Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/nFYNbXy0JhIyEmPla3EPZiB915M.roa
File: nFYNbXy0JhIyEmPla3EPZiB915M.roa (raw, json)
Hash identifier: 4Q1qQA0cyqLu7/tHU6Hpa7PqUUZygk8E+2ueMWgOYPc=
Subject key identifier: 9C:56:0D:6D:7C:B4:26:12:32:12:63:E5:6B:71:0F:66:20:7D:D7:93
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 019CB615C9F7B426AA0EE513C20DF662949A
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/nFYNbXy0JhIyEmPla3EPZiB915M.roa
Signing time: Tue 03 Mar 2026 23:43:27 +0000
ROA not before: Tue 03 Mar 2026 23:43:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 7015
IP address blocks: 5.182.187.0/24 maxlen: 24
5.182.192.0/24 maxlen: 24
5.182.198.0/24 maxlen: 24
31.132.52.0/24 maxlen: 24
31.132.53.0/24 maxlen: 24
36.255.213.0/24 maxlen: 24
36.255.214.0/24 maxlen: 24
45.248.52.0/24 maxlen: 24
63.246.130.0/24 maxlen: 24
63.246.131.0/24 maxlen: 24
63.246.132.0/24 maxlen: 24
63.246.133.0/24 maxlen: 24
63.246.137.0/24 maxlen: 24
63.246.151.0/24 maxlen: 24
63.246.158.0/24 maxlen: 24
78.31.204.0/24 maxlen: 24
92.249.31.0/24 maxlen: 24
94.154.170.0/24 maxlen: 24
94.154.182.0/24 maxlen: 24
103.105.166.0/24 maxlen: 24
103.130.178.0/24 maxlen: 24
103.210.12.0/24 maxlen: 24
147.78.205.0/24 maxlen: 24
147.78.206.0/24 maxlen: 24
162.218.90.0/24 maxlen: 24
185.52.137.0/24 maxlen: 24
185.187.212.0/24 maxlen: 24
185.201.40.0/24 maxlen: 24
185.205.205.0/24 maxlen: 24
212.60.15.0/24 maxlen: 24
217.197.169.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.mft
rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Mar 2026 16:05:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:b6:15:c9:f7:b4:26:aa:0e:e5:13:c2:0d:f6:62:94:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Mar 3 23:43:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9c560d6d7cb42612321263e56b710f66207dd793
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:f6:0b:18:5c:7a:57:36:6f:fe:ac:f9:81:9e:
eb:cb:5f:81:dd:f1:db:85:bd:7a:57:e4:18:ee:12:
3b:54:e7:af:79:38:00:f8:3f:70:a1:db:53:05:5a:
c1:93:ac:4a:3d:5c:49:87:2a:da:7c:b5:13:da:2e:
c2:41:46:bf:21:be:cb:20:c3:3c:48:b6:4d:d5:d2:
4b:a9:e5:86:57:27:10:d3:16:44:17:77:b1:9c:1f:
05:52:c7:aa:26:bd:36:84:4a:54:0f:8c:01:43:72:
4e:dc:fd:e5:2a:00:ad:07:56:5e:4f:89:85:39:7b:
f4:c8:d0:cb:3b:ee:ca:2c:3d:78:28:e5:f9:34:4a:
4f:a2:53:63:cb:3c:ac:13:67:c5:25:46:e9:20:bc:
e0:6d:1e:cc:eb:ff:76:5b:45:c8:e9:6d:05:55:eb:
67:15:ff:ac:7d:c9:a3:49:06:24:7d:7b:06:2a:4d:
51:3d:72:b3:e1:7a:23:98:c5:a3:94:7b:24:f3:3a:
89:99:56:fc:d8:9e:32:6e:b0:28:55:a8:99:80:df:
3e:3f:cd:c5:d3:04:bb:64:84:76:50:ec:00:8c:04:
7e:eb:55:c7:fa:33:df:b7:1b:97:31:b2:3c:05:f7:
02:5a:37:ea:7b:cd:9a:76:f7:8c:b8:80:5e:b5:ad:
58:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:56:0D:6D:7C:B4:26:12:32:12:63:E5:6B:71:0F:66:20:7D:D7:93
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/nFYNbXy0JhIyEmPla3EPZiB915M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.187.0/24
5.182.192.0/24
5.182.198.0/24
31.132.52.0/23
36.255.213.0-36.255.214.255
45.248.52.0/24
63.246.130.0-63.246.133.255
63.246.137.0/24
63.246.151.0/24
63.246.158.0/24
78.31.204.0/24
92.249.31.0/24
94.154.170.0/24
94.154.182.0/24
103.105.166.0/24
103.130.178.0/24
103.210.12.0/24
147.78.205.0-147.78.206.255
162.218.90.0/24
185.52.137.0/24
185.187.212.0/24
185.201.40.0/24
185.205.205.0/24
212.60.15.0/24
217.197.169.0/24
Signature Algorithm: sha256WithRSAEncryption
99:f9:bd:9a:c3:25:15:be:3c:ea:0d:25:8e:18:ef:07:d5:bd:
6f:65:e6:4c:87:8c:d1:65:18:da:0a:46:85:2a:b4:0f:1d:3a:
53:b1:66:5e:a4:8d:38:c4:98:b0:81:1d:6c:55:0c:b6:ec:ce:
ce:6a:04:dd:b2:bf:4f:1e:e1:e5:05:c4:81:bc:75:73:f1:99:
99:ac:f2:1c:3d:37:95:6f:06:2b:c2:f3:3c:7e:9b:2b:e7:8c:
6b:ab:cf:29:27:61:57:24:fb:1b:5e:53:28:5c:af:9e:67:8d:
b1:ca:21:25:9b:70:e4:2a:b7:03:05:ae:b4:b1:a8:14:c8:78:
25:a7:04:50:be:5f:43:d6:e3:42:1c:c6:07:7d:85:bd:9d:9f:
f0:bd:c2:b6:fb:f7:58:66:35:6b:0f:9a:b4:5e:19:31:0f:7e:
11:f0:b5:af:02:2f:06:dd:61:4b:93:b0:0a:6b:90:b0:21:67:
ee:37:e3:b1:d2:77:74:0f:d1:06:a6:66:a1:29:be:51:b4:0a:
e3:d4:f3:0d:a6:b0:4e:58:ae:98:7d:29:c6:ee:35:9f:99:21:
64:a0:e7:5d:21:f8:4e:36:42:e1:f1:c6:1d:f2:ec:68:80:81:
1b:f3:fc:41:90:68:8d:1e:4f:97:b0:d8:3e:c5:b9:a9:57:48:
96:9a:20:da
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgISAZy2Fcn3tCaqDuUTwg32YpSaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjYwMzAzMjM0MzI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzU2MGQ2ZDdjYjQyNjEyMzIxMjYzZTU2YjcxMGY2NjIwN2RkNzkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApPYLGFx6VzZv/qz5gZ7ry1+B3fHb
hb16V+QY7hI7VOeveTgA+D9wodtTBVrBk6xKPVxJhyrafLUT2i7CQUa/Ib7LIMM8
SLZN1dJLqeWGVycQ0xZEF3exnB8FUseqJr02hEpUD4wBQ3JO3P3lKgCtB1ZeT4mF
OXv0yNDLO+7KLD14KOX5NEpPolNjyzysE2fFJUbpILzgbR7M6/92W0XI6W0FVetn
Ff+sfcmjSQYkfXsGKk1RPXKz4XojmMWjlHsk8zqJmVb82J4ybrAoVaiZgN8+P83F
0wS7ZIR2UOwAjAR+61XH+jPftxuXMbI8BfcCWjfqe82adveMuIBeta1YuwIDAQAB
o4ICtjCCArIwHQYDVR0OBBYEFJxWDW18tCYSMhJj5WtxD2YgfdeTMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvbkZZTmJYeTBKaEl5RW1QbGEzRVBaaUI5MTVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHLBggrBgEFBQcBBwEB/wSBuzCBuDCBtQQCAAEwga4DBAAF
trsDBAAFtsADBAAFtsYDBAEfhDQwDAMEACT/1QMEACT/1gMEAC34NDAMAwQBP/aC
AwQBP/aEAwQAP/aJAwQAP/aXAwQAP/aeAwQATh/MAwQAXPkfAwQAXpqqAwQAXpq2
AwQAZ2mmAwQAZ4KyAwQAZ9IMMAwDBACTTs0DBACTTs4DBACi2loDBAC5NIkDBAC5
u9QDBAC5ySgDBAC5zc0DBADUPA8DBADZxakwDQYJKoZIhvcNAQELBQADggEBAJn5
vZrDJRW+POoNJY4Y7wfVvW9l5kyHjNFlGNoKRoUqtA8dOlOxZl6kjTjEmLCBHWxV
DLbszs5qBN2yv08e4eUFxIG8dXPxmZms8hw9N5VvBivC8zx+myvnjGurzyknYVck
+xteUyhcr55njbHKISWbcOQqtwMFrrSxqBTIeCWnBFC+X0PW40Icxgd9hb2dn/C9
wrb791hmNWsPmrReGTEPfhHwta8CLwbdYUuTsAprkLAhZ+4347HSd3QP0QamZqEp
vlG0CuPU8w2msE5Yrph9KcbuNZ+ZIWSg510h+E42QuHxxh3y7GiAgRvz/EGQaI0e
T5ew2D7FualXSJaaINo=
-----END CERTIFICATE-----
Generated at Fri Mar 6 01:03:43 2026 by rpki-client