Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/dc7030-78cc-4800-888d-1427dd16efa4/1/4VUMB4eNqxCh6QAJlqfFP96FBzM.roa
File: 4VUMB4eNqxCh6QAJlqfFP96FBzM.roa (raw, json)
Hash identifier: jItvJxY9TNKdGDTOhv6bg4Ex137MBeodiD35XiWfcq8=
Subject key identifier: E1:55:0C:07:87:8D:AB:10:A1:E9:00:09:96:A7:C5:3F:DE:85:07:33
Certificate issuer: /CN=2e368b0aec6c7fd48d0d96b4077a23f906a86a48
Certificate serial: 019D9A631FB21DFD29EA2D8F746900C667C0
Authority key identifier: 2E:36:8B:0A:EC:6C:7F:D4:8D:0D:96:B4:07:7A:23:F9:06:A8:6A:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LjaLCuxsf9SNDZa0B3oj-Qaoakg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/dc7030-78cc-4800-888d-1427dd16efa4/1/4VUMB4eNqxCh6QAJlqfFP96FBzM.roa
Signing time: Fri 17 Apr 2026 07:41:20 +0000
ROA not before: Fri 17 Apr 2026 07:41:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 199242
IP address blocks: 5.255.57.0/24 maxlen: 24
5.255.61.0/24 maxlen: 24
5.255.62.0/23 maxlen: 23
23.252.66.0/23 maxlen: 23
23.252.68.0/24 maxlen: 24
23.252.71.0/24 maxlen: 24
23.252.75.0/24 maxlen: 24
23.252.76.0/24 maxlen: 24
23.252.79.0/24 maxlen: 24
31.222.234.0/24 maxlen: 24
37.72.142.0/24 maxlen: 24
62.3.11.0/24 maxlen: 24
62.106.90.0/24 maxlen: 24
62.233.61.0/24 maxlen: 24
80.71.144.0/24 maxlen: 24
91.92.112.0/23 maxlen: 23
91.246.50.0/24 maxlen: 24
107.150.162.0/23 maxlen: 23
107.150.171.0/24 maxlen: 24
107.150.175.0/24 maxlen: 24
107.150.177.0/24 maxlen: 24
146.19.4.0/24 maxlen: 24
146.19.199.0/24 maxlen: 24
146.19.203.0/24 maxlen: 24
162.222.88.0/23 maxlen: 23
162.222.90.0/24 maxlen: 24
167.160.11.0/24 maxlen: 24
167.160.27.0/24 maxlen: 24
176.97.217.0/24 maxlen: 24
176.126.101.0/24 maxlen: 24
185.4.224.0/23 maxlen: 23
185.165.47.0/24 maxlen: 24
185.234.12.0/24 maxlen: 24
185.252.210.0/24 maxlen: 24
188.244.119.0/24 maxlen: 24
193.9.48.0/24 maxlen: 24
193.162.132.0/24 maxlen: 24
193.162.133.0/24 maxlen: 24
194.26.230.0/24 maxlen: 24
194.26.231.0/24 maxlen: 24
194.99.158.0/24 maxlen: 24
195.96.130.0/24 maxlen: 24
195.96.131.0/24 maxlen: 24
212.52.14.0/24 maxlen: 24
212.52.28.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/dc7030-78cc-4800-888d-1427dd16efa4/1/LjaLCuxsf9SNDZa0B3oj-Qaoakg.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/dc7030-78cc-4800-888d-1427dd16efa4/1/LjaLCuxsf9SNDZa0B3oj-Qaoakg.mft
rsync://rpki.ripe.net/repository/DEFAULT/LjaLCuxsf9SNDZa0B3oj-Qaoakg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9a:63:1f:b2:1d:fd:29:ea:2d:8f:74:69:00:c6:67:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e368b0aec6c7fd48d0d96b4077a23f906a86a48
Validity
Not Before: Apr 17 07:41:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e1550c07878dab10a1e9000996a7c53fde850733
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:9c:e7:0e:e6:2c:88:39:58:b3:cb:30:a2:78:
37:96:25:0d:07:5d:e1:99:49:80:50:6a:a3:ae:1a:
91:31:8f:f5:c9:a8:41:38:a0:cf:eb:96:53:2b:72:
7a:0c:77:ce:8e:af:38:e2:75:92:96:97:9a:fd:1d:
dc:18:f3:7c:af:81:2a:94:50:fc:18:8a:52:f0:ce:
03:38:d0:50:0b:28:3a:c3:77:3b:7f:c0:e5:9e:b3:
9c:7c:00:5a:66:1e:d7:e8:21:0c:a8:9e:2d:79:fc:
cb:e0:2c:95:f8:20:2a:b9:63:97:76:21:24:24:78:
0c:f2:c3:de:9c:73:09:83:ad:6d:7b:dc:52:5c:0e:
8f:68:86:ee:aa:74:b7:75:a5:03:24:34:ea:8b:87:
22:16:8e:95:bc:93:56:4d:83:aa:b6:85:ee:d6:cb:
b5:54:3e:1f:b0:d1:d6:4b:09:db:7e:e0:73:50:fa:
92:e1:b9:62:b6:2e:77:2f:d1:7e:83:a6:cc:1b:0d:
47:c8:24:a8:af:63:91:f3:d7:ee:52:63:c3:3f:f3:
0a:fa:fb:2e:77:3f:b5:b8:44:30:15:db:20:c6:1a:
8b:8b:ea:c1:fe:3e:63:c7:cc:46:a6:50:27:82:7c:
ef:05:b3:09:11:3a:f3:cb:b8:b6:32:93:72:26:bf:
27:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:55:0C:07:87:8D:AB:10:A1:E9:00:09:96:A7:C5:3F:DE:85:07:33
X509v3 Authority Key Identifier:
keyid:2E:36:8B:0A:EC:6C:7F:D4:8D:0D:96:B4:07:7A:23:F9:06:A8:6A:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LjaLCuxsf9SNDZa0B3oj-Qaoakg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/dc7030-78cc-4800-888d-1427dd16efa4/1/4VUMB4eNqxCh6QAJlqfFP96FBzM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/dc7030-78cc-4800-888d-1427dd16efa4/1/LjaLCuxsf9SNDZa0B3oj-Qaoakg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.255.57.0/24
5.255.61.0-5.255.63.255
23.252.66.0-23.252.68.255
23.252.71.0/24
23.252.75.0-23.252.76.255
23.252.79.0/24
31.222.234.0/24
37.72.142.0/24
62.3.11.0/24
62.106.90.0/24
62.233.61.0/24
80.71.144.0/24
91.92.112.0/23
91.246.50.0/24
107.150.162.0/23
107.150.171.0/24
107.150.175.0/24
107.150.177.0/24
146.19.4.0/24
146.19.199.0/24
146.19.203.0/24
162.222.88.0-162.222.90.255
167.160.11.0/24
167.160.27.0/24
176.97.217.0/24
176.126.101.0/24
185.4.224.0/23
185.165.47.0/24
185.234.12.0/24
185.252.210.0/24
188.244.119.0/24
193.9.48.0/24
193.162.132.0/23
194.26.230.0/23
194.99.158.0/24
195.96.130.0/23
212.52.14.0/24
212.52.28.0/24
Signature Algorithm: sha256WithRSAEncryption
81:7e:86:2d:6c:6a:b2:93:5e:7c:26:07:1e:84:e9:45:dd:9e:
53:0a:b3:d7:85:fd:7c:68:e6:d5:f9:3d:c7:5c:d1:e0:db:c8:
94:7e:95:ba:45:9d:13:79:fa:33:0b:f4:21:61:f9:fb:a7:9b:
32:61:aa:fd:3b:1a:3a:21:c4:b5:bf:c0:75:8e:68:00:05:00:
a6:e1:8d:d2:67:76:61:2c:4c:19:4a:d1:e3:04:9d:3b:a1:db:
07:c0:e7:95:23:d9:de:b0:92:db:68:8c:1f:02:29:34:87:10:
63:c4:3a:9f:71:4b:d0:8e:ac:a5:da:c6:64:6a:8e:c3:21:b0:
f4:fa:21:39:a5:18:c8:6b:eb:bc:57:18:0a:e2:20:c0:2c:ba:
fd:d8:b8:6a:98:eb:f4:ee:16:a9:3b:16:d2:99:77:bf:3f:1c:
1e:cf:49:7e:5c:d5:3d:9a:54:70:89:aa:20:c0:e2:da:6c:74:
55:ec:42:e5:ad:29:9d:66:f9:e5:0d:55:ab:45:df:ee:24:b0:
f2:be:4e:ef:97:95:f2:09:58:b6:e6:c0:05:4e:a6:07:a7:15:
45:fa:6d:ff:ab:06:dc:9b:90:e3:85:03:70:7a:5d:f1:40:5e:
d4:65:86:4c:73:f6:87:69:20:5c:52:97:4d:ba:b4:89:a0:b5:
68:29:3d:88
-----BEGIN CERTIFICATE-----
MIIGBTCCBO2gAwIBAgISAZ2aYx+yHf0p6i2PdGkAxmfAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlMzY4YjBhZWM2YzdmZDQ4ZDBkOTZiNDA3N2EyM2Y5MDZh
ODZhNDgwHhcNMjYwNDE3MDc0MTIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTU1MGMwNzg3OGRhYjEwYTFlOTAwMDk5NmE3YzUzZmRlODUwNzMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4JznDuYsiDlYs8swong3liUNB13h
mUmAUGqjrhqRMY/1yahBOKDP65ZTK3J6DHfOjq844nWSlpea/R3cGPN8r4EqlFD8
GIpS8M4DONBQCyg6w3c7f8DlnrOcfABaZh7X6CEMqJ4tefzL4CyV+CAquWOXdiEk
JHgM8sPenHMJg61te9xSXA6PaIbuqnS3daUDJDTqi4ciFo6VvJNWTYOqtoXu1su1
VD4fsNHWSwnbfuBzUPqS4bliti53L9F+g6bMGw1HyCSor2OR89fuUmPDP/MK+vsu
dz+1uEQwFdsgxhqLi+rB/j5jx8xGplAngnzvBbMJETrzy7i2MpNyJr8nAQIDAQAB
o4IDETCCAw0wHQYDVR0OBBYEFOFVDAeHjasQoekACZanxT/ehQczMB8GA1UdIwQY
MBaAFC42iwrsbH/UjQ2WtAd6I/kGqGpIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGphTEN1eHNmOVNORFphMEIzb2otUWFvYWtnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9kYzcwMzAtNzhjYy00ODAwLTg4OGQt
MTQyN2RkMTZlZmE0LzEvNFZVTUI0ZU5xeENoNlFBSmxxZkZQOTZGQnpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9kYzcwMzAtNzhjYy00ODAwLTg4OGQtMTQyN2RkMTZlZmE0
LzEvTGphTEN1eHNmOVNORFphMEIzb2otUWFvYWtnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBJQYIKwYBBQUHAQcBAf8EggEUMIIBEDCCAQwEAgABMIIB
BAMEAAX/OTAMAwQABf89AwQGBf8AMAwDBAEX/EIDBAAX/EQDBAAX/EcwDAMEABf8
SwMEABf8TAMEABf8TwMEAB/e6gMEACVIjgMEAD4DCwMEAD5qWgMEAD7pPQMEAFBH
kAMEAVtccAMEAFv2MgMEAWuWogMEAGuWqwMEAGuWrwMEAGuWsQMEAJITBAMEAJIT
xwMEAJITyzAMAwQDot5YAwQAot5aAwQAp6ALAwQAp6AbAwQAsGHZAwQAsH5lAwQB
uQTgAwQAuaUvAwQAueoMAwQAufzSAwQAvPR3AwQAwQkwAwQBwaKEAwQBwhrmAwQA
wmOeAwQBw2CCAwQA1DQOAwQA1DQcMA0GCSqGSIb3DQEBCwUAA4IBAQCBfoYtbGqy
k158JgcehOlF3Z5TCrPXhf18aObV+T3HXNHg28iUfpW6RZ0TefozC/QhYfn7p5sy
Yar9Oxo6IcS1v8B1jmgABQCm4Y3SZ3ZhLEwZStHjBJ07odsHwOeVI9nesJLbaIwf
Aik0hxBjxDqfcUvQjqyl2sZkao7DIbD0+iE5pRjIa+u8VxgK4iDALLr92LhqmOv0
7hapOxbSmXe/Pxwez0l+XNU9mlRwiaogwOLabHRV7ELlrSmdZvnlDVWrRd/uJLDy
vk7vl5XyCVi25sAFTqYHpxVF+m3/qwbcm5DjhQNwel3xQF7UZYZMc/aHaSBcUpdN
urSJoLVoKT2I
-----END CERTIFICATE-----
Generated at Fri Apr 17 15:07:24 2026 by rpki-client