Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/4f54b4-009f-46ce-9ac0-36bac8d91e2e/1/PzmgqQ8um9H5hi2VAkYcPSoWEZc.roa
File: PzmgqQ8um9H5hi2VAkYcPSoWEZc.roa (raw, json)
Hash identifier: Ng3CEcY0pucPNrNnMyShiiiPUWhrAnQNm1Uu1P+kOs4=
Subject key identifier: 3F:39:A0:A9:0F:2E:9B:D1:F9:86:2D:95:02:46:1C:3D:2A:16:11:97
Certificate issuer: /CN=c65a1da1cb1c920ae2f9b748270fded8737a9184
Certificate serial: 019D1C705C9B59758DE55D21307081C21524
Authority key identifier: C6:5A:1D:A1:CB:1C:92:0A:E2:F9:B7:48:27:0F:DE:D8:73:7A:91:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xlodocsckgri-bdIJw_e2HN6kYQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/4f54b4-009f-46ce-9ac0-36bac8d91e2e/1/PzmgqQ8um9H5hi2VAkYcPSoWEZc.roa
Signing time: Mon 23 Mar 2026 20:43:38 +0000
ROA not before: Mon 23 Mar 2026 20:43:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 48031
IP address blocks: 135.106.111.0/24 maxlen: 24
135.106.112.0/24 maxlen: 24
135.106.114.0/24 maxlen: 24
135.106.115.0/24 maxlen: 24
135.106.116.0/24 maxlen: 24
135.106.117.0/24 maxlen: 24
135.106.118.0/24 maxlen: 24
135.106.119.0/24 maxlen: 24
135.106.120.0/24 maxlen: 24
135.106.121.0/24 maxlen: 24
135.106.122.0/24 maxlen: 24
135.106.123.0/24 maxlen: 24
135.106.124.0/24 maxlen: 24
135.106.125.0/24 maxlen: 24
135.106.127.0/24 maxlen: 24
136.234.131.0/24 maxlen: 24
136.234.134.0/24 maxlen: 24
136.234.175.0/24 maxlen: 24
136.234.181.0/24 maxlen: 24
136.234.182.0/24 maxlen: 24
136.234.183.0/24 maxlen: 24
136.234.186.0/24 maxlen: 24
136.234.187.0/24 maxlen: 24
136.234.188.0/24 maxlen: 24
136.234.189.0/24 maxlen: 24
136.234.190.0/24 maxlen: 24
136.234.191.0/24 maxlen: 24
136.234.192.0/24 maxlen: 24
136.234.193.0/24 maxlen: 24
136.234.194.0/24 maxlen: 24
136.234.195.0/24 maxlen: 24
136.234.196.0/24 maxlen: 24
136.234.197.0/24 maxlen: 24
136.234.200.0/24 maxlen: 24
136.234.201.0/24 maxlen: 24
136.234.208.0/24 maxlen: 24
141.133.20.0/24 maxlen: 24
141.133.21.0/24 maxlen: 24
141.133.22.0/24 maxlen: 24
141.133.108.0/24 maxlen: 24
141.133.109.0/24 maxlen: 24
141.133.110.0/24 maxlen: 24
153.80.131.0/24 maxlen: 24
153.80.132.0/24 maxlen: 24
153.80.133.0/24 maxlen: 24
153.80.134.0/24 maxlen: 24
153.80.135.0/24 maxlen: 24
153.80.141.0/24 maxlen: 24
153.80.149.0/24 maxlen: 24
153.80.159.0/24 maxlen: 24
153.80.164.0/24 maxlen: 24
153.80.165.0/24 maxlen: 24
153.80.166.0/24 maxlen: 24
153.80.167.0/24 maxlen: 24
153.80.168.0/24 maxlen: 24
194.69.253.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/4f54b4-009f-46ce-9ac0-36bac8d91e2e/1/xlodocsckgri-bdIJw_e2HN6kYQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/4f54b4-009f-46ce-9ac0-36bac8d91e2e/1/xlodocsckgri-bdIJw_e2HN6kYQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/xlodocsckgri-bdIJw_e2HN6kYQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:1c:70:5c:9b:59:75:8d:e5:5d:21:30:70:81:c2:15:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c65a1da1cb1c920ae2f9b748270fded8737a9184
Validity
Not Before: Mar 23 20:43:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3f39a0a90f2e9bd1f9862d9502461c3d2a161197
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:30:26:a6:3b:fa:ad:73:23:2a:2e:3e:b5:cb:
c9:ef:92:96:0f:10:f8:9c:8a:1f:b7:49:5c:3c:e9:
16:d5:13:b5:15:4f:f9:c9:69:a2:16:4c:5c:e2:60:
3d:56:19:f4:08:bf:b8:2b:d5:c6:95:94:55:3a:d1:
3a:d8:2b:dd:97:e2:0f:8d:2d:3a:75:26:99:a1:f3:
7b:9e:e0:f5:86:ee:d4:3d:52:f7:09:83:5d:f8:28:
23:52:f7:99:0e:8e:0b:e3:ef:de:d4:fe:b1:a6:4e:
97:c3:82:39:7e:13:36:70:6f:44:36:d4:e3:00:59:
33:1d:bd:6f:8d:12:ff:99:ce:57:1e:90:ff:f4:f1:
89:79:2d:f1:4c:81:37:44:be:81:06:4c:91:68:a2:
0e:29:04:33:20:75:e4:fe:e2:8c:fe:ee:21:fa:22:
a9:b0:38:8f:70:ca:b9:c8:5c:a7:9d:11:44:6f:47:
71:d7:d9:6e:de:5f:ec:e4:02:23:81:73:3d:44:7b:
31:2c:4b:e1:4f:0d:5d:d0:2e:e2:b4:7f:4e:d8:89:
9b:fe:15:03:67:21:26:3f:9e:1a:13:54:62:0b:cb:
4d:42:c4:f7:9c:c8:d7:d0:fe:52:cd:1b:80:02:a1:
c4:b0:80:f2:d8:f3:f3:94:33:25:8d:01:b6:2d:a0:
78:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:39:A0:A9:0F:2E:9B:D1:F9:86:2D:95:02:46:1C:3D:2A:16:11:97
X509v3 Authority Key Identifier:
keyid:C6:5A:1D:A1:CB:1C:92:0A:E2:F9:B7:48:27:0F:DE:D8:73:7A:91:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xlodocsckgri-bdIJw_e2HN6kYQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/4f54b4-009f-46ce-9ac0-36bac8d91e2e/1/PzmgqQ8um9H5hi2VAkYcPSoWEZc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/4f54b4-009f-46ce-9ac0-36bac8d91e2e/1/xlodocsckgri-bdIJw_e2HN6kYQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
135.106.111.0-135.106.112.255
135.106.114.0-135.106.125.255
135.106.127.0/24
136.234.131.0/24
136.234.134.0/24
136.234.175.0/24
136.234.181.0-136.234.183.255
136.234.186.0-136.234.197.255
136.234.200.0/23
136.234.208.0/24
141.133.20.0-141.133.22.255
141.133.108.0-141.133.110.255
153.80.131.0-153.80.135.255
153.80.141.0/24
153.80.149.0/24
153.80.159.0/24
153.80.164.0-153.80.168.255
194.69.253.0/24
Signature Algorithm: sha256WithRSAEncryption
21:5d:f3:34:89:da:d7:4e:6b:54:40:56:6b:2a:e3:75:0d:9c:
eb:34:07:52:b7:47:6b:8c:31:3c:1e:b1:d3:3a:38:35:a6:94:
16:ec:09:20:b1:ae:09:92:a4:a3:ad:70:2d:29:cc:d9:46:75:
1e:fe:ed:53:43:8c:8b:e6:07:12:0a:5f:ef:bc:7f:c9:1b:aa:
e9:90:f9:4e:ad:af:78:b4:96:8b:a1:fd:8b:35:0a:8b:6b:6f:
ed:62:6e:19:16:a4:74:f9:f4:b7:08:db:8b:3b:0a:a6:f8:95:
f9:c4:66:18:c7:66:e9:c6:1c:08:a4:d2:ef:6b:5e:a4:9b:a8:
7c:54:83:76:6d:8f:4c:03:81:68:4a:d7:45:a5:44:e9:34:e8:
f6:df:28:33:4d:24:6f:8f:51:9b:db:96:b2:db:bb:e4:68:bc:
ed:a0:dc:c9:c2:42:3d:f6:d2:37:fd:5e:2c:e9:ac:d5:63:94:
4d:4c:ef:b2:19:dc:16:85:b1:0a:0b:6c:76:27:e5:12:ce:45:
93:bb:ab:b7:87:fe:ff:17:34:9c:7a:d0:0e:c5:ec:e6:c8:51:
d2:c9:e4:7a:54:26:e0:1f:a7:e8:c0:63:ba:63:6c:e1:b4:b1:
d8:78:8c:12:f2:54:85:58:c6:ef:db:9b:a8:93:80:c5:0b:f1:
65:6f:d6:53
-----BEGIN CERTIFICATE-----
MIIFqDCCBJCgAwIBAgISAZ0ccFybWXWN5V0hMHCBwhUkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NWExZGExY2IxYzkyMGFlMmY5Yjc0ODI3MGZkZWQ4NzM3
YTkxODQwHhcNMjYwMzIzMjA0MzM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjM5YTBhOTBmMmU5YmQxZjk4NjJkOTUwMjQ2MWMzZDJhMTYxMTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwjAmpjv6rXMjKi4+tcvJ75KWDxD4
nIoft0lcPOkW1RO1FU/5yWmiFkxc4mA9Vhn0CL+4K9XGlZRVOtE62Cvdl+IPjS06
dSaZofN7nuD1hu7UPVL3CYNd+CgjUveZDo4L4+/e1P6xpk6Xw4I5fhM2cG9ENtTj
AFkzHb1vjRL/mc5XHpD/9PGJeS3xTIE3RL6BBkyRaKIOKQQzIHXk/uKM/u4h+iKp
sDiPcMq5yFynnRFEb0dx19lu3l/s5AIjgXM9RHsxLEvhTw1d0C7itH9O2Imb/hUD
ZyEmP54aE1RiC8tNQsT3nMjX0P5SzRuAAqHEsIDy2PPzlDMljQG2LaB4nQIDAQAB
o4ICtDCCArAwHQYDVR0OBBYEFD85oKkPLpvR+YYtlQJGHD0qFhGXMB8GA1UdIwQY
MBaAFMZaHaHLHJIK4vm3SCcP3thzepGEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGxvZG9jc2NrZ3JpLWJkSUp3X2UySE42a1lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS80ZjU0YjQtMDA5Zi00NmNlLTlhYzAt
MzZiYWM4ZDkxZTJlLzEvUHptZ3FROHVtOUg1aGkyVkFrWWNQU29XRVpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS80ZjU0YjQtMDA5Zi00NmNlLTlhYzAtMzZiYWM4ZDkxZTJl
LzEveGxvZG9jc2NrZ3JpLWJkSUp3X2UySE42a1lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHJBggrBgEFBQcBBwEB/wSBuTCBtjCBswQCAAEwgawwDAME
AIdqbwMEAIdqcDAMAwQBh2pyAwQBh2p8AwQAh2p/AwQAiOqDAwQAiOqGAwQAiOqv
MAwDBACI6rUDBAOI6rAwDAMEAYjqugMEAYjqxAMEAYjqyAMEAIjq0DAMAwQCjYUU
AwQAjYUWMAwDBAKNhWwDBACNhW4wDAMEAJlQgwMEA5lQgAMEAJlQjQMEAJlQlQME
AJlQnzAMAwQCmVCkAwQAmVCoAwQAwkX9MA0GCSqGSIb3DQEBCwUAA4IBAQAhXfM0
idrXTmtUQFZrKuN1DZzrNAdSt0drjDE8HrHTOjg1ppQW7Akgsa4JkqSjrXAtKczZ
RnUe/u1TQ4yL5gcSCl/vvH/JG6rpkPlOra94tJaLof2LNQqLa2/tYm4ZFqR0+fS3
CNuLOwqm+JX5xGYYx2bpxhwIpNLva16km6h8VIN2bY9MA4FoStdFpUTpNOj23ygz
TSRvj1Gb25ay27vkaLztoNzJwkI99tI3/V4s6azVY5RNTO+yGdwWhbEKC2x2J+US
zkWTu6u3h/7/FzScetAOxezmyFHSyeR6VCbgH6fowGO6Y2zhtLHYeIwS8lSFWMbv
25uok4DFC/Flb9ZT
-----END CERTIFICATE-----
Generated at Thu Mar 26 07:05:33 2026 by rpki-client