Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/36KM8lFIfy4m3RH0ICmrlsl2vmY.roa
File: 36KM8lFIfy4m3RH0ICmrlsl2vmY.roa (raw, json)
Hash identifier: 4TWYCtDAOpFEaTRpS23TnnFO8vhG3240YnxVzegN0Bk=
Subject key identifier: DF:A2:8C:F2:51:48:7F:2E:26:DD:11:F4:20:29:AB:96:C9:76:BE:66
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 019D9A02FF66F0BB6D7897BB5A00FA1D55E9
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/36KM8lFIfy4m3RH0ICmrlsl2vmY.roa
Signing time: Fri 17 Apr 2026 05:56:20 +0000
ROA not before: Fri 17 Apr 2026 05:56:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 81.18.48.0/24 maxlen: 24
109.121.37.0/24 maxlen: 24
109.121.45.0/24 maxlen: 24
178.219.6.0/24 maxlen: 24
178.253.221.0/24 maxlen: 24
178.253.229.0/24 maxlen: 24
185.47.91.0/24 maxlen: 24
188.255.198.0/24 maxlen: 24
212.69.8.0/24 maxlen: 24
212.69.11.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.mft
rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 14:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9a:02:ff:66:f0:bb:6d:78:97:bb:5a:00:fa:1d:55:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Apr 17 05:56:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=dfa28cf251487f2e26dd11f42029ab96c976be66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:3a:47:8e:c8:df:c6:5f:f7:5f:35:81:35:39:
2a:82:28:b0:3d:c1:1e:1f:a0:79:65:68:18:33:16:
84:83:a3:ff:27:0b:f5:7d:fa:f7:22:90:70:1a:d6:
5a:76:07:f1:7d:c2:0d:9d:0f:51:b1:31:f3:d4:d0:
c1:82:fd:c7:71:58:5f:b3:58:b5:6e:61:1f:9f:14:
58:e9:b1:42:b5:55:6b:94:0c:80:9d:24:54:a9:9a:
1a:3d:27:e7:87:d2:5d:db:ed:2b:76:e3:4c:a7:9e:
76:b4:31:ea:f3:23:d3:39:bf:14:79:7a:63:5c:7e:
5c:e3:bb:e4:bc:4b:99:95:7c:7e:9a:08:de:e1:51:
0d:52:09:82:c8:53:2b:4b:3c:9f:2c:7e:1a:c0:d3:
de:2a:60:86:e9:9d:1d:7e:a3:0c:05:1e:12:5d:76:
65:51:45:4c:71:5e:de:68:49:44:d9:c5:b4:6e:8c:
06:4f:8e:55:32:cb:4b:df:75:c1:91:7b:33:74:d0:
0c:c7:59:43:35:05:5c:3a:44:bc:e6:2c:dc:6e:1a:
e5:7d:7a:48:76:f4:2c:54:74:b5:3f:bf:fb:33:22:
98:be:76:ab:53:ba:a9:fd:bc:49:c5:a2:02:cb:e8:
76:1e:0b:8a:d0:2d:a2:d9:23:6a:e0:c5:dd:28:6b:
ea:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:A2:8C:F2:51:48:7F:2E:26:DD:11:F4:20:29:AB:96:C9:76:BE:66
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/36KM8lFIfy4m3RH0ICmrlsl2vmY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.18.48.0/24
109.121.37.0/24
109.121.45.0/24
178.219.6.0/24
178.253.221.0/24
178.253.229.0/24
185.47.91.0/24
188.255.198.0/24
212.69.8.0/24
212.69.11.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:ca:a3:a1:94:b3:b2:bb:e2:f9:3b:4a:c7:a3:83:fc:70:5d:
14:cc:8b:f2:c5:8d:91:00:c4:32:a2:f8:23:98:fa:fa:5b:a2:
d0:bb:51:85:f1:53:61:0c:40:a3:63:5c:58:cb:7f:c7:4f:40:
56:3a:61:d0:a9:a3:4c:cd:8c:be:cf:87:43:b9:bc:46:ec:df:
f8:8f:ea:7f:e2:a7:61:3f:fc:96:32:65:29:31:ff:74:be:ea:
59:e5:8d:5e:c2:e7:34:24:2a:92:88:71:6f:18:92:7f:fc:e5:
e4:59:d7:27:70:fa:57:18:50:2a:1f:c6:28:47:73:97:78:e6:
31:dd:c2:84:74:bf:17:c9:22:77:38:6e:18:7f:aa:a5:93:30:
53:3b:4f:85:f1:d4:d3:ae:a6:59:83:59:45:e9:23:08:2d:11:
86:16:13:73:5c:a7:81:5b:98:94:1c:ca:b1:82:f8:2e:67:74:
f6:d5:af:6b:d8:3c:4f:e9:35:58:1c:58:c1:f6:6f:77:c2:2c:
48:4a:ee:19:e6:5a:63:7d:09:18:ed:25:35:22:ab:96:90:27:
b5:43:9c:56:b6:28:a6:00:29:b3:cd:7d:a4:e2:42:45:33:2c:
72:90:e2:59:21:ee:73:fa:63:32:67:62:1d:6a:2c:fa:70:f5:
01:d7:1d:b2
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZ2aAv9m8LtteJe7WgD6HVXpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjYwNDE3MDU1NjIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmEyOGNmMjUxNDg3ZjJlMjZkZDExZjQyMDI5YWI5NmM5NzZiZTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAozpHjsjfxl/3XzWBNTkqgiiwPcEe
H6B5ZWgYMxaEg6P/Jwv1ffr3IpBwGtZadgfxfcINnQ9RsTHz1NDBgv3HcVhfs1i1
bmEfnxRY6bFCtVVrlAyAnSRUqZoaPSfnh9Jd2+0rduNMp552tDHq8yPTOb8UeXpj
XH5c47vkvEuZlXx+mgje4VENUgmCyFMrSzyfLH4awNPeKmCG6Z0dfqMMBR4SXXZl
UUVMcV7eaElE2cW0bowGT45VMstL33XBkXszdNAMx1lDNQVcOkS85izcbhrlfXpI
dvQsVHS1P7/7MyKYvnarU7qp/bxJxaICy+h2HguK0C2i2SNq4MXdKGvquwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFN+ijPJRSH8uJt0R9CApq5bJdr5mMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvMzZLTThsRklmeTRtM1JIMElDbXJsc2wydm1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAURIwAwQA
bXklAwQAbXktAwQAstsGAwQAsv3dAwQAsv3lAwQAuS9bAwQAvP/GAwQA1EUIAwQA
1EULMA0GCSqGSIb3DQEBCwUAA4IBAQBdyqOhlLOyu+L5O0rHo4P8cF0UzIvyxY2R
AMQyovgjmPr6W6LQu1GF8VNhDECjY1xYy3/HT0BWOmHQqaNMzYy+z4dDubxG7N/4
j+p/4qdhP/yWMmUpMf90vupZ5Y1ewuc0JCqSiHFvGJJ//OXkWdcncPpXGFAqH8Yo
R3OXeOYx3cKEdL8XySJ3OG4Yf6qlkzBTO0+F8dTTrqZZg1lF6SMILRGGFhNzXKeB
W5iUHMqxgvguZ3T21a9r2DxP6TVYHFjB9m93wixISu4Z5lpjfQkY7SU1IquWkCe1
Q5xWtiimACmzzX2k4kJFMyxykOJZIe5z+mMyZ2Idaiz6cPUB1x2y
-----END CERTIFICATE-----
Generated at Fri Apr 17 21:06:57 2026 by rpki-client