Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/aZQSNUG3kmsey24lSnSYSxehvB0.roa
File: aZQSNUG3kmsey24lSnSYSxehvB0.roa (raw, json)
Hash identifier: 1d6YXvemTUjAZLz7emcZYEGZYBf0icBBAghr5r+f9j4=
Subject key identifier: 69:94:12:35:41:B7:92:6B:1E:CB:6E:25:4A:74:98:4B:17:A1:BC:1D
Certificate issuer: /CN=f4b9ea4d9d83a728dd41029e86af8a130d389ed4
Certificate serial: 019D8D2FE73794857BA582531A33E02E8206
Authority key identifier: F4:B9:EA:4D:9D:83:A7:28:DD:41:02:9E:86:AF:8A:13:0D:38:9E:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9LnqTZ2DpyjdQQKehq-KEw04ntQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/aZQSNUG3kmsey24lSnSYSxehvB0.roa
Signing time: Tue 14 Apr 2026 18:10:20 +0000
ROA not before: Tue 14 Apr 2026 18:10:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 208185
IP address blocks: 31.133.80.0/24 maxlen: 24
31.133.81.0/24 maxlen: 24
31.133.82.0/24 maxlen: 24
31.133.83.0/24 maxlen: 24
31.133.88.0/24 maxlen: 24
31.133.89.0/24 maxlen: 24
31.133.90.0/24 maxlen: 24
31.133.91.0/24 maxlen: 24
176.103.224.0/24 maxlen: 24
176.103.225.0/24 maxlen: 24
176.103.226.0/24 maxlen: 24
176.103.227.0/24 maxlen: 24
176.103.232.0/24 maxlen: 24
176.103.233.0/24 maxlen: 24
176.103.234.0/24 maxlen: 24
176.103.235.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/9LnqTZ2DpyjdQQKehq-KEw04ntQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/9LnqTZ2DpyjdQQKehq-KEw04ntQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/9LnqTZ2DpyjdQQKehq-KEw04ntQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:8d:2f:e7:37:94:85:7b:a5:82:53:1a:33:e0:2e:82:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4b9ea4d9d83a728dd41029e86af8a130d389ed4
Validity
Not Before: Apr 14 18:10:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6994123541b7926b1ecb6e254a74984b17a1bc1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:ec:db:8f:f0:ba:7b:46:7c:cb:f4:b5:a9:3a:
51:b7:c6:14:d5:10:93:58:b9:5d:fa:e7:61:a5:19:
5a:26:ef:b7:20:0c:f4:c3:ab:37:1d:42:a9:be:36:
bc:aa:bc:e7:1d:d8:79:84:1b:42:e1:01:d8:b5:94:
ea:a5:e7:aa:1a:e0:91:f2:f4:36:38:b8:fb:af:98:
6f:7a:02:39:d8:fc:61:78:4c:80:b2:5a:01:bc:90:
ed:ad:91:c8:bd:69:4c:bb:c6:b6:11:52:69:14:38:
c9:c4:d7:9b:a9:42:bf:8b:f4:77:b1:bd:1f:15:7d:
24:47:00:a4:6b:7d:a4:51:6d:8b:36:63:bf:d7:a5:
7d:ec:f2:2b:d1:8e:c8:1b:b8:c5:9c:82:90:50:98:
59:15:6d:72:2f:09:86:46:79:e9:0e:de:c7:0f:b9:
a9:bc:a3:46:cd:95:e8:b7:82:09:72:34:4c:ea:c2:
63:46:12:d1:5b:94:96:2e:5f:f5:39:38:0a:21:af:
cb:66:24:bc:e3:98:dc:2e:5a:10:f4:0d:af:ba:4e:
4c:cf:e6:11:bd:28:11:eb:5e:0a:f4:f8:fa:85:f0:
ba:43:8e:f7:68:47:7d:f5:ad:d2:d2:9a:a5:2f:93:
9a:a8:fc:e2:74:b9:59:2a:d8:36:7d:5b:60:74:ee:
34:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:94:12:35:41:B7:92:6B:1E:CB:6E:25:4A:74:98:4B:17:A1:BC:1D
X509v3 Authority Key Identifier:
keyid:F4:B9:EA:4D:9D:83:A7:28:DD:41:02:9E:86:AF:8A:13:0D:38:9E:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9LnqTZ2DpyjdQQKehq-KEw04ntQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/aZQSNUG3kmsey24lSnSYSxehvB0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/9LnqTZ2DpyjdQQKehq-KEw04ntQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.133.80.0/22
31.133.88.0/22
176.103.224.0/22
176.103.232.0/22
Signature Algorithm: sha256WithRSAEncryption
18:24:61:ba:5c:38:f9:59:f3:e8:52:3a:60:9c:9d:de:06:12:
79:93:8f:2e:f1:fa:42:0c:30:0a:72:9e:5b:e0:5a:6d:3e:19:
7b:e5:b6:c5:94:7a:af:66:22:f6:67:75:a3:93:2b:66:ae:43:
bc:76:50:36:d8:13:13:01:89:af:d1:49:35:fa:65:36:47:ab:
db:7b:df:4c:66:73:a0:35:5f:99:31:c4:37:52:00:e0:33:fc:
c5:0e:77:61:d4:d3:0c:c7:41:d0:a9:8a:d1:a2:ac:0b:98:f2:
66:c0:6e:0c:06:ed:0f:ed:39:b4:10:4a:23:49:ae:f6:11:d1:
54:25:71:62:60:52:b3:15:d2:05:5d:ad:db:01:6a:89:6a:06:
5e:96:cd:69:b8:d8:ed:d2:89:b6:40:4e:08:8a:e1:1c:91:63:
da:58:11:80:44:31:14:2a:64:f4:b7:21:2f:4e:13:da:02:9d:
63:51:0e:d2:4b:0c:c8:bf:8d:fb:17:17:93:85:e9:d0:0e:d6:
b4:3e:a0:e2:e8:6a:70:e6:28:64:b2:33:02:ad:29:89:74:76:
46:e6:1b:94:fa:fc:36:c4:48:c0:68:e2:83:e7:57:6a:f7:0f:
42:39:3c:b2:45:f0:fe:0c:34:0d:f2:2f:43:6c:65:21:c3:05:
da:da:5f:22
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ2NL+c3lIV7pYJTGjPgLoIGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0YjllYTRkOWQ4M2E3MjhkZDQxMDI5ZTg2YWY4YTEzMGQz
ODllZDQwHhcNMjYwNDE0MTgxMDIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTk0MTIzNTQxYjc5MjZiMWVjYjZlMjU0YTc0OTg0YjE3YTFiYzFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvezbj/C6e0Z8y/S1qTpRt8YU1RCT
WLld+udhpRlaJu+3IAz0w6s3HUKpvja8qrznHdh5hBtC4QHYtZTqpeeqGuCR8vQ2
OLj7r5hvegI52PxheEyAsloBvJDtrZHIvWlMu8a2EVJpFDjJxNebqUK/i/R3sb0f
FX0kRwCka32kUW2LNmO/16V97PIr0Y7IG7jFnIKQUJhZFW1yLwmGRnnpDt7HD7mp
vKNGzZXot4IJcjRM6sJjRhLRW5SWLl/1OTgKIa/LZiS845jcLloQ9A2vuk5Mz+YR
vSgR614K9Pj6hfC6Q473aEd99a3S0pqlL5OaqPzidLlZKtg2fVtgdO40YQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGmUEjVBt5JrHstuJUp0mEsXobwdMB8GA1UdIwQY
MBaAFPS56k2dg6co3UECnoavihMNOJ7UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUxucVRaMkRweWpkUVFLZWhxLUtFdzA0bnRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8xNGYzMDUtMDEzYi00NTNlLWFjNTMt
MDgxY2IyYjE3YWI1LzEvYVpRU05VRzNrbXNleTI0bFNuU1lTeGVodkIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My8xNGYzMDUtMDEzYi00NTNlLWFjNTMtMDgxY2IyYjE3YWI1
LzEvOUxucVRaMkRweWpkUVFLZWhxLUtFdzA0bnRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCH4VQAwQC
H4VYAwQCsGfgAwQCsGfoMA0GCSqGSIb3DQEBCwUAA4IBAQAYJGG6XDj5WfPoUjpg
nJ3eBhJ5k48u8fpCDDAKcp5b4FptPhl75bbFlHqvZiL2Z3WjkytmrkO8dlA22BMT
AYmv0Uk1+mU2R6vbe99MZnOgNV+ZMcQ3UgDgM/zFDndh1NMMx0HQqYrRoqwLmPJm
wG4MBu0P7Tm0EEojSa72EdFUJXFiYFKzFdIFXa3bAWqJagZels1puNjt0om2QE4I
iuEckWPaWBGARDEUKmT0tyEvThPaAp1jUQ7SSwzIv437FxeThenQDta0PqDi6Gpw
5ihksjMCrSmJdHZG5huU+vw2xEjAaOKD51dq9w9COTyyRfD+DDQN8i9DbGUhwwXa
2l8i
-----END CERTIFICATE-----
Generated at Fri Apr 17 17:28:57 2026 by rpki-client