Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/21wKIs7rhmw7UTkqErsFyGzHJN8.roa
File: 21wKIs7rhmw7UTkqErsFyGzHJN8.roa (raw, json)
Hash identifier: aoabAhF4bWUfOPeDotDxYf7Q2ClfMbRxwfWaY/8eyCo=
Subject key identifier: DB:5C:0A:22:CE:EB:86:6C:3B:51:39:2A:12:BB:05:C8:6C:C7:24:DF
Certificate issuer: /CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Certificate serial: 019E229566CE6ACC352F6DCA25AC72996D71
Authority key identifier: C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/21wKIs7rhmw7UTkqErsFyGzHJN8.roa
Signing time: Wed 13 May 2026 18:24:37 +0000
ROA not before: Wed 13 May 2026 18:24:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 31083
IP address blocks: 5.104.175.0/24 maxlen: 24
77.76.0.0/24 maxlen: 24
77.76.14.0/24 maxlen: 24
78.128.1.0/24 maxlen: 24
78.128.2.0/24 maxlen: 24
78.128.6.0/24 maxlen: 24
78.128.7.0/24 maxlen: 24
78.128.8.0/24 maxlen: 24
78.128.9.0/24 maxlen: 24
78.128.42.0/24 maxlen: 24
78.128.43.0/24 maxlen: 24
78.128.60.0/24 maxlen: 24
78.128.62.0/24 maxlen: 24
78.128.76.0/24 maxlen: 24
78.128.77.0/24 maxlen: 24
78.128.78.0/24 maxlen: 24
78.128.80.0/24 maxlen: 24
78.128.81.0/24 maxlen: 24
78.128.118.0/24 maxlen: 24
78.128.126.0/24 maxlen: 24
78.142.6.0/24 maxlen: 24
78.142.32.0/24 maxlen: 24
78.142.47.0/24 maxlen: 24
78.142.51.0/24 maxlen: 24
78.142.56.0/24 maxlen: 24
78.142.57.0/24 maxlen: 24
78.142.58.0/24 maxlen: 24
78.142.59.0/24 maxlen: 24
78.142.62.0/24 maxlen: 24
78.142.63.0/24 maxlen: 24
79.124.4.0/24 maxlen: 24
79.124.5.0/24 maxlen: 24
79.124.6.0/24 maxlen: 24
79.124.13.0/24 maxlen: 24
79.124.14.0/24 maxlen: 24
79.124.16.0/24 maxlen: 24
79.124.17.0/24 maxlen: 24
79.124.22.0/24 maxlen: 24
79.124.31.0/24 maxlen: 24
79.124.44.0/24 maxlen: 24
79.124.52.0/24 maxlen: 24
79.124.55.0/24 maxlen: 24
79.124.63.0/24 maxlen: 24
79.124.64.0/24 maxlen: 24
79.124.65.0/24 maxlen: 24
79.124.66.0/24 maxlen: 24
79.124.67.0/24 maxlen: 24
79.124.75.0/24 maxlen: 24
79.124.76.0/24 maxlen: 24
79.124.84.0/24 maxlen: 24
79.124.90.0/24 maxlen: 24
82.118.229.0/24 maxlen: 24
82.118.243.0/24 maxlen: 24
83.222.185.0/24 maxlen: 24
91.148.148.0/24 maxlen: 24
91.148.168.0/24 maxlen: 24
94.72.136.0/22 maxlen: 24
130.185.225.0/24 maxlen: 24
130.185.232.0/24 maxlen: 24
178.132.86.0/24 maxlen: 24
178.132.87.0/24 maxlen: 24
185.197.152.0/22 maxlen: 24
185.232.156.0/23 maxlen: 24
217.174.146.0/23 maxlen: 24
217.174.148.0/23 maxlen: 24
217.174.151.0/24 maxlen: 24
217.174.152.0/23 maxlen: 24
217.174.155.0/24 maxlen: 24
217.174.156.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.mft
rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 13:27:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:22:95:66:ce:6a:cc:35:2f:6d:ca:25:ac:72:99:6d:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Validity
Not Before: May 13 18:24:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=db5c0a22ceeb866c3b51392a12bb05c86cc724df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:62:04:8e:3d:65:74:28:9e:fb:29:85:89:ff:
aa:2f:40:dc:36:9b:bd:24:b0:80:dc:ad:0b:41:84:
c4:b5:f2:cc:bf:1d:70:63:50:33:b7:ff:7b:88:b3:
fe:88:53:3d:53:e0:d4:05:88:75:a1:c2:6b:4c:fd:
93:f6:52:b4:4d:48:7d:69:f7:eb:43:4b:17:ac:9b:
b3:f2:61:31:f0:bd:71:8b:16:59:bf:fd:f8:af:3a:
87:53:62:41:5c:30:ab:51:ea:e4:22:43:5b:2c:a4:
f0:20:0e:af:be:40:a9:e7:8d:62:c7:49:4a:19:7a:
2f:18:4d:85:7f:dc:2e:5f:7d:24:fa:17:d8:6a:56:
8c:ff:94:2a:7e:b8:fe:b9:a1:a5:0c:d8:a4:2f:69:
ea:7e:a0:3a:ba:af:e7:8c:32:d4:be:a4:3b:03:74:
77:48:38:41:54:64:cd:90:29:09:fa:71:86:a8:96:
00:31:66:f2:8d:99:16:cb:60:bb:51:45:17:5b:df:
45:63:d6:0f:2e:92:22:64:9f:fd:3b:4e:5e:32:d7:
40:6b:03:db:a3:f6:33:48:9f:b1:20:a0:7a:68:12:
8c:f9:82:d0:92:87:3d:b6:ed:4d:8d:5e:6d:db:de:
9d:26:3e:59:e3:1f:71:ee:9f:1c:98:e8:d2:24:0e:
c6:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:5C:0A:22:CE:EB:86:6C:3B:51:39:2A:12:BB:05:C8:6C:C7:24:DF
X509v3 Authority Key Identifier:
keyid:C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/21wKIs7rhmw7UTkqErsFyGzHJN8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.175.0/24
77.76.0.0/24
77.76.14.0/24
78.128.1.0-78.128.2.255
78.128.6.0-78.128.9.255
78.128.42.0/23
78.128.60.0/24
78.128.62.0/24
78.128.76.0-78.128.78.255
78.128.80.0/23
78.128.118.0/24
78.128.126.0/24
78.142.6.0/24
78.142.32.0/24
78.142.47.0/24
78.142.51.0/24
78.142.56.0/22
78.142.62.0/23
79.124.4.0-79.124.6.255
79.124.13.0-79.124.14.255
79.124.16.0/23
79.124.22.0/24
79.124.31.0/24
79.124.44.0/24
79.124.52.0/24
79.124.55.0/24
79.124.63.0-79.124.67.255
79.124.75.0-79.124.76.255
79.124.84.0/24
79.124.90.0/24
82.118.229.0/24
82.118.243.0/24
83.222.185.0/24
91.148.148.0/24
91.148.168.0/24
94.72.136.0/22
130.185.225.0/24
130.185.232.0/24
178.132.86.0/23
185.197.152.0/22
185.232.156.0/23
217.174.146.0-217.174.149.255
217.174.151.0-217.174.153.255
217.174.155.0-217.174.156.255
Signature Algorithm: sha256WithRSAEncryption
18:30:07:05:c5:7c:c6:29:a0:87:fe:71:82:70:3e:57:69:66:
d5:05:e0:86:08:a2:e7:b1:56:aa:52:98:56:2f:07:0d:fd:04:
f7:81:82:41:1b:aa:d4:70:cb:df:98:b5:ce:4f:8d:e3:cd:df:
b1:d5:6b:c1:69:81:e0:8a:89:4c:74:5f:33:19:1a:89:13:8f:
8a:76:83:f5:39:93:72:d4:52:e7:a8:dc:7a:2a:97:fb:13:62:
87:5b:ba:18:ac:85:3e:69:62:88:17:cc:c5:f4:ec:b7:df:ea:
c3:5b:5c:4b:4b:ab:96:e4:31:34:d6:0a:4b:c2:6c:bd:29:ba:
9e:9d:ec:c3:ee:7e:79:2a:3b:b2:4a:31:e8:c9:c9:b0:bd:43:
c5:7d:89:45:5f:d2:8e:c9:6d:d4:3f:0f:b8:6e:f1:e0:80:17:
4b:b6:80:4c:3e:c7:b6:f5:d1:16:c5:c8:5a:22:63:04:f4:77:
96:6b:f6:9d:f9:2e:e6:0c:2d:1a:83:51:e3:cb:39:55:4b:30:
03:dc:38:77:8c:a3:5b:b5:e1:d6:01:2b:b1:20:cd:5e:ec:94:
9e:75:50:3d:af:fe:6d:05:c5:fc:c9:3e:86:6d:27:87:b1:65:
ce:9d:04:78:15:09:86:49:32:6e:3f:5e:e0:ef:50:19:ee:1c:
99:cd:e3:5a
-----BEGIN CERTIFICATE-----
MIIGWTCCBUGgAwIBAgISAZ4ilWbOasw1L23KJaxymW1xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNWVhYzY0ZWE0ODAyZTY4MjQ2ODZmN2MwZDIwMWYyYzg1
Y2IyYWEwHhcNMjYwNTEzMTgyNDM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjVjMGEyMmNlZWI4NjZjM2I1MTM5MmExMmJiMDVjODZjYzcyNGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2IEjj1ldCie+ymFif+qL0DcNpu9
JLCA3K0LQYTEtfLMvx1wY1Azt/97iLP+iFM9U+DUBYh1ocJrTP2T9lK0TUh9affr
Q0sXrJuz8mEx8L1xixZZv/34rzqHU2JBXDCrUerkIkNbLKTwIA6vvkCp541ix0lK
GXovGE2Ff9wuX30k+hfYalaM/5Qqfrj+uaGlDNikL2nqfqA6uq/njDLUvqQ7A3R3
SDhBVGTNkCkJ+nGGqJYAMWbyjZkWy2C7UUUXW99FY9YPLpIiZJ/9O05eMtdAawPb
o/YzSJ+xIKB6aBKM+YLQkoc9tu1NjV5t296dJj5Z4x9x7p8cmOjSJA7GdwIDAQAB
o4IDZTCCA2EwHQYDVR0OBBYEFNtcCiLO64ZsO1E5KhK7BchsxyTfMB8GA1UdIwQY
MBaAFMNerGTqSALmgkaG98DSAfLIXLKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMt
ZGFjYjVmMzU2ZWEzLzEvMjF3S0lzN3JobXc3VVRrcUVyc0Z5R3pISk44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMtZGFjYjVmMzU2ZWEz
LzEvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBeQYIKwYBBQUHAQcBAf8EggFoMIIBZDCCAWAEAgABMIIB
WAMEAAVorwMEAE1MAAMEAE1MDjAMAwQAToABAwQAToACMAwDBAFOgAYDBAFOgAgD
BAFOgCoDBABOgDwDBABOgD4wDAMEAk6ATAMEAE6ATgMEAU6AUAMEAE6AdgMEAE6A
fgMEAE6OBgMEAE6OIAMEAE6OLwMEAE6OMwMEAk6OOAMEAU6OPjAMAwQCT3wEAwQA
T3wGMAwDBABPfA0DBABPfA4DBAFPfBADBABPfBYDBABPfB8DBABPfCwDBABPfDQD
BABPfDcwDAMEAE98PwMEAk98QDAMAwQAT3xLAwQAT3xMAwQAT3xUAwQAT3xaAwQA
UnblAwQAUnbzAwQAU965AwQAW5SUAwQAW5SoAwQCXkiIAwQAgrnhAwQAgrnoAwQB
soRWAwQCucWYAwQBueicMAwDBAHZrpIDBAHZrpQwDAMEANmulwMEAdmumDAMAwQA
2a6bAwQA2a6cMA0GCSqGSIb3DQEBCwUAA4IBAQAYMAcFxXzGKaCH/nGCcD5XaWbV
BeCGCKLnsVaqUphWLwcN/QT3gYJBG6rUcMvfmLXOT43jzd+x1WvBaYHgiolMdF8z
GRqJE4+KdoP1OZNy1FLnqNx6Kpf7E2KHW7oYrIU+aWKIF8zF9Oy33+rDW1xLS6uW
5DE01gpLwmy9KbqenezD7n55KjuySjHoycmwvUPFfYlFX9KOyW3UPw+4bvHggBdL
toBMPse29dEWxchaImME9HeWa/ad+S7mDC0ag1HjyzlVSzAD3Dh3jKNbteHWASux
IM1e7JSedVA9r/5tBcX8yT6GbSeHsWXOnQR4FQmGSTJuP17g71AZ7hyZzeNa
-----END CERTIFICATE-----
Generated at Thu Jun 11 19:13:04 2026 by rpki-client