Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/13EDog0tD_qkm9FeFHghDDtAQfQ.roa
File: 13EDog0tD_qkm9FeFHghDDtAQfQ.roa (raw, json)
Hash identifier: JS7iN5B8IDNR4+AUaX5OQ2bMiLy+wyDJjIJPQlQsqBk=
Subject key identifier: D7:71:03:A2:0D:2D:0F:FA:A4:9B:D1:5E:14:78:21:0C:3B:40:41:F4
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 019D44C81AA041D1947BAE88214F4E37B5B7
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/13EDog0tD_qkm9FeFHghDDtAQfQ.roa
Signing time: Tue 31 Mar 2026 16:44:17 +0000
ROA not before: Tue 31 Mar 2026 16:44:17 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 44559
IP address blocks: 62.76.231.0/24 maxlen: 24
62.76.235.0/24 maxlen: 24
192.124.188.0/24 maxlen: 24
193.124.3.0/24 maxlen: 24
193.124.6.0/24 maxlen: 24
193.124.8.0/24 maxlen: 24
193.124.91.0/24 maxlen: 24
193.124.94.0/24 maxlen: 24
194.58.43.0/24 maxlen: 24
194.58.60.0/24 maxlen: 24
194.58.67.0/24 maxlen: 24
194.87.3.0/24 maxlen: 24
194.87.6.0/24 maxlen: 24
194.87.7.0/24 maxlen: 24
194.87.16.0/24 maxlen: 24
194.87.34.0/24 maxlen: 24
194.87.36.0/24 maxlen: 24
194.87.42.0/24 maxlen: 24
194.87.63.0/24 maxlen: 24
194.87.116.0/24 maxlen: 24
194.87.117.0/24 maxlen: 24
194.87.120.0/24 maxlen: 24
194.87.121.0/24 maxlen: 24
194.87.160.0/24 maxlen: 24
194.87.163.0/24 maxlen: 24
194.87.165.0/24 maxlen: 24
194.87.166.0/24 maxlen: 24
194.87.176.0/24 maxlen: 24
194.87.177.0/24 maxlen: 24
194.87.180.0/24 maxlen: 24
194.87.181.0/24 maxlen: 24
194.87.182.0/24 maxlen: 24
194.135.23.0/24 maxlen: 24
195.58.55.0/24 maxlen: 24
195.58.56.0/24 maxlen: 24
195.58.59.0/24 maxlen: 24
195.58.62.0/24 maxlen: 24
195.133.12.0/24 maxlen: 24
195.133.56.0/24 maxlen: 24
195.133.60.0/24 maxlen: 24
195.133.61.0/24 maxlen: 24
195.133.80.0/24 maxlen: 24
195.133.82.0/24 maxlen: 24
212.192.210.0/24 maxlen: 24
212.192.211.0/24 maxlen: 24
212.192.251.0/24 maxlen: 24
212.193.10.0/24 maxlen: 24
212.193.15.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:44:c8:1a:a0:41:d1:94:7b:ae:88:21:4f:4e:37:b5:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Mar 31 16:44:17 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d77103a20d2d0ffaa49bd15e1478210c3b4041f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:9b:43:d4:78:ec:3b:2e:24:2d:25:c4:23:55:
1d:94:8b:2f:25:0c:40:a0:64:54:65:36:47:f2:9f:
f9:04:51:37:2e:b0:2b:10:6e:60:02:91:53:5a:f2:
e9:58:50:2e:68:83:ea:10:7d:4d:6a:24:6c:2c:87:
d4:f7:50:4b:a2:26:0b:a7:bd:b9:24:68:eb:8b:18:
63:f0:1b:4c:26:fa:62:17:1b:5a:62:1a:48:71:96:
b9:a1:21:28:66:90:55:9d:f7:7a:e7:ac:fa:2b:ea:
c5:37:d5:22:da:90:03:d6:4e:f1:f1:bd:01:9f:c0:
ae:cb:27:34:4b:e2:9e:4e:d6:f3:04:8d:8c:35:95:
84:17:13:1f:ae:fe:a7:8a:4f:29:b3:4f:18:89:13:
b6:66:2f:82:7f:50:37:0c:13:a8:34:7b:ee:49:6c:
d5:76:df:dd:8d:29:23:69:30:4a:c0:2e:34:41:92:
64:18:58:df:ec:63:53:83:c4:13:84:a8:51:1a:2d:
a4:90:17:90:64:78:ab:4a:63:ce:ac:e3:c5:2e:ee:
f9:f8:fb:6e:52:bf:e1:32:08:06:bf:5f:17:33:16:
42:37:d5:8e:5e:bf:bc:15:0d:e3:99:16:77:3d:fe:
0a:7f:4d:de:7a:4e:ca:f6:86:03:75:48:ac:9c:a4:
5a:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:71:03:A2:0D:2D:0F:FA:A4:9B:D1:5E:14:78:21:0C:3B:40:41:F4
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/13EDog0tD_qkm9FeFHghDDtAQfQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.231.0/24
62.76.235.0/24
192.124.188.0/24
193.124.3.0/24
193.124.6.0/24
193.124.8.0/24
193.124.91.0/24
193.124.94.0/24
194.58.43.0/24
194.58.60.0/24
194.58.67.0/24
194.87.3.0/24
194.87.6.0/23
194.87.16.0/24
194.87.34.0/24
194.87.36.0/24
194.87.42.0/24
194.87.63.0/24
194.87.116.0/23
194.87.120.0/23
194.87.160.0/24
194.87.163.0/24
194.87.165.0-194.87.166.255
194.87.176.0/23
194.87.180.0-194.87.182.255
194.135.23.0/24
195.58.55.0-195.58.56.255
195.58.59.0/24
195.58.62.0/24
195.133.12.0/24
195.133.56.0/24
195.133.60.0/23
195.133.80.0/24
195.133.82.0/24
212.192.210.0/23
212.192.251.0/24
212.193.10.0/24
212.193.15.0/24
Signature Algorithm: sha256WithRSAEncryption
19:94:15:0d:1b:f4:61:2c:53:14:a7:f0:ec:6e:fe:8a:a7:4e:
6f:a8:d2:b1:66:6f:df:b2:0f:ae:2a:9b:59:47:47:0f:41:14:
af:07:47:37:19:0c:aa:41:39:d4:9f:6a:e2:07:02:d3:6f:03:
b7:2e:49:a9:43:e9:90:ed:48:65:47:f3:5d:0d:42:1a:37:fe:
aa:60:78:9a:71:94:4e:e4:9e:68:1a:ea:15:2a:88:64:15:54:
56:4f:ca:3c:72:3f:0b:c4:7a:42:12:9c:61:4a:57:e7:1f:d4:
91:8d:e8:54:24:e8:3c:29:ce:bd:e3:bd:c7:70:a3:c3:b6:0b:
c7:f3:d9:b8:16:e3:9e:ec:6e:a9:13:3a:04:dd:45:20:c4:3d:
b7:75:f8:f1:95:80:10:e5:db:9e:53:87:3e:3e:20:fe:1b:48:
c6:be:39:87:ca:2d:cb:68:52:0d:dc:06:7e:a2:94:14:2e:bc:
9e:1b:7a:6d:42:f2:3d:70:0e:12:11:4e:85:93:f5:25:2d:0c:
6a:15:87:50:5a:c9:7f:30:4d:d6:5f:db:27:9d:3d:9c:a8:12:
a2:c2:80:0c:4f:e7:01:82:4a:68:5e:55:26:d2:14:86:74:36:
8b:fb:b9:9c:1b:4e:7f:52:ef:3c:16:74:c7:90:24:19:6d:a6:
3c:23:1a:89
-----BEGIN CERTIFICATE-----
MIIF/DCCBOSgAwIBAgISAZ1EyBqgQdGUe66IIU9ON7W3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjYwMzMxMTY0NDE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzcxMDNhMjBkMmQwZmZhYTQ5YmQxNWUxNDc4MjEwYzNiNDA0MWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvptD1HjsOy4kLSXEI1UdlIsvJQxA
oGRUZTZH8p/5BFE3LrArEG5gApFTWvLpWFAuaIPqEH1NaiRsLIfU91BLoiYLp725
JGjrixhj8BtMJvpiFxtaYhpIcZa5oSEoZpBVnfd656z6K+rFN9Ui2pAD1k7x8b0B
n8Cuyyc0S+KeTtbzBI2MNZWEFxMfrv6nik8ps08YiRO2Zi+Cf1A3DBOoNHvuSWzV
dt/djSkjaTBKwC40QZJkGFjf7GNTg8QThKhRGi2kkBeQZHirSmPOrOPFLu75+Ptu
Ur/hMggGv18XMxZCN9WOXr+8FQ3jmRZ3Pf4Kf03eek7K9oYDdUisnKRajQIDAQAB
o4IDCDCCAwQwHQYDVR0OBBYEFNdxA6INLQ/6pJvRXhR4IQw7QEH0MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvMTNFRG9nMHREX3FrbTlGZUZIZ2hERHRBUWZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBHAYIKwYBBQUHAQcBAf8EggELMIIBBzCCAQMEAgABMIH8
AwQAPkznAwQAPkzrAwQAwHy8AwQAwXwDAwQAwXwGAwQAwXwIAwQAwXxbAwQAwXxe
AwQAwjorAwQAwjo8AwQAwjpDAwQAwlcDAwQBwlcGAwQAwlcQAwQAwlciAwQAwlck
AwQAwlcqAwQAwlc/AwQBwld0AwQBwld4AwQAwlegAwQAwlejMAwDBADCV6UDBADC
V6YDBAHCV7AwDAMEAsJXtAMEAMJXtgMEAMKHFzAMAwQAwzo3AwQAwzo4AwQAwzo7
AwQAwzo+AwQAw4UMAwQAw4U4AwQBw4U8AwQAw4VQAwQAw4VSAwQB1MDSAwQA1MD7
AwQA1MEKAwQA1MEPMA0GCSqGSIb3DQEBCwUAA4IBAQAZlBUNG/RhLFMUp/Dsbv6K
p05vqNKxZm/fsg+uKptZR0cPQRSvB0c3GQyqQTnUn2riBwLTbwO3LkmpQ+mQ7Uhl
R/NdDUIaN/6qYHiacZRO5J5oGuoVKohkFVRWT8o8cj8LxHpCEpxhSlfnH9SRjehU
JOg8Kc69473HcKPDtgvH89m4FuOe7G6pEzoE3UUgxD23dfjxlYAQ5dueU4c+PiD+
G0jGvjmHyi3LaFIN3AZ+opQULryeG3ptQvI9cA4SEU6Fk/UlLQxqFYdQWsl/ME3W
X9snnT2cqBKiwoAMT+cBgkpoXlUm0hSGdDaL+7mcG05/Uu88FnTHkCQZbaY8IxqJ
-----END CERTIFICATE-----
Generated at Fri Apr 17 17:12:56 2026 by rpki-client