Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/597232-f846-4fd7-bcc2-6afef5d0daa6/1/TgSGiVpEk6VcVoLx1zlEJGOCAMI.roa
File: TgSGiVpEk6VcVoLx1zlEJGOCAMI.roa (raw, json)
Hash identifier: QQzCSEznQp8ZFwcwq9xyZGdqpLg4dA0oXWhf8hriZug=
Subject key identifier: 4E:04:86:89:5A:44:93:A5:5C:56:82:F1:D7:39:44:24:63:82:00:C2
Certificate issuer: /CN=1003cd25315330350d73f2a3579aa95e052b718d
Certificate serial: 019CF0C1F795502AE459550D7D08DE826E9F
Authority key identifier: 10:03:CD:25:31:53:30:35:0D:73:F2:A3:57:9A:A9:5E:05:2B:71:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EAPNJTFTMDUNc_KjV5qpXgUrcY0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/597232-f846-4fd7-bcc2-6afef5d0daa6/1/TgSGiVpEk6VcVoLx1zlEJGOCAMI.roa
Signing time: Sun 15 Mar 2026 09:09:29 +0000
ROA not before: Sun 15 Mar 2026 09:09:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 16116
IP address blocks: 37.25.32.0/24 maxlen: 24
37.25.33.0/24 maxlen: 24
37.25.34.0/24 maxlen: 24
37.25.35.0/24 maxlen: 24
37.25.36.0/24 maxlen: 24
37.25.37.0/24 maxlen: 24
37.25.38.0/24 maxlen: 24
37.25.39.0/24 maxlen: 24
46.19.80.0/21 maxlen: 24
46.19.83.0/24 maxlen: 24
46.19.84.0/24 maxlen: 24
62.112.0.0/22 maxlen: 24
84.111.136.0/21 maxlen: 21
84.111.208.0/23 maxlen: 23
84.111.210.0/23 maxlen: 23
85.159.160.0/21 maxlen: 24
85.159.161.0/24 maxlen: 24
85.159.162.0/24 maxlen: 24
85.159.163.0/24 maxlen: 24
85.159.164.0/24 maxlen: 24
85.159.165.0/24 maxlen: 24
85.159.166.0/24 maxlen: 24
85.159.167.0/24 maxlen: 24
89.37.236.0/22 maxlen: 24
89.40.66.0/24 maxlen: 24
89.41.188.0/24 maxlen: 24
89.43.48.0/24 maxlen: 24
91.135.96.0/20 maxlen: 24
93.113.31.0/24 maxlen: 24
130.185.96.0/21 maxlen: 24
141.226.88.0/21 maxlen: 24
141.226.90.0/24 maxlen: 24
147.189.144.0/22 maxlen: 24
147.189.148.0/23 maxlen: 24
185.80.108.0/22 maxlen: 24
185.183.188.0/22 maxlen: 22
185.196.126.0/23 maxlen: 24
185.246.252.0/23 maxlen: 24
185.246.254.0/24 maxlen: 24
185.246.255.0/24 maxlen: 24
188.64.200.0/21 maxlen: 24
188.64.200.0/24 maxlen: 24
188.64.201.0/24 maxlen: 24
188.64.202.0/24 maxlen: 24
188.64.203.0/24 maxlen: 24
188.64.204.0/24 maxlen: 24
188.64.205.0/24 maxlen: 24
193.41.202.0/24 maxlen: 24
193.41.208.0/23 maxlen: 24
193.41.209.0/24 maxlen: 24
195.133.152.0/21 maxlen: 24
212.90.108.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/597232-f846-4fd7-bcc2-6afef5d0daa6/1/EAPNJTFTMDUNc_KjV5qpXgUrcY0.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/597232-f846-4fd7-bcc2-6afef5d0daa6/1/EAPNJTFTMDUNc_KjV5qpXgUrcY0.mft
rsync://rpki.ripe.net/repository/DEFAULT/EAPNJTFTMDUNc_KjV5qpXgUrcY0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 21:01:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:f0:c1:f7:95:50:2a:e4:59:55:0d:7d:08:de:82:6e:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1003cd25315330350d73f2a3579aa95e052b718d
Validity
Not Before: Mar 15 09:09:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4e0486895a4493a55c5682f1d7394424638200c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:ab:50:8e:be:3f:af:86:ed:ca:5c:fb:79:d6:
95:23:e3:d5:7b:48:52:3a:f4:b8:5c:0a:51:20:0f:
34:22:7d:60:da:73:f1:4d:1c:9a:e7:b2:b1:a9:eb:
bb:d5:73:42:34:52:93:82:62:13:ef:15:61:e2:34:
7f:7f:6f:94:31:ce:c9:6a:76:d1:a6:42:5a:65:68:
77:13:e6:0c:8e:04:13:21:98:58:85:dd:17:9b:6c:
f2:da:18:6f:c2:72:aa:b3:d9:83:da:c5:34:54:98:
1a:a8:34:98:e8:de:2a:7b:48:b1:aa:e0:eb:92:db:
50:a0:cb:7c:c4:7d:f8:bd:ae:8d:b1:5c:0d:d6:14:
4a:66:d2:64:d5:ec:f6:c2:34:f7:49:41:08:14:8f:
cd:3f:0e:88:41:34:33:8a:48:0a:98:1a:7d:04:49:
fb:78:4b:59:b9:a9:6d:7a:57:3c:d5:78:9e:47:ee:
af:d0:71:c5:4d:30:56:a0:63:e5:88:2a:da:02:c3:
1e:2b:f9:c8:67:5f:15:84:23:43:a7:89:fe:b3:e4:
59:28:e2:b0:39:15:68:c8:b3:ef:73:f1:99:5d:89:
51:a1:a0:c0:64:f0:d4:93:8c:7c:26:35:8c:5a:2f:
88:80:48:2d:b9:f1:8f:16:98:46:17:46:3d:c2:4b:
0a:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:04:86:89:5A:44:93:A5:5C:56:82:F1:D7:39:44:24:63:82:00:C2
X509v3 Authority Key Identifier:
keyid:10:03:CD:25:31:53:30:35:0D:73:F2:A3:57:9A:A9:5E:05:2B:71:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EAPNJTFTMDUNc_KjV5qpXgUrcY0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/597232-f846-4fd7-bcc2-6afef5d0daa6/1/TgSGiVpEk6VcVoLx1zlEJGOCAMI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/597232-f846-4fd7-bcc2-6afef5d0daa6/1/EAPNJTFTMDUNc_KjV5qpXgUrcY0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.25.32.0/21
46.19.80.0/21
62.112.0.0/22
84.111.136.0/21
84.111.208.0/22
85.159.160.0/21
89.37.236.0/22
89.40.66.0/24
89.41.188.0/24
89.43.48.0/24
91.135.96.0/20
93.113.31.0/24
130.185.96.0/21
141.226.88.0/21
147.189.144.0-147.189.149.255
185.80.108.0/22
185.183.188.0/22
185.196.126.0/23
185.246.252.0/22
188.64.200.0/21
193.41.202.0/24
193.41.208.0/23
195.133.152.0/21
212.90.108.0/22
Signature Algorithm: sha256WithRSAEncryption
a4:d3:ea:17:10:f6:cf:7c:72:c9:3b:ad:5d:32:93:7e:fc:0c:
fb:bf:fc:3d:24:b2:be:36:03:10:a2:47:70:24:38:1d:4e:09:
79:57:7d:d8:75:f3:44:88:76:8f:96:d4:07:ea:8b:eb:38:80:
8f:12:55:16:85:f5:ef:a9:c5:12:0f:cc:15:49:54:39:00:c8:
1c:6d:bf:71:46:94:f9:99:a1:0e:3b:8b:5c:03:ec:60:00:b8:
70:4c:6a:8a:0b:ab:f1:e3:e9:b3:ee:31:9d:a3:26:0b:6d:96:
27:b7:4a:fa:49:b2:5c:2f:b1:e1:8d:5e:7f:34:b7:c1:99:7f:
2e:0d:79:3e:e0:ce:5f:af:80:e2:e7:56:3d:b7:fd:f5:a0:7a:
b7:a3:2f:19:4c:75:eb:ac:cf:84:54:d2:80:14:eb:27:d8:52:
db:17:53:58:0d:66:05:42:5f:13:08:61:e2:1a:d7:2b:73:14:
54:ee:06:e6:ea:4b:50:52:53:85:b6:89:75:b9:21:80:6c:73:
0a:90:62:6f:7b:a4:28:c0:6e:63:0c:5b:a7:ab:cf:e0:6c:32:
24:15:80:e1:25:18:4a:c3:1d:d6:c2:22:49:19:dc:48:11:7a:
27:ea:3e:22:5b:2b:e3:ed:b9:2e:34:58:d7:44:e6:99:22:12:
6f:da:b7:e3
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAZzwwfeVUCrkWVUNfQjegm6fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwMDNjZDI1MzE1MzMwMzUwZDczZjJhMzU3OWFhOTVlMDUy
YjcxOGQwHhcNMjYwMzE1MDkwOTI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTA0ODY4OTVhNDQ5M2E1NWM1NjgyZjFkNzM5NDQyNDYzODIwMGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8atQjr4/r4btylz7edaVI+PVe0hS
OvS4XApRIA80In1g2nPxTRya57Kxqeu71XNCNFKTgmIT7xVh4jR/f2+UMc7JanbR
pkJaZWh3E+YMjgQTIZhYhd0Xm2zy2hhvwnKqs9mD2sU0VJgaqDSY6N4qe0ixquDr
kttQoMt8xH34va6NsVwN1hRKZtJk1ez2wjT3SUEIFI/NPw6IQTQzikgKmBp9BEn7
eEtZualtelc81XieR+6v0HHFTTBWoGPliCraAsMeK/nIZ18VhCNDp4n+s+RZKOKw
ORVoyLPvc/GZXYlRoaDAZPDUk4x8JjWMWi+IgEgtufGPFphGF0Y9wksKvwIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFE4EholaRJOlXFaC8dc5RCRjggDCMB8GA1UdIwQY
MBaAFBADzSUxUzA1DXPyo1eaqV4FK3GNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUFQTkpURlRNRFVOY19LalY1cXBYZ1VyY1kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC81OTcyMzItZjg0Ni00ZmQ3LWJjYzIt
NmFmZWY1ZDBkYWE2LzEvVGdTR2lWcEVrNlZjVm9MeDF6bEVKR09DQU1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC81OTcyMzItZjg0Ni00ZmQ3LWJjYzItNmFmZWY1ZDBkYWE2
LzEvRUFQTkpURlRNRFVOY19LalY1cXBYZ1VyY1kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG1BggrBgEFBQcBBwEB/wSBpTCBojCBnwQCAAEwgZgDBAMl
GSADBAMuE1ADBAI+cAADBANUb4gDBAJUb9ADBANVn6ADBAJZJewDBABZKEIDBABZ
KbwDBABZKzADBARbh2ADBABdcR8DBAOCuWADBAON4lgwDAMEBJO9kAMEAZO9lAME
ArlQbAMEArm3vAMEAbnEfgMEArn2/AMEA7xAyAMEAMEpygMEAcEp0AMEA8OFmAME
AtRabDANBgkqhkiG9w0BAQsFAAOCAQEApNPqFxD2z3xyyTutXTKTfvwM+7/8PSSy
vjYDEKJHcCQ4HU4JeVd92HXzRIh2j5bUB+qL6ziAjxJVFoX176nFEg/MFUlUOQDI
HG2/cUaU+ZmhDjuLXAPsYAC4cExqigur8ePps+4xnaMmC22WJ7dK+kmyXC+x4Y1e
fzS3wZl/Lg15PuDOX6+A4udWPbf99aB6t6MvGUx166zPhFTSgBTrJ9hS2xdTWA1m
BUJfEwhh4hrXK3MUVO4G5upLUFJThbaJdbkhgGxzCpBib3ukKMBuYwxbp6vP4Gwy
JBWA4SUYSsMd1sIiSRncSBF6J+o+Ilsr4+25LjRY10TmmSISb9q34w==
-----END CERTIFICATE-----
Generated at Thu Mar 26 06:01:39 2026 by rpki-client