Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/R3DrHyIvAdFUmGjoD1Off-GjKFw.roa
File: R3DrHyIvAdFUmGjoD1Off-GjKFw.roa (raw, json)
Hash identifier: 2DPeg8zbL2FDDAnVGj2PW0CNXoKQAIttkAdn/qm8+lU=
Subject key identifier: 47:70:EB:1F:22:2F:01:D1:54:98:68:E8:0F:53:9F:7F:E1:A3:28:5C
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 019CF6F83EB9E38BB4D0F1D2152A6F2F6478
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/R3DrHyIvAdFUmGjoD1Off-GjKFw.roa
Signing time: Mon 16 Mar 2026 14:06:29 +0000
ROA not before: Mon 16 Mar 2026 14:06:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 42216
IP address blocks: 31.210.47.0/24 maxlen: 24
77.92.131.0/24 maxlen: 24
77.92.142.0/24 maxlen: 24
77.92.152.0/24 maxlen: 24
77.92.153.0/24 maxlen: 24
78.135.67.0/24 maxlen: 24
78.135.70.0/24 maxlen: 24
78.135.74.0/24 maxlen: 24
78.135.86.0/24 maxlen: 24
78.135.89.0/24 maxlen: 24
78.135.97.0/24 maxlen: 24
78.135.98.0/24 maxlen: 24
78.135.106.0/24 maxlen: 24
78.135.107.0/24 maxlen: 24
185.17.136.0/24 maxlen: 24
188.132.159.0/24 maxlen: 24
188.132.193.0/24 maxlen: 24
188.132.214.0/24 maxlen: 24
188.132.228.0/24 maxlen: 24
2a10:9440::/48 maxlen: 48
2a10:9440:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.mft
rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 16:32:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:f6:f8:3e:b9:e3:8b:b4:d0:f1:d2:15:2a:6f:2f:64:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Mar 16 14:06:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4770eb1f222f01d1549868e80f539f7fe1a3285c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:dc:92:60:0e:e9:29:3f:87:dd:ac:f5:a2:20:
73:4a:27:64:e9:a9:7f:ec:c3:50:49:86:e8:b3:8a:
9d:aa:0e:ca:15:fd:12:49:a0:57:7d:2f:05:14:b9:
af:66:23:f2:f9:e3:e5:57:4d:e3:0a:8d:18:9a:8e:
8c:00:7b:67:61:93:4b:ea:21:d9:c6:ff:e3:de:e0:
26:e5:fb:fd:53:82:40:79:49:57:23:2d:d2:94:93:
34:92:82:6b:dd:83:cb:89:f9:03:bc:00:48:88:b8:
4a:7d:30:d1:51:9a:0a:95:1a:ec:7f:c3:d2:94:7f:
ee:09:7b:f7:b2:77:c7:ea:0b:21:b0:6e:72:40:6b:
ca:d7:e7:21:e7:a7:03:ac:bc:ea:ec:0b:39:bd:0e:
e9:b5:ff:dd:fd:0b:6c:db:3d:46:5f:0e:da:99:b3:
2e:8e:74:59:75:e0:2a:6e:2c:2d:2e:07:a3:81:ec:
a9:a0:de:a7:cb:f7:30:c6:d9:82:ee:d5:34:b7:59:
b6:72:a9:26:7e:6e:df:7e:9f:87:0e:6d:ea:a9:1c:
b8:b7:ac:af:39:12:98:cb:54:6d:e8:d8:7f:cc:7b:
46:f0:54:9c:b2:63:a5:6d:9d:d9:b9:11:d2:cf:ef:
e8:6e:b5:3e:7c:1e:01:7d:aa:ce:11:0d:a2:d0:2b:
84:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:70:EB:1F:22:2F:01:D1:54:98:68:E8:0F:53:9F:7F:E1:A3:28:5C
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/R3DrHyIvAdFUmGjoD1Off-GjKFw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.47.0/24
77.92.131.0/24
77.92.142.0/24
77.92.152.0/23
78.135.67.0/24
78.135.70.0/24
78.135.74.0/24
78.135.86.0/24
78.135.89.0/24
78.135.97.0-78.135.98.255
78.135.106.0/23
185.17.136.0/24
188.132.159.0/24
188.132.193.0/24
188.132.214.0/24
188.132.228.0/24
IPv6:
2a10:9440::/47
Signature Algorithm: sha256WithRSAEncryption
3d:39:93:8d:7e:25:58:78:33:83:8d:c8:b6:b3:54:3a:22:1a:
bf:9f:6a:b1:bd:ef:a0:7c:7a:94:8a:41:cd:ab:bc:48:7c:c9:
b5:2a:af:ed:18:84:a2:91:bb:37:ec:c7:22:ad:24:72:54:44:
0e:4e:82:fb:53:c2:dd:24:0a:9e:73:d2:be:c1:f6:b6:83:ea:
0a:91:4c:7e:73:46:ae:b3:79:45:d7:68:3d:52:c4:70:88:16:
c6:56:f9:03:b3:62:a7:f9:c6:35:d8:f6:91:b4:3a:2d:82:e0:
a2:81:31:26:10:c5:de:ec:6e:73:70:6a:a1:1a:09:e2:05:db:
3d:b3:ed:ec:04:67:4a:39:78:46:f2:d6:3e:f4:fc:bd:0b:34:
88:b5:69:5e:3b:db:21:37:04:6d:3e:41:65:71:ae:bf:2e:48:
ba:9d:44:00:ef:4d:19:62:48:4c:19:4a:0d:c6:2b:79:ec:92:
16:b7:12:20:b0:7c:d2:f1:0e:e3:16:a3:36:7f:27:e4:f0:02:
fd:1e:0e:96:2a:16:ea:39:8e:c7:6d:f4:03:62:20:4d:96:d7:
e9:5b:cd:39:df:d4:2f:29:ae:a2:6c:a2:08:42:f8:15:82:be:
4b:85:73:75:53:75:ab:7a:f4:2e:a2:9e:94:e9:f6:2a:bd:e9:
87:4e:1d:33
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZz2+D6544u00PHSFSpvL2R4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjYwMzE2MTQwNjI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzcwZWIxZjIyMmYwMWQxNTQ5ODY4ZTgwZjUzOWY3ZmUxYTMyODVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA49ySYA7pKT+H3az1oiBzSidk6al/
7MNQSYbos4qdqg7KFf0SSaBXfS8FFLmvZiPy+ePlV03jCo0Ymo6MAHtnYZNL6iHZ
xv/j3uAm5fv9U4JAeUlXIy3SlJM0koJr3YPLifkDvABIiLhKfTDRUZoKlRrsf8PS
lH/uCXv3snfH6gshsG5yQGvK1+ch56cDrLzq7As5vQ7ptf/d/Qts2z1GXw7ambMu
jnRZdeAqbiwtLgejgeypoN6ny/cwxtmC7tU0t1m2cqkmfm7ffp+HDm3qqRy4t6yv
ORKYy1Rt6Nh/zHtG8FScsmOlbZ3ZuRHSz+/obrU+fB4BfarOEQ2i0CuEiwIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFEdw6x8iLwHRVJho6A9Tn3/hoyhcMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvUjNEckh5SXZBZEZVbUdqb0QxT2ZmLUdqS0Z3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGUBggrBgEFBQcBBwEB/wSBhDCBgTBuBAIAATBoAwQAH9Iv
AwQATVyDAwQATVyOAwQBTVyYAwQATodDAwQATodGAwQATodKAwQATodWAwQATodZ
MAwDBABOh2EDBABOh2IDBAFOh2oDBAC5EYgDBAC8hJ8DBAC8hMEDBAC8hNYDBAC8
hOQwDwQCAAIwCQMHASoQlEAAADANBgkqhkiG9w0BAQsFAAOCAQEAPTmTjX4lWHgz
g43ItrNUOiIav59qsb3voHx6lIpBzau8SHzJtSqv7RiEopG7N+zHIq0kclREDk6C
+1PC3SQKnnPSvsH2toPqCpFMfnNGrrN5RddoPVLEcIgWxlb5A7Nip/nGNdj2kbQ6
LYLgooExJhDF3uxuc3BqoRoJ4gXbPbPt7ARnSjl4RvLWPvT8vQs0iLVpXjvbITcE
bT5BZXGuvy5Iup1EAO9NGWJITBlKDcYreeySFrcSILB80vEO4xajNn8n5PAC/R4O
lioW6jmOx230A2IgTZbX6VvNOd/ULymuomyiCEL4FYK+S4VzdVN1q3r0LqKelOn2
Kr3ph04dMw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 23:14:18 2026 by rpki-client