Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/KLI9lQwUC5VTV4Cut0plGC56kr4.roa
File: KLI9lQwUC5VTV4Cut0plGC56kr4.roa (raw, json)
Hash identifier: rUAMk0OUXXf0cF+q5isqU/kNi2S0D4fL5AOOV6b9LlQ=
Subject key identifier: 28:B2:3D:95:0C:14:0B:95:53:57:80:AE:B7:4A:65:18:2E:7A:92:BE
Certificate issuer: /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial: 019D00EA52EC4EF4229050BECC5CDFF48EE4
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/KLI9lQwUC5VTV4Cut0plGC56kr4.roa
Signing time: Wed 18 Mar 2026 12:27:29 +0000
ROA not before: Wed 18 Mar 2026 12:27:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212477
IP address blocks: 37.77.151.0/24 maxlen: 32
45.90.12.0/22 maxlen: 32
45.90.116.0/22 maxlen: 32
62.3.53.0/24 maxlen: 32
77.87.126.0/24 maxlen: 32
89.248.65.0/24 maxlen: 32
94.154.115.0/24 maxlen: 32
109.205.63.0/24 maxlen: 32
146.19.119.0/24 maxlen: 32
146.19.231.0/24 maxlen: 32
178.212.79.0/24 maxlen: 32
185.138.165.0/24 maxlen: 32
185.149.150.0/24 maxlen: 32
193.221.208.0/24 maxlen: 32
2a0b:b680::/29 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:00:ea:52:ec:4e:f4:22:90:50:be:cc:5c:df:f4:8e:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Validity
Not Before: Mar 18 12:27:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=28b23d950c140b95535780aeb74a65182e7a92be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:41:6c:41:53:90:23:01:82:c6:97:e2:38:a2:
10:31:91:99:f0:aa:3a:fa:bd:a7:55:52:03:2a:cd:
7f:f0:30:c9:70:3c:dd:6d:b2:78:04:08:82:c1:42:
38:1e:14:8a:3b:ec:60:33:9e:49:57:ed:c5:db:59:
80:31:3a:f4:db:ca:46:b9:43:60:6b:45:59:e7:11:
e7:1e:a3:a8:63:eb:fd:f7:77:21:38:70:b9:a7:71:
13:95:03:ab:68:b0:21:a6:68:cd:a8:fe:b5:f7:5d:
cc:45:ab:2d:d7:95:5f:66:86:dc:cd:73:92:d7:b7:
29:fd:f9:38:49:88:eb:81:2f:f5:75:6d:cc:e5:0a:
70:0b:83:c2:6b:fd:6d:c7:66:b3:66:2e:5a:25:f1:
47:bb:4a:55:da:74:87:f6:89:5a:79:c5:23:26:c4:
63:9f:bf:82:44:8d:6c:fc:1d:71:b5:48:b0:c1:2f:
73:e2:39:47:39:83:e7:2a:09:e0:2c:dd:89:1e:8d:
30:70:a1:b1:26:c3:10:b8:56:5c:d5:ba:52:70:7a:
a8:80:7e:67:ad:84:69:68:a4:e9:9a:6d:22:5b:18:
3e:a4:44:c5:6b:9d:d2:11:53:03:88:51:a7:65:78:
e8:a4:67:92:28:77:a8:c5:c6:5d:44:d8:a3:ad:95:
7b:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:B2:3D:95:0C:14:0B:95:53:57:80:AE:B7:4A:65:18:2E:7A:92:BE
X509v3 Authority Key Identifier:
keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/KLI9lQwUC5VTV4Cut0plGC56kr4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.77.151.0/24
45.90.12.0/22
45.90.116.0/22
62.3.53.0/24
77.87.126.0/24
89.248.65.0/24
94.154.115.0/24
109.205.63.0/24
146.19.119.0/24
146.19.231.0/24
178.212.79.0/24
185.138.165.0/24
185.149.150.0/24
193.221.208.0/24
IPv6:
2a0b:b680::/29
Signature Algorithm: sha256WithRSAEncryption
56:dc:9f:23:02:bc:3f:4a:c8:5b:fa:98:af:57:af:3a:23:b7:
13:a0:6e:93:24:01:b6:ec:32:1a:34:d3:70:e8:10:84:41:71:
8b:d0:b6:8a:7e:aa:61:5c:18:2b:75:ca:04:ef:ec:84:9d:ad:
b7:96:17:a9:c6:18:19:4a:d6:a9:55:56:fb:38:35:15:2c:44:
d9:2a:76:fa:76:31:17:d2:4f:ab:cd:d1:52:4b:c5:be:32:80:
0f:6a:aa:b3:f7:e9:d8:b7:a3:e2:56:52:ab:a9:f1:4d:86:f3:
f7:65:dc:7a:42:5c:44:12:93:5e:dd:bb:4a:dd:96:41:ab:a3:
fa:af:76:9f:e7:24:88:69:e2:d0:9a:07:23:63:7b:67:6d:8d:
58:c1:16:8e:3d:48:10:ea:34:32:d6:48:57:ad:21:42:79:4f:
24:3a:7c:e0:d9:55:a5:20:51:c2:69:66:b3:b8:12:15:0a:81:
ea:8f:dd:8c:74:de:44:8c:cf:e3:67:4f:85:56:68:25:68:86:
f8:c6:b3:7e:8a:c8:e1:4b:b8:b7:3c:75:ae:cb:29:eb:87:bc:
c3:21:2f:6e:15:bc:30:33:3b:1f:1f:80:21:66:47:50:c9:79:
8e:fb:d2:04:ce:69:f8:67:e5:80:90:bc:c8:06:5c:e1:2b:f1:
24:39:5f:bb
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgISAZ0A6lLsTvQikFC+zFzf9I7kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVl
NzM2NjQwHhcNMjYwMzE4MTIyNzI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGIyM2Q5NTBjMTQwYjk1NTM1NzgwYWViNzRhNjUxODJlN2E5MmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5kFsQVOQIwGCxpfiOKIQMZGZ8Ko6
+r2nVVIDKs1/8DDJcDzdbbJ4BAiCwUI4HhSKO+xgM55JV+3F21mAMTr028pGuUNg
a0VZ5xHnHqOoY+v993chOHC5p3ETlQOraLAhpmjNqP61913MRast15VfZobczXOS
17cp/fk4SYjrgS/1dW3M5QpwC4PCa/1tx2azZi5aJfFHu0pV2nSH9olaecUjJsRj
n7+CRI1s/B1xtUiwwS9z4jlHOYPnKgngLN2JHo0wcKGxJsMQuFZc1bpScHqogH5n
rYRpaKTpmm0iWxg+pETFa53SEVMDiFGnZXjopGeSKHeoxcZdRNijrZV7HwIDAQAB
o4ICZjCCAmIwHQYDVR0OBBYEFCiyPZUMFAuVU1eArrdKZRguepK+MB8GA1UdIwQY
MBaAFA0pmQQsXiAGvVrregXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUt
OGMxNTM5NjViYWM5LzEvS0xJOWxRd1VDNVZUVjRDdXQwcGxHQzU2a3I0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5
LzEvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHwGCCsGAQUFBwEHAQH/BG0wazBaBAIAATBUAwQAJU2XAwQC
LVoMAwQCLVp0AwQAPgM1AwQATVd+AwQAWfhBAwQAXppzAwQAbc0/AwQAkhN3AwQA
khPnAwQAstRPAwQAuYqlAwQAuZWWAwQAwd3QMA0EAgACMAcDBQMqC7aAMA0GCSqG
SIb3DQEBCwUAA4IBAQBW3J8jArw/Sshb+pivV686I7cToG6TJAG27DIaNNNw6BCE
QXGL0LaKfqphXBgrdcoE7+yEna23lhepxhgZStapVVb7ODUVLETZKnb6djEX0k+r
zdFSS8W+MoAPaqqz9+nYt6PiVlKrqfFNhvP3Zdx6QlxEEpNe3btK3ZZBq6P6r3af
5ySIaeLQmgcjY3tnbY1YwRaOPUgQ6jQy1khXrSFCeU8kOnzg2VWlIFHCaWazuBIV
CoHqj92MdN5EjM/jZ0+FVmglaIb4xrN+isjhS7i3PHWuyynrh7zDIS9uFbwwMzsf
H4AhZkdQyXmO+9IEzmn4Z+WAkLzIBlzhK/EkOV+7
-----END CERTIFICATE-----
Generated at Thu Mar 26 10:11:56 2026 by rpki-client