Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/6a9682-201b-4e01-ba09-07474524ef9a/1/Vvb80MYSkguz6_4hy1kdfE1ltwA.roa
File: Vvb80MYSkguz6_4hy1kdfE1ltwA.roa (raw, json)
Hash identifier: sqkJWQ9Xeo1TklNk71WrnovXu2Ri41sp487lWIh/DUU=
Subject key identifier: 56:F6:FC:D0:C6:12:92:0B:B3:EB:FE:21:CB:59:1D:7C:4D:65:B7:00
Certificate issuer: /CN=f071f4d119d0b74fb66e37a7ef878d449d54ddc8
Certificate serial: 019C08E941BACC22A98E2E61D456CC976208
Authority key identifier: F0:71:F4:D1:19:D0:B7:4F:B6:6E:37:A7:EF:87:8D:44:9D:54:DD:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8HH00RnQt0-2bjen74eNRJ1U3cg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/6a9682-201b-4e01-ba09-07474524ef9a/1/Vvb80MYSkguz6_4hy1kdfE1ltwA.roa
Signing time: Thu 29 Jan 2026 08:40:30 +0000
ROA not before: Thu 29 Jan 2026 08:40:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 30722
IP address blocks: 2.32.0.0/16 maxlen: 20
2.33.0.0/17 maxlen: 17
2.33.128.0/17 maxlen: 17
2.33.176.0/20 maxlen: 20
2.34.0.0/15 maxlen: 20
2.36.0.0/14 maxlen: 18
2.40.0.0/16 maxlen: 20
2.41.0.0/16 maxlen: 16
2.42.0.0/16 maxlen: 20
2.43.0.0/16 maxlen: 16
2.44.0.0/16 maxlen: 19
2.45.0.0/16 maxlen: 20
2.46.0.0/15 maxlen: 20
5.88.0.0/13 maxlen: 20
31.26.0.0/16 maxlen: 16
31.27.0.0/18 maxlen: 18
31.27.96.0/20 maxlen: 20
31.27.128.0/17 maxlen: 19
31.27.192.0/19 maxlen: 19
31.27.224.0/19 maxlen: 19
31.156.0.0/14 maxlen: 19
37.116.0.0/16 maxlen: 19
37.117.0.0/16 maxlen: 19
37.118.0.0/16 maxlen: 16
37.119.0.0/17 maxlen: 19
37.119.128.0/17 maxlen: 20
37.159.0.0/17 maxlen: 17
37.159.128.0/17 maxlen: 20
37.176.0.0/13 maxlen: 20
47.53.0.0/16 maxlen: 16
47.53.32.0/19 maxlen: 19
47.53.64.0/19 maxlen: 19
47.53.128.0/19 maxlen: 19
47.53.160.0/19 maxlen: 19
47.53.208.0/20 maxlen: 20
83.224.64.0/20 maxlen: 20
83.224.80.0/24 maxlen: 24
83.224.81.0/24 maxlen: 24
83.224.86.0/23 maxlen: 23
83.224.128.0/17 maxlen: 17
83.225.0.0/16 maxlen: 16
91.80.0.0/19 maxlen: 19
91.80.32.0/21 maxlen: 21
91.80.46.0/24 maxlen: 24
91.80.48.0/20 maxlen: 24
91.80.64.0/18 maxlen: 18
91.80.128.0/17 maxlen: 17
91.81.0.0/17 maxlen: 19
91.81.128.0/17 maxlen: 24
93.64.0.0/16 maxlen: 18
93.65.0.0/16 maxlen: 18
93.66.0.0/15 maxlen: 17
93.68.0.0/16 maxlen: 16
93.69.0.0/16 maxlen: 16
93.70.0.0/16 maxlen: 18
93.71.0.0/16 maxlen: 18
93.144.0.0/16 maxlen: 20
93.145.0.0/16 maxlen: 20
93.146.0.0/16 maxlen: 20
93.147.0.0/16 maxlen: 20
93.148.0.0/16 maxlen: 20
93.149.0.0/16 maxlen: 20
93.150.0.0/16 maxlen: 20
93.151.128.0/17 maxlen: 20
109.112.0.0/15 maxlen: 15
109.114.0.0/15 maxlen: 19
109.115.96.0/19 maxlen: 19
109.115.192.0/19 maxlen: 19
109.115.224.0/19 maxlen: 19
109.116.0.0/15 maxlen: 20
109.118.0.0/16 maxlen: 16
109.119.0.0/16 maxlen: 16
130.0.128.0/18 maxlen: 21
130.25.0.0/16 maxlen: 18
176.242.0.0/15 maxlen: 15
176.244.0.0/14 maxlen: 14
188.152.0.0/17 maxlen: 20
188.152.128.0/17 maxlen: 20
188.153.0.0/16 maxlen: 20
188.216.0.0/15 maxlen: 17
188.218.0.0/15 maxlen: 18
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/6a9682-201b-4e01-ba09-07474524ef9a/1/8HH00RnQt0-2bjen74eNRJ1U3cg.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/6a9682-201b-4e01-ba09-07474524ef9a/1/8HH00RnQt0-2bjen74eNRJ1U3cg.mft
rsync://rpki.ripe.net/repository/DEFAULT/8HH00RnQt0-2bjen74eNRJ1U3cg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:08:e9:41:ba:cc:22:a9:8e:2e:61:d4:56:cc:97:62:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f071f4d119d0b74fb66e37a7ef878d449d54ddc8
Validity
Not Before: Jan 29 08:40:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=56f6fcd0c612920bb3ebfe21cb591d7c4d65b700
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:4a:27:b4:29:02:10:e0:88:9e:e1:0c:7e:4d:
a7:1f:57:8d:49:b4:c2:cd:c0:e5:ee:0e:6a:bb:f6:
bc:e5:bc:18:73:c1:3b:d5:c4:5a:11:87:a2:5a:be:
fc:4d:54:6f:c0:5f:a7:23:32:52:37:52:8b:ca:35:
d5:e6:e5:8e:91:3b:b6:b2:5a:07:6a:f2:b4:4e:d8:
1e:cc:52:e1:b5:cc:22:7e:f8:f4:dd:b0:4b:aa:2a:
26:9a:de:72:cb:95:89:69:0b:1b:fb:58:22:35:69:
e3:22:b8:72:c4:e9:0d:24:2c:f9:ab:bc:a0:21:07:
49:b4:3d:d4:6d:cf:a5:24:c3:ea:54:8a:78:15:1e:
84:af:fe:36:a3:c0:fb:48:1d:81:7d:62:d3:4e:72:
65:0b:cf:01:3c:2e:1e:1a:ef:ec:46:aa:30:9b:44:
2f:15:32:8a:81:d5:9f:cb:2b:e8:b0:e8:3c:4b:8f:
b8:ff:ea:89:08:83:e8:40:6f:96:7a:50:b5:27:8d:
80:03:2d:47:36:f6:68:8d:0d:a5:b3:82:39:e4:f0:
b3:85:f7:10:35:01:ba:b1:9f:91:e3:84:89:c8:fe:
72:ef:c7:64:0f:86:7c:0d:4d:b3:86:27:f9:08:41:
d0:93:68:a5:ee:fc:20:4c:3c:a4:f9:22:3b:55:be:
66:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:F6:FC:D0:C6:12:92:0B:B3:EB:FE:21:CB:59:1D:7C:4D:65:B7:00
X509v3 Authority Key Identifier:
keyid:F0:71:F4:D1:19:D0:B7:4F:B6:6E:37:A7:EF:87:8D:44:9D:54:DD:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8HH00RnQt0-2bjen74eNRJ1U3cg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/6a9682-201b-4e01-ba09-07474524ef9a/1/Vvb80MYSkguz6_4hy1kdfE1ltwA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/6a9682-201b-4e01-ba09-07474524ef9a/1/8HH00RnQt0-2bjen74eNRJ1U3cg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.32.0.0/12
5.88.0.0/13
31.26.0.0-31.27.63.255
31.27.96.0/20
31.27.128.0/17
31.156.0.0/14
37.116.0.0/14
37.159.0.0/16
37.176.0.0/13
47.53.0.0/16
83.224.64.0-83.224.81.255
83.224.86.0/23
83.224.128.0-83.225.255.255
91.80.0.0-91.80.39.255
91.80.46.0/24
91.80.48.0-91.81.255.255
93.64.0.0/13
93.144.0.0-93.150.255.255
93.151.128.0/17
109.112.0.0/13
130.0.128.0/18
130.25.0.0/16
176.242.0.0-176.247.255.255
188.152.0.0/15
188.216.0.0/14
Signature Algorithm: sha256WithRSAEncryption
b6:29:4d:f8:62:1f:1b:66:a6:83:91:f3:52:75:61:6b:d4:b7:
33:f7:9d:c3:99:34:dd:26:ba:b2:78:e6:fb:fa:9f:88:d1:30:
d6:65:3d:52:1b:45:0e:db:3f:9b:8b:29:33:97:0f:d1:6d:0d:
ff:82:06:b0:83:63:8b:a5:63:83:bd:a8:eb:a2:03:53:fb:0d:
a6:d9:c5:c1:8e:d2:c0:fa:e3:06:07:da:83:54:12:96:60:fe:
08:3b:76:c5:ac:93:88:50:44:78:45:69:dc:58:3c:53:dd:55:
2c:5a:63:46:f9:1d:20:05:a8:3d:92:82:a3:66:ba:f5:54:07:
a1:4e:f3:a5:75:20:23:c2:cb:31:3a:38:dc:d3:1b:c7:06:01:
f0:a2:e5:90:09:78:97:cb:64:22:ae:26:44:9c:61:0c:72:6b:
a9:13:59:07:bf:ac:fb:09:5e:d5:1b:ed:50:a2:41:99:79:ab:
68:18:b8:9a:86:9a:f3:a3:5f:ef:d7:ae:ff:ca:da:5e:7f:db:
b7:9f:50:08:da:fb:cd:6b:67:1b:05:f3:bf:10:ef:a7:84:71:
c7:40:f3:ca:3d:80:4f:e5:a0:98:38:b3:6d:1b:e4:24:de:3e:
12:e2:03:e1:bb:19:34:fb:d7:54:63:7a:78:dc:58:e5:97:79:
e3:dc:5a:1d
-----BEGIN CERTIFICATE-----
MIIFtjCCBJ6gAwIBAgISAZwI6UG6zCKpji5h1FbMl2IIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNzFmNGQxMTlkMGI3NGZiNjZlMzdhN2VmODc4ZDQ0OWQ1
NGRkYzgwHhcNMjYwMTI5MDg0MDMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmY2ZmNkMGM2MTI5MjBiYjNlYmZlMjFjYjU5MWQ3YzRkNjViNzAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhEontCkCEOCInuEMfk2nH1eNSbTC
zcDl7g5qu/a85bwYc8E71cRaEYeiWr78TVRvwF+nIzJSN1KLyjXV5uWOkTu2sloH
avK0TtgezFLhtcwifvj03bBLqiommt5yy5WJaQsb+1giNWnjIrhyxOkNJCz5q7yg
IQdJtD3Ubc+lJMPqVIp4FR6Er/42o8D7SB2BfWLTTnJlC88BPC4eGu/sRqowm0Qv
FTKKgdWfyyvosOg8S4+4/+qJCIPoQG+WelC1J42AAy1HNvZojQ2ls4I55PCzhfcQ
NQG6sZ+R44SJyP5y78dkD4Z8DU2zhif5CEHQk2il7vwgTDyk+SI7Vb5mqQIDAQAB
o4ICwjCCAr4wHQYDVR0OBBYEFFb2/NDGEpILs+v+IctZHXxNZbcAMB8GA1UdIwQY
MBaAFPBx9NEZ0LdPtm43p++HjUSdVN3IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEhIMDBSblF0MC0yYmplbjc0ZU5SSjFVM2NnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny82YTk2ODItMjAxYi00ZTAxLWJhMDkt
MDc0NzQ1MjRlZjlhLzEvVnZiODBNWVNrZ3V6Nl80aHkxa2RmRTFsdHdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny82YTk2ODItMjAxYi00ZTAxLWJhMDktMDc0NzQ1MjRlZjlh
LzEvOEhIMDBSblF0MC0yYmplbjc0ZU5SSjFVM2NnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHXBggrBgEFBQcBBwEB/wSBxzCBxDCBwQQCAAEwgboDAwQC
IAMDAwVYMAsDAwEfGgMEBh8bAAMEBB8bYAMEBx8bgAMDAh+cAwMCJXQDAwAlnwMD
AyWwAwMALzUwDAMEBlPgQAMEAVPgUAMEAVPgVjALAwQHU+CAAwMBU+AwCwMDBFtQ
AwQDW1AgAwQAW1AuMAsDBARbUDADAwFbUAMDA11AMAoDAwRdkAMDAF2WAwQHXZeA
AwMDbXADBAaCAIADAwCCGTAKAwMBsPIDAwOw8AMDAbyYAwMCvNgwDQYJKoZIhvcN
AQELBQADggEBALYpTfhiHxtmpoOR81J1YWvUtzP3ncOZNN0murJ45vv6n4jRMNZl
PVIbRQ7bP5uLKTOXD9FtDf+CBrCDY4ulY4O9qOuiA1P7DabZxcGO0sD64wYH2oNU
EpZg/gg7dsWsk4hQRHhFadxYPFPdVSxaY0b5HSAFqD2SgqNmuvVUB6FO86V1ICPC
yzE6ONzTG8cGAfCi5ZAJeJfLZCKuJkScYQxya6kTWQe/rPsJXtUb7VCiQZl5q2gY
uJqGmvOjX+/Xrv/K2l5/27efUAja+81rZxsF878Q76eEccdA88o9gE/loJg4s20b
5CTePhLiA+G7GTT711RjenjcWOWXeePcWh0=
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:23:56 2026 by rpki-client