Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/1babfc-79e6-45df-8c40-72568f06fe10/1/auEpgiPIX3h008e7_hstjhVeKb8.roa
File: auEpgiPIX3h008e7_hstjhVeKb8.roa (raw, json)
Hash identifier: AEMD5xTfuBQMPnNdbcNGPYKM0fV1Wstpq65O+O7gGKc=
Subject key identifier: 6A:E1:29:82:23:C8:5F:78:74:D3:C7:BB:FE:1B:2D:8E:15:5E:29:BF
Certificate issuer: /CN=212be0ea71cf437e08efdf3fe798eaf984131c46
Certificate serial: 019C4B9C7D7FC730735EB98CBEFD1DF2A401
Authority key identifier: 21:2B:E0:EA:71:CF:43:7E:08:EF:DF:3F:E7:98:EA:F9:84:13:1C:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ISvg6nHPQ34I798_55jq-YQTHEY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/1babfc-79e6-45df-8c40-72568f06fe10/1/auEpgiPIX3h008e7_hstjhVeKb8.roa
Signing time: Wed 11 Feb 2026 07:31:12 +0000
ROA not before: Wed 11 Feb 2026 07:31:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 9063
IP address blocks: 31.220.32.0/22 maxlen: 22
37.230.0.0/19 maxlen: 19
91.184.160.0/19 maxlen: 19
93.186.0.0/20 maxlen: 20
109.75.80.0/20 maxlen: 20
147.93.216.0/21 maxlen: 21
169.40.16.0/20 maxlen: 20
176.126.64.0/23 maxlen: 23
176.126.68.0/23 maxlen: 23
176.126.71.0/24 maxlen: 24
176.126.72.0/23 maxlen: 23
176.126.75.0/24 maxlen: 24
176.126.76.0/24 maxlen: 24
176.126.79.0/24 maxlen: 24
176.126.80.0/23 maxlen: 23
176.126.82.0/24 maxlen: 24
185.35.109.0/24 maxlen: 24
185.35.110.0/23 maxlen: 23
185.161.200.0/23 maxlen: 23
185.166.189.0/24 maxlen: 24
185.166.190.0/23 maxlen: 23
185.168.8.0/24 maxlen: 24
185.168.11.0/24 maxlen: 24
185.186.144.0/23 maxlen: 23
185.194.151.0/24 maxlen: 24
185.203.123.0/24 maxlen: 24
185.222.139.0/24 maxlen: 24
185.231.252.0/22 maxlen: 22
194.35.184.0/23 maxlen: 23
194.35.188.0/23 maxlen: 23
212.82.48.0/20 maxlen: 20
212.88.128.0/19 maxlen: 19
217.24.224.0/20 maxlen: 20
2a02:5a0::/29 maxlen: 29
2a02:5a0::/32 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/1babfc-79e6-45df-8c40-72568f06fe10/1/ISvg6nHPQ34I798_55jq-YQTHEY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/1babfc-79e6-45df-8c40-72568f06fe10/1/ISvg6nHPQ34I798_55jq-YQTHEY.mft
rsync://rpki.ripe.net/repository/DEFAULT/ISvg6nHPQ34I798_55jq-YQTHEY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 10:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:4b:9c:7d:7f:c7:30:73:5e:b9:8c:be:fd:1d:f2:a4:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=212be0ea71cf437e08efdf3fe798eaf984131c46
Validity
Not Before: Feb 11 07:31:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6ae1298223c85f7874d3c7bbfe1b2d8e155e29bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:ac:73:9f:a9:99:2c:be:4c:3b:44:37:3a:98:
a1:fc:c4:db:20:e1:e3:16:d8:76:f6:05:d0:94:65:
c5:5c:08:b7:54:bb:03:58:3c:60:64:3c:18:fd:ce:
10:29:86:2f:f4:94:02:54:21:98:94:c4:86:40:47:
d1:52:f7:d9:af:9d:37:22:9d:c1:49:89:c0:88:fa:
56:f2:bb:9f:14:15:d5:73:71:c6:2f:3d:60:cf:30:
e1:04:0a:cd:0d:d1:19:9b:d6:95:22:1f:0a:2d:23:
28:e7:f8:54:c1:68:46:0c:21:27:d0:ba:02:4f:50:
c9:6e:36:70:24:3d:76:a5:6f:60:66:d4:a8:a7:33:
80:95:42:d2:68:b7:ad:bc:dd:60:ac:72:a4:9e:2d:
8a:09:b8:8e:ed:62:8b:42:7b:2d:ed:3f:98:4f:ad:
06:31:b4:07:42:2f:39:3b:97:12:3c:d5:ca:a3:73:
00:a3:27:93:62:29:91:60:82:a9:64:84:d4:27:62:
f3:29:eb:5a:82:56:c3:0e:08:80:62:2a:0d:f8:9f:
e2:be:63:f9:e6:d5:04:0e:e9:10:45:1d:ad:d6:93:
ee:e6:e4:fc:de:ad:87:0b:50:bc:5b:c3:57:b1:f6:
a1:59:3d:cd:7c:60:7e:d8:b1:98:0a:e9:08:bb:cd:
be:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:E1:29:82:23:C8:5F:78:74:D3:C7:BB:FE:1B:2D:8E:15:5E:29:BF
X509v3 Authority Key Identifier:
keyid:21:2B:E0:EA:71:CF:43:7E:08:EF:DF:3F:E7:98:EA:F9:84:13:1C:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ISvg6nHPQ34I798_55jq-YQTHEY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/1babfc-79e6-45df-8c40-72568f06fe10/1/auEpgiPIX3h008e7_hstjhVeKb8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/1babfc-79e6-45df-8c40-72568f06fe10/1/ISvg6nHPQ34I798_55jq-YQTHEY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.220.32.0/22
37.230.0.0/19
91.184.160.0/19
93.186.0.0/20
109.75.80.0/20
147.93.216.0/21
169.40.16.0/20
176.126.64.0/23
176.126.68.0/23
176.126.71.0-176.126.73.255
176.126.75.0-176.126.76.255
176.126.79.0-176.126.82.255
185.35.109.0-185.35.111.255
185.161.200.0/23
185.166.189.0-185.166.191.255
185.168.8.0/24
185.168.11.0/24
185.186.144.0/23
185.194.151.0/24
185.203.123.0/24
185.222.139.0/24
185.231.252.0/22
194.35.184.0/23
194.35.188.0/23
212.82.48.0/20
212.88.128.0/19
217.24.224.0/20
IPv6:
2a02:5a0::/29
Signature Algorithm: sha256WithRSAEncryption
17:91:75:8b:75:e1:a4:58:c3:bb:96:9e:c1:b6:b8:ce:8a:a5:
5b:ea:cc:48:05:e2:27:a8:55:ff:f0:d3:64:6d:72:6b:c3:69:
15:21:c8:0f:ff:c6:2c:96:c7:25:54:a1:7d:d8:c6:fd:1c:47:
98:37:0c:5e:29:64:16:8b:d0:14:dc:42:93:3f:43:b3:a2:68:
85:df:0a:b7:50:67:dc:12:82:39:98:c1:bd:39:94:15:d7:3c:
f7:f9:cb:c9:3b:97:9d:7a:6f:d4:a0:73:98:86:7b:c0:fc:e9:
11:0b:6d:f9:99:2e:f3:cb:ab:4a:d0:ba:22:7d:5d:c0:f8:6e:
9c:66:e8:05:ce:3a:d0:58:b7:f9:af:ad:85:36:b5:65:d4:85:
03:2d:0f:04:47:be:e0:6a:d1:68:79:05:9d:0a:d2:58:a6:67:
17:90:c6:2c:57:ec:0e:95:09:45:6e:3f:0e:cf:dd:99:51:8e:
9f:00:12:bf:e9:6c:87:f5:59:75:14:e9:ec:b4:41:1b:be:a7:
a8:b5:b5:4f:e6:c4:de:79:92:e8:f7:a7:43:87:7d:53:45:30:
0d:af:68:70:4f:4c:4f:8c:f7:b0:0a:7e:22:9c:66:a6:aa:5a:
d9:ac:87:96:c9:2a:49:5d:b2:b2:1f:f8:0e:40:6c:a6:b2:c1:
4d:39:d9:cb
-----BEGIN CERTIFICATE-----
MIIF1TCCBL2gAwIBAgISAZxLnH1/xzBzXrmMvv0d8qQBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMmJlMGVhNzFjZjQzN2UwOGVmZGYzZmU3OThlYWY5ODQx
MzFjNDYwHhcNMjYwMjExMDczMTEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWUxMjk4MjIzYzg1Zjc4NzRkM2M3YmJmZTFiMmQ4ZTE1NWUyOWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk6xzn6mZLL5MO0Q3Opih/MTbIOHj
Fth29gXQlGXFXAi3VLsDWDxgZDwY/c4QKYYv9JQCVCGYlMSGQEfRUvfZr503Ip3B
SYnAiPpW8rufFBXVc3HGLz1gzzDhBArNDdEZm9aVIh8KLSMo5/hUwWhGDCEn0LoC
T1DJbjZwJD12pW9gZtSopzOAlULSaLetvN1grHKkni2KCbiO7WKLQnst7T+YT60G
MbQHQi85O5cSPNXKo3MAoyeTYimRYIKpZITUJ2LzKetaglbDDgiAYioN+J/ivmP5
5tUEDukQRR2t1pPu5uT83q2HC1C8W8NXsfahWT3NfGB+2LGYCukIu82+JwIDAQAB
o4IC4TCCAt0wHQYDVR0OBBYEFGrhKYIjyF94dNPHu/4bLY4VXim/MB8GA1UdIwQY
MBaAFCEr4Opxz0N+CO/fP+eY6vmEExxGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVN2ZzZuSFBRMzRJNzk4XzU1anEtWVFUSEVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8xYmFiZmMtNzllNi00NWRmLThjNDAt
NzI1NjhmMDZmZTEwLzEvYXVFcGdpUElYM2gwMDhlN19oc3RqaFZlS2I4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8xYmFiZmMtNzllNi00NWRmLThjNDAtNzI1NjhmMDZmZTEw
LzEvSVN2ZzZuSFBRMzRJNzk4XzU1anEtWVFUSEVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH2BggrBgEFBQcBBwEB/wSB5jCB4zCB0QQCAAEwgcoDBAIf
3CADBAUl5gADBAVbuKADBARdugADBARtS1ADBAOTXdgDBASpKBADBAGwfkADBAGw
fkQwDAMEALB+RwMEAbB+SDAMAwQAsH5LAwQAsH5MMAwDBACwfk8DBACwflIwDAME
ALkjbQMEBLkjYAMEAbmhyDAMAwQAuaa9AwQGuaaAAwQAuagIAwQAuagLAwQBubqQ
AwQAucKXAwQAuct7AwQAud6LAwQCuef8AwQBwiO4AwQBwiO8AwQE1FIwAwQF1FiA
AwQE2RjgMA0EAgACMAcDBQMqAgWgMA0GCSqGSIb3DQEBCwUAA4IBAQAXkXWLdeGk
WMO7lp7BtrjOiqVb6sxIBeInqFX/8NNkbXJrw2kVIcgP/8YslsclVKF92Mb9HEeY
NwxeKWQWi9AU3EKTP0OzomiF3wq3UGfcEoI5mMG9OZQV1zz3+cvJO5edem/UoHOY
hnvA/OkRC235mS7zy6tK0LoifV3A+G6cZugFzjrQWLf5r62FNrVl1IUDLQ8ER77g
atFoeQWdCtJYpmcXkMYsV+wOlQlFbj8Oz92ZUY6fABK/6WyH9Vl1FOnstEEbvqeo
tbVP5sTeeZLo96dDh31TRTANr2hwT0xPjPewCn4inGamqlrZrIeWySpJXbKyH/gO
QGymssFNOdnL
-----END CERTIFICATE-----
Generated at Mon Mar 2 19:21:45 2026 by rpki-client