Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/71e09c-28f3-4825-806f-a0dc354f4ca3/1/cxDAVDgNr82cHnIJJB4UwFs2cGU.roa
File: cxDAVDgNr82cHnIJJB4UwFs2cGU.roa (raw, json)
Hash identifier: sgT8v5E2LVdbt2FX0DJ7W7uBv5rW5PIhx+eS3wQDvSs=
Subject key identifier: 73:10:C0:54:38:0D:AF:CD:9C:1E:72:09:24:1E:14:C0:5B:36:70:65
Certificate issuer: /CN=e9aab1446100a8fce03df19d755e06329ee24713
Certificate serial: 019D4CE84D1AFF85DDAFA556F2C2F945AEFE
Authority key identifier: E9:AA:B1:44:61:00:A8:FC:E0:3D:F1:9D:75:5E:06:32:9E:E2:47:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6aqxRGEAqPzgPfGddV4GMp7iRxM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/71e09c-28f3-4825-806f-a0dc354f4ca3/1/cxDAVDgNr82cHnIJJB4UwFs2cGU.roa
Signing time: Thu 02 Apr 2026 06:36:25 +0000
ROA not before: Thu 02 Apr 2026 06:36:25 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 42708
IP address blocks: 5.23.56.0/21 maxlen: 21
5.178.72.0/21 maxlen: 21
31.192.224.0/21 maxlen: 21
31.192.228.0/24 maxlen: 24
37.152.56.0/21 maxlen: 21
46.21.96.0/20 maxlen: 24
46.21.100.0/24 maxlen: 24
46.246.0.0/17 maxlen: 17
79.99.0.0/21 maxlen: 21
80.67.0.0/20 maxlen: 20
83.143.216.0/21 maxlen: 21
91.213.246.0/24 maxlen: 24
91.217.189.0/24 maxlen: 24
91.223.232.0/24 maxlen: 24
91.228.193.0/24 maxlen: 24
91.228.194.0/23 maxlen: 23
94.247.168.0/21 maxlen: 21
109.74.0.0/20 maxlen: 20
159.253.24.0/21 maxlen: 21
178.73.192.0/18 maxlen: 18
178.73.224.0/19 maxlen: 19
185.11.96.0/22 maxlen: 22
185.21.88.0/22 maxlen: 22
185.39.144.0/22 maxlen: 22
185.118.36.0/22 maxlen: 22
185.157.220.0/22 maxlen: 22
188.126.64.0/19 maxlen: 19
193.108.196.0/24 maxlen: 24
193.201.96.0/24 maxlen: 24
194.54.164.0/22 maxlen: 22
195.20.206.0/23 maxlen: 23
195.149.101.0/24 maxlen: 24
195.238.76.0/23 maxlen: 23
195.246.120.0/23 maxlen: 23
212.112.0.0/19 maxlen: 19
2a00:14c0::/32 maxlen: 32
2a00:1a28::/32 maxlen: 32
2a02:750::/29 maxlen: 48
2a02:750:8::/48 maxlen: 48
2a02:750:10::/48 maxlen: 48
2a02:e400::/29 maxlen: 29
2a03:5e00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/71e09c-28f3-4825-806f-a0dc354f4ca3/1/6aqxRGEAqPzgPfGddV4GMp7iRxM.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/71e09c-28f3-4825-806f-a0dc354f4ca3/1/6aqxRGEAqPzgPfGddV4GMp7iRxM.mft
rsync://rpki.ripe.net/repository/DEFAULT/6aqxRGEAqPzgPfGddV4GMp7iRxM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 21:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:4c:e8:4d:1a:ff:85:dd:af:a5:56:f2:c2:f9:45:ae:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9aab1446100a8fce03df19d755e06329ee24713
Validity
Not Before: Apr 2 06:36:25 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7310c054380dafcd9c1e7209241e14c05b367065
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:2f:55:64:bd:57:fa:95:ad:3e:76:33:f0:28:
1d:3c:ab:51:dc:cd:7d:f7:a0:fd:02:e0:0e:cd:d5:
59:9b:1f:55:da:2e:84:38:29:6f:be:89:06:a7:ec:
26:f1:08:47:7b:da:d7:16:5a:96:a9:22:39:ff:ba:
c2:c8:5c:47:da:dc:49:32:21:cd:4c:36:47:58:09:
7b:04:9d:0f:87:cd:ed:f0:b7:b4:5c:bf:c7:3f:19:
2b:c2:98:b5:bb:d0:e6:12:ac:88:6c:b2:44:66:6e:
05:a1:ae:1b:cb:44:b4:35:ad:19:35:aa:db:99:a3:
99:8e:d2:28:e2:3b:e4:79:3f:8f:0d:38:cc:8a:22:
a6:22:bf:ba:c2:6e:de:e5:54:cd:04:85:e6:a2:49:
d1:8e:a1:6c:95:14:95:6a:22:cb:f5:5a:63:e7:65:
2a:ed:36:53:af:0a:36:78:2b:5b:b1:fb:30:f3:bc:
5d:74:f6:92:0b:2d:86:ea:59:4e:34:f0:61:1e:72:
58:4e:b7:02:26:e6:dc:cc:78:28:dd:36:9a:c7:11:
07:75:b5:9c:ae:bf:5d:2f:76:7d:2f:85:7d:ab:83:
26:42:a6:8d:0a:f7:d2:bd:7c:71:23:23:9a:b5:d0:
57:8d:88:dc:4b:6f:82:9b:82:5d:6f:ca:16:9e:ca:
67:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:10:C0:54:38:0D:AF:CD:9C:1E:72:09:24:1E:14:C0:5B:36:70:65
X509v3 Authority Key Identifier:
keyid:E9:AA:B1:44:61:00:A8:FC:E0:3D:F1:9D:75:5E:06:32:9E:E2:47:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6aqxRGEAqPzgPfGddV4GMp7iRxM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/71e09c-28f3-4825-806f-a0dc354f4ca3/1/cxDAVDgNr82cHnIJJB4UwFs2cGU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/71e09c-28f3-4825-806f-a0dc354f4ca3/1/6aqxRGEAqPzgPfGddV4GMp7iRxM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.23.56.0/21
5.178.72.0/21
31.192.224.0/21
37.152.56.0/21
46.21.96.0/20
46.246.0.0/17
79.99.0.0/21
80.67.0.0/20
83.143.216.0/21
91.213.246.0/24
91.217.189.0/24
91.223.232.0/24
91.228.193.0-91.228.195.255
94.247.168.0/21
109.74.0.0/20
159.253.24.0/21
178.73.192.0/18
185.11.96.0/22
185.21.88.0/22
185.39.144.0/22
185.118.36.0/22
185.157.220.0/22
188.126.64.0/19
193.108.196.0/24
193.201.96.0/24
194.54.164.0/22
195.20.206.0/23
195.149.101.0/24
195.238.76.0/23
195.246.120.0/23
212.112.0.0/19
IPv6:
2a00:14c0::/32
2a00:1a28::/32
2a02:750::/29
2a02:e400::/29
2a03:5e00::/32
Signature Algorithm: sha256WithRSAEncryption
98:64:b0:91:75:03:33:47:f0:34:12:42:60:a8:54:f2:7e:b7:
b4:97:df:6b:7d:42:ae:85:4a:08:be:5d:70:4b:67:97:06:19:
fd:c9:c9:0a:57:04:ed:1f:d3:22:2c:79:88:0f:13:63:c2:f1:
66:f6:27:1f:83:54:2f:7e:9b:9c:15:69:58:85:56:f8:8a:a1:
ab:38:d9:02:f9:97:35:bc:ea:e4:c4:96:4e:39:87:e9:4e:fb:
3d:86:27:35:86:83:97:1a:d8:9b:62:2a:84:6b:be:4e:9f:bb:
eb:dc:a5:e8:5d:d3:62:44:0b:cc:5d:2e:c5:b9:9a:cb:32:76:
fc:fa:c2:70:5e:0b:cb:40:13:4e:b4:74:34:90:ee:7c:c4:e6:
aa:c4:74:33:10:41:83:ca:09:32:71:a9:fb:55:c0:80:2e:9e:
c5:10:53:8f:9b:12:07:02:42:7e:e6:fb:e2:e8:fa:a3:b6:1e:
d0:76:c9:cf:02:f0:d2:3a:e0:bb:83:62:36:59:c6:d2:aa:84:
b4:02:4d:12:01:4e:90:11:fe:c3:d6:98:5b:db:7b:60:18:2c:
92:22:cf:3a:50:b9:7e:e1:74:58:e9:20:7a:2b:cb:02:d7:87:
7d:0e:75:8b:46:03:aa:d9:5b:f9:42:30:36:87:45:0f:c0:8a:
71:d8:d0:71
-----BEGIN CERTIFICATE-----
MIIF6jCCBNKgAwIBAgISAZ1M6E0a/4Xdr6VW8sL5Ra7+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5YWFiMTQ0NjEwMGE4ZmNlMDNkZjE5ZDc1NWUwNjMyOWVl
MjQ3MTMwHhcNMjYwNDAyMDYzNjI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzEwYzA1NDM4MGRhZmNkOWMxZTcyMDkyNDFlMTRjMDViMzY3MDY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAti9VZL1X+pWtPnYz8CgdPKtR3M19
96D9AuAOzdVZmx9V2i6EOClvvokGp+wm8QhHe9rXFlqWqSI5/7rCyFxH2txJMiHN
TDZHWAl7BJ0Ph83t8Le0XL/HPxkrwpi1u9DmEqyIbLJEZm4Foa4by0S0Na0ZNarb
maOZjtIo4jvkeT+PDTjMiiKmIr+6wm7e5VTNBIXmoknRjqFslRSVaiLL9Vpj52Uq
7TZTrwo2eCtbsfsw87xddPaSCy2G6llONPBhHnJYTrcCJubczHgo3TaaxxEHdbWc
rr9dL3Z9L4V9q4MmQqaNCvfSvXxxIyOatdBXjYjcS2+Cm4Jdb8oWnspndQIDAQAB
o4IC9jCCAvIwHQYDVR0OBBYEFHMQwFQ4Da/NnB5yCSQeFMBbNnBlMB8GA1UdIwQY
MBaAFOmqsURhAKj84D3xnXVeBjKe4kcTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmFxeFJHRUFxUHpnUGZHZGRWNEdNcDdpUnhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS83MWUwOWMtMjhmMy00ODI1LTgwNmYt
YTBkYzM1NGY0Y2EzLzEvY3hEQVZEZ05yODJjSG5JSkpCNFV3RnMyY0dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS83MWUwOWMtMjhmMy00ODI1LTgwNmYtYTBkYzM1NGY0Y2Ez
LzEvNmFxeFJHRUFxUHpnUGZHZGRWNEdNcDdpUnhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBCgYIKwYBBQUHAQcBAf8EgfowgfcwgckEAgABMIHCAwQD
BRc4AwQDBbJIAwQDH8DgAwQDJZg4AwQELhVgAwQHLvYAAwQDT2MAAwQEUEMAAwQD
U4/YAwQAW9X2AwQAW9m9AwQAW9/oMAwDBABb5MEDBAJb5MADBANe96gDBARtSgAD
BAOf/RgDBAayScADBAK5C2ADBAK5FVgDBAK5J5ADBAK5diQDBAK5ndwDBAW8fkAD
BADBbMQDBADByWADBALCNqQDBAHDFM4DBADDlWUDBAHD7kwDBAHD9ngDBAXUcAAw
KQQCAAIwIwMFACoAFMADBQAqABooAwUDKgIHUAMFAyoC5AADBQAqA14AMA0GCSqG
SIb3DQEBCwUAA4IBAQCYZLCRdQMzR/A0EkJgqFTyfre0l99rfUKuhUoIvl1wS2eX
Bhn9yckKVwTtH9MiLHmIDxNjwvFm9icfg1QvfpucFWlYhVb4iqGrONkC+Zc1vOrk
xJZOOYfpTvs9hic1hoOXGtibYiqEa75On7vr3KXoXdNiRAvMXS7FuZrLMnb8+sJw
XgvLQBNOtHQ0kO58xOaqxHQzEEGDygkycan7VcCALp7FEFOPmxIHAkJ+5vvi6Pqj
th7QdsnPAvDSOuC7g2I2WcbSqoS0Ak0SAU6QEf7D1phb23tgGCySIs86ULl+4XRY
6SB6K8sC14d9DnWLRgOq2Vv5QjA2h0UPwIpx2NBx
-----END CERTIFICATE-----
Generated at Fri Apr 17 04:45:41 2026 by rpki-client