Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/lHh00r1hRQs7ysgFBnl4wIWWBOw.roa
File: lHh00r1hRQs7ysgFBnl4wIWWBOw.roa (raw, json)
Hash identifier: aGOjd+aJBpbZwl/cEQVb/d5p3ZwMxUsCujhOC77kEeE=
Subject key identifier: 94:78:74:D2:BD:61:45:0B:3B:CA:C8:05:06:79:78:C0:85:96:04:EC
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 019D44502C608B254361D028BE7FA06A89F0
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/lHh00r1hRQs7ysgFBnl4wIWWBOw.roa
Signing time: Tue 31 Mar 2026 14:33:18 +0000
ROA not before: Tue 31 Mar 2026 14:33:18 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 60446
IP address blocks: 31.210.37.0/24 maxlen: 24
31.210.38.0/24 maxlen: 24
31.210.39.0/24 maxlen: 24
31.210.40.0/24 maxlen: 24
77.92.147.0/24 maxlen: 24
78.135.75.0/24 maxlen: 24
78.135.76.0/24 maxlen: 24
188.132.216.0/24 maxlen: 24
188.132.223.0/24 maxlen: 24
188.132.224.0/24 maxlen: 24
188.132.226.0/24 maxlen: 24
188.132.230.0/24 maxlen: 24
188.132.239.0/24 maxlen: 24
188.132.241.0/24 maxlen: 24
188.132.242.0/24 maxlen: 24
188.132.243.0/24 maxlen: 24
188.132.250.0/24 maxlen: 24
212.68.55.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.mft
rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 02:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:44:50:2c:60:8b:25:43:61:d0:28:be:7f:a0:6a:89:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Mar 31 14:33:18 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=947874d2bd61450b3bcac805067978c0859604ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:35:0b:90:30:69:56:af:7d:77:f7:cf:3e:99:
48:ee:dc:5e:37:51:4f:2b:6d:85:81:b7:42:b9:03:
b0:e9:9f:0e:d1:e8:4b:27:bc:27:04:5b:4f:4c:7d:
a6:a3:01:92:10:15:74:9c:76:4d:d2:ae:af:37:a2:
68:49:a5:4c:2a:33:4d:7a:b8:1f:96:8e:32:2a:d9:
9a:ac:62:07:06:3d:f5:6c:b8:5e:ea:5d:c1:57:3b:
8d:1d:e1:f5:cd:8a:fc:84:0c:38:b6:6e:09:84:17:
28:2b:79:d6:5b:b9:b4:cb:29:8c:63:dd:12:da:7b:
ca:82:76:40:d0:e4:52:93:0b:e3:39:c3:fd:80:70:
16:ec:da:57:ca:0c:d1:40:25:1b:f7:c5:ac:2e:b4:
a9:01:22:dd:28:35:d0:9c:03:9c:68:03:ab:8b:1e:
11:cc:64:cb:28:c1:74:67:3c:62:88:89:20:f0:eb:
b9:2d:9f:6b:eb:a5:22:76:c8:77:44:b8:79:89:d3:
88:a4:6a:6f:96:e0:fe:ac:9d:88:e8:70:98:8e:11:
92:e9:a0:44:f2:51:05:8c:17:86:a1:9e:ba:e9:ce:
87:e0:e2:35:09:d3:8c:5e:6e:d3:e2:e3:3a:ea:5d:
ec:b9:6b:55:7d:52:2d:26:02:7b:49:12:a8:7a:11:
f2:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:78:74:D2:BD:61:45:0B:3B:CA:C8:05:06:79:78:C0:85:96:04:EC
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/lHh00r1hRQs7ysgFBnl4wIWWBOw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.37.0-31.210.40.255
77.92.147.0/24
78.135.75.0-78.135.76.255
188.132.216.0/24
188.132.223.0-188.132.224.255
188.132.226.0/24
188.132.230.0/24
188.132.239.0/24
188.132.241.0-188.132.243.255
188.132.250.0/24
212.68.55.0/24
Signature Algorithm: sha256WithRSAEncryption
87:12:ec:c6:75:53:0c:54:67:8e:34:d4:26:50:b8:af:6d:98:
de:4f:ff:6c:29:ee:57:7b:8c:74:4e:8c:fd:05:8f:bd:8f:62:
d6:15:35:81:8d:df:a4:bd:6b:ec:f1:69:5b:e4:7a:48:fb:8b:
46:c3:05:37:07:2b:32:90:d8:12:eb:ac:85:ed:73:9f:26:db:
d3:09:c8:02:0e:d4:06:c5:a4:b1:fe:e4:a2:0c:ff:25:d4:42:
33:64:20:65:dc:73:9c:90:3a:7e:44:58:02:54:b1:d3:cb:9b:
9e:89:77:ef:52:71:0e:e6:9d:9d:85:95:80:ad:e6:71:de:12:
f3:b0:ed:2b:d0:54:61:0d:15:71:9c:d9:41:46:62:2e:e7:e7:
06:4b:b9:3e:36:3c:7b:ec:0b:35:60:c3:20:83:f4:5e:15:57:
c6:7f:f9:d4:e6:4b:98:49:49:e2:5c:93:d0:d3:cf:4e:30:df:
e5:ae:1d:b2:96:17:38:15:50:76:b0:54:3d:64:0a:63:4f:1c:
c0:01:be:86:e4:93:50:97:e8:29:a1:fd:3e:05:9f:bc:05:37:
ea:36:21:a0:79:98:40:98:6b:e8:d3:96:ed:9d:05:6a:09:37:
51:f3:6a:68:cd:e8:44:76:aa:45:92:30:b9:bf:a7:4c:46:35:
33:f7:10:0d
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAZ1EUCxgiyVDYdAovn+gaonwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjYwMzMxMTQzMzE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDc4NzRkMmJkNjE0NTBiM2JjYWM4MDUwNjc5NzhjMDg1OTYwNGVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuDULkDBpVq99d/fPPplI7txeN1FP
K22FgbdCuQOw6Z8O0ehLJ7wnBFtPTH2mowGSEBV0nHZN0q6vN6JoSaVMKjNNergf
lo4yKtmarGIHBj31bLhe6l3BVzuNHeH1zYr8hAw4tm4JhBcoK3nWW7m0yymMY90S
2nvKgnZA0ORSkwvjOcP9gHAW7NpXygzRQCUb98WsLrSpASLdKDXQnAOcaAOrix4R
zGTLKMF0ZzxiiIkg8Ou5LZ9r66Uidsh3RLh5idOIpGpvluD+rJ2I6HCYjhGS6aBE
8lEFjBeGoZ666c6H4OI1CdOMXm7T4uM66l3suWtVfVItJgJ7SRKoehHyMwIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFJR4dNK9YUULO8rIBQZ5eMCFlgTsMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvbEhoMDByMWhSUXM3eXNnRkJubDR3SVdXQk93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBoBAIAATBiMAwDBAAf0iUD
BAAf0igDBABNXJMwDAMEAE6HSwMEAE6HTAMEALyE2DAMAwQAvITfAwQAvITgAwQA
vITiAwQAvITmAwQAvITvMAwDBAC8hPEDBAK8hPADBAC8hPoDBADURDcwDQYJKoZI
hvcNAQELBQADggEBAIcS7MZ1UwxUZ4401CZQuK9tmN5P/2wp7ld7jHROjP0Fj72P
YtYVNYGN36S9a+zxaVvkekj7i0bDBTcHKzKQ2BLrrIXtc58m29MJyAIO1AbFpLH+
5KIM/yXUQjNkIGXcc5yQOn5EWAJUsdPLm56Jd+9ScQ7mnZ2FlYCt5nHeEvOw7SvQ
VGENFXGc2UFGYi7n5wZLuT42PHvsCzVgwyCD9F4VV8Z/+dTmS5hJSeJck9DTz04w
3+WuHbKWFzgVUHawVD1kCmNPHMABvobkk1CX6Cmh/T4Fn7wFN+o2IaB5mECYa+jT
lu2dBWoJN1HzamjN6ER2qkWSMLm/p0xGNTP3EA0=
-----END CERTIFICATE-----
Generated at Fri Apr 17 13:30:51 2026 by rpki-client