-49ec-4ce2-882e-5ac7f066230b/1/1-2vR9D5EuHiUZ8YUPiWZdd3LlOc.roa
File: 1-2vR9D5EuHiUZ8YUPiWZdd3LlOc.roa (raw, json)
Hash identifier: UyaZQo5wMw6T5Iq4+XMbThUI1LZMa4RGhlfpw/fbh4w=
Subject key identifier: FB:6B:D1:F4:3E:44:B8:78:94:67:C6:14:3E:25:99:75:DD:CB:94:E7
Certificate issuer: /CN=7bd5997ed075c2298b461225e1060f577b1d7d4d
Certificate serial: 019ED99C6DA1D602338D0ECCD48C7FCF036D
Authority key identifier: 7B:D5:99:7E:D0:75:C2:29:8B:46:12:25:E1:06:0F:57:7B:1D:7D:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e9WZftB1wimLRhIl4QYPV3sdfU0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/4d7f40-49ec-4ce2-882e-5ac7f066230b/1/1-2vR9D5EuHiUZ8YUPiWZdd3LlOc.roa
Signing time: Thu 18 Jun 2026 07:22:48 +0000
ROA not before: Thu 18 Jun 2026 07:22:48 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 41344
IP address blocks: 31.185.8.0/22 maxlen: 22
31.185.8.0/24 maxlen: 24
31.185.9.0/24 maxlen: 24
31.185.10.0/24 maxlen: 24
31.185.11.0/24 maxlen: 24
31.185.12.0/24 maxlen: 24
31.185.13.0/24 maxlen: 24
31.185.14.0/24 maxlen: 24
31.185.15.0/24 maxlen: 24
89.249.224.0/21 maxlen: 21
89.249.224.0/22 maxlen: 22
89.249.226.0/24 maxlen: 24
89.249.228.0/22 maxlen: 22
89.249.228.0/23 maxlen: 23
89.249.230.0/23 maxlen: 23
89.249.231.0/24 maxlen: 24
89.249.232.0/22 maxlen: 22
89.249.232.0/24 maxlen: 24
89.249.233.0/24 maxlen: 24
89.249.235.0/24 maxlen: 24
89.249.236.0/23 maxlen: 23
89.249.236.0/24 maxlen: 24
89.249.237.0/24 maxlen: 24
89.249.238.0/24 maxlen: 24
185.124.176.0/22 maxlen: 22
185.124.176.0/23 maxlen: 23
185.124.177.0/24 maxlen: 24
185.124.178.0/23 maxlen: 23
2a06:b400::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/4d7f40-49ec-4ce2-882e-5ac7f066230b/1/e9WZftB1wimLRhIl4QYPV3sdfU0.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/4d7f40-49ec-4ce2-882e-5ac7f066230b/1/e9WZftB1wimLRhIl4QYPV3sdfU0.mft
rsync://rpki.ripe.net/repository/DEFAULT/e9WZftB1wimLRhIl4QYPV3sdfU0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Jun 2026 02:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:d9:9c:6d:a1:d6:02:33:8d:0e:cc:d4:8c:7f:cf:03:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7bd5997ed075c2298b461225e1060f577b1d7d4d
Validity
Not Before: Jun 18 07:22:48 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=fb6bd1f43e44b8789467c6143e259975ddcb94e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:ba:88:40:fb:22:21:04:e1:b3:b9:c8:87:c4:
76:50:3a:08:79:6c:37:84:e1:90:01:89:df:af:c5:
f1:0e:2e:a1:1c:52:25:12:29:32:22:5f:71:e8:fd:
ac:ec:ef:b3:0d:3b:12:de:9a:12:26:5e:d8:dd:b9:
af:85:9e:a8:5a:bb:ab:07:f5:62:c2:e5:89:d2:21:
0c:84:30:88:29:4e:35:57:a8:2c:d3:ab:d3:65:f1:
a4:c4:06:c8:cd:18:ef:57:16:34:29:e2:99:53:29:
91:0d:19:78:f9:96:95:c8:67:87:81:e9:0f:ea:de:
08:bb:ed:ab:d1:0a:ca:37:01:b2:80:f7:65:91:ac:
c3:c3:ae:7b:c8:af:eb:90:02:ac:ef:88:72:84:4d:
63:c3:74:fb:b7:95:a4:0f:51:43:12:d3:71:c6:69:
c4:3e:a1:d2:5f:56:82:9e:3e:75:da:db:b3:14:d0:
c0:8e:f0:2d:1c:23:d7:23:b8:97:65:bb:a0:9d:28:
14:d7:1a:8d:1f:c2:45:83:bc:08:51:ad:89:a6:38:
b4:2d:66:72:0c:e0:d9:e4:d2:14:ab:94:cf:56:81:
ae:d6:a5:79:0a:be:5f:06:70:25:c3:3c:4f:f7:62:
b3:e2:6d:fb:a8:b5:db:ab:35:ba:17:21:93:c7:ae:
b1:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:6B:D1:F4:3E:44:B8:78:94:67:C6:14:3E:25:99:75:DD:CB:94:E7
X509v3 Authority Key Identifier:
keyid:7B:D5:99:7E:D0:75:C2:29:8B:46:12:25:E1:06:0F:57:7B:1D:7D:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9WZftB1wimLRhIl4QYPV3sdfU0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/4d7f40-49ec-4ce2-882e-5ac7f066230b/1/1-2vR9D5EuHiUZ8YUPiWZdd3LlOc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/4d7f40-49ec-4ce2-882e-5ac7f066230b/1/e9WZftB1wimLRhIl4QYPV3sdfU0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.185.8.0/21
89.249.224.0-89.249.238.255
185.124.176.0/22
IPv6:
2a06:b400::/29
Signature Algorithm: sha256WithRSAEncryption
01:ff:ff:c5:06:75:94:f0:84:51:24:17:f4:64:42:d3:bb:5b:
b7:b4:d6:45:65:d7:a8:a8:cb:74:9e:70:1c:bc:42:d3:18:96:
23:43:7e:56:b1:83:03:56:d1:0c:34:75:86:7c:ea:7b:dc:e3:
58:90:13:2b:4d:14:61:06:bc:0f:bb:a5:ba:1f:80:16:55:15:
48:e5:d1:d7:1c:8f:f6:a6:cb:ff:2f:b1:b7:68:95:db:4f:d7:
4a:fa:2e:a6:f8:f0:83:ef:54:61:45:b6:69:a7:e3:6f:6b:c5:
d1:1c:05:32:3d:d1:e5:d2:ee:9c:e3:3a:86:b4:ab:59:a3:fe:
7a:84:94:6a:17:9e:d0:fd:62:80:d9:07:6e:d0:72:5c:fc:fb:
9e:8e:66:4e:00:e4:e4:69:bc:ed:ce:54:82:d1:e0:87:87:7d:
19:60:c0:d1:7a:45:b4:13:f7:fb:42:03:52:4c:ca:40:74:b4:
76:84:7f:e6:cf:50:3a:1f:87:48:fe:85:58:00:33:42:be:e5:
02:b4:9b:e7:0f:bb:ba:a1:d9:d2:16:87:fa:6a:2f:96:82:d9:
fa:ff:a3:13:f1:1a:de:36:76:46:59:a7:da:91:14:6f:2c:7d:
0f:bd:08:56:37:85:0d:50:6e:ab:94:4b:7c:d7:0c:f4:cb:9b:
4b:e7:f4:d0
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZ7ZnG2h1gIzjQ7M1Ix/zwNtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiZDU5OTdlZDA3NWMyMjk4YjQ2MTIyNWUxMDYwZjU3N2Ix
ZDdkNGQwHhcNMjYwNjE4MDcyMjQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjZiZDFmNDNlNDRiODc4OTQ2N2M2MTQzZTI1OTk3NWRkY2I5NGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqLqIQPsiIQThs7nIh8R2UDoIeWw3
hOGQAYnfr8XxDi6hHFIlEikyIl9x6P2s7O+zDTsS3poSJl7Y3bmvhZ6oWrurB/Vi
wuWJ0iEMhDCIKU41V6gs06vTZfGkxAbIzRjvVxY0KeKZUymRDRl4+ZaVyGeHgekP
6t4Iu+2r0QrKNwGygPdlkazDw657yK/rkAKs74hyhE1jw3T7t5WkD1FDEtNxxmnE
PqHSX1aCnj512tuzFNDAjvAtHCPXI7iXZbugnSgU1xqNH8JFg7wIUa2Jpji0LWZy
DODZ5NIUq5TPVoGu1qV5Cr5fBnAlwzxP92Kz4m37qLXbqzW6FyGTx66xGQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFPtr0fQ+RLh4lGfGFD4lmXXdy5TnMB8GA1UdIwQY
MBaAFHvVmX7QdcIpi0YSJeEGD1d7HX1NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTlXWmZ0QjF3aW1MUmhJbDRRWVBWM3NkZlUwLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS80ZDdmNDAtNDllYy00Y2UyLTg4MmUt
NWFjN2YwNjYyMzBiLzEvMS0ydlI5RDVFdUhpVVo4WVVQaVdaZGQzTGxPYy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYWEvNGQ3ZjQwLTQ5ZWMtNGNlMi04ODJlLTVhYzdmMDY2MjMw
Yi8xL2U5V1pmdEIxd2ltTFJoSWw0UVlQVjNzZGZVMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBCBggrBgEFBQcBBwEB/wQzMDEwIAQCAAEwGgMEAx+5CDAM
AwQFWfngAwQAWfnuAwQCuXywMA0EAgACMAcDBQMqBrQAMA0GCSqGSIb3DQEBCwUA
A4IBAQAB///FBnWU8IRRJBf0ZELTu1u3tNZFZdeoqMt0nnAcvELTGJYjQ35WsYMD
VtEMNHWGfOp73ONYkBMrTRRhBrwPu6W6H4AWVRVI5dHXHI/2psv/L7G3aJXbT9dK
+i6m+PCD71RhRbZpp+Nva8XRHAUyPdHl0u6c4zqGtKtZo/56hJRqF57Q/WKA2Qdu
0HJc/PuejmZOAOTkabztzlSC0eCHh30ZYMDRekW0E/f7QgNSTMpAdLR2hH/mz1A6
H4dI/oVYADNCvuUCtJvnD7u6odnSFof6ai+Wgtn6/6MT8RreNnZGWafakRRvLH0P
vQhWN4UNUG6rlEt81wz0y5tL5/TQ
-----END CERTIFICATE-----
Generated at Mon Jun 29 10:35:37 2026 by rpki-client