Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/TWqDL4xwTJAerYnaiZTVNjcmRw8.roa
File: TWqDL4xwTJAerYnaiZTVNjcmRw8.roa (raw, json)
Hash identifier: jhI14tbDzGRaagRzlpU9uJeuznOm7czgF80IulRNJZc=
Subject key identifier: 4D:6A:83:2F:8C:70:4C:90:1E:AD:89:DA:89:94:D5:36:37:26:47:0F
Certificate issuer: /CN=b35002ba088d5bd09c1553dced5b0bf3907ff736
Certificate serial: 019D6D8E2378E6B00917EAE94BC841E03815
Authority key identifier: B3:50:02:BA:08:8D:5B:D0:9C:15:53:DC:ED:5B:0B:F3:90:7F:F7:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s1ACugiNW9CcFVPc7VsL85B_9zY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/TWqDL4xwTJAerYnaiZTVNjcmRw8.roa
Signing time: Wed 08 Apr 2026 14:45:24 +0000
ROA not before: Wed 08 Apr 2026 14:45:24 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 199152
IP address blocks: 91.239.23.0/24 maxlen: 24
146.19.84.0/24 maxlen: 24
2a0a:2e80::/32 maxlen: 32
2a0a:2e81::/32 maxlen: 32
2a0a:2e82::/36 maxlen: 36
2a0a:2e83::/36 maxlen: 36
2a0a:2e84::/36 maxlen: 36
2a0a:2e85::/36 maxlen: 36
2a0a:2e86::/32 maxlen: 32
2a0a:2e86:1000::/36 maxlen: 36
2a0a:2e86:2000::/36 maxlen: 36
2a0a:2e86:3000::/36 maxlen: 36
2a0a:2e86:4000::/36 maxlen: 36
2a0a:2e86:5000::/36 maxlen: 36
2a0a:2e86:6000::/36 maxlen: 36
2a0a:2e86:7000::/36 maxlen: 36
2a0a:2e86:8000::/36 maxlen: 36
2a0a:2e86:9000::/36 maxlen: 36
2a0a:2e86:a000::/36 maxlen: 36
2a0a:2e86:b000::/36 maxlen: 36
2a0a:2e87::/32 maxlen: 32
2a11:7e41::/48 maxlen: 48
2a11:7e41:1::/48 maxlen: 48
2a11:7e41:2::/48 maxlen: 48
2a11:7e41:3::/48 maxlen: 48
2a11:7e42::/36 maxlen: 36
2a11:7e43::/36 maxlen: 36
2a11:7e44::/32 maxlen: 32
2a11:7e45::/32 maxlen: 32
2a11:7e47:b001::/48 maxlen: 48
2a11:8480::/32 maxlen: 32
2a11:8482::/36 maxlen: 36
2a11:8483::/36 maxlen: 36
2a11:8484::/32 maxlen: 32
2a11:df41::/32 maxlen: 32
2a11:df42::/36 maxlen: 36
2a11:df43::/36 maxlen: 36
2a11:df44::/32 maxlen: 32
2a11:df45::/32 maxlen: 32
2a11:df46::/32 maxlen: 32
2a11:df47::/32 maxlen: 32
2a12:6700::/32 maxlen: 32
2a12:6703::/36 maxlen: 36
2a12:6704::/36 maxlen: 36
2a12:6705::/32 maxlen: 32
2a12:6706::/32 maxlen: 32
2a12:6707::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/s1ACugiNW9CcFVPc7VsL85B_9zY.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/s1ACugiNW9CcFVPc7VsL85B_9zY.mft
rsync://rpki.ripe.net/repository/DEFAULT/s1ACugiNW9CcFVPc7VsL85B_9zY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 14:01:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:6d:8e:23:78:e6:b0:09:17:ea:e9:4b:c8:41:e0:38:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b35002ba088d5bd09c1553dced5b0bf3907ff736
Validity
Not Before: Apr 8 14:45:24 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4d6a832f8c704c901ead89da8994d5363726470f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:9d:00:d3:ef:52:f4:1e:5a:3b:4f:8b:ff:aa:
6f:ee:1c:58:a5:c5:52:aa:fa:74:40:db:c4:2a:a5:
41:d0:15:3c:32:e1:59:ff:5d:d9:25:be:39:1a:24:
5b:90:c3:0d:55:a6:14:dd:67:c0:d5:6b:0a:fb:6c:
52:3b:94:a4:9b:d1:83:84:27:02:f0:bd:7c:86:b9:
dc:60:ac:a4:74:19:22:c4:87:2d:77:03:5a:b7:e5:
c5:75:38:49:3d:4f:5c:f0:ed:2e:b0:f8:94:4a:4b:
0a:36:dc:58:f7:da:01:09:98:39:b7:30:6f:9e:d9:
14:96:40:28:55:4b:8a:6a:b7:09:80:a2:85:9e:d7:
82:00:01:ac:69:4a:4d:1e:e1:93:5c:27:71:53:8f:
57:4c:72:f3:3e:1f:23:bf:f6:e1:c2:06:9a:43:2b:
28:63:44:25:58:cc:25:b9:6f:a8:a2:0a:b1:49:85:
95:1d:51:1c:00:a0:91:1e:63:80:07:7e:b1:b7:49:
90:71:ac:94:24:0f:be:08:a9:ad:38:68:7b:b5:98:
42:7d:9d:08:53:63:3c:76:1d:60:05:5b:f6:28:8a:
7e:51:12:18:42:ba:5a:db:0e:03:2c:e5:fe:6c:9a:
39:9d:61:26:f3:48:7a:d1:01:81:e7:96:01:fc:73:
f1:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:6A:83:2F:8C:70:4C:90:1E:AD:89:DA:89:94:D5:36:37:26:47:0F
X509v3 Authority Key Identifier:
keyid:B3:50:02:BA:08:8D:5B:D0:9C:15:53:DC:ED:5B:0B:F3:90:7F:F7:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s1ACugiNW9CcFVPc7VsL85B_9zY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/TWqDL4xwTJAerYnaiZTVNjcmRw8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/s1ACugiNW9CcFVPc7VsL85B_9zY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.23.0/24
146.19.84.0/24
IPv6:
2a0a:2e80::-2a0a:2e82:fff:ffff:ffff:ffff:ffff:ffff
2a0a:2e83::/36
2a0a:2e84::/36
2a0a:2e85::/36
2a0a:2e86::/31
2a11:7e41::/46
2a11:7e42::/36
2a11:7e43::/36
2a11:7e44::/31
2a11:7e47:b001::/48
2a11:8480::/32
2a11:8482::/36
2a11:8483::/36
2a11:8484::/32
2a11:df41::-2a11:df42:fff:ffff:ffff:ffff:ffff:ffff
2a11:df43::/36
2a11:df44::/30
2a12:6700::/32
2a12:6703::/36
2a12:6704::/36
2a12:6705::-2a12:6707:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
29:b7:ec:fa:ac:91:7b:1e:ba:fb:b4:60:73:25:c3:aa:39:eb:
0c:f8:9a:51:6d:96:f3:41:0d:42:0c:13:45:b9:d1:f1:47:f0:
56:bb:77:54:9b:96:fb:a1:52:24:5e:e9:ce:41:05:9d:1d:c5:
27:48:04:13:6d:0c:c4:60:46:6a:7a:10:6b:77:16:78:28:89:
ca:63:51:42:82:f1:cc:01:d9:22:96:94:b5:d0:3e:1c:17:e8:
38:8c:21:43:70:58:4b:d2:65:27:0b:ca:a2:a6:03:69:88:75:
ea:3b:2e:e7:97:68:26:35:51:76:f0:24:24:7b:35:ff:88:53:
0b:7f:4a:68:b9:71:84:32:2e:34:f2:07:b2:b7:96:fc:64:60:
a7:11:65:7a:87:f8:39:33:55:58:a2:c8:21:a2:5d:01:6f:79:
41:fb:4e:7e:fa:a3:18:13:d0:dd:2d:7a:1e:3e:9f:2d:21:fd:
5b:1c:f5:8a:a0:58:af:9d:8a:7e:29:3a:96:ab:92:cc:5f:83:
5d:dc:05:a6:b4:f9:2c:d9:a4:1d:f0:0a:ad:19:88:4c:82:f8:
4b:c7:0b:27:f7:b8:c4:65:55:0a:66:3a:2d:c4:9b:72:59:bf:
72:be:68:71:03:6d:6c:09:92:ba:71:d8:fd:f1:27:ca:d1:bf:
b8:20:77:47
-----BEGIN CERTIFICATE-----
MIIFzjCCBLagAwIBAgISAZ1tjiN45rAJF+rpS8hB4DgVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzNTAwMmJhMDg4ZDViZDA5YzE1NTNkY2VkNWIwYmYzOTA3
ZmY3MzYwHhcNMjYwNDA4MTQ0NTI0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDZhODMyZjhjNzA0YzkwMWVhZDg5ZGE4OTk0ZDUzNjM3MjY0NzBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJ0A0+9S9B5aO0+L/6pv7hxYpcVS
qvp0QNvEKqVB0BU8MuFZ/13ZJb45GiRbkMMNVaYU3WfA1WsK+2xSO5Skm9GDhCcC
8L18hrncYKykdBkixIctdwNat+XFdThJPU9c8O0usPiUSksKNtxY99oBCZg5tzBv
ntkUlkAoVUuKarcJgKKFnteCAAGsaUpNHuGTXCdxU49XTHLzPh8jv/bhwgaaQyso
Y0QlWMwluW+oogqxSYWVHVEcAKCRHmOAB36xt0mQcayUJA++CKmtOGh7tZhCfZ0I
U2M8dh1gBVv2KIp+URIYQrpa2w4DLOX+bJo5nWEm80h60QGB55YB/HPxPwIDAQAB
o4IC2jCCAtYwHQYDVR0OBBYEFE1qgy+McEyQHq2J2omU1TY3JkcPMB8GA1UdIwQY
MBaAFLNQAroIjVvQnBVT3O1bC/OQf/c2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczFBQ3VnaU5XOUNjRlZQYzdWc0w4NUJfOXpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9mZTRiMDYtZmMyZS00YmNiLTg3N2Ut
YWYxZWYxZDdhZmI4LzEvVFdxREw0eHdUSkFlclluYWlaVFZOamNtUnc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9mZTRiMDYtZmMyZS00YmNiLTg3N2UtYWYxZWYxZDdhZmI4
LzEvczFBQ3VnaU5XOUNjRlZQYzdWc0w4NUJfOXpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHvBggrBgEFBQcBBwEB/wSB3zCB3DASBAIAATAMAwQAW+8X
AwQAkhNUMIHFBAIAAjCBvjAPAwUHKgougAMGBCoKLoIAAwYEKgougwADBgQqCi6E
AAMGBCoKLoUAAwUBKgouhgMHAioRfkEAAAMGBCoRfkIAAwYEKhF+QwADBQEqEX5E
AwcAKhF+R7ABAwUAKhGEgAMGBCoRhIIAAwYEKhGEgwADBQAqEYSEMA8DBQAqEd9B
AwYEKhHfQgADBgQqEd9DAAMFAioR30QDBQAqEmcAAwYEKhJnAwADBgQqEmcEADAO
AwUAKhJnBQMFAyoSZwAwDQYJKoZIhvcNAQELBQADggEBACm37PqskXseuvu0YHMl
w6o56wz4mlFtlvNBDUIME0W50fFH8Fa7d1SblvuhUiRe6c5BBZ0dxSdIBBNtDMRg
Rmp6EGt3FngoicpjUUKC8cwB2SKWlLXQPhwX6DiMIUNwWEvSZScLyqKmA2mIdeo7
LueXaCY1UXbwJCR7Nf+IUwt/Smi5cYQyLjTyB7K3lvxkYKcRZXqH+DkzVViiyCGi
XQFveUH7Tn76oxgT0N0teh4+ny0h/Vsc9YqgWK+din4pOparksxfg13cBaa0+SzZ
pB3wCq0ZiEyC+EvHCyf3uMRlVQpmOi3Em3JZv3K+aHEDbWwJkrpx2P3xJ8rRv7gg
d0c=
-----END CERTIFICATE-----
Generated at Fri Apr 17 21:21:13 2026 by rpki-client