Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/W2OrB0j0-nYPTzXGx8wglEsSrTg.roa
File: W2OrB0j0-nYPTzXGx8wglEsSrTg.roa (raw, json)
Hash identifier: VYxarI+ue3iiKP2yq3ncIk9PFzz9Y9KND/jO/nEButo=
Subject key identifier: 5B:63:AB:07:48:F4:FA:76:0F:4F:35:C6:C7:CC:20:94:4B:12:AD:38
Certificate issuer: /CN=bdfad23e11cf0d24a477594eba09f99acc6f1fff
Certificate serial: 019DAECFCBAB2FD0814A4444CF48CF09968F
Authority key identifier: BD:FA:D2:3E:11:CF:0D:24:A4:77:59:4E:BA:09:F9:9A:CC:6F:1F:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vfrSPhHPDSSkd1lOugn5msxvH_8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/W2OrB0j0-nYPTzXGx8wglEsSrTg.roa
Signing time: Tue 21 Apr 2026 06:52:26 +0000
ROA not before: Tue 21 Apr 2026 06:52:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 39494
IP address blocks: 31.177.72.0/22 maxlen: 22
31.177.76.0/23 maxlen: 23
31.177.80.0/23 maxlen: 23
31.177.84.0/23 maxlen: 23
31.177.85.0/24 maxlen: 24
31.177.86.0/23 maxlen: 24
31.177.88.0/24 maxlen: 24
31.177.89.0/24 maxlen: 24
31.177.90.0/24 maxlen: 24
77.222.33.0/24 maxlen: 24
77.222.34.0/24 maxlen: 24
79.174.64.0/21 maxlen: 21
79.174.72.0/22 maxlen: 22
79.174.76.0/24 maxlen: 24
80.93.56.0/22 maxlen: 22
89.104.64.0/19 maxlen: 19
89.104.76.0/23 maxlen: 23
89.104.76.0/24 maxlen: 24
89.104.78.0/23 maxlen: 23
89.104.88.0/22 maxlen: 22
89.104.92.0/24 maxlen: 24
89.111.128.0/18 maxlen: 18
89.111.128.0/20 maxlen: 20
89.111.144.0/20 maxlen: 20
89.111.160.0/20 maxlen: 24
89.111.162.0/23 maxlen: 23
89.111.164.0/22 maxlen: 22
89.111.176.0/20 maxlen: 20
89.111.176.0/22 maxlen: 22
89.111.177.0/24 maxlen: 24
91.217.21.0/24 maxlen: 24
2a01:d8::/32 maxlen: 48
2a02:2090::/32 maxlen: 48
2a02:2090:e400::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/vfrSPhHPDSSkd1lOugn5msxvH_8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/vfrSPhHPDSSkd1lOugn5msxvH_8.mft
rsync://rpki.ripe.net/repository/DEFAULT/vfrSPhHPDSSkd1lOugn5msxvH_8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 30 Apr 2026 13:01:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:ae:cf:cb:ab:2f:d0:81:4a:44:44:cf:48:cf:09:96:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bdfad23e11cf0d24a477594eba09f99acc6f1fff
Validity
Not Before: Apr 21 06:52:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5b63ab0748f4fa760f4f35c6c7cc20944b12ad38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:ba:c2:7f:a9:36:71:cc:8a:f1:b5:0e:d0:55:
67:1d:ff:e7:35:e2:a2:3e:77:02:83:43:b6:16:16:
de:29:ef:f9:7b:02:b0:16:cd:a9:87:ca:65:7e:ec:
c6:0e:05:9c:53:fd:21:a1:bf:2c:64:f3:22:47:7c:
da:71:f2:c9:0f:00:41:53:d6:eb:4d:a7:0b:a1:93:
02:b8:c4:05:d3:00:f4:a7:53:20:78:87:aa:b1:db:
3d:e9:92:ce:d1:53:64:55:23:a1:69:fe:df:19:08:
45:b2:2b:40:65:f5:f8:94:39:3e:c4:52:6f:d6:63:
0e:11:10:42:d4:f1:1b:6e:10:b7:70:3f:97:32:cd:
9c:87:41:58:a1:39:b5:f5:5c:e6:1c:ef:0a:b7:23:
2e:f0:23:85:57:61:a4:c5:04:48:34:eb:c8:32:1f:
2b:84:6a:8b:f6:32:62:e7:95:ce:51:6e:99:d6:ab:
76:9d:2c:73:dc:bf:cf:fc:fe:1c:23:47:85:9b:cb:
72:aa:c3:06:cf:fe:7b:c0:81:53:f0:77:3e:e3:c0:
c5:23:f8:42:6c:e7:b4:85:5c:2c:14:06:e2:39:75:
9a:84:0e:fc:a8:bf:a5:de:08:74:69:ba:0e:01:45:
66:69:03:d4:73:55:9d:04:e9:a5:8e:5f:a3:17:ce:
f3:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:63:AB:07:48:F4:FA:76:0F:4F:35:C6:C7:CC:20:94:4B:12:AD:38
X509v3 Authority Key Identifier:
keyid:BD:FA:D2:3E:11:CF:0D:24:A4:77:59:4E:BA:09:F9:9A:CC:6F:1F:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vfrSPhHPDSSkd1lOugn5msxvH_8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/W2OrB0j0-nYPTzXGx8wglEsSrTg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/vfrSPhHPDSSkd1lOugn5msxvH_8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.177.72.0-31.177.77.255
31.177.80.0/23
31.177.84.0-31.177.90.255
77.222.33.0-77.222.34.255
79.174.64.0-79.174.76.255
80.93.56.0/22
89.104.64.0/19
89.111.128.0/18
91.217.21.0/24
IPv6:
2a01:d8::/32
2a02:2090::/32
Signature Algorithm: sha256WithRSAEncryption
0e:85:5f:dd:b3:49:49:6f:23:cb:01:f0:d0:fb:db:c0:83:7e:
38:d8:b3:ec:89:e9:61:e7:76:79:dd:84:6e:e0:c0:67:c8:84:
d3:64:63:36:4a:da:3b:da:03:e0:c7:49:91:b8:ce:ba:79:2c:
ff:56:f6:95:1e:ee:a6:ac:cf:ac:cd:9f:87:f7:fa:be:84:14:
ce:77:0d:cc:15:e5:75:ff:fa:1e:fa:ec:09:c5:a0:ec:39:68:
fa:16:d8:f7:71:ce:dc:d0:81:82:3a:ef:de:35:95:b1:c6:e5:
e5:51:b7:d6:fe:d5:73:f4:c0:0b:ed:c7:47:4d:eb:df:63:c3:
db:a5:0a:d2:93:b1:19:67:7e:b3:a3:db:f3:24:c2:bd:56:8b:
c1:ce:f9:59:a3:ab:70:1a:a7:f2:6a:e0:19:38:b3:f7:08:5d:
31:da:1f:7e:a3:15:e6:6d:83:a5:d3:ca:bf:25:b3:83:9d:71:
47:c4:9f:4e:32:46:67:13:e3:75:02:2c:61:c9:9a:e0:ae:cc:
24:d4:7f:0c:a2:7d:ab:9e:19:ee:b0:df:7c:36:27:e9:a7:11:
18:67:e6:4f:2d:b8:95:54:8f:7e:b1:2b:d3:ea:a3:6b:50:40:
38:74:65:e1:47:b5:ce:63:b1:3d:e8:6c:60:96:1b:00:3c:6f:
79:1a:f3:a9
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAZ2uz8urL9CBSkREz0jPCZaPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZmFkMjNlMTFjZjBkMjRhNDc3NTk0ZWJhMDlmOTlhY2M2
ZjFmZmYwHhcNMjYwNDIxMDY1MjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjYzYWIwNzQ4ZjRmYTc2MGY0ZjM1YzZjN2NjMjA5NDRiMTJhZDM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqLrCf6k2ccyK8bUO0FVnHf/nNeKi
PncCg0O2FhbeKe/5ewKwFs2ph8plfuzGDgWcU/0hob8sZPMiR3zacfLJDwBBU9br
TacLoZMCuMQF0wD0p1MgeIeqsds96ZLO0VNkVSOhaf7fGQhFsitAZfX4lDk+xFJv
1mMOERBC1PEbbhC3cD+XMs2ch0FYoTm19VzmHO8KtyMu8COFV2GkxQRINOvIMh8r
hGqL9jJi55XOUW6Z1qt2nSxz3L/P/P4cI0eFm8tyqsMGz/57wIFT8Hc+48DFI/hC
bOe0hVwsFAbiOXWahA78qL+l3gh0aboOAUVmaQPUc1WdBOmljl+jF87z2wIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFFtjqwdI9Pp2D081xsfMIJRLEq04MB8GA1UdIwQY
MBaAFL360j4Rzw0kpHdZTroJ+ZrMbx//MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmZyU1BoSFBEU1NrZDFsT3VnbjVtc3h2SF84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9lMjUyMzktNmFiMC00OTE5LWE3NmEt
NGY0ZTcxZTMyMDg0LzEvVzJPckIwajAtbllQVHpYR3g4d2dsRXNTclRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9lMjUyMzktNmFiMC00OTE5LWE3NmEtNGY0ZTcxZTMyMDg0
LzEvdmZyU1BoSFBEU1NrZDFsT3VnbjVtc3h2SF84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwXAQCAAEwVjAMAwQDH7FI
AwQBH7FMAwQBH7FQMAwDBAIfsVQDBAAfsVowDAMEAE3eIQMEAE3eIjAMAwQGT65A
AwQAT65MAwQCUF04AwQFWWhAAwQGWW+AAwQAW9kVMBQEAgACMA4DBQAqAQDYAwUA
KgIgkDANBgkqhkiG9w0BAQsFAAOCAQEADoVf3bNJSW8jywHw0PvbwIN+ONiz7Inp
Yed2ed2EbuDAZ8iE02RjNkraO9oD4MdJkbjOunks/1b2lR7upqzPrM2fh/f6voQU
zncNzBXldf/6HvrsCcWg7Dlo+hbY93HO3NCBgjrv3jWVscbl5VG31v7Vc/TAC+3H
R03r32PD26UK0pOxGWd+s6Pb8yTCvVaLwc75WaOrcBqn8mrgGTiz9whdMdoffqMV
5m2DpdPKvyWzg51xR8SfTjJGZxPjdQIsYcma4K7MJNR/DKJ9q54Z7rDffDYn6acR
GGfmTy24lVSPfrEr0+qja1BAOHRl4Ue1zmOxPehsYJYbADxveRrzqQ==
-----END CERTIFICATE-----
Generated at Wed Apr 29 15:54:08 2026 by rpki-client