Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/EQOmQ7dDCZNjymG9j2xbbIgGtLg.roa
File: EQOmQ7dDCZNjymG9j2xbbIgGtLg.roa (raw, json)
Hash identifier: gPgkZPlDxqNc0bw9tuZ1u1Ol2rJVot6nbA8SVnoZzks=
Subject key identifier: 11:03:A6:43:B7:43:09:93:63:CA:61:BD:8F:6C:5B:6C:88:06:B4:B8
Certificate issuer: /CN=70e5b30272e43053208978dbe44bfee10a5d007e
Certificate serial: 019D973363CD84A99D7CF6E0EB147C863C24
Authority key identifier: 70:E5:B3:02:72:E4:30:53:20:89:78:DB:E4:4B:FE:E1:0A:5D:00:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/EQOmQ7dDCZNjymG9j2xbbIgGtLg.roa
Signing time: Thu 16 Apr 2026 16:50:20 +0000
ROA not before: Thu 16 Apr 2026 16:50:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 44051
IP address blocks: 2.58.64.0/24 maxlen: 24
2.58.65.0/24 maxlen: 24
2.58.66.0/24 maxlen: 24
2.58.67.0/24 maxlen: 24
5.187.0.0/24 maxlen: 24
5.187.1.0/24 maxlen: 24
5.187.2.0/24 maxlen: 24
5.187.3.0/24 maxlen: 24
5.187.4.0/24 maxlen: 24
5.187.5.0/24 maxlen: 24
5.187.6.0/24 maxlen: 24
5.187.7.0/24 maxlen: 24
31.172.68.0/24 maxlen: 24
31.172.70.0/24 maxlen: 24
31.172.71.0/24 maxlen: 24
31.172.72.0/24 maxlen: 24
31.172.73.0/24 maxlen: 24
31.172.75.0/24 maxlen: 24
31.172.77.0/24 maxlen: 24
79.132.136.0/24 maxlen: 24
79.132.138.0/24 maxlen: 24
79.132.140.0/24 maxlen: 24
79.132.142.0/24 maxlen: 24
79.132.143.0/24 maxlen: 24
89.127.192.0/24 maxlen: 24
89.127.194.0/24 maxlen: 24
89.127.200.0/24 maxlen: 24
91.228.152.0/22 maxlen: 22
91.228.152.0/24 maxlen: 24
91.228.153.0/24 maxlen: 24
91.228.154.0/24 maxlen: 24
91.228.155.0/24 maxlen: 24
103.75.124.0/24 maxlen: 24
103.75.127.0/24 maxlen: 24
103.228.168.0/24 maxlen: 24
103.228.169.0/24 maxlen: 24
103.228.170.0/24 maxlen: 24
103.228.171.0/24 maxlen: 24
162.248.160.0/24 maxlen: 24
162.248.164.0/24 maxlen: 24
162.248.165.0/24 maxlen: 24
162.248.166.0/24 maxlen: 24
162.248.167.0/24 maxlen: 24
185.21.8.0/24 maxlen: 24
185.44.206.0/24 maxlen: 24
185.44.207.0/24 maxlen: 24
194.154.24.0/24 maxlen: 24
194.154.30.0/24 maxlen: 24
195.26.237.0/24 maxlen: 24
212.2.234.0/24 maxlen: 24
212.2.235.0/24 maxlen: 24
213.239.156.0/24 maxlen: 24
217.177.10.0/24 maxlen: 24
217.177.72.0/24 maxlen: 24
2a02:6b40::/32 maxlen: 32
2a02:6b40::/48 maxlen: 48
2a02:6b40:1::/48 maxlen: 48
2a02:6b40:1000::/48 maxlen: 48
2a02:6b40:2000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.mft
rsync://rpki.ripe.net/repository/DEFAULT/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 02:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:97:33:63:cd:84:a9:9d:7c:f6:e0:eb:14:7c:86:3c:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70e5b30272e43053208978dbe44bfee10a5d007e
Validity
Not Before: Apr 16 16:50:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1103a643b743099363ca61bd8f6c5b6c8806b4b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:3e:f4:b2:12:95:2e:b0:33:55:a9:2f:9d:b1:
69:e4:49:25:fc:87:5c:d5:fc:fb:b2:cb:49:e1:6f:
c8:2b:2b:4f:97:83:6c:ca:e5:a5:cf:07:37:c3:ca:
19:c0:63:e2:d7:1e:d1:b6:41:a1:c0:3e:d7:62:7a:
cc:a1:5f:6e:85:f7:f1:4c:87:d0:9c:51:68:92:fc:
40:a2:08:83:40:09:93:fc:42:99:f4:12:cc:5f:cd:
fd:30:a4:96:dd:5f:77:ac:02:5a:f3:92:25:57:26:
63:d3:9e:09:c1:7e:ed:43:c3:51:d4:4d:e7:2b:a2:
50:16:63:11:80:d4:9a:67:2e:0d:3c:19:b0:41:13:
30:75:f5:5e:bf:d6:bf:45:75:71:81:91:4f:64:d3:
58:89:c7:33:27:9b:fb:bc:67:04:df:58:0d:94:b2:
1a:bc:a3:88:8a:24:7e:78:e8:85:aa:51:0d:5e:fb:
f0:b2:f4:75:03:64:24:96:4c:70:ed:c5:b3:9a:94:
51:6b:37:ea:60:e4:09:b4:77:e9:12:e2:c7:8a:ed:
af:f3:36:ea:f8:e9:72:f6:29:e7:d6:88:24:1b:bb:
99:92:31:a2:31:a3:80:ff:eb:fb:df:f6:af:8a:9d:
5f:e8:77:c1:a5:6b:0e:53:0b:a6:04:e4:eb:c4:27:
0d:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:03:A6:43:B7:43:09:93:63:CA:61:BD:8F:6C:5B:6C:88:06:B4:B8
X509v3 Authority Key Identifier:
keyid:70:E5:B3:02:72:E4:30:53:20:89:78:DB:E4:4B:FE:E1:0A:5D:00:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/EQOmQ7dDCZNjymG9j2xbbIgGtLg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.64.0/22
5.187.0.0/21
31.172.68.0/24
31.172.70.0-31.172.73.255
31.172.75.0/24
31.172.77.0/24
79.132.136.0/24
79.132.138.0/24
79.132.140.0/24
79.132.142.0/23
89.127.192.0/24
89.127.194.0/24
89.127.200.0/24
91.228.152.0/22
103.75.124.0/24
103.75.127.0/24
103.228.168.0/22
162.248.160.0/24
162.248.164.0/22
185.21.8.0/24
185.44.206.0/23
194.154.24.0/24
194.154.30.0/24
195.26.237.0/24
212.2.234.0/23
213.239.156.0/24
217.177.10.0/24
217.177.72.0/24
IPv6:
2a02:6b40::/32
Signature Algorithm: sha256WithRSAEncryption
5a:dd:e6:d9:72:d8:22:75:ad:06:65:bf:21:f7:fe:62:e4:24:
7d:10:bc:f0:cc:2c:a1:ca:c5:91:7c:91:f2:98:bd:51:f8:98:
8e:9a:52:d3:83:f7:50:9f:a0:6f:32:2e:f4:60:64:d3:7f:03:
8b:4c:29:89:d9:0a:c9:c9:a7:a1:3b:a8:d9:ce:4e:68:c2:97:
b3:ac:f5:55:a8:c7:aa:08:1e:e6:06:06:17:c6:7e:3a:72:d2:
1c:c0:46:1b:d7:80:2b:b3:a1:33:45:94:d8:b9:cd:f0:f3:bd:
70:9a:eb:7f:45:f3:1b:92:9a:48:bd:59:cd:99:29:47:8a:72:
ab:c2:43:9b:2e:44:78:e3:be:b2:88:3f:d2:bd:c6:83:f5:ac:
5d:64:24:d8:d9:ba:71:e8:0d:8d:d9:15:02:fd:6a:81:32:6d:
aa:2e:2c:c8:ec:2d:28:32:5a:2c:62:80:e5:75:00:fc:9d:2c:
a0:77:bc:f0:10:c5:60:34:89:7a:7d:bc:23:f5:13:85:1a:05:
20:d8:5e:48:95:6b:30:29:18:74:1e:3a:ce:b5:5e:08:32:81:
98:51:90:89:28:77:3b:64:b1:17:5e:73:f8:a8:e3:83:eb:44:
32:ae:4d:3b:98:99:22:c1:fd:de:6f:ca:40:60:d7:9c:0a:bd:
3c:88:7e:06
-----BEGIN CERTIFICATE-----
MIIFuzCCBKOgAwIBAgISAZ2XM2PNhKmdfPbg6xR8hjwkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwZTViMzAyNzJlNDMwNTMyMDg5NzhkYmU0NGJmZWUxMGE1
ZDAwN2UwHhcNMjYwNDE2MTY1MDIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTAzYTY0M2I3NDMwOTkzNjNjYTYxYmQ4ZjZjNWI2Yzg4MDZiNGI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmj70shKVLrAzVakvnbFp5Ekl/Idc
1fz7sstJ4W/IKytPl4NsyuWlzwc3w8oZwGPi1x7RtkGhwD7XYnrMoV9uhffxTIfQ
nFFokvxAogiDQAmT/EKZ9BLMX839MKSW3V93rAJa85IlVyZj054JwX7tQ8NR1E3n
K6JQFmMRgNSaZy4NPBmwQRMwdfVev9a/RXVxgZFPZNNYicczJ5v7vGcE31gNlLIa
vKOIiiR+eOiFqlENXvvwsvR1A2Qklkxw7cWzmpRRazfqYOQJtHfpEuLHiu2v8zbq
+Oly9inn1ogkG7uZkjGiMaOA/+v73/avip1f6HfBpWsOUwumBOTrxCcN1wIDAQAB
o4ICxzCCAsMwHQYDVR0OBBYEFBEDpkO3QwmTY8phvY9sW2yIBrS4MB8GA1UdIwQY
MBaAFHDlswJy5DBTIIl42+RL/uEKXQB+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY09XekFuTGtNRk1naVhqYjVFdi00UXBkQUg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8yMmYxZDUtZjI2OS00ZjRmLWJmOGEt
MWZiYzY0MWI1MGIxLzEvRVFPbVE3ZERDWk5qeW1HOWoyeGJiSWdHdExnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS8yMmYxZDUtZjI2OS00ZjRmLWJmOGEtMWZiYzY0MWI1MGIx
LzEvY09XekFuTGtNRk1naVhqYjVFdi00UXBkQUg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHcBggrBgEFBQcBBwEB/wSBzDCByTCBtwQCAAEwgbADBAIC
OkADBAMFuwADBAAfrEQwDAMEAR+sRgMEAR+sSAMEAB+sSwMEAB+sTQMEAE+EiAME
AE+EigMEAE+EjAMEAU+EjgMEAFl/wAMEAFl/wgMEAFl/yAMEAlvkmAMEAGdLfAME
AGdLfwMEAmfkqAMEAKL4oAMEAqL4pAMEALkVCAMEAbkszgMEAMKaGAMEAMKaHgME
AMMa7QMEAdQC6gMEANXvnAMEANmxCgMEANmxSDANBAIAAjAHAwUAKgJrQDANBgkq
hkiG9w0BAQsFAAOCAQEAWt3m2XLYInWtBmW/Iff+YuQkfRC88MwsocrFkXyR8pi9
UfiYjppS04P3UJ+gbzIu9GBk038Di0wpidkKycmnoTuo2c5OaMKXs6z1VajHqgge
5gYGF8Z+OnLSHMBGG9eAK7OhM0WU2LnN8PO9cJrrf0XzG5KaSL1ZzZkpR4pyq8JD
my5EeOO+sog/0r3Gg/WsXWQk2Nm6cegNjdkVAv1qgTJtqi4syOwtKDJaLGKA5XUA
/J0soHe88BDFYDSJen28I/UThRoFINheSJVrMCkYdB46zrVeCDKBmFGQiSh3O2Sx
F15z+Kjjg+tEMq5NO5iZIsH93m/KQGDXnAq9PIh+Bg==
-----END CERTIFICATE-----
Generated at Sun Apr 19 09:03:54 2026 by rpki-client