Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/tldfbdi2KX3t4BcCVx6VGGK3iyo.roa
File: tldfbdi2KX3t4BcCVx6VGGK3iyo.roa (raw, json)
Hash identifier: Fi4d+ISfAotrj39E0racwhFRU+l4o+QEW3BSrZlvaV0=
Subject key identifier: B6:57:5F:6D:D8:B6:29:7D:ED:E0:17:02:57:1E:95:18:62:B7:8B:2A
Certificate issuer: /CN=e0dee1b06ba24a676213f976a4b50c129dcb2b73
Certificate serial: 019E01F6DF9C8622307043BBD34EEBBDFB35
Authority key identifier: E0:DE:E1:B0:6B:A2:4A:67:62:13:F9:76:A4:B5:0C:12:9D:CB:2B:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4N7hsGuiSmdiE_l2pLUMEp3LK3M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/tldfbdi2KX3t4BcCVx6VGGK3iyo.roa
Signing time: Thu 07 May 2026 10:23:36 +0000
ROA not before: Thu 07 May 2026 10:23:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 719
IP address blocks: 31.7.16.0/20 maxlen: 20
46.182.112.0/21 maxlen: 21
62.142.0.0/16 maxlen: 16
62.148.192.0/19 maxlen: 19
62.216.96.0/19 maxlen: 19
62.240.64.0/19 maxlen: 19
62.248.128.0/17 maxlen: 17
77.109.192.0/18 maxlen: 18
80.81.160.0/19 maxlen: 19
80.88.176.0/20 maxlen: 20
80.186.0.0/16 maxlen: 16
80.248.96.0/19 maxlen: 19
81.197.0.0/16 maxlen: 16
81.209.0.0/17 maxlen: 17
82.103.192.0/18 maxlen: 18
82.118.192.0/19 maxlen: 19
82.141.64.0/18 maxlen: 18
82.215.192.0/18 maxlen: 18
83.245.128.0/17 maxlen: 17
84.230.0.0/15 maxlen: 15
85.76.0.0/14 maxlen: 14
85.156.0.0/16 maxlen: 16
85.157.0.0/16 maxlen: 16
85.217.0.0/17 maxlen: 17
88.112.0.0/14 maxlen: 14
91.152.0.0/13 maxlen: 13
94.22.0.0/16 maxlen: 16
109.232.80.0/21 maxlen: 21
139.97.0.0/16 maxlen: 16
192.77.120.0/22 maxlen: 22
192.102.32.0/24 maxlen: 24
192.102.36.0/24 maxlen: 24
192.102.37.0/24 maxlen: 24
192.102.38.0/24 maxlen: 24
192.102.39.0/24 maxlen: 24
192.102.40.0/24 maxlen: 24
192.102.41.0/24 maxlen: 24
192.102.42.0/24 maxlen: 24
192.102.49.0/24 maxlen: 24
192.102.50.0/24 maxlen: 24
192.126.1.0/24 maxlen: 24
192.126.23.0/24 maxlen: 24
192.126.24.0/24 maxlen: 24
192.126.35.0/24 maxlen: 24
192.126.44.0/24 maxlen: 24
192.126.46.0/24 maxlen: 24
192.163.32.0/19 maxlen: 19
192.163.64.0/18 maxlen: 18
192.163.128.0/19 maxlen: 19
192.175.45.0/24 maxlen: 24
193.64.0.0/15 maxlen: 15
193.66.0.0/16 maxlen: 16
193.94.0.0/16 maxlen: 16
193.184.0.0/15 maxlen: 15
193.199.0.0/16 maxlen: 16
193.229.0.0/16 maxlen: 16
194.86.0.0/16 maxlen: 16
194.136.0.0/16 maxlen: 16
194.157.0.0/16 maxlen: 16
194.188.0.0/16 maxlen: 16
194.211.0.0/16 maxlen: 16
194.240.0.0/15 maxlen: 15
195.16.192.0/19 maxlen: 19
195.74.0.0/19 maxlen: 19
195.170.128.0/19 maxlen: 19
195.197.0.0/16 maxlen: 16
195.218.64.0/19 maxlen: 19
195.236.0.0/15 maxlen: 15
195.238.192.0/19 maxlen: 19
195.255.0.0/16 maxlen: 16
212.38.224.0/20 maxlen: 20
212.50.192.0/19 maxlen: 19
212.54.0.0/19 maxlen: 19
212.63.0.0/19 maxlen: 19
212.226.0.0/16 maxlen: 16
212.246.0.0/16 maxlen: 16
213.130.224.0/19 maxlen: 19
213.161.32.0/19 maxlen: 19
213.169.0.0/19 maxlen: 19
213.192.128.0/18 maxlen: 18
213.250.64.0/18 maxlen: 18
217.24.96.0/20 maxlen: 20
217.25.96.0/20 maxlen: 20
217.77.192.0/20 maxlen: 20
217.152.0.0/16 maxlen: 16
2001:671::/48 maxlen: 48
2001:671:1::/48 maxlen: 48
2001:998::/29 maxlen: 32
2001:9f0::/29 maxlen: 29
2001:1658::/29 maxlen: 29
2a00:1dd0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/4N7hsGuiSmdiE_l2pLUMEp3LK3M.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/4N7hsGuiSmdiE_l2pLUMEp3LK3M.mft
rsync://rpki.ripe.net/repository/DEFAULT/4N7hsGuiSmdiE_l2pLUMEp3LK3M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 16:01:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:01:f6:df:9c:86:22:30:70:43:bb:d3:4e:eb:bd:fb:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0dee1b06ba24a676213f976a4b50c129dcb2b73
Validity
Not Before: May 7 10:23:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b6575f6dd8b6297dede01702571e951862b78b2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:02:d8:8d:c2:5c:d2:b8:28:9d:74:09:17:56:
c7:e5:79:ea:b3:e1:32:39:90:ac:20:db:ab:be:dd:
51:9c:ef:a7:fa:64:c9:5f:de:74:9f:cf:70:a9:4c:
99:9f:0e:d0:09:98:54:fb:08:4f:54:96:70:b2:21:
93:2e:52:02:a8:db:a0:7f:52:c9:e4:72:65:26:d1:
db:dc:22:bc:9d:9d:21:10:ab:88:7e:4d:26:75:d8:
91:bd:59:c8:91:4a:7b:89:c7:c3:0b:e5:89:d7:e7:
89:d0:87:b1:fe:ff:c5:f5:e3:24:bb:ae:ae:b3:1d:
c5:fb:c0:6d:e7:88:be:45:6c:cb:d2:42:23:ae:20:
20:63:4b:d0:d4:cb:f2:26:2f:0a:c9:60:2f:df:68:
62:de:38:8f:f5:bf:b1:1c:65:77:0b:9a:60:cb:6e:
13:b5:a3:c9:9e:6f:66:30:86:8a:8d:8a:6c:5c:5a:
8e:17:7b:62:5d:0b:4b:e2:36:c6:68:cd:65:d4:ee:
b5:59:85:e2:1e:7c:03:b0:d0:6a:64:2a:20:09:7b:
1b:1f:8b:f8:4a:17:e2:53:cc:72:82:54:46:8d:79:
7a:c1:c1:59:e9:0f:34:44:35:97:73:a0:e9:8e:59:
5a:ce:28:f1:71:ec:4a:ed:a2:61:f4:33:21:65:2d:
ce:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:57:5F:6D:D8:B6:29:7D:ED:E0:17:02:57:1E:95:18:62:B7:8B:2A
X509v3 Authority Key Identifier:
keyid:E0:DE:E1:B0:6B:A2:4A:67:62:13:F9:76:A4:B5:0C:12:9D:CB:2B:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4N7hsGuiSmdiE_l2pLUMEp3LK3M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/tldfbdi2KX3t4BcCVx6VGGK3iyo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/4N7hsGuiSmdiE_l2pLUMEp3LK3M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.7.16.0/20
46.182.112.0/21
62.142.0.0/16
62.148.192.0/19
62.216.96.0/19
62.240.64.0/19
62.248.128.0/17
77.109.192.0/18
80.81.160.0/19
80.88.176.0/20
80.186.0.0/16
80.248.96.0/19
81.197.0.0/16
81.209.0.0/17
82.103.192.0/18
82.118.192.0/19
82.141.64.0/18
82.215.192.0/18
83.245.128.0/17
84.230.0.0/15
85.76.0.0/14
85.156.0.0/15
85.217.0.0/17
88.112.0.0/14
91.152.0.0/13
94.22.0.0/16
109.232.80.0/21
139.97.0.0/16
192.77.120.0/22
192.102.32.0/24
192.102.36.0-192.102.42.255
192.102.49.0-192.102.50.255
192.126.1.0/24
192.126.23.0-192.126.24.255
192.126.35.0/24
192.126.44.0/24
192.126.46.0/24
192.163.32.0-192.163.159.255
192.175.45.0/24
193.64.0.0-193.66.255.255
193.94.0.0/16
193.184.0.0/15
193.199.0.0/16
193.229.0.0/16
194.86.0.0/16
194.136.0.0/16
194.157.0.0/16
194.188.0.0/16
194.211.0.0/16
194.240.0.0/15
195.16.192.0/19
195.74.0.0/19
195.170.128.0/19
195.197.0.0/16
195.218.64.0/19
195.236.0.0/15
195.238.192.0/19
195.255.0.0/16
212.38.224.0/20
212.50.192.0/19
212.54.0.0/19
212.63.0.0/19
212.226.0.0/16
212.246.0.0/16
213.130.224.0/19
213.161.32.0/19
213.169.0.0/19
213.192.128.0/18
213.250.64.0/18
217.24.96.0/20
217.25.96.0/20
217.77.192.0/20
217.152.0.0/16
IPv6:
2001:671::/47
2001:998::/29
2001:9f0::/29
2001:1658::/29
2a00:1dd0::/29
Signature Algorithm: sha256WithRSAEncryption
73:0a:12:f4:3c:4c:c3:e1:cf:63:7f:dd:07:c4:ea:83:81:a8:
cc:bc:62:1c:4c:22:5d:d9:c2:9d:3c:01:58:d0:55:8a:09:b1:
6c:52:22:a7:98:60:f4:86:2a:48:29:7e:25:e1:69:35:93:ec:
40:de:bb:d1:3a:02:c3:b2:de:90:29:76:ee:bb:61:04:c5:6b:
ab:0b:fa:95:62:1d:a9:8c:a3:c8:2c:7f:77:c8:3f:ea:33:8f:
cc:f3:f9:fd:b0:75:bc:cb:c1:fa:31:54:96:42:de:98:f2:33:
d9:2f:41:41:4a:7c:f6:14:4c:25:66:f6:ed:40:43:96:60:aa:
5b:6a:e0:1b:ec:88:e0:66:1b:1c:71:96:8a:9c:74:f1:2f:34:
a5:23:f6:e4:b4:43:7f:69:0f:97:6c:79:f9:69:c4:43:8a:aa:
76:18:ad:de:d6:4b:89:a8:d9:3a:3f:02:cb:c1:1a:33:01:ca:
80:16:18:e8:25:48:8f:e4:11:13:9f:22:f6:81:f0:ee:96:af:
a1:3a:ab:30:f8:6a:30:7e:c4:a8:6c:db:3b:be:52:1c:d5:d2:
f2:6a:90:c6:43:3a:f8:df:8b:1d:cb:3c:57:f1:75:e5:b7:ef:
12:8f:90:9a:a4:3d:e5:94:d2:94:53:90:48:64:c9:4e:e5:51:
04:d8:91:70
-----BEGIN CERTIFICATE-----
MIIG8DCCBdigAwIBAgISAZ4B9t+chiIwcEO7007rvfs1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwZGVlMWIwNmJhMjRhNjc2MjEzZjk3NmE0YjUwYzEyOWRj
YjJiNzMwHhcNMjYwNTA3MTAyMzM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjU3NWY2ZGQ4YjYyOTdkZWRlMDE3MDI1NzFlOTUxODYyYjc4YjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5QLYjcJc0rgonXQJF1bH5Xnqs+Ey
OZCsINurvt1RnO+n+mTJX950n89wqUyZnw7QCZhU+whPVJZwsiGTLlICqNugf1LJ
5HJlJtHb3CK8nZ0hEKuIfk0mddiRvVnIkUp7icfDC+WJ1+eJ0Iex/v/F9eMku66u
sx3F+8Bt54i+RWzL0kIjriAgY0vQ1MvyJi8KyWAv32hi3jiP9b+xHGV3C5pgy24T
taPJnm9mMIaKjYpsXFqOF3tiXQtL4jbGaM1l1O61WYXiHnwDsNBqZCogCXsbH4v4
ShfiU8xyglRGjXl6wcFZ6Q80RDWXc6DpjllazijxcexK7aJh9DMhZS3OqwIDAQAB
o4ID/DCCA/gwHQYDVR0OBBYEFLZXX23Ytil97eAXAlcelRhit4sqMB8GA1UdIwQY
MBaAFODe4bBrokpnYhP5dqS1DBKdyytzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNE43aHNHdWlTbWRpRV9sMnBMVU1FcDNMSzNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9jMjJkYzktYzdiYS00MTU2LWE3OWMt
MTVlOTBiZjg3ZmFiLzEvdGxkZmJkaTJLWDN0NEJjQ1Z4NlZHR0szaXlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9jMjJkYzktYzdiYS00MTU2LWE3OWMtMTVlOTBiZjg3ZmFi
LzEvNE43aHNHdWlTbWRpRV9sMnBMVU1FcDNMSzNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICEAYIKwYBBQUHAQcBAf8EggH/MIIB+zCCAcoEAgABMIIB
wgMEBB8HEAMEAy62cAMDAD6OAwQFPpTAAwQFPthgAwQFPvBAAwQHPviAAwQGTW3A
AwQFUFGgAwQEUFiwAwMAULoDBAVQ+GADAwBRxQMEB1HRAAMEBlJnwAMEBVJ2wAME
BlKNQAMEBlLXwAMEB1P1gAMDAVTmAwMCVUwDAwFVnAMEB1XZAAMDAlhwAwMDW5gD
AwBeFgMEA23oUAMDAIthAwQCwE14AwQAwGYgMAwDBALAZiQDBADAZiowDAMEAMBm
MQMEAMBmMgMEAMB+ATAMAwQAwH4XAwQAwH4YAwQAwH4jAwQAwH4sAwQAwH4uMAwD
BAXAoyADBAXAo4ADBADAry0wCgMDBsFAAwMAwUIDAwDBXgMDAcG4AwMAwccDAwDB
5QMDAMJWAwMAwogDAwDCnQMDAMK8AwMAwtMDAwHC8AMEBcMQwAMEBcNKAAMEBcOq
gAMDAMPFAwQFw9pAAwMBw+wDBAXD7sADAwDD/wMEBNQm4AMEBdQywAMEBdQ2AAME
BdQ/AAMDANTiAwMA1PYDBAXVguADBAXVoSADBAXVqQADBAbVwIADBAbV+kADBATZ
GGADBATZGWADBATZTcADAwDZmDArBAIAAjAlAwcBIAEGcQAAAwUDIAEJmAMFAyAB
CfADBQMgARZYAwUDKgAd0DANBgkqhkiG9w0BAQsFAAOCAQEAcwoS9DxMw+HPY3/d
B8Tqg4GozLxiHEwiXdnCnTwBWNBVigmxbFIip5hg9IYqSCl+JeFpNZPsQN670ToC
w7LekCl27rthBMVrqwv6lWIdqYyjyCx/d8g/6jOPzPP5/bB1vMvB+jFUlkLemPIz
2S9BQUp89hRMJWb27UBDlmCqW2rgG+yI4GYbHHGWipx08S80pSP25LRDf2kPl2x5
+WnEQ4qqdhit3tZLiajZOj8Cy8EaMwHKgBYY6CVIj+QRE58i9oHw7pavoTqrMPhq
MH7EqGzbO75SHNXS8mqQxkM6+N+LHcs8V/F15bfvEo+QmqQ95ZTSlFOQSGTJTuVR
BNiRcA==
-----END CERTIFICATE-----
Generated at Wed May 13 02:12:17 2026 by rpki-client