Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/662fbf-5576-4595-892b-b5b3aeae98ea/1/E50dRzelevPp0RPUUn-X1whUhzs.roa
File: E50dRzelevPp0RPUUn-X1whUhzs.roa (raw, json)
Hash identifier: ESKLNPEXcUQlYreIgYSRyGc6RpOOENWjDiinLW02gqM=
Subject key identifier: 13:9D:1D:47:37:A5:7A:F3:E9:D1:13:D4:52:7F:97:D7:08:54:87:3B
Certificate issuer: /CN=322639b35e5d9d0fb3696fe2fd61cb6f4c3fa504
Certificate serial: 019D8ACB4FF2989D955F5237C7A6C82A8061
Authority key identifier: 32:26:39:B3:5E:5D:9D:0F:B3:69:6F:E2:FD:61:CB:6F:4C:3F:A5:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MiY5s15dnQ-zaW_i_WHLb0w_pQQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/662fbf-5576-4595-892b-b5b3aeae98ea/1/E50dRzelevPp0RPUUn-X1whUhzs.roa
Signing time: Tue 14 Apr 2026 07:01:13 +0000
ROA not before: Tue 14 Apr 2026 07:01:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 211090
IP address blocks: 31.14.228.0/24 maxlen: 24
91.239.119.0/24 maxlen: 24
185.253.76.0/24 maxlen: 24
185.253.77.0/24 maxlen: 24
185.253.78.0/24 maxlen: 24
185.253.79.0/24 maxlen: 24
2a10:f1c0::/48 maxlen: 48
2a10:f1c0:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/662fbf-5576-4595-892b-b5b3aeae98ea/1/MiY5s15dnQ-zaW_i_WHLb0w_pQQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/662fbf-5576-4595-892b-b5b3aeae98ea/1/MiY5s15dnQ-zaW_i_WHLb0w_pQQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/MiY5s15dnQ-zaW_i_WHLb0w_pQQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 04:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:8a:cb:4f:f2:98:9d:95:5f:52:37:c7:a6:c8:2a:80:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=322639b35e5d9d0fb3696fe2fd61cb6f4c3fa504
Validity
Not Before: Apr 14 07:01:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=139d1d4737a57af3e9d113d4527f97d70854873b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:36:fc:c8:08:c7:d8:7a:8d:c3:4c:2b:d8:50:
ed:e0:47:ce:70:91:eb:39:6b:57:e4:7b:e2:0a:e4:
6a:7b:17:5c:b7:8d:1f:f2:27:6b:32:7d:51:f5:77:
ff:65:96:37:c5:c2:0c:78:da:e0:1d:af:c4:f5:bd:
a0:59:de:cb:3a:85:37:77:7f:08:7f:8e:20:88:59:
61:fd:b3:83:9f:fa:d0:b1:e0:53:75:a2:63:a6:6a:
f2:3c:ce:f3:c8:e2:18:07:33:be:33:10:3c:33:ee:
38:f6:40:14:d7:ed:5f:d7:27:36:49:eb:bf:97:5d:
7a:3b:bf:4b:a4:d1:fd:b2:c1:9b:e5:d4:90:80:ad:
a8:6a:ad:6c:6b:79:d4:b9:a6:51:4d:c3:81:4d:91:
6a:04:dd:c3:f9:9a:72:2f:8f:0d:14:55:24:81:25:
61:cf:ed:28:c3:bb:c4:cf:ea:a6:02:ca:01:7a:82:
f2:5e:ac:30:bd:76:6e:32:65:3b:89:1d:1b:89:c1:
f9:f5:ad:1c:30:3e:87:6b:c3:aa:3e:10:c8:81:ae:
35:48:65:7c:4b:7a:24:97:c7:68:73:fa:00:d1:37:
c9:6c:3c:9a:f1:32:9d:18:80:1a:aa:a1:28:30:d7:
ab:fd:4e:0a:4d:5e:7c:7b:82:37:ac:2a:76:54:47:
14:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:9D:1D:47:37:A5:7A:F3:E9:D1:13:D4:52:7F:97:D7:08:54:87:3B
X509v3 Authority Key Identifier:
keyid:32:26:39:B3:5E:5D:9D:0F:B3:69:6F:E2:FD:61:CB:6F:4C:3F:A5:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MiY5s15dnQ-zaW_i_WHLb0w_pQQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/662fbf-5576-4595-892b-b5b3aeae98ea/1/E50dRzelevPp0RPUUn-X1whUhzs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/662fbf-5576-4595-892b-b5b3aeae98ea/1/MiY5s15dnQ-zaW_i_WHLb0w_pQQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.228.0/24
91.239.119.0/24
185.253.76.0/22
IPv6:
2a10:f1c0::/47
Signature Algorithm: sha256WithRSAEncryption
90:50:22:77:f6:a7:0b:09:3c:84:3e:a3:09:2c:af:0e:e6:88:
f1:19:4a:f0:df:1f:a3:9a:35:f0:67:5e:c5:71:94:4f:d6:0c:
c6:15:a4:6d:9c:d3:57:42:e2:60:93:75:c9:0a:13:34:10:d9:
1f:20:fd:42:86:79:56:61:59:f4:4c:2e:1a:31:48:6f:d8:89:
ee:a2:a3:7e:f4:6a:42:27:97:65:96:70:36:40:1b:22:9c:b1:
ff:15:92:47:c5:5b:65:a3:da:ea:29:75:26:98:68:7f:42:53:
0e:3f:c9:dd:77:24:0b:25:d5:55:6b:45:a6:5e:72:1c:38:3c:
f5:a2:6e:ae:01:df:aa:a3:f7:d5:48:74:d3:4c:47:cd:3a:fe:
ef:e6:9e:90:08:65:1c:ef:3b:56:53:bd:21:c5:18:d1:a0:22:
c9:22:8b:e3:1c:56:ee:9e:07:5a:f0:68:8b:1b:5b:cf:4c:f9:
f0:0b:9f:5c:b9:70:96:04:9d:f8:a0:b7:a6:6b:45:f9:c5:69:
b0:63:6b:0b:0d:31:22:81:e1:6b:4d:df:f3:51:8e:81:ce:82:
80:43:42:5a:8c:78:a4:27:b5:f6:13:80:a3:e9:c9:0f:8b:a7:
71:22:e7:b5:12:2e:bb:31:ab:25:c9:b2:0f:29:d2:fe:a3:56:
8f:15:2e:15
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZ2Ky0/ymJ2VX1I3x6bIKoBhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyMjYzOWIzNWU1ZDlkMGZiMzY5NmZlMmZkNjFjYjZmNGMz
ZmE1MDQwHhcNMjYwNDE0MDcwMTEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzlkMWQ0NzM3YTU3YWYzZTlkMTEzZDQ1MjdmOTdkNzA4NTQ4NzNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxDb8yAjH2HqNw0wr2FDt4EfOcJHr
OWtX5HviCuRqexdct40f8idrMn1R9Xf/ZZY3xcIMeNrgHa/E9b2gWd7LOoU3d38I
f44giFlh/bODn/rQseBTdaJjpmryPM7zyOIYBzO+MxA8M+449kAU1+1f1yc2Seu/
l116O79LpNH9ssGb5dSQgK2oaq1sa3nUuaZRTcOBTZFqBN3D+ZpyL48NFFUkgSVh
z+0ow7vEz+qmAsoBeoLyXqwwvXZuMmU7iR0bicH59a0cMD6Ha8OqPhDIga41SGV8
S3okl8doc/oA0TfJbDya8TKdGIAaqqEoMNer/U4KTV58e4I3rCp2VEcUdwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFBOdHUc3pXrz6dET1FJ/l9cIVIc7MB8GA1UdIwQY
MBaAFDImObNeXZ0Ps2lv4v1hy29MP6UEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWlZNXMxNWRuUS16YVdfaV9XSExiMHdfcFFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy82NjJmYmYtNTU3Ni00NTk1LTg5MmIt
YjViM2FlYWU5OGVhLzEvRTUwZFJ6ZWxldlBwMFJQVVVuLVgxd2hVaHpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy82NjJmYmYtNTU3Ni00NTk1LTg5MmItYjViM2FlYWU5OGVh
LzEvTWlZNXMxNWRuUS16YVdfaV9XSExiMHdfcFFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAHw7kAwQA
W+93AwQCuf1MMA8EAgACMAkDBwEqEPHAAAAwDQYJKoZIhvcNAQELBQADggEBAJBQ
Inf2pwsJPIQ+owksrw7miPEZSvDfH6OaNfBnXsVxlE/WDMYVpG2c01dC4mCTdckK
EzQQ2R8g/UKGeVZhWfRMLhoxSG/Yie6io370akInl2WWcDZAGyKcsf8VkkfFW2Wj
2uopdSaYaH9CUw4/yd13JAsl1VVrRaZechw4PPWibq4B36qj99VIdNNMR806/u/m
npAIZRzvO1ZTvSHFGNGgIskii+McVu6eB1rwaIsbW89M+fALn1y5cJYEnfigt6Zr
RfnFabBjawsNMSKB4WtN3/NRjoHOgoBDQlqMeKQntfYTgKPpyQ+Lp3Ei57USLrsx
qyXJsg8p0v6jVo8VLhU=
-----END CERTIFICATE-----
Generated at Sun Apr 19 13:00:47 2026 by rpki-client