Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/d76bf8-541f-4efc-98c5-c4dcc7f6b7df/1/2TL295pao3YMdtnobncPp3EpHII.roa
File: 2TL295pao3YMdtnobncPp3EpHII.roa (raw, json)
Hash identifier: J7HDID3+d0OAsI7njMTZSJmV5Ee2plYRsykCAnvwFEs=
Subject key identifier: D9:32:F6:F7:9A:5A:A3:76:0C:76:D9:E8:6E:77:0F:A7:71:29:1C:82
Certificate issuer: /CN=bfe3971a32c0692c4e342e911790662470cf31b2
Certificate serial: 019DC3BF4A70BAAE7BA3654AF6E9600067C8
Authority key identifier: BF:E3:97:1A:32:C0:69:2C:4E:34:2E:91:17:90:66:24:70:CF:31:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v-OXGjLAaSxONC6RF5BmJHDPMbI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/d76bf8-541f-4efc-98c5-c4dcc7f6b7df/1/2TL295pao3YMdtnobncPp3EpHII.roa
Signing time: Sat 25 Apr 2026 08:26:26 +0000
ROA not before: Sat 25 Apr 2026 08:26:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 201814
IP address blocks: 5.181.188.0/22 maxlen: 22
91.223.3.0/24 maxlen: 24
91.226.198.0/23 maxlen: 23
91.226.198.0/24 maxlen: 24
91.226.199.0/24 maxlen: 24
95.214.52.0/22 maxlen: 23
95.214.52.0/23 maxlen: 23
95.214.54.0/23 maxlen: 23
146.19.24.0/24 maxlen: 24
178.211.139.0/24 maxlen: 24
185.16.36.0/22 maxlen: 24
185.16.36.0/23 maxlen: 23
185.16.38.0/23 maxlen: 23
185.225.191.0/24 maxlen: 24
185.248.24.0/24 maxlen: 24
193.34.212.0/22 maxlen: 22
193.34.212.0/23 maxlen: 23
193.34.214.0/23 maxlen: 23
193.34.215.0/24 maxlen: 24
195.3.220.0/22 maxlen: 22
195.3.220.0/23 maxlen: 23
195.3.222.0/23 maxlen: 23
195.3.222.0/24 maxlen: 24
212.23.222.0/24 maxlen: 24
2a03:cfc0::/32 maxlen: 32
2a03:cfc0::/33 maxlen: 33
2a03:cfc0:8000::/33 maxlen: 33
2a03:cfc0:8000::/34 maxlen: 34
2a09:d580::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/91/d76bf8-541f-4efc-98c5-c4dcc7f6b7df/1/v-OXGjLAaSxONC6RF5BmJHDPMbI.crl
rsync://rpki.ripe.net/repository/DEFAULT/91/d76bf8-541f-4efc-98c5-c4dcc7f6b7df/1/v-OXGjLAaSxONC6RF5BmJHDPMbI.mft
rsync://rpki.ripe.net/repository/DEFAULT/v-OXGjLAaSxONC6RF5BmJHDPMbI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 20:10:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:c3:bf:4a:70:ba:ae:7b:a3:65:4a:f6:e9:60:00:67:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfe3971a32c0692c4e342e911790662470cf31b2
Validity
Not Before: Apr 25 08:26:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d932f6f79a5aa3760c76d9e86e770fa771291c82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:05:06:12:4b:bf:a6:af:15:9a:06:34:f2:dc:
7c:6f:7c:db:a4:ba:4f:27:95:2f:e0:bc:f5:3f:4e:
5c:07:b5:15:ed:d7:70:76:a8:b5:c9:86:f4:1f:ba:
70:72:2e:ce:7a:12:b4:92:b3:08:ea:8c:e3:fe:e4:
96:99:26:e2:a8:a9:92:3d:0e:8b:56:d2:2a:47:25:
47:a7:65:7a:9d:42:02:e0:68:04:ec:06:d7:43:2e:
b4:e6:a8:e5:1d:d1:0c:68:49:a3:02:c8:2f:b9:84:
36:c5:d3:6f:e0:09:2a:7b:5e:f7:56:42:fe:38:bc:
8a:a7:e5:07:f6:27:c0:42:e6:3e:e6:10:ae:43:0b:
85:3a:32:8c:65:e3:43:1f:90:02:b9:8c:98:82:9c:
87:19:c1:80:df:00:a5:8f:cb:69:5e:e5:33:61:22:
60:90:7f:fb:43:d7:9a:3b:0e:02:33:be:60:b7:77:
03:f1:9a:50:c3:40:8b:f7:45:ae:64:f1:57:5a:ea:
a6:88:ef:da:06:dc:24:fe:6c:f2:1b:7b:b0:20:ad:
29:9c:f4:af:54:06:c4:67:49:50:6e:09:fe:c2:a2:
8c:87:55:ed:bb:c7:ad:8a:2f:0a:10:5a:36:60:57:
a0:19:86:b2:71:e1:45:75:0e:8b:bf:4f:5b:b5:a5:
a7:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:32:F6:F7:9A:5A:A3:76:0C:76:D9:E8:6E:77:0F:A7:71:29:1C:82
X509v3 Authority Key Identifier:
keyid:BF:E3:97:1A:32:C0:69:2C:4E:34:2E:91:17:90:66:24:70:CF:31:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v-OXGjLAaSxONC6RF5BmJHDPMbI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/d76bf8-541f-4efc-98c5-c4dcc7f6b7df/1/2TL295pao3YMdtnobncPp3EpHII.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/d76bf8-541f-4efc-98c5-c4dcc7f6b7df/1/v-OXGjLAaSxONC6RF5BmJHDPMbI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.188.0/22
91.223.3.0/24
91.226.198.0/23
95.214.52.0/22
146.19.24.0/24
178.211.139.0/24
185.16.36.0/22
185.225.191.0/24
185.248.24.0/24
193.34.212.0/22
195.3.220.0/22
212.23.222.0/24
IPv6:
2a03:cfc0::/32
2a09:d580::/29
Signature Algorithm: sha256WithRSAEncryption
42:d1:1d:e5:3c:d9:e6:ff:b8:14:62:25:ca:42:eb:f4:d3:ee:
76:4f:f9:36:45:4a:e2:9a:f1:c5:1a:cc:89:c4:06:ed:5d:b2:
2d:fe:02:d8:07:54:58:54:4c:70:e0:dc:a3:41:f5:5e:09:bd:
8b:88:cb:c6:88:b4:da:ad:93:28:45:f1:cc:2c:81:d6:de:9f:
4c:24:c5:b5:d8:32:4c:ac:b8:52:91:d0:4e:e4:c3:8f:b9:5f:
24:34:33:ae:fc:5e:04:c7:61:ce:09:a7:36:1b:b3:d3:5d:0e:
e2:c3:c0:5a:5b:68:c3:0d:9b:8a:71:f7:a6:0f:3b:83:28:21:
9c:c4:8c:a1:c1:ba:59:bc:16:c4:bc:ca:a3:59:c4:47:07:07:
0e:84:eb:09:2b:da:74:5d:fd:28:bc:29:e8:d7:6e:1d:4c:ef:
59:96:20:ca:07:7a:48:37:37:ae:cd:12:1d:c6:dc:9d:18:39:
70:b4:66:65:83:0b:94:28:f7:21:ea:5e:6b:65:80:81:1f:81:
ef:f0:64:79:6d:ea:49:1c:e3:e4:46:9c:c5:a9:c7:8e:07:e1:
c0:68:95:3d:b9:df:7d:e7:04:a3:ca:bd:6f:95:72:ba:5d:75:
ef:e7:a5:32:2f:97:7b:1b:c5:8d:10:ec:26:29:db:f9:18:45:
21:db:2a:6e
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAZ3Dv0pwuq57o2VK9ulgAGfIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmZTM5NzFhMzJjMDY5MmM0ZTM0MmU5MTE3OTA2NjI0NzBj
ZjMxYjIwHhcNMjYwNDI1MDgyNjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTMyZjZmNzlhNWFhMzc2MGM3NmQ5ZTg2ZTc3MGZhNzcxMjkxYzgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsAUGEku/pq8VmgY08tx8b3zbpLpP
J5Uv4Lz1P05cB7UV7ddwdqi1yYb0H7pwci7OehK0krMI6ozj/uSWmSbiqKmSPQ6L
VtIqRyVHp2V6nUIC4GgE7AbXQy605qjlHdEMaEmjAsgvuYQ2xdNv4Akqe173VkL+
OLyKp+UH9ifAQuY+5hCuQwuFOjKMZeNDH5ACuYyYgpyHGcGA3wClj8tpXuUzYSJg
kH/7Q9eaOw4CM75gt3cD8ZpQw0CL90WuZPFXWuqmiO/aBtwk/mzyG3uwIK0pnPSv
VAbEZ0lQbgn+wqKMh1Xtu8etii8KEFo2YFegGYayceFFdQ6Lv09btaWnvwIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFNky9veaWqN2DHbZ6G53D6dxKRyCMB8GA1UdIwQY
MBaAFL/jlxoywGksTjQukReQZiRwzzGyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdi1PWEdqTEFhU3hPTkM2UkY1Qm1KSERQTWJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9kNzZiZjgtNTQxZi00ZWZjLTk4YzUt
YzRkY2M3ZjZiN2RmLzEvMlRMMjk1cGFvM1lNZHRub2JuY1BwM0VwSElJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9kNzZiZjgtNTQxZi00ZWZjLTk4YzUtYzRkY2M3ZjZiN2Rm
LzEvdi1PWEdqTEFhU3hPTkM2UkY1Qm1KSERQTWJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBOBAIAATBIAwQCBbW8AwQA
W98DAwQBW+LGAwQCX9Y0AwQAkhMYAwQAstOLAwQCuRAkAwQAueG/AwQAufgYAwQC
wSLUAwQCwwPcAwQA1BfeMBQEAgACMA4DBQAqA8/AAwUDKgnVgDANBgkqhkiG9w0B
AQsFAAOCAQEAQtEd5TzZ5v+4FGIlykLr9NPudk/5NkVK4prxxRrMicQG7V2yLf4C
2AdUWFRMcODco0H1Xgm9i4jLxoi02q2TKEXxzCyB1t6fTCTFtdgyTKy4UpHQTuTD
j7lfJDQzrvxeBMdhzgmnNhuz010O4sPAWltoww2binH3pg87gyghnMSMocG6WbwW
xLzKo1nERwcHDoTrCSvadF39KLwp6NduHUzvWZYgygd6SDc3rs0SHcbcnRg5cLRm
ZYMLlCj3Iepea2WAgR+B7/BkeW3qSRzj5EacxanHjgfhwGiVPbnffecEo8q9b5Vy
ul117+elMi+XexvFjRDsJinb+RhFIdsqbg==
-----END CERTIFICATE-----
Generated at Wed May 13 02:38:34 2026 by rpki-client