Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/556ad5-2e6b-4d51-856c-61c9c29c275d/1/cMIpmVaSmjkgEM6IFI5WKYN89WQ.roa
File: cMIpmVaSmjkgEM6IFI5WKYN89WQ.roa (raw, json)
Hash identifier: ruFLC/rfmcoMZzJ83uWAZvYlhIaxbMj+KTOUTR4YafY=
Subject key identifier: 70:C2:29:99:56:92:9A:39:20:10:CE:88:14:8E:56:29:83:7C:F5:64
Certificate issuer: /CN=4866d4027de3c27e897d72adb2c86d87ab7e5ac2
Certificate serial: 019C8ED3204B497AEEDC130EAA096CEC5B7F
Authority key identifier: 48:66:D4:02:7D:E3:C2:7E:89:7D:72:AD:B2:C8:6D:87:AB:7E:5A:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SGbUAn3jwn6JfXKtsshth6t-WsI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/556ad5-2e6b-4d51-856c-61c9c29c275d/1/cMIpmVaSmjkgEM6IFI5WKYN89WQ.roa
Signing time: Tue 24 Feb 2026 08:45:26 +0000
ROA not before: Tue 24 Feb 2026 08:45:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 208808
IP address blocks: 31.13.210.0/24 maxlen: 24
45.140.196.0/22 maxlen: 22
78.138.18.0/23 maxlen: 23
78.138.26.0/23 maxlen: 23
78.138.28.0/23 maxlen: 23
78.138.42.0/23 maxlen: 23
85.137.196.0/22 maxlen: 22
87.120.80.0/23 maxlen: 23
87.120.203.0/24 maxlen: 24
89.36.232.0/22 maxlen: 22
89.46.132.0/22 maxlen: 22
92.243.68.0/24 maxlen: 24
92.243.71.0/24 maxlen: 24
92.243.86.0/23 maxlen: 23
92.243.90.0/23 maxlen: 23
92.243.94.0/23 maxlen: 23
93.114.92.0/22 maxlen: 22
93.115.48.0/22 maxlen: 22
94.156.26.0/23 maxlen: 23
103.43.40.0/22 maxlen: 22
103.104.108.0/22 maxlen: 22
103.208.72.0/22 maxlen: 22
160.202.156.0/22 maxlen: 22
185.201.76.0/22 maxlen: 22
212.73.152.0/24 maxlen: 24
212.73.153.0/24 maxlen: 24
213.255.210.0/23 maxlen: 23
213.255.216.0/23 maxlen: 23
213.255.224.0/23 maxlen: 23
213.255.244.0/23 maxlen: 23
2a0a:bd40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/96/556ad5-2e6b-4d51-856c-61c9c29c275d/1/SGbUAn3jwn6JfXKtsshth6t-WsI.crl
rsync://rpki.ripe.net/repository/DEFAULT/96/556ad5-2e6b-4d51-856c-61c9c29c275d/1/SGbUAn3jwn6JfXKtsshth6t-WsI.mft
rsync://rpki.ripe.net/repository/DEFAULT/SGbUAn3jwn6JfXKtsshth6t-WsI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:8e:d3:20:4b:49:7a:ee:dc:13:0e:aa:09:6c:ec:5b:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4866d4027de3c27e897d72adb2c86d87ab7e5ac2
Validity
Not Before: Feb 24 08:45:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=70c2299956929a392010ce88148e5629837cf564
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:c3:e2:eb:a1:d1:9b:ef:e5:26:32:0b:b9:11:
08:79:c9:ba:4c:a0:f6:77:44:49:c2:ea:9e:6e:5f:
ec:a3:9b:90:bb:dc:0f:60:a9:c8:e6:3c:97:ca:f9:
e6:1a:0b:52:81:e5:f8:7a:48:f4:00:00:24:ef:f2:
c2:58:6e:ac:d8:ca:61:0e:d9:ce:94:3f:9e:23:88:
eb:6d:6b:da:8d:7f:d6:e3:a9:40:75:dc:fe:46:48:
8e:99:05:b5:43:38:c8:24:6b:ae:7f:8a:6f:78:f4:
8d:8a:ca:70:19:19:d1:7f:4f:b3:93:24:96:a8:9b:
bc:de:5d:9b:d7:0b:0b:67:6a:cb:9d:4b:4f:a3:09:
fc:93:40:e8:15:2a:4b:b2:7f:d1:88:b6:7e:9d:fc:
f0:ec:d4:ca:4a:97:21:a5:b0:d5:83:4d:a2:ee:00:
53:16:24:86:75:fc:8f:e5:ab:47:81:df:2c:e9:32:
ae:fe:3d:7a:1b:f6:0a:72:cb:bb:7c:60:7e:cd:ea:
3e:96:da:6e:6e:74:b5:a9:42:85:8c:d2:1e:a7:1c:
78:c8:63:c5:50:de:5e:5d:3e:34:82:74:72:54:b5:
87:95:05:9f:32:77:e6:f6:42:6f:e3:7b:47:56:76:
ae:78:72:75:dd:55:c6:07:b0:48:69:a3:55:9a:2f:
8f:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:C2:29:99:56:92:9A:39:20:10:CE:88:14:8E:56:29:83:7C:F5:64
X509v3 Authority Key Identifier:
keyid:48:66:D4:02:7D:E3:C2:7E:89:7D:72:AD:B2:C8:6D:87:AB:7E:5A:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SGbUAn3jwn6JfXKtsshth6t-WsI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/556ad5-2e6b-4d51-856c-61c9c29c275d/1/cMIpmVaSmjkgEM6IFI5WKYN89WQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/556ad5-2e6b-4d51-856c-61c9c29c275d/1/SGbUAn3jwn6JfXKtsshth6t-WsI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.210.0/24
45.140.196.0/22
78.138.18.0/23
78.138.26.0-78.138.29.255
78.138.42.0/23
85.137.196.0/22
87.120.80.0/23
87.120.203.0/24
89.36.232.0/22
89.46.132.0/22
92.243.68.0/24
92.243.71.0/24
92.243.86.0/23
92.243.90.0/23
92.243.94.0/23
93.114.92.0/22
93.115.48.0/22
94.156.26.0/23
103.43.40.0/22
103.104.108.0/22
103.208.72.0/22
160.202.156.0/22
185.201.76.0/22
212.73.152.0/23
213.255.210.0/23
213.255.216.0/23
213.255.224.0/23
213.255.244.0/23
IPv6:
2a0a:bd40::/29
Signature Algorithm: sha256WithRSAEncryption
1d:cf:d2:ad:87:b1:21:1d:85:e4:36:9f:16:ea:d2:3e:02:3c:
93:96:5c:e7:88:a8:77:a6:87:d5:d3:c2:3a:1e:21:07:5f:7a:
cc:c5:66:e9:de:40:2f:3e:49:8c:66:69:9e:e9:2e:43:63:7c:
01:db:27:a5:0f:b0:0e:0a:ed:41:71:9e:be:bd:74:ca:91:e6:
81:b4:17:91:09:e3:14:1c:68:7a:50:fc:0a:e4:37:a2:2a:3e:
00:76:48:8d:65:7e:dc:8d:69:c3:c6:b8:91:38:be:ac:c2:7c:
b7:d9:1f:17:dc:e4:c0:5b:73:ce:a6:9e:48:8f:c1:07:d5:95:
83:43:8e:37:ea:d1:91:8c:57:61:b5:bd:4c:c1:15:7e:9b:d8:
99:89:9d:26:fb:42:0c:bf:8d:f9:f1:9a:ad:ba:83:0f:16:3a:
b4:16:8d:db:30:e2:62:a7:7e:63:07:09:74:0a:a1:dd:e5:e2:
e4:a6:72:15:68:21:c6:0b:a9:53:bd:68:34:81:e0:e2:43:11:
0e:a0:a2:55:a0:0e:93:6e:69:d5:a0:0a:19:96:bf:3c:68:b3:
4c:d8:ee:8d:79:1a:fa:0a:e0:36:60:13:35:1d:2e:6a:9f:5b:
1a:5b:da:78:ae:5b:2d:87:08:af:cb:ee:60:bb:8c:c0:95:a3:
0b:0d:a9:e2
-----BEGIN CERTIFICATE-----
MIIFuzCCBKOgAwIBAgISAZyO0yBLSXru3BMOqgls7Ft/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4NjZkNDAyN2RlM2MyN2U4OTdkNzJhZGIyYzg2ZDg3YWI3
ZTVhYzIwHhcNMjYwMjI0MDg0NTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGMyMjk5OTU2OTI5YTM5MjAxMGNlODgxNDhlNTYyOTgzN2NmNTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA18Pi66HRm+/lJjILuREIecm6TKD2
d0RJwuqebl/so5uQu9wPYKnI5jyXyvnmGgtSgeX4ekj0AAAk7/LCWG6s2MphDtnO
lD+eI4jrbWvajX/W46lAddz+RkiOmQW1QzjIJGuuf4pvePSNispwGRnRf0+zkySW
qJu83l2b1wsLZ2rLnUtPown8k0DoFSpLsn/RiLZ+nfzw7NTKSpchpbDVg02i7gBT
FiSGdfyP5atHgd8s6TKu/j16G/YKcsu7fGB+zeo+ltpubnS1qUKFjNIepxx4yGPF
UN5eXT40gnRyVLWHlQWfMnfm9kJv43tHVnaueHJ13VXGB7BIaaNVmi+PDQIDAQAB
o4ICxzCCAsMwHQYDVR0OBBYEFHDCKZlWkpo5IBDOiBSOVimDfPVkMB8GA1UdIwQY
MBaAFEhm1AJ948J+iX1yrbLIbYerflrCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0diVUFuM2p3bjZKZlhLdHNzaHRoNnQtV3NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni81NTZhZDUtMmU2Yi00ZDUxLTg1NmMt
NjFjOWMyOWMyNzVkLzEvY01JcG1WYVNtamtnRU02SUZJNVdLWU44OVdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni81NTZhZDUtMmU2Yi00ZDUxLTg1NmMtNjFjOWMyOWMyNzVk
LzEvU0diVUFuM2p3bjZKZlhLdHNzaHRoNnQtV3NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHcBggrBgEFBQcBBwEB/wSBzDCByTCBtwQCAAEwgbADBAAf
DdIDBAItjMQDBAFOihIwDAMEAU6KGgMEAU6KHAMEAU6KKgMEAlWJxAMEAVd4UAME
AFd4ywMEAlkk6AMEAlkuhAMEAFzzRAMEAFzzRwMEAVzzVgMEAVzzWgMEAVzzXgME
Al1yXAMEAl1zMAMEAV6cGgMEAmcrKAMEAmdobAMEAmfQSAMEAqDKnAMEArnJTAME
AdRJmAMEAdX/0gMEAdX/2AMEAdX/4AMEAdX/9DANBAIAAjAHAwUDKgq9QDANBgkq
hkiG9w0BAQsFAAOCAQEAHc/SrYexIR2F5DafFurSPgI8k5Zc54iod6aH1dPCOh4h
B196zMVm6d5ALz5JjGZpnukuQ2N8AdsnpQ+wDgrtQXGevr10ypHmgbQXkQnjFBxo
elD8CuQ3oio+AHZIjWV+3I1pw8a4kTi+rMJ8t9kfF9zkwFtzzqaeSI/BB9WVg0OO
N+rRkYxXYbW9TMEVfpvYmYmdJvtCDL+N+fGarbqDDxY6tBaN2zDiYqd+YwcJdAqh
3eXi5KZyFWghxgupU71oNIHg4kMRDqCiVaAOk25p1aAKGZa/PGizTNjujXka+grg
NmATNR0uap9bGlvaeK5bLYcIr8vuYLuMwJWjCw2p4g==
-----END CERTIFICATE-----
Generated at Mon Mar 2 10:45:19 2026 by rpki-client