Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/VuDnLvJNIcWc0RLDRhnQzJGXYlA.roa
File: VuDnLvJNIcWc0RLDRhnQzJGXYlA.roa (raw, json)
Hash identifier: yHuXaf7xfAo1NMtfTvQ/YeqZYNx5yuNzc9kHv5WBJS0=
Subject key identifier: 56:E0:E7:2E:F2:4D:21:C5:9C:D1:12:C3:46:19:D0:CC:91:97:62:50
Certificate issuer: /CN=88add9b671f7a36eb2367e34fee4bcb13b8f66cc
Certificate serial: 019C0DD2484148F8BC888C31F175D3004550
Authority key identifier: 88:AD:D9:B6:71:F7:A3:6E:B2:36:7E:34:FE:E4:BC:B1:3B:8F:66:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iK3ZtnH3o26yNn40_uS8sTuPZsw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/VuDnLvJNIcWc0RLDRhnQzJGXYlA.roa
Signing time: Fri 30 Jan 2026 07:33:30 +0000
ROA not before: Fri 30 Jan 2026 07:33:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 24589
IP address blocks: 31.42.80.0/20 maxlen: 20
83.243.88.0/21 maxlen: 21
84.38.136.0/21 maxlen: 21
87.99.64.0/19 maxlen: 19
87.99.64.0/24 maxlen: 24
87.99.65.0/24 maxlen: 24
87.99.66.0/24 maxlen: 24
87.99.67.0/24 maxlen: 24
87.99.95.0/24 maxlen: 24
88.135.128.0/20 maxlen: 20
88.135.144.0/21 maxlen: 21
88.135.156.0/22 maxlen: 22
91.90.224.0/19 maxlen: 29
91.90.225.0/24 maxlen: 24
91.90.230.0/24 maxlen: 24
91.90.231.0/24 maxlen: 24
91.90.236.0/24 maxlen: 24
91.90.237.0/25 maxlen: 25
91.90.238.0/24 maxlen: 24
91.90.252.64/29 maxlen: 29
91.90.255.0/24 maxlen: 24
91.233.214.0/23 maxlen: 23
109.197.208.0/21 maxlen: 21
109.197.208.0/24 maxlen: 24
109.229.192.0/20 maxlen: 20
109.229.208.0/21 maxlen: 21
171.25.218.0/23 maxlen: 23
176.103.176.0/22 maxlen: 22
176.103.184.0/24 maxlen: 24
176.106.48.0/20 maxlen: 20
176.106.100.0/23 maxlen: 23
176.106.160.0/20 maxlen: 20
176.106.176.0/21 maxlen: 21
185.47.10.0/24 maxlen: 24
185.47.11.0/24 maxlen: 24
193.111.244.0/22 maxlen: 22
193.238.212.0/22 maxlen: 22
193.238.212.128/25 maxlen: 25
193.238.216.0/21 maxlen: 21
194.9.212.0/22 maxlen: 22
194.9.212.0/24 maxlen: 24
195.69.88.0/22 maxlen: 22
213.110.64.0/23 maxlen: 23
213.110.76.0/22 maxlen: 22
213.110.80.0/20 maxlen: 20
2a01:8ca0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/iK3ZtnH3o26yNn40_uS8sTuPZsw.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/iK3ZtnH3o26yNn40_uS8sTuPZsw.mft
rsync://rpki.ripe.net/repository/DEFAULT/iK3ZtnH3o26yNn40_uS8sTuPZsw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 22:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:0d:d2:48:41:48:f8:bc:88:8c:31:f1:75:d3:00:45:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88add9b671f7a36eb2367e34fee4bcb13b8f66cc
Validity
Not Before: Jan 30 07:33:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=56e0e72ef24d21c59cd112c34619d0cc91976250
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:d9:a8:e0:e7:76:aa:57:b9:6f:15:87:5e:93:
c1:6d:a1:3a:48:d2:67:91:a9:7d:ec:db:dc:4f:b7:
c3:13:72:e0:93:cb:47:bc:2f:b1:81:ba:2e:fe:87:
9c:97:95:a5:33:8b:04:1c:cc:37:eb:aa:d9:6b:08:
5f:68:5b:2a:b1:7f:a1:89:50:fc:f2:61:1c:aa:ca:
25:47:22:52:92:de:6c:6d:a1:d7:69:58:c5:72:36:
bd:e4:52:5b:7f:74:a7:1f:78:2b:f7:4c:7a:c8:87:
c5:68:23:1b:4f:21:c3:09:c9:a9:57:b0:84:38:bb:
2c:f8:ba:73:14:5f:b4:6a:fe:1a:6a:09:7d:a3:d6:
ca:5d:a8:2d:ce:68:f1:de:42:fe:79:5c:4d:d0:1b:
07:67:aa:83:59:88:1e:0e:5f:ee:58:7d:60:76:67:
36:81:b2:85:aa:d1:b3:c9:83:01:b5:41:10:a4:55:
cb:05:67:6a:8f:bc:69:25:04:c0:91:bd:c7:8b:a4:
b1:71:cb:d3:87:b6:53:a3:91:2b:68:6d:3a:50:a4:
a4:1d:f2:24:1e:f6:e2:8c:39:87:2b:59:f9:a3:92:
86:62:29:a7:84:8e:21:9e:5d:a4:3e:36:08:5e:32:
7b:ba:53:76:c1:da:ba:7b:c0:d3:fe:5b:11:d4:df:
07:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:E0:E7:2E:F2:4D:21:C5:9C:D1:12:C3:46:19:D0:CC:91:97:62:50
X509v3 Authority Key Identifier:
keyid:88:AD:D9:B6:71:F7:A3:6E:B2:36:7E:34:FE:E4:BC:B1:3B:8F:66:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iK3ZtnH3o26yNn40_uS8sTuPZsw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/VuDnLvJNIcWc0RLDRhnQzJGXYlA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/iK3ZtnH3o26yNn40_uS8sTuPZsw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.80.0/20
83.243.88.0/21
84.38.136.0/21
87.99.64.0/19
88.135.128.0-88.135.151.255
88.135.156.0/22
91.90.224.0/19
91.233.214.0/23
109.197.208.0/21
109.229.192.0-109.229.215.255
171.25.218.0/23
176.103.176.0/22
176.103.184.0/24
176.106.48.0/20
176.106.100.0/23
176.106.160.0-176.106.183.255
185.47.10.0/23
193.111.244.0/22
193.238.212.0-193.238.223.255
194.9.212.0/22
195.69.88.0/22
213.110.64.0/23
213.110.76.0-213.110.95.255
IPv6:
2a01:8ca0::/32
Signature Algorithm: sha256WithRSAEncryption
62:8a:ac:72:a6:e2:cc:22:6f:99:5f:33:10:ef:5c:d2:52:8a:
19:6a:b4:92:dc:fa:5c:cc:73:2e:6c:9d:0a:17:3d:1f:0c:1b:
63:e6:87:44:2d:7b:13:36:f0:01:5a:6e:a6:fb:46:0d:71:0a:
a1:85:02:6c:dd:22:ea:e1:be:87:cc:a3:fc:f1:9f:32:64:99:
34:43:f3:d3:2b:ca:94:3a:62:0a:74:c1:5a:00:64:23:67:09:
64:1f:96:af:05:8d:01:30:50:d9:89:6f:69:27:2f:b5:44:7b:
30:d9:fb:82:f5:3e:0a:2b:17:95:40:1d:d5:8c:d7:19:d4:fd:
be:20:6c:7e:aa:d4:41:de:47:16:b0:36:5e:f6:0e:22:36:0f:
90:2d:03:28:e5:74:a5:6e:ff:1e:97:ba:09:0a:ff:d2:75:fb:
9b:20:26:e6:6b:9a:13:32:91:83:37:5d:65:d7:06:ca:cb:27:
7c:3f:f9:aa:8b:27:11:74:f8:67:05:05:bf:f0:4f:bb:73:ac:
5f:f7:5a:dd:8c:8b:61:0e:5d:73:c5:2d:09:60:2e:3d:50:ad:
76:4a:61:1b:5a:45:1d:d1:21:08:37:83:9f:b0:1e:43:96:fe:
dd:70:fa:55:82:d0:f2:b2:d2:ce:ef:8c:77:1e:fa:e0:a3:08:
ce:b3:2e:87
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgISAZwN0khBSPi8iIwx8XXTAEVQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YWRkOWI2NzFmN2EzNmViMjM2N2UzNGZlZTRiY2IxM2I4
ZjY2Y2MwHhcNMjYwMTMwMDczMzMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmUwZTcyZWYyNGQyMWM1OWNkMTEyYzM0NjE5ZDBjYzkxOTc2MjUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4dmo4Od2qle5bxWHXpPBbaE6SNJn
kal97NvcT7fDE3Lgk8tHvC+xgbou/oecl5WlM4sEHMw366rZawhfaFsqsX+hiVD8
8mEcqsolRyJSkt5sbaHXaVjFcja95FJbf3SnH3gr90x6yIfFaCMbTyHDCcmpV7CE
OLss+LpzFF+0av4aagl9o9bKXagtzmjx3kL+eVxN0BsHZ6qDWYgeDl/uWH1gdmc2
gbKFqtGzyYMBtUEQpFXLBWdqj7xpJQTAkb3Hi6SxccvTh7ZTo5EraG06UKSkHfIk
HvbijDmHK1n5o5KGYimnhI4hnl2kPjYIXjJ7ulN2wdq6e8DT/lsR1N8HcQIDAQAB
o4ICyTCCAsUwHQYDVR0OBBYEFFbg5y7yTSHFnNESw0YZ0MyRl2JQMB8GA1UdIwQY
MBaAFIit2bZx96NusjZ+NP7kvLE7j2bMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUszWnRuSDNvMjZ5Tm40MF91UzhzVHVQWnN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8zZWQwMGEtMTVlZS00NjY0LWE3ZjEt
YTFiOTZiOWI3MGY4LzEvVnVEbkx2Sk5JY1djMFJMRFJoblF6SkdYWWxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8zZWQwMGEtMTVlZS00NjY0LWE3ZjEtYTFiOTZiOWI3MGY4
LzEvaUszWnRuSDNvMjZ5Tm40MF91UzhzVHVQWnN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHeBggrBgEFBQcBBwEB/wSBzjCByzCBuQQCAAEwgbIDBAQf
KlADBANT81gDBANUJogDBAVXY0AwDAMEB1iHgAMEA1iHkAMEAliHnAMEBVta4AME
AVvp1gMEA23F0DAMAwQGbeXAAwQDbeXQAwQBqxnaAwQCsGewAwQAsGe4AwQEsGow
AwQBsGpkMAwDBAWwaqADBAOwarADBAG5LwoDBALBb/QwDAMEAsHu1AMEBcHuwAME
AsIJ1AMEAsNFWAMEAdVuQDAMAwQC1W5MAwQF1W5AMA0EAgACMAcDBQAqAYygMA0G
CSqGSIb3DQEBCwUAA4IBAQBiiqxypuLMIm+ZXzMQ71zSUooZarSS3PpczHMubJ0K
Fz0fDBtj5odELXsTNvABWm6m+0YNcQqhhQJs3SLq4b6HzKP88Z8yZJk0Q/PTK8qU
OmIKdMFaAGQjZwlkH5avBY0BMFDZiW9pJy+1RHsw2fuC9T4KKxeVQB3VjNcZ1P2+
IGx+qtRB3kcWsDZe9g4iNg+QLQMo5XSlbv8el7oJCv/SdfubICbma5oTMpGDN11l
1wbKyyd8P/mqiycRdPhnBQW/8E+7c6xf91rdjIthDl1zxS0JYC49UK12SmEbWkUd
0SEIN4OfsB5Dlv7dcPpVgtDystLO74x3HvrgowjOsy6H
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:15:16 2026 by rpki-client