Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/rZReAAORTgxFhMBHsj0beaqFIMg.roa
File: rZReAAORTgxFhMBHsj0beaqFIMg.roa (raw, json)
Hash identifier: I65ck7b2s0VEW9Tbbgi0LWEv+BuDIJvc4+3R2YFjW4U=
Subject key identifier: AD:94:5E:00:03:91:4E:0C:45:84:C0:47:B2:3D:1B:79:AA:85:20:C8
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 019D44502BD65773BC8FF9564A85FB9ABAD2
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/rZReAAORTgxFhMBHsj0beaqFIMg.roa
Signing time: Tue 31 Mar 2026 14:33:17 +0000
ROA not before: Tue 31 Mar 2026 14:33:17 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 42216
IP address blocks: 31.210.47.0/24 maxlen: 24
77.92.131.0/24 maxlen: 24
77.92.142.0/24 maxlen: 24
77.92.152.0/24 maxlen: 24
77.92.153.0/24 maxlen: 24
78.135.67.0/24 maxlen: 24
78.135.70.0/24 maxlen: 24
78.135.74.0/24 maxlen: 24
78.135.86.0/24 maxlen: 24
78.135.89.0/24 maxlen: 24
78.135.97.0/24 maxlen: 24
78.135.98.0/24 maxlen: 24
78.135.106.0/24 maxlen: 24
78.135.107.0/24 maxlen: 24
185.17.136.0/24 maxlen: 24
188.132.159.0/24 maxlen: 24
188.132.193.0/24 maxlen: 24
188.132.214.0/24 maxlen: 24
188.132.228.0/24 maxlen: 24
188.132.251.0/24 maxlen: 24
2a10:9440::/48 maxlen: 48
2a10:9440:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.mft
rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:44:50:2b:d6:57:73:bc:8f:f9:56:4a:85:fb:9a:ba:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Mar 31 14:33:17 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ad945e0003914e0c4584c047b23d1b79aa8520c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:98:25:c3:cc:e0:b9:92:1a:94:bb:60:f0:50:
28:3a:d1:65:0f:e3:bd:80:a2:36:72:d6:9c:6b:32:
a9:a5:81:7c:93:8c:17:63:9a:bc:59:0a:88:e4:f4:
bc:88:2e:72:7f:02:3b:ff:a5:c0:61:b5:c6:0f:8e:
5a:ce:ff:2e:df:74:68:c8:21:f9:18:43:91:95:d5:
86:0f:23:74:e2:78:ad:8b:5c:3d:55:9c:cd:1c:32:
1d:68:fb:c6:16:33:aa:5d:17:e0:78:23:ee:bf:ed:
04:06:76:53:1e:94:51:8d:46:ce:06:9c:91:b6:27:
0e:35:ae:7a:6b:65:2d:11:12:e2:27:df:e4:d9:f7:
92:85:9d:20:ca:66:02:b6:50:1a:a3:db:03:b7:53:
69:41:bd:5d:30:ea:9f:dd:63:c3:de:5d:88:42:b0:
2d:c9:a2:00:64:99:c4:0c:1d:db:47:07:52:0f:ee:
ce:e1:d6:ca:76:83:cc:48:15:33:43:88:33:f7:31:
91:3b:12:7a:2a:37:d2:89:83:fd:7e:d5:64:c7:14:
a4:b7:16:8a:80:d4:d1:8b:a2:9f:17:4d:88:fd:f2:
f0:e2:2d:f3:97:d4:1c:d2:53:34:f6:7e:1f:9c:ea:
e7:89:19:37:21:cf:65:d6:e0:ca:36:34:d2:47:59:
31:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:94:5E:00:03:91:4E:0C:45:84:C0:47:B2:3D:1B:79:AA:85:20:C8
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/rZReAAORTgxFhMBHsj0beaqFIMg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.47.0/24
77.92.131.0/24
77.92.142.0/24
77.92.152.0/23
78.135.67.0/24
78.135.70.0/24
78.135.74.0/24
78.135.86.0/24
78.135.89.0/24
78.135.97.0-78.135.98.255
78.135.106.0/23
185.17.136.0/24
188.132.159.0/24
188.132.193.0/24
188.132.214.0/24
188.132.228.0/24
188.132.251.0/24
IPv6:
2a10:9440::/47
Signature Algorithm: sha256WithRSAEncryption
2c:96:34:04:f3:85:38:92:e8:8b:01:de:14:ba:6a:8c:8a:2a:
ff:3d:3c:f5:da:39:2e:2c:1a:6c:7a:b1:cf:59:5d:e5:aa:cf:
0a:ae:55:37:56:1a:5d:0c:5c:8d:e3:b0:41:25:b5:2f:ec:cc:
3c:21:c8:de:62:06:07:b2:2c:5b:c3:39:2a:da:31:2f:a9:ef:
fe:59:5b:d8:7e:22:83:5e:27:0f:3a:9e:4a:c4:49:4f:6f:de:
3d:3c:cb:5f:a3:03:b0:5c:60:80:a9:bd:96:81:eb:5c:a1:8e:
d8:fa:81:e6:36:86:6a:07:7b:53:46:63:e4:a7:c0:f4:4f:38:
c6:16:25:a4:6d:54:e9:9a:01:9a:64:8b:be:86:33:ab:ca:21:
44:b9:5c:2c:97:b8:4b:72:32:6c:f7:39:44:e0:76:ac:a6:a8:
4a:71:4b:8e:ee:be:67:dc:b1:bd:5e:80:ce:76:a2:7d:68:d9:
63:54:aa:80:47:c4:3a:74:bf:c3:c6:19:47:d5:ef:51:31:a7:
32:d8:b0:58:6d:1c:59:ea:27:a3:3f:99:f8:ee:62:f9:fe:11:
9e:61:08:59:fa:0c:94:89:41:b3:63:34:e6:7f:6d:fb:bf:59:
4d:63:01:15:86:86:15:a5:29:40:30:93:e3:28:d9:bb:69:ba:
3d:26:c0:c0
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAZ1EUCvWV3O8j/lWSoX7mrrSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjYwMzMxMTQzMzE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDk0NWUwMDAzOTE0ZTBjNDU4NGMwNDdiMjNkMWI3OWFhODUyMGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4pglw8zguZIalLtg8FAoOtFlD+O9
gKI2ctacazKppYF8k4wXY5q8WQqI5PS8iC5yfwI7/6XAYbXGD45azv8u33RoyCH5
GEORldWGDyN04niti1w9VZzNHDIdaPvGFjOqXRfgeCPuv+0EBnZTHpRRjUbOBpyR
ticONa56a2UtERLiJ9/k2feShZ0gymYCtlAao9sDt1NpQb1dMOqf3WPD3l2IQrAt
yaIAZJnEDB3bRwdSD+7O4dbKdoPMSBUzQ4gz9zGROxJ6KjfSiYP9ftVkxxSktxaK
gNTRi6KfF02I/fLw4i3zl9Qc0lM09n4fnOrniRk3Ic9l1uDKNjTSR1kxKQIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFK2UXgADkU4MRYTAR7I9G3mqhSDIMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvclpSZUFBT1JUZ3hGaE1CSHNqMGJlYXFGSU1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzB0BAIAATBuAwQAH9Iv
AwQATVyDAwQATVyOAwQBTVyYAwQATodDAwQATodGAwQATodKAwQATodWAwQATodZ
MAwDBABOh2EDBABOh2IDBAFOh2oDBAC5EYgDBAC8hJ8DBAC8hMEDBAC8hNYDBAC8
hOQDBAC8hPswDwQCAAIwCQMHASoQlEAAADANBgkqhkiG9w0BAQsFAAOCAQEALJY0
BPOFOJLoiwHeFLpqjIoq/z089do5LiwabHqxz1ld5arPCq5VN1YaXQxcjeOwQSW1
L+zMPCHI3mIGB7IsW8M5KtoxL6nv/llb2H4ig14nDzqeSsRJT2/ePTzLX6MDsFxg
gKm9loHrXKGO2PqB5jaGagd7U0Zj5KfA9E84xhYlpG1U6ZoBmmSLvoYzq8ohRLlc
LJe4S3IybPc5ROB2rKaoSnFLju6+Z9yxvV6AznaifWjZY1SqgEfEOnS/w8YZR9Xv
UTGnMtiwWG0cWeonoz+Z+O5i+f4RnmEIWfoMlIlBs2M05n9t+79ZTWMBFYaGFaUp
QDCT4yjZu2m6PSbAwA==
-----END CERTIFICATE-----
Generated at Fri Apr 17 06:31:36 2026 by rpki-client