Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/NAbtLA5jwad0igEO1tIb0mz4PCI.roa
File: NAbtLA5jwad0igEO1tIb0mz4PCI.roa (raw, json)
Hash identifier: u3KlDFQPcuHgV+Z5lSXOh8N+/wFpSNZpgTa7rn0TEJs=
Subject key identifier: 34:06:ED:2C:0E:63:C1:A7:74:8A:01:0E:D6:D2:1B:D2:6C:F8:3C:22
Certificate issuer: /CN=f4b769a53dd86352d3440f222bdf907cf09c2dba
Certificate serial: 019D8C926F345ECF18EC6B9C2582C0CBBFBB
Authority key identifier: F4:B7:69:A5:3D:D8:63:52:D3:44:0F:22:2B:DF:90:7C:F0:9C:2D:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9LdppT3YY1LTRA8iK9-QfPCcLbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/NAbtLA5jwad0igEO1tIb0mz4PCI.roa
Signing time: Tue 14 Apr 2026 15:18:20 +0000
ROA not before: Tue 14 Apr 2026 15:18:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 50436
IP address blocks: 5.28.64.0/18 maxlen: 19
5.28.64.0/19 maxlen: 19
5.28.96.0/19 maxlen: 19
37.120.0.0/17 maxlen: 18
77.64.128.0/17 maxlen: 24
77.64.172.0/24 maxlen: 24
77.64.176.0/23 maxlen: 23
77.64.183.0/24 maxlen: 24
77.64.220.0/23 maxlen: 24
82.119.0.0/19 maxlen: 22
83.221.64.0/19 maxlen: 24
92.206.0.0/16 maxlen: 24
92.206.8.0/21 maxlen: 24
92.206.22.0/23 maxlen: 24
92.206.32.0/20 maxlen: 24
92.206.48.0/20 maxlen: 24
92.206.76.0/22 maxlen: 24
92.206.208.0/24 maxlen: 24
92.206.209.0/24 maxlen: 24
92.206.250.0/23 maxlen: 23
92.206.254.0/23 maxlen: 24
94.139.0.0/19 maxlen: 20
94.139.28.0/23 maxlen: 23
217.68.167.0/24 maxlen: 24
2a02:2455:8000::/36 maxlen: 36
2a02:2455:9000::/36 maxlen: 40
2a02:2455:a000::/36 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/9LdppT3YY1LTRA8iK9-QfPCcLbo.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/9LdppT3YY1LTRA8iK9-QfPCcLbo.mft
rsync://rpki.ripe.net/repository/DEFAULT/9LdppT3YY1LTRA8iK9-QfPCcLbo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 02:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:8c:92:6f:34:5e:cf:18:ec:6b:9c:25:82:c0:cb:bf:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4b769a53dd86352d3440f222bdf907cf09c2dba
Validity
Not Before: Apr 14 15:18:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3406ed2c0e63c1a7748a010ed6d21bd26cf83c22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:bb:f6:27:04:97:dd:62:f5:17:10:34:4b:dd:
c6:9d:90:66:51:ff:d5:76:08:8f:53:60:06:bb:72:
a9:10:cd:0b:4e:b7:7b:2c:3a:ca:74:f7:ce:98:ac:
6c:d4:3d:04:99:18:cd:ec:30:a8:6d:d8:b6:22:6a:
39:40:d7:9d:b2:86:68:d2:cc:b9:b7:23:58:17:cb:
f9:bf:73:0f:a4:0e:00:8e:52:1a:30:bf:0e:f6:d3:
9d:ed:fc:71:8b:76:76:df:c4:7a:09:30:1a:2e:5e:
9a:93:82:4a:1d:eb:9e:3a:2a:09:b5:7c:80:e2:51:
68:5b:97:a3:36:72:d6:54:9e:a7:1d:ef:08:25:be:
57:5c:b5:9e:1b:47:f9:06:1a:52:8c:d5:eb:25:ff:
e7:24:b2:61:c4:eb:9d:0c:c2:c9:2d:59:a9:32:82:
1c:81:94:d9:c3:27:22:df:c1:e2:b3:5e:c5:e6:3e:
ec:33:2f:96:e6:25:62:d0:e6:40:02:73:a2:5b:2b:
ea:ec:c2:e7:87:42:d8:41:d0:89:dd:bc:3e:20:46:
ae:f3:03:f9:3c:c2:14:78:12:fa:85:3a:fe:fa:1b:
1e:23:35:cd:a7:a5:44:dc:e6:64:b8:b8:4f:c5:cc:
ac:f4:29:08:a8:8b:c0:14:04:b8:40:b6:df:b6:f5:
47:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:06:ED:2C:0E:63:C1:A7:74:8A:01:0E:D6:D2:1B:D2:6C:F8:3C:22
X509v3 Authority Key Identifier:
keyid:F4:B7:69:A5:3D:D8:63:52:D3:44:0F:22:2B:DF:90:7C:F0:9C:2D:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9LdppT3YY1LTRA8iK9-QfPCcLbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/NAbtLA5jwad0igEO1tIb0mz4PCI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/9LdppT3YY1LTRA8iK9-QfPCcLbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.28.64.0/18
37.120.0.0/17
77.64.128.0/17
82.119.0.0/19
83.221.64.0/19
92.206.0.0/16
94.139.0.0/19
217.68.167.0/24
IPv6:
2a02:2455:8000::-2a02:2455:afff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
2c:ac:f6:50:04:d6:52:41:d6:a2:79:5f:c2:71:d9:58:4b:90:
cb:89:72:62:2d:2b:a7:24:23:1a:16:4d:f7:c4:fd:25:1c:7d:
65:c5:b4:24:b0:e3:5a:44:1d:ee:d5:e1:02:fe:da:46:1c:15:
ea:40:d3:07:8a:eb:6c:3d:bd:fc:0d:01:41:47:af:77:42:69:
31:fa:c5:aa:e1:05:6e:d5:e3:40:f7:3d:56:f2:51:66:d1:35:
a4:9e:50:5a:1a:be:7d:37:0f:e7:02:05:1d:9b:0b:00:8b:49:
77:84:d9:e6:da:e3:9b:b7:8c:10:d8:74:e4:0c:36:d8:33:8e:
98:16:c3:a1:1a:ab:35:0e:b8:ac:c9:c2:6e:6d:e0:fc:4b:8e:
bc:0b:16:c4:58:30:99:34:d2:e2:dd:34:9c:dd:23:64:2d:e5:
77:a2:28:0f:16:5f:2a:cd:6a:05:53:8e:8d:03:4d:4a:6b:eb:
7a:03:bc:a3:aa:b8:86:ed:f1:02:8f:9c:81:43:61:5e:ad:99:
53:df:0f:e7:64:89:73:3d:82:b1:91:2c:8e:4c:ef:cc:41:a5:
c0:c7:13:51:88:12:01:41:08:d8:9f:11:5a:d3:34:f9:1c:89:
7b:2d:7c:98:eb:c4:61:09:62:39:b9:9f:bd:88:41:ea:96:75:
c8:82:18:54
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgISAZ2Mkm80Xs8Y7GucJYLAy7+7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0Yjc2OWE1M2RkODYzNTJkMzQ0MGYyMjJiZGY5MDdjZjA5
YzJkYmEwHhcNMjYwNDE0MTUxODIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDA2ZWQyYzBlNjNjMWE3NzQ4YTAxMGVkNmQyMWJkMjZjZjgzYzIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Lv2JwSX3WL1FxA0S93GnZBmUf/V
dgiPU2AGu3KpEM0LTrd7LDrKdPfOmKxs1D0EmRjN7DCobdi2Imo5QNedsoZo0sy5
tyNYF8v5v3MPpA4AjlIaML8O9tOd7fxxi3Z238R6CTAaLl6ak4JKHeueOioJtXyA
4lFoW5ejNnLWVJ6nHe8IJb5XXLWeG0f5BhpSjNXrJf/nJLJhxOudDMLJLVmpMoIc
gZTZwyci38His17F5j7sMy+W5iVi0OZAAnOiWyvq7MLnh0LYQdCJ3bw+IEau8wP5
PMIUeBL6hTr++hseIzXNp6VE3OZkuLhPxcys9CkIqIvAFAS4QLbftvVH+wIDAQAB
o4ICTDCCAkgwHQYDVR0OBBYEFDQG7SwOY8GndIoBDtbSG9Js+DwiMB8GA1UdIwQY
MBaAFPS3aaU92GNS00QPIivfkHzwnC26MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUxkcHBUM1lZMUxUUkE4aUs5LVFmUENjTGJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83MGQ1MGYtZmYzYy00ZjYzLThkZWMt
ZDdjMzZjMjdjMDg3LzEvTkFidExBNWp3YWQwaWdFTzF0SWIwbXo0UENJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83MGQ1MGYtZmYzYy00ZjYzLThkZWMtZDdjMzZjMjdjMDg3
LzEvOUxkcHBUM1lZMUxUUkE4aUs5LVFmUENjTGJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGIGCCsGAQUFBwEHAQH/BFMwUTA1BAIAATAvAwQGBRxAAwQH
JXgAAwQHTUCAAwQFUncAAwQFU91AAwMAXM4DBAVeiwADBADZRKcwGAQCAAIwEjAQ
AwYHKgIkVYADBgQqAiRVoDANBgkqhkiG9w0BAQsFAAOCAQEALKz2UATWUkHWonlf
wnHZWEuQy4lyYi0rpyQjGhZN98T9JRx9ZcW0JLDjWkQd7tXhAv7aRhwV6kDTB4rr
bD29/A0BQUevd0JpMfrFquEFbtXjQPc9VvJRZtE1pJ5QWhq+fTcP5wIFHZsLAItJ
d4TZ5trjm7eMENh05Aw22DOOmBbDoRqrNQ64rMnCbm3g/EuOvAsWxFgwmTTS4t00
nN0jZC3ld6IoDxZfKs1qBVOOjQNNSmvregO8o6q4hu3xAo+cgUNhXq2ZU98P52SJ
cz2CsZEsjkzvzEGlwMcTUYgSAUEI2J8RWtM0+RyJey18mOvEYQliObmfvYhB6pZ1
yIIYVA==
-----END CERTIFICATE-----
Generated at Sun Apr 19 09:44:34 2026 by rpki-client