Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/e_Df4iROoxXL1Pz1SAcKQ_vIEN4.roa
File: e_Df4iROoxXL1Pz1SAcKQ_vIEN4.roa (raw, json)
Hash identifier: POrEq4+lH/1KrPHSTHg9NCpIAwnldkAaBgikPdZzjMk=
Subject key identifier: 7B:F0:DF:E2:24:4E:A3:15:CB:D4:FC:F5:48:07:0A:43:FB:C8:10:DE
Certificate issuer: /CN=f43bf90808ae7eca063f746a8f1d88865734c8a3
Certificate serial: 019DBA7953414690FE46EDBD2BCBDA22F390
Authority key identifier: F4:3B:F9:08:08:AE:7E:CA:06:3F:74:6A:8F:1D:88:86:57:34:C8:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9Dv5CAiufsoGP3Rqjx2Ihlc0yKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/e_Df4iROoxXL1Pz1SAcKQ_vIEN4.roa
Signing time: Thu 23 Apr 2026 13:13:26 +0000
ROA not before: Thu 23 Apr 2026 13:13:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 202448
IP address blocks: 2.56.212.0/24 maxlen: 24
2.56.213.0/24 maxlen: 24
2.56.214.0/24 maxlen: 24
2.56.215.0/24 maxlen: 24
31.14.238.0/24 maxlen: 24
31.222.229.0/24 maxlen: 24
45.137.148.0/24 maxlen: 32
45.137.149.0/24 maxlen: 24
45.137.150.0/24 maxlen: 24
45.137.151.0/24 maxlen: 24
45.153.184.0/24 maxlen: 24
45.153.185.0/24 maxlen: 24
45.153.186.0/24 maxlen: 24
45.153.187.0/24 maxlen: 24
62.3.32.0/24 maxlen: 24
84.238.132.0/24 maxlen: 24
85.137.168.0/24 maxlen: 24
85.137.169.0/24 maxlen: 24
85.137.170.0/24 maxlen: 24
85.137.171.0/24 maxlen: 24
85.137.172.0/24 maxlen: 24
85.137.173.0/24 maxlen: 24
85.137.174.0/24 maxlen: 24
85.137.175.0/24 maxlen: 24
86.105.252.0/24 maxlen: 24
86.106.181.0/24 maxlen: 24
86.107.197.0/24 maxlen: 24
89.38.128.0/24 maxlen: 24
89.38.129.0/24 maxlen: 24
89.38.130.0/24 maxlen: 24
89.38.131.0/24 maxlen: 24
89.38.135.0/24 maxlen: 32
89.43.33.0/24 maxlen: 24
91.227.40.0/24 maxlen: 24
91.227.41.0/24 maxlen: 24
91.236.195.0/24 maxlen: 24
91.250.248.0/24 maxlen: 32
91.250.249.0/24 maxlen: 32
93.114.128.0/24 maxlen: 24
93.114.133.0/24 maxlen: 24
93.115.16.0/24 maxlen: 24
93.115.17.0/24 maxlen: 24
93.115.18.0/24 maxlen: 24
93.115.19.0/24 maxlen: 24
93.115.20.0/24 maxlen: 24
93.115.21.0/24 maxlen: 24
93.115.22.0/24 maxlen: 24
93.115.23.0/24 maxlen: 24
94.176.182.0/24 maxlen: 24
94.231.205.0/24 maxlen: 24
95.169.192.0/24 maxlen: 24
95.169.201.0/24 maxlen: 24
95.169.204.0/24 maxlen: 24
95.169.205.0/24 maxlen: 24
178.157.82.0/24 maxlen: 24
178.157.90.0/24 maxlen: 24
178.157.91.0/24 maxlen: 24
178.215.237.0/24 maxlen: 24
185.96.163.0/24 maxlen: 24
185.170.212.0/24 maxlen: 24
185.170.213.0/24 maxlen: 24
185.170.214.0/24 maxlen: 24
185.170.215.0/24 maxlen: 24
185.177.73.0/24 maxlen: 24
185.234.52.0/24 maxlen: 32
185.243.214.0/24 maxlen: 32
185.243.215.0/24 maxlen: 24
188.212.124.0/24 maxlen: 24
188.212.125.0/24 maxlen: 24
193.24.232.0/24 maxlen: 24
193.24.233.0/24 maxlen: 24
193.24.234.0/24 maxlen: 24
193.24.235.0/24 maxlen: 24
193.201.15.0/24 maxlen: 24
194.26.213.0/24 maxlen: 24
194.32.76.0/24 maxlen: 24
194.32.77.0/24 maxlen: 24
194.32.78.0/24 maxlen: 24
194.32.79.0/24 maxlen: 24
194.63.145.0/24 maxlen: 24
194.99.20.0/24 maxlen: 24
194.99.21.0/24 maxlen: 24
194.99.22.0/24 maxlen: 24
194.99.23.0/24 maxlen: 24
195.14.9.0/24 maxlen: 24
2a05:8280::/32 maxlen: 32
2a09:cd40::/32 maxlen: 32
2a09:cd41::/32 maxlen: 32
2a09:cd42::/32 maxlen: 32
2a09:cd43::/32 maxlen: 32
2a09:cd44::/32 maxlen: 32
2a09:cd45::/32 maxlen: 32
2a09:cd46::/32 maxlen: 32
2a0c:b9c0::/32 maxlen: 32
2a0c:b9c1::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/9Dv5CAiufsoGP3Rqjx2Ihlc0yKM.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/9Dv5CAiufsoGP3Rqjx2Ihlc0yKM.mft
rsync://rpki.ripe.net/repository/DEFAULT/9Dv5CAiufsoGP3Rqjx2Ihlc0yKM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 01:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:ba:79:53:41:46:90:fe:46:ed:bd:2b:cb:da:22:f3:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f43bf90808ae7eca063f746a8f1d88865734c8a3
Validity
Not Before: Apr 23 13:13:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7bf0dfe2244ea315cbd4fcf548070a43fbc810de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:58:1a:5c:fb:22:2e:03:bd:7a:36:2f:1f:c3:
2b:58:0e:78:24:b3:f8:ee:89:5c:8f:2e:b1:71:10:
b1:7f:a5:c3:5d:c0:4d:b1:f8:8f:47:33:0a:aa:66:
96:4e:86:78:ac:6a:7d:d6:67:db:23:82:e7:3a:b6:
6c:69:86:8f:8f:a4:5c:f7:55:7d:78:64:68:d5:26:
6d:88:36:d9:e2:49:bf:5d:57:d0:40:2e:3a:69:b9:
11:bc:b0:40:4e:e7:59:c3:c3:bf:c1:a5:04:ed:e9:
fa:c2:ec:2f:eb:7b:aa:12:c0:f0:b7:35:75:34:0e:
d5:98:69:35:f6:e4:c3:61:9e:e2:f6:90:65:5c:27:
34:82:da:c2:51:37:33:10:b1:07:8f:f9:eb:a8:f1:
fc:a5:e8:e4:7f:5a:d4:69:a7:b0:7f:35:04:15:e5:
d5:40:a0:69:7f:d8:d3:26:93:4d:31:94:34:13:19:
3b:36:d0:7f:8d:3d:e9:54:b8:d7:fd:44:e0:cc:cf:
ea:30:38:39:b4:8f:d6:32:83:0a:15:04:f5:d5:22:
bd:1d:85:dc:74:25:cd:33:88:6c:c2:78:4a:d8:fa:
5a:8d:50:8b:9e:0a:18:11:0f:6d:c9:4b:ec:2e:26:
b1:9f:e0:dd:9d:11:69:00:ab:56:0e:35:8c:06:f9:
40:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:F0:DF:E2:24:4E:A3:15:CB:D4:FC:F5:48:07:0A:43:FB:C8:10:DE
X509v3 Authority Key Identifier:
keyid:F4:3B:F9:08:08:AE:7E:CA:06:3F:74:6A:8F:1D:88:86:57:34:C8:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9Dv5CAiufsoGP3Rqjx2Ihlc0yKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/e_Df4iROoxXL1Pz1SAcKQ_vIEN4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/9Dv5CAiufsoGP3Rqjx2Ihlc0yKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.212.0/22
31.14.238.0/24
31.222.229.0/24
45.137.148.0/22
45.153.184.0/22
62.3.32.0/24
84.238.132.0/24
85.137.168.0/21
86.105.252.0/24
86.106.181.0/24
86.107.197.0/24
89.38.128.0/22
89.38.135.0/24
89.43.33.0/24
91.227.40.0/23
91.236.195.0/24
91.250.248.0/23
93.114.128.0/24
93.114.133.0/24
93.115.16.0/21
94.176.182.0/24
94.231.205.0/24
95.169.192.0/24
95.169.201.0/24
95.169.204.0/23
178.157.82.0/24
178.157.90.0/23
178.215.237.0/24
185.96.163.0/24
185.170.212.0/22
185.177.73.0/24
185.234.52.0/24
185.243.214.0/23
188.212.124.0/23
193.24.232.0/22
193.201.15.0/24
194.26.213.0/24
194.32.76.0/22
194.63.145.0/24
194.99.20.0/22
195.14.9.0/24
IPv6:
2a05:8280::/32
2a09:cd40::-2a09:cd46:ffff:ffff:ffff:ffff:ffff:ffff
2a0c:b9c0::/31
Signature Algorithm: sha256WithRSAEncryption
8f:5f:20:a9:e8:3a:c0:7c:d9:be:e5:d6:55:de:8a:ed:54:ec:
e6:a5:eb:a4:ac:6d:b6:57:54:40:49:23:8b:14:30:9f:a1:27:
c6:98:b2:f0:7e:d7:29:65:fd:be:83:71:fc:f6:59:bd:9a:18:
eb:16:57:ee:a8:32:3a:14:eb:52:0f:db:fa:bd:76:54:bb:9c:
61:41:d1:fc:4d:ec:52:51:1c:40:e2:8c:73:51:53:40:9d:b1:
37:99:87:99:a9:5f:95:a4:21:12:91:16:b4:71:9a:ff:d3:e3:
4a:aa:15:5b:7b:bc:eb:54:21:fe:79:7d:d6:b0:a7:92:a6:4b:
b6:b8:26:0a:76:5a:5f:03:9f:c5:6d:b6:02:f2:90:69:c9:6b:
fd:36:88:a1:c1:78:22:bb:f2:89:97:f8:71:07:82:2d:69:50:
2f:b1:31:24:03:9d:4d:e0:80:eb:e5:9d:7b:81:58:f1:b3:9e:
3e:d3:df:f5:4b:70:74:ea:e6:c4:55:38:b9:4e:57:09:e1:60:
94:2e:e3:df:38:18:06:06:e2:96:99:5d:16:49:18:03:58:31:
7d:8c:87:14:45:18:69:a0:ac:28:1c:2f:ee:77:a1:e1:4b:ee:
8a:51:92:53:e0:91:ce:5c:87:e2:8d:7a:6e:1e:d9:fe:31:7d:
80:74:75:c1
-----BEGIN CERTIFICATE-----
MIIGGzCCBQOgAwIBAgISAZ26eVNBRpD+Ru29K8vaIvOQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0M2JmOTA4MDhhZTdlY2EwNjNmNzQ2YThmMWQ4ODg2NTcz
NGM4YTMwHhcNMjYwNDIzMTMxMzI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmYwZGZlMjI0NGVhMzE1Y2JkNGZjZjU0ODA3MGE0M2ZiYzgxMGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt1gaXPsiLgO9ejYvH8MrWA54JLP4
7olcjy6xcRCxf6XDXcBNsfiPRzMKqmaWToZ4rGp91mfbI4LnOrZsaYaPj6Rc91V9
eGRo1SZtiDbZ4km/XVfQQC46abkRvLBATudZw8O/waUE7en6wuwv63uqEsDwtzV1
NA7VmGk19uTDYZ7i9pBlXCc0gtrCUTczELEHj/nrqPH8pejkf1rUaaewfzUEFeXV
QKBpf9jTJpNNMZQ0Exk7NtB/jT3pVLjX/UTgzM/qMDg5tI/WMoMKFQT11SK9HYXc
dCXNM4hswnhK2PpajVCLngoYEQ9tyUvsLiaxn+DdnRFpAKtWDjWMBvlAnwIDAQAB
o4IDJzCCAyMwHQYDVR0OBBYEFHvw3+IkTqMVy9T89UgHCkP7yBDeMB8GA1UdIwQY
MBaAFPQ7+QgIrn7KBj90ao8diIZXNMijMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUR2NUNBaXVmc29HUDNScWp4MklobGMweUtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9hOGQ5NDMtZjA4Mi00YjE4LWI4NDAt
Mzg5MTk1YzRmMDdiLzEvZV9EZjRpUk9veFhMMVB6MVNBY0tRX3ZJRU40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9hOGQ5NDMtZjA4Mi00YjE4LWI4NDAtMzg5MTk1YzRmMDdi
LzEvOUR2NUNBaXVmc29HUDNScWp4MklobGMweUtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBOwYIKwYBBQUHAQcBAf8EggEqMIIBJjCB/QQCAAEwgfYD
BAICONQDBAAfDu4DBAAf3uUDBAItiZQDBAItmbgDBAA+AyADBABU7oQDBANViagD
BABWafwDBABWarUDBABWa8UDBAJZJoADBABZJocDBABZKyEDBAFb4ygDBABb7MMD
BAFb+vgDBABdcoADBABdcoUDBANdcxADBABesLYDBABe580DBABfqcADBABfqckD
BAFfqcwDBACynVIDBAGynVoDBACy1+0DBAC5YKMDBAK5qtQDBAC5sUkDBAC56jQD
BAG589YDBAG81HwDBALBGOgDBADByQ8DBADCGtUDBALCIEwDBADCP5EDBALCYxQD
BADDDgkwJAQCAAIwHgMFACoFgoAwDgMFBioJzUADBQAqCc1GAwUBKgy5wDANBgkq
hkiG9w0BAQsFAAOCAQEAj18gqeg6wHzZvuXWVd6K7VTs5qXrpKxttldUQEkjixQw
n6Enxpiy8H7XKWX9voNx/PZZvZoY6xZX7qgyOhTrUg/b+r12VLucYUHR/E3sUlEc
QOKMc1FTQJ2xN5mHmalflaQhEpEWtHGa/9PjSqoVW3u861Qh/nl91rCnkqZLtrgm
CnZaXwOfxW22AvKQaclr/TaIocF4IrvyiZf4cQeCLWlQL7ExJAOdTeCA6+Wde4FY
8bOePtPf9UtwdOrmxFU4uU5XCeFglC7j3zgYBgbilpldFkkYA1gxfYyHFEUYaaCs
KBwv7neh4UvuilGSU+CRzlyH4o16bh7Z/jF9gHR1wQ==
-----END CERTIFICATE-----
Generated at Wed May 13 09:57:42 2026 by rpki-client