Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/3d2a14-6b79-4689-9579-39480285a948/1/NtvT6CD2I_6TfsATUb8G0iPohz4.roa
File: NtvT6CD2I_6TfsATUb8G0iPohz4.roa (raw, json)
Hash identifier: 3QtiYDBmY6HJqn3yMKh8PCjoRTlhC0HDfTJNACRrjJk=
Subject key identifier: 36:DB:D3:E8:20:F6:23:FE:93:7E:C0:13:51:BF:06:D2:23:E8:87:3E
Certificate issuer: /CN=7dc4acedcb86cddfed7f6de8cadfca00469bbc8e
Certificate serial: 019E68647F1501E961645C8CD369C27F867E
Authority key identifier: 7D:C4:AC:ED:CB:86:CD:DF:ED:7F:6D:E8:CA:DF:CA:00:46:9B:BC:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fcSs7cuGzd_tf23oyt_KAEabvI4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/3d2a14-6b79-4689-9579-39480285a948/1/NtvT6CD2I_6TfsATUb8G0iPohz4.roa
Signing time: Wed 27 May 2026 07:44:37 +0000
ROA not before: Wed 27 May 2026 07:44:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 2116
IP address blocks: 31.185.24.0/21 maxlen: 21
37.191.128.0/17 maxlen: 17
62.63.0.0/18 maxlen: 18
62.101.192.0/18 maxlen: 18
64.28.0.0/19 maxlen: 19
77.40.128.0/17 maxlen: 17
77.88.64.0/18 maxlen: 18
77.234.48.0/21 maxlen: 21
77.241.96.0/20 maxlen: 20
78.24.144.0/21 maxlen: 21
79.135.0.0/19 maxlen: 19
80.64.192.0/20 maxlen: 20
80.241.80.0/20 maxlen: 20
81.0.128.0/18 maxlen: 18
81.175.0.0/20 maxlen: 20
81.175.20.0/22 maxlen: 22
81.175.24.0/21 maxlen: 21
81.175.32.0/19 maxlen: 19
81.191.0.0/16 maxlen: 16
82.196.192.0/19 maxlen: 19
84.20.96.0/19 maxlen: 19
85.112.128.0/19 maxlen: 19
85.196.64.0/18 maxlen: 18
85.221.0.0/17 maxlen: 17
85.252.0.0/16 maxlen: 16
86.62.128.0/18 maxlen: 18
87.118.0.0/18 maxlen: 18
88.84.160.0/19 maxlen: 19
89.191.0.0/19 maxlen: 19
91.135.32.0/20 maxlen: 20
91.135.34.0/24 maxlen: 24
91.202.80.0/22 maxlen: 22
109.199.192.0/19 maxlen: 19
178.74.0.0/18 maxlen: 18
185.8.16.0/22 maxlen: 22
185.35.80.0/22 maxlen: 22
185.67.116.0/22 maxlen: 22
185.67.116.0/24 maxlen: 24
185.129.156.0/22 maxlen: 22
193.69.0.0/16 maxlen: 16
193.71.0.0/16 maxlen: 16
193.75.0.0/17 maxlen: 17
193.90.0.0/16 maxlen: 16
193.91.128.0/17 maxlen: 17
194.19.0.0/17 maxlen: 17
194.29.200.0/22 maxlen: 22
194.54.96.0/19 maxlen: 19
195.0.128.0/17 maxlen: 17
195.1.0.0/16 maxlen: 16
195.18.128.0/17 maxlen: 17
195.139.0.0/16 maxlen: 16
195.159.0.0/16 maxlen: 16
195.204.0.0/16 maxlen: 16
212.62.224.0/19 maxlen: 19
212.71.64.0/19 maxlen: 19
213.52.0.0/17 maxlen: 17
213.151.128.0/19 maxlen: 19
213.158.224.0/19 maxlen: 19
213.160.224.0/20 maxlen: 20
213.160.240.0/21 maxlen: 21
213.172.192.0/19 maxlen: 19
213.239.64.0/18 maxlen: 18
217.8.128.0/19 maxlen: 19
217.14.0.0/20 maxlen: 20
217.77.32.0/20 maxlen: 20
217.118.32.0/19 maxlen: 19
217.144.224.0/19 maxlen: 19
2001:840::/29 maxlen: 29
2001:8c0::/29 maxlen: 29
2001:8c0:a906::/48 maxlen: 48
2001:4dd8::/29 maxlen: 29
2a00:c440::/29 maxlen: 29
2a01:520::/29 maxlen: 29
2a02:270::/29 maxlen: 29
2a03:c000::/29 maxlen: 29
2a04:6340::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/3d2a14-6b79-4689-9579-39480285a948/1/fcSs7cuGzd_tf23oyt_KAEabvI4.crl
rsync://rpki.ripe.net/repository/DEFAULT/e9/3d2a14-6b79-4689-9579-39480285a948/1/fcSs7cuGzd_tf23oyt_KAEabvI4.mft
rsync://rpki.ripe.net/repository/DEFAULT/fcSs7cuGzd_tf23oyt_KAEabvI4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 10 Jun 2026 11:14:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:68:64:7f:15:01:e9:61:64:5c:8c:d3:69:c2:7f:86:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7dc4acedcb86cddfed7f6de8cadfca00469bbc8e
Validity
Not Before: May 27 07:44:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=36dbd3e820f623fe937ec01351bf06d223e8873e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:f8:c6:4f:6c:f4:f5:47:87:2a:46:cc:49:b1:
26:af:49:08:ff:34:4e:4f:6e:17:77:db:94:10:8c:
08:d5:e9:5d:30:1a:94:2e:29:28:59:2e:6c:39:4f:
e7:1b:fb:9f:d5:35:e2:39:30:ea:84:1c:86:6a:a2:
b1:f9:a9:52:30:6d:8f:7c:48:f4:38:d6:aa:f1:0d:
8c:aa:39:07:ad:7d:c2:ef:a0:a1:34:5e:ed:7f:1f:
7f:26:a7:55:c7:e1:16:e2:d4:c6:f1:77:77:a1:ae:
5b:36:af:3a:94:c3:1b:a4:9d:b9:d8:dc:98:37:c3:
b2:c0:cd:b8:99:bb:e2:16:53:3b:c1:0d:75:75:3b:
d4:67:26:b6:8a:d6:2f:ff:a7:fa:59:80:93:4b:2d:
82:6b:6a:d5:c1:9e:df:b6:53:53:00:49:b5:9f:1e:
9c:ab:cb:55:59:cb:5b:90:82:dd:36:0b:92:7d:97:
97:a0:a4:38:53:00:f5:f0:b6:db:57:42:fd:a2:d7:
b8:ba:0b:1e:61:7b:34:d5:df:97:29:29:9c:21:ee:
a5:e3:3f:bf:9c:ca:9f:10:35:31:21:55:b0:7b:3b:
7a:45:c5:7d:86:d0:90:0f:6b:3c:03:e5:7b:37:63:
40:ab:0f:2d:aa:db:0a:8f:55:92:ff:d2:41:15:39:
2c:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:DB:D3:E8:20:F6:23:FE:93:7E:C0:13:51:BF:06:D2:23:E8:87:3E
X509v3 Authority Key Identifier:
keyid:7D:C4:AC:ED:CB:86:CD:DF:ED:7F:6D:E8:CA:DF:CA:00:46:9B:BC:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fcSs7cuGzd_tf23oyt_KAEabvI4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/3d2a14-6b79-4689-9579-39480285a948/1/NtvT6CD2I_6TfsATUb8G0iPohz4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/3d2a14-6b79-4689-9579-39480285a948/1/fcSs7cuGzd_tf23oyt_KAEabvI4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.185.24.0/21
37.191.128.0/17
62.63.0.0/18
62.101.192.0/18
64.28.0.0/19
77.40.128.0/17
77.88.64.0/18
77.234.48.0/21
77.241.96.0/20
78.24.144.0/21
79.135.0.0/19
80.64.192.0/20
80.241.80.0/20
81.0.128.0/18
81.175.0.0/20
81.175.20.0-81.175.63.255
81.191.0.0/16
82.196.192.0/19
84.20.96.0/19
85.112.128.0/19
85.196.64.0/18
85.221.0.0/17
85.252.0.0/16
86.62.128.0/18
87.118.0.0/18
88.84.160.0/19
89.191.0.0/19
91.135.32.0/20
91.202.80.0/22
109.199.192.0/19
178.74.0.0/18
185.8.16.0/22
185.35.80.0/22
185.67.116.0/22
185.129.156.0/22
193.69.0.0/16
193.71.0.0/16
193.75.0.0/17
193.90.0.0/16
193.91.128.0/17
194.19.0.0/17
194.29.200.0/22
194.54.96.0/19
195.0.128.0-195.1.255.255
195.18.128.0/17
195.139.0.0/16
195.159.0.0/16
195.204.0.0/16
212.62.224.0/19
212.71.64.0/19
213.52.0.0/17
213.151.128.0/19
213.158.224.0/19
213.160.224.0-213.160.247.255
213.172.192.0/19
213.239.64.0/18
217.8.128.0/19
217.14.0.0/20
217.77.32.0/20
217.118.32.0/19
217.144.224.0/19
IPv6:
2001:840::/29
2001:8c0::/29
2001:4dd8::/29
2a00:c440::/29
2a01:520::/29
2a02:270::/29
2a03:c000::/29
2a04:6340::/29
Signature Algorithm: sha256WithRSAEncryption
10:57:50:f8:b2:06:41:d1:c8:1d:44:7f:cc:f4:bb:17:0f:7f:
5c:3b:10:c4:fb:01:ab:b4:56:51:c7:cb:79:43:60:9a:6a:e0:
5a:1c:dd:64:0c:3a:04:f6:ff:de:6a:89:09:2f:37:84:40:53:
a9:23:44:1c:82:c2:40:9a:34:ec:dd:2c:e9:63:7d:3c:6d:04:
da:65:cf:9f:16:71:eb:43:53:24:57:df:24:14:00:82:08:20:
cd:f1:6d:32:4f:07:a7:06:6a:ea:a0:62:1f:0c:bd:8a:c5:a1:
55:14:8c:30:c7:ba:f1:1f:b6:d1:02:7e:ea:fe:b3:47:56:c2:
ec:f8:a4:cb:4a:d7:87:a6:bc:95:98:77:1f:cc:2f:90:9e:63:
53:1b:5b:27:83:19:55:fc:38:76:0c:eb:ab:ee:15:bc:c0:10:
5b:1d:91:cb:93:1c:94:72:4a:2a:1b:3b:71:ff:82:a4:f2:a9:
f9:5a:e5:4e:c3:a7:82:d4:c0:71:ab:64:15:0b:86:f2:94:0c:
5a:ec:9a:ca:a5:bd:81:39:a1:8b:37:91:23:13:8b:44:f9:3d:
4e:d1:84:93:9d:c2:8c:44:4a:a3:a9:ef:6c:20:fe:9f:4a:95:
14:40:c6:2c:a0:74:92:9a:8a:37:cb:7d:7a:d2:be:9e:22:42:
78:77:b6:b4
-----BEGIN CERTIFICATE-----
MIIGvjCCBaagAwIBAgISAZ5oZH8VAelhZFyM02nCf4Z+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYzRhY2VkY2I4NmNkZGZlZDdmNmRlOGNhZGZjYTAwNDY5
YmJjOGUwHhcNMjYwNTI3MDc0NDM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmRiZDNlODIwZjYyM2ZlOTM3ZWMwMTM1MWJmMDZkMjIzZTg4NzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqvjGT2z09UeHKkbMSbEmr0kI/zRO
T24Xd9uUEIwI1eldMBqULikoWS5sOU/nG/uf1TXiOTDqhByGaqKx+alSMG2PfEj0
ONaq8Q2MqjkHrX3C76ChNF7tfx9/JqdVx+EW4tTG8Xd3oa5bNq86lMMbpJ252NyY
N8OywM24mbviFlM7wQ11dTvUZya2itYv/6f6WYCTSy2Ca2rVwZ7ftlNTAEm1nx6c
q8tVWctbkILdNguSfZeXoKQ4UwD18LbbV0L9ote4ugseYXs01d+XKSmcIe6l4z+/
nMqfEDUxIVWwezt6RcV9htCQD2s8A+V7N2NAqw8tqtsKj1WS/9JBFTksNQIDAQAB
o4IDyjCCA8YwHQYDVR0OBBYEFDbb0+gg9iP+k37AE1G/BtIj6Ic+MB8GA1UdIwQY
MBaAFH3ErO3Lhs3f7X9t6MrfygBGm7yOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmNTczdjdUd6ZF90ZjIzb3l0X0tBRWFidkk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8zZDJhMTQtNmI3OS00Njg5LTk1Nzkt
Mzk0ODAyODVhOTQ4LzEvTnR2VDZDRDJJXzZUZnNBVFViOEcwaVBvaHo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8zZDJhMTQtNmI3OS00Njg5LTk1NzktMzk0ODAyODVhOTQ4
LzEvZmNTczdjdUd6ZF90ZjIzb3l0X0tBRWFidkk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIB3gYIKwYBBQUHAQcBAf8EggHNMIIByTCCAYUEAgABMIIB
fQMEAx+5GAMEByW/gAMEBj4/AAMEBj5lwAMEBUAcAAMEB00ogAMEBk1YQAMEA03q
MAMEBE3xYAMEA04YkAMEBU+HAAMEBFBAwAMEBFDxUAMEBlEAgAMEBFGvADAMAwQC
Ua8UAwQGUa8AAwMAUb8DBAVSxMADBAVUFGADBAVVcIADBAZVxEADBAdV3QADAwBV
/AMEBlY+gAMEBld2AAMEBVhUoAMEBVm/AAMEBFuHIAMEAlvKUAMEBW3HwAMEBrJK
AAMEArkIEAMEArkjUAMEArlDdAMEArmBnAMDAMFFAwMAwUcDBAfBSwADAwDBWgME
B8FbgAMEB8ITAAMEAsIdyAMEBcI2YDALAwQHwwCAAwMBwwADBAfDEoADAwDDiwMD
AMOfAwMAw8wDBAXUPuADBAXUR0ADBAfVNAADBAXVl4ADBAXVnuAwDAMEBdWg4AME
A9Wg8AMEBdWswAMEBtXvQAMEBdkIgAMEBNkOAAMEBNlNIAMEBdl2IAMEBdmQ4DA+
BAIAAjA4AwUDIAEIQAMFAyABCMADBQMgAU3YAwUDKgDEQAMFAyoBBSADBQMqAgJw
AwUDKgPAAAMFAyoEY0AwDQYJKoZIhvcNAQELBQADggEBABBXUPiyBkHRyB1Ef8z0
uxcPf1w7EMT7Aau0VlHHy3lDYJpq4Foc3WQMOgT2/95qiQkvN4RAU6kjRByCwkCa
NOzdLOljfTxtBNplz58WcetDUyRX3yQUAIIIIM3xbTJPB6cGauqgYh8MvYrFoVUU
jDDHuvEfttECfur+s0dWwuz4pMtK14emvJWYdx/ML5CeY1MbWyeDGVX8OHYM66vu
FbzAEFsdkcuTHJRySiobO3H/gqTyqfla5U7Dp4LUwHGrZBULhvKUDFrsmsqlvYE5
oYs3kSMTi0T5PU7RhJOdwoxESqOp72wg/p9KlRRAxiygdJKaijfLfXrSvp4iQnh3
trQ=
-----END CERTIFICATE-----
Generated at Tue Jun 9 22:13:44 2026 by rpki-client