Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/Tt96ibRoV4-r54Cc4N642C8bqHc.roa
File: Tt96ibRoV4-r54Cc4N642C8bqHc.roa (raw, json)
Hash identifier: MPQjsld3jVuBFpAApNkfdDQwm3BGXf0BTXNcQdwk79s=
Subject key identifier: 4E:DF:7A:89:B4:68:57:8F:AB:E7:80:9C:E0:DE:B8:D8:2F:1B:A8:77
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 019D6F5C688173E6450ED521B5259601D460
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/Tt96ibRoV4-r54Cc4N642C8bqHc.roa
Signing time: Wed 08 Apr 2026 23:10:20 +0000
ROA not before: Wed 08 Apr 2026 23:10:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 7029
IP address blocks: 31.187.92.0/22 maxlen: 24
66.9.96.0/20 maxlen: 24
66.117.8.0/22 maxlen: 24
74.124.204.0/22 maxlen: 24
77.223.192.0/21 maxlen: 24
77.223.200.0/23 maxlen: 24
79.139.64.0/23 maxlen: 24
83.142.200.0/21 maxlen: 24
88.135.100.0/22 maxlen: 24
88.135.104.0/21 maxlen: 24
89.34.171.0/24 maxlen: 24
91.210.80.0/22 maxlen: 24
93.119.184.0/21 maxlen: 24
94.26.110.0/23 maxlen: 24
94.101.103.0/24 maxlen: 24
95.178.8.0/21 maxlen: 24
95.215.144.0/22 maxlen: 24
116.50.16.0/21 maxlen: 24
121.127.56.0/21 maxlen: 24
141.193.108.0/22 maxlen: 24
162.250.216.0/22 maxlen: 24
176.222.48.0/22 maxlen: 24
178.216.184.0/21 maxlen: 24
188.215.12.0/22 maxlen: 24
192.109.205.0/24 maxlen: 24
195.133.202.0/23 maxlen: 24
198.145.112.0/22 maxlen: 24
205.134.244.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 Apr 2026 20:11:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:6f:5c:68:81:73:e6:45:0e:d5:21:b5:25:96:01:d4:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: Apr 8 23:10:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4edf7a89b468578fabe7809ce0deb8d82f1ba877
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:1c:35:09:7d:7c:89:e8:05:4b:71:4b:26:fb:
b6:16:3a:c9:2a:bd:f7:cb:f4:08:a0:ab:f6:97:89:
1a:1c:ca:90:a7:97:64:54:b9:ac:7b:50:1c:f6:58:
f3:81:ce:08:da:57:6d:37:e3:a0:d0:f5:f6:0d:b8:
b4:2a:1a:bb:13:3f:09:0c:5a:0b:82:0e:15:ca:50:
65:29:2a:cd:a7:ae:bb:63:7f:14:3c:01:9a:fb:9f:
d0:2c:9e:96:ff:33:95:e3:75:ca:8a:9a:0a:a8:a9:
7b:e1:a8:0a:cc:10:7b:8e:5f:a3:2b:bc:be:fd:00:
03:05:43:2c:93:1d:8e:87:03:47:93:70:60:29:9b:
b9:1f:38:cd:b3:af:e3:71:db:84:68:ce:3d:3e:01:
3c:28:cb:e8:fe:0d:f7:3d:80:b8:19:e1:a4:0c:11:
cb:6c:a7:2a:d2:8c:1e:81:3a:93:4a:b0:b0:af:68:
db:fa:c8:39:a4:5a:f7:d0:dc:44:45:1e:08:8d:f2:
8f:31:38:49:8f:03:37:22:a5:7a:a6:81:22:05:a5:
c8:84:6a:9e:e6:8f:3e:20:bf:dc:41:3a:7e:1e:e6:
8e:32:12:16:8d:f8:6a:b6:17:a7:25:e9:a3:05:b2:
c7:3e:98:56:19:c6:3d:53:25:40:4b:18:f7:56:52:
6f:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:DF:7A:89:B4:68:57:8F:AB:E7:80:9C:E0:DE:B8:D8:2F:1B:A8:77
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/Tt96ibRoV4-r54Cc4N642C8bqHc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.187.92.0/22
66.9.96.0/20
66.117.8.0/22
74.124.204.0/22
77.223.192.0-77.223.201.255
79.139.64.0/23
83.142.200.0/21
88.135.100.0-88.135.111.255
89.34.171.0/24
91.210.80.0/22
93.119.184.0/21
94.26.110.0/23
94.101.103.0/24
95.178.8.0/21
95.215.144.0/22
116.50.16.0/21
121.127.56.0/21
141.193.108.0/22
162.250.216.0/22
176.222.48.0/22
178.216.184.0/21
188.215.12.0/22
192.109.205.0/24
195.133.202.0/23
198.145.112.0/22
205.134.244.0/22
Signature Algorithm: sha256WithRSAEncryption
81:2d:08:0d:fc:d7:fc:65:f7:a4:cc:ec:bf:43:41:6d:1f:d1:
c6:1c:0d:bd:87:de:23:71:d5:29:45:54:bd:3b:4c:ff:89:f1:
31:30:57:03:b2:65:39:53:4a:c9:cd:1a:2a:28:53:2e:0d:a3:
73:8f:04:b6:09:96:55:44:8d:cb:8b:09:84:e0:49:2e:f4:77:
b8:55:c5:a7:20:06:70:1e:40:6a:27:1b:b2:18:5f:ba:f0:f3:
74:14:2a:43:d4:45:1f:b1:f1:1c:90:5f:bc:a0:a3:74:a4:aa:
1c:20:70:f8:7c:0c:b1:ec:de:82:af:d3:1c:05:ba:5f:54:95:
68:46:8a:8f:9c:d5:49:8f:8e:ca:41:70:5c:e2:8c:89:17:b0:
3d:ca:b3:b5:41:0e:b4:ff:eb:a4:81:1d:9d:35:52:de:cb:5c:
67:e5:24:b7:6f:d6:1e:cb:04:e7:20:26:ce:c7:7f:4f:ac:4f:
80:3e:eb:f2:ef:96:4b:6a:aa:f3:b0:d5:d8:79:13:30:59:b6:
65:16:3a:23:ad:59:4d:1d:09:6e:5b:83:0b:a8:54:50:50:ab:
9d:7d:02:b7:99:f6:38:ee:2c:15:53:6f:70:8a:dd:14:bf:be:
cb:82:c8:33:93:17:ad:f4:fb:9b:25:95:45:c3:cd:0b:4f:d4:
dc:a4:80:ad
-----BEGIN CERTIFICATE-----
MIIFqDCCBJCgAwIBAgISAZ1vXGiBc+ZFDtUhtSWWAdRgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjYwNDA4MjMxMDIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWRmN2E4OWI0Njg1NzhmYWJlNzgwOWNlMGRlYjhkODJmMWJhODc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlRw1CX18iegFS3FLJvu2FjrJKr33
y/QIoKv2l4kaHMqQp5dkVLmse1Ac9ljzgc4I2ldtN+Og0PX2Dbi0Khq7Ez8JDFoL
gg4VylBlKSrNp667Y38UPAGa+5/QLJ6W/zOV43XKipoKqKl74agKzBB7jl+jK7y+
/QADBUMskx2OhwNHk3BgKZu5HzjNs6/jcduEaM49PgE8KMvo/g33PYC4GeGkDBHL
bKcq0owegTqTSrCwr2jb+sg5pFr30NxERR4IjfKPMThJjwM3IqV6poEiBaXIhGqe
5o8+IL/cQTp+HuaOMhIWjfhqthenJemjBbLHPphWGcY9UyVASxj3VlJvFQIDAQAB
o4ICtDCCArAwHQYDVR0OBBYEFE7feom0aFePq+eAnODeuNgvG6h3MB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvVHQ5NmliUm9WNC1yNTRDYzRONjQyQzhicUhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHJBggrBgEFBQcBBwEB/wSBuTCBtjCBswQCAAEwgawDBAIf
u1wDBARCCWADBAJCdQgDBAJKfMwwDAMEBk3fwAMEAU3fyAMEAU+LQAMEA1OOyDAM
AwQCWIdkAwQEWIdgAwQAWSKrAwQCW9JQAwQDXXe4AwQBXhpuAwQAXmVnAwQDX7II
AwQCX9eQAwQDdDIQAwQDeX84AwQCjcFsAwQCovrYAwQCsN4wAwQDsti4AwQCvNcM
AwQAwG3NAwQBw4XKAwQCxpFwAwQCzYb0MA0GCSqGSIb3DQEBCwUAA4IBAQCBLQgN
/Nf8ZfekzOy/Q0FtH9HGHA29h94jcdUpRVS9O0z/ifExMFcDsmU5U0rJzRoqKFMu
DaNzjwS2CZZVRI3LiwmE4Eku9He4VcWnIAZwHkBqJxuyGF+68PN0FCpD1EUfsfEc
kF+8oKN0pKocIHD4fAyx7N6Cr9McBbpfVJVoRoqPnNVJj47KQXBc4oyJF7A9yrO1
QQ60/+ukgR2dNVLey1xn5SS3b9YeywTnICbOx39PrE+APuvy75ZLaqrzsNXYeRMw
WbZlFjojrVlNHQluW4MLqFRQUKudfQK3mfY47iwVU29wit0Uv77Lgsgzkxet9Pub
JZVFw80LT9TcpICt
-----END CERTIFICATE-----
Generated at Thu Apr 9 02:25:20 2026 by rpki-client