Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/4d7f40-49ec-4ce2-882e-5ac7f066230b/1/UrYoy3xAoPbBDUP-hxJhn-v4ev8.roa
File: UrYoy3xAoPbBDUP-hxJhn-v4ev8.roa (raw, json)
Hash identifier: 9gzjD+cOFgRlhkZhLcnl1R8j5GlcVtSh9vo+r4J47d4=
Subject key identifier: 52:B6:28:CB:7C:40:A0:F6:C1:0D:43:FE:87:12:61:9F:EB:F8:7A:FF
Certificate issuer: /CN=7bd5997ed075c2298b461225e1060f577b1d7d4d
Certificate serial: 019E0668E0B6DB551754464BC82CB6BE27CB
Authority key identifier: 7B:D5:99:7E:D0:75:C2:29:8B:46:12:25:E1:06:0F:57:7B:1D:7D:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e9WZftB1wimLRhIl4QYPV3sdfU0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/4d7f40-49ec-4ce2-882e-5ac7f066230b/1/UrYoy3xAoPbBDUP-hxJhn-v4ev8.roa
Signing time: Fri 08 May 2026 07:06:36 +0000
ROA not before: Fri 08 May 2026 07:06:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 41344
IP address blocks: 31.185.8.0/22 maxlen: 22
31.185.8.0/24 maxlen: 24
31.185.9.0/24 maxlen: 24
31.185.10.0/24 maxlen: 24
31.185.11.0/24 maxlen: 24
31.185.12.0/24 maxlen: 24
31.185.13.0/24 maxlen: 24
31.185.14.0/24 maxlen: 24
31.185.15.0/24 maxlen: 24
89.249.224.0/21 maxlen: 21
89.249.224.0/22 maxlen: 22
89.249.226.0/24 maxlen: 24
89.249.228.0/22 maxlen: 22
89.249.228.0/23 maxlen: 23
89.249.230.0/23 maxlen: 23
89.249.231.0/24 maxlen: 24
89.249.232.0/22 maxlen: 22
89.249.232.0/24 maxlen: 24
89.249.233.0/24 maxlen: 24
89.249.235.0/24 maxlen: 24
89.249.236.0/23 maxlen: 23
89.249.236.0/24 maxlen: 24
89.249.237.0/24 maxlen: 24
89.249.238.0/24 maxlen: 24
185.124.176.0/22 maxlen: 22
185.124.176.0/23 maxlen: 23
185.124.177.0/24 maxlen: 24
185.124.178.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/4d7f40-49ec-4ce2-882e-5ac7f066230b/1/e9WZftB1wimLRhIl4QYPV3sdfU0.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/4d7f40-49ec-4ce2-882e-5ac7f066230b/1/e9WZftB1wimLRhIl4QYPV3sdfU0.mft
rsync://rpki.ripe.net/repository/DEFAULT/e9WZftB1wimLRhIl4QYPV3sdfU0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:06:68:e0:b6:db:55:17:54:46:4b:c8:2c:b6:be:27:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7bd5997ed075c2298b461225e1060f577b1d7d4d
Validity
Not Before: May 8 07:06:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=52b628cb7c40a0f6c10d43fe8712619febf87aff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:97:17:55:0b:92:3e:4c:34:bf:86:bb:81:73:
8c:e1:a6:d6:86:da:09:ff:f3:c1:f3:15:f0:4b:87:
ca:76:e4:07:6f:13:6e:96:93:12:74:e4:22:47:7c:
c0:9d:0a:13:cd:62:b4:32:76:50:88:1b:31:d7:45:
5e:04:de:42:a3:c3:b7:44:0e:b3:68:45:7b:01:14:
06:f9:84:ad:8d:cd:05:9a:5c:e5:dd:4e:dd:0e:2a:
30:4c:dc:a3:36:80:24:f4:34:1c:5c:62:6d:eb:91:
fb:a3:7b:21:d7:8c:a3:70:56:0f:f4:4b:eb:31:c4:
ad:0b:ff:8c:36:f4:ff:7f:8b:da:f2:57:18:cf:37:
00:16:20:c9:fb:01:2a:1f:77:ea:85:a9:d1:cc:fa:
05:bb:a6:ac:d8:22:ac:08:3e:c6:ec:0e:bc:50:0d:
46:6e:7b:97:10:6f:3a:a3:f1:0f:6f:16:a2:38:7f:
3e:b1:a8:4f:c4:85:30:7c:a4:87:78:7f:50:ff:bf:
49:00:ff:e6:48:cc:12:b2:22:b3:3f:7a:43:d0:32:
8b:ca:c9:c2:5b:7a:a1:01:39:63:52:5b:32:e9:96:
6e:01:11:6b:ff:17:cb:f9:de:b5:58:e3:b6:4f:ec:
7f:55:30:69:68:17:90:d9:db:d7:41:4f:31:08:b5:
58:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:B6:28:CB:7C:40:A0:F6:C1:0D:43:FE:87:12:61:9F:EB:F8:7A:FF
X509v3 Authority Key Identifier:
keyid:7B:D5:99:7E:D0:75:C2:29:8B:46:12:25:E1:06:0F:57:7B:1D:7D:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9WZftB1wimLRhIl4QYPV3sdfU0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/4d7f40-49ec-4ce2-882e-5ac7f066230b/1/UrYoy3xAoPbBDUP-hxJhn-v4ev8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/4d7f40-49ec-4ce2-882e-5ac7f066230b/1/e9WZftB1wimLRhIl4QYPV3sdfU0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.185.8.0/21
89.249.224.0-89.249.238.255
185.124.176.0/22
Signature Algorithm: sha256WithRSAEncryption
4f:0f:0f:74:95:13:51:2a:1d:44:9b:ed:bb:fe:ec:10:ca:14:
3d:b9:f1:e6:a7:75:b9:63:75:1b:54:4f:0d:66:fb:3c:2b:49:
0c:e0:01:14:af:62:37:38:23:85:65:6d:5b:53:66:b7:01:0e:
7d:8e:f0:19:1b:7a:f0:f6:9e:d5:d0:db:07:19:11:18:cc:26:
ab:e4:55:a9:9f:e3:de:04:33:45:4d:3e:09:f9:7b:62:7e:5a:
9d:46:eb:38:9d:5d:03:41:28:97:3e:b4:e3:07:08:89:3c:6b:
bf:5f:be:e3:6c:66:7e:f7:e6:1d:43:cd:66:c6:87:5f:6a:fb:
85:bb:7a:dd:1c:ea:a0:ae:c9:fd:62:f9:a7:da:24:99:0c:22:
a8:e2:f9:8e:e6:f5:5d:18:71:6e:7e:77:79:71:a9:ea:e6:70:
fa:a8:bc:28:9d:03:53:e1:1d:9d:65:b3:06:1a:3f:9a:22:a3:
e6:94:11:b4:a7:17:cd:7c:70:56:f4:6d:86:58:f5:67:ec:ca:
99:6b:36:49:21:0e:d1:6d:5c:19:46:c0:54:2a:52:56:72:5e:
8e:fa:5f:e7:8d:46:e6:05:f9:cf:a0:95:66:1f:2c:69:ec:7c:
2c:d8:6a:d7:59:29:83:0a:3c:6f:86:97:0e:ff:54:31:d7:87:
1d:73:a7:d9
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZ4GaOC221UXVEZLyCy2vifLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiZDU5OTdlZDA3NWMyMjk4YjQ2MTIyNWUxMDYwZjU3N2Ix
ZDdkNGQwHhcNMjYwNTA4MDcwNjM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmI2MjhjYjdjNDBhMGY2YzEwZDQzZmU4NzEyNjE5ZmViZjg3YWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtpcXVQuSPkw0v4a7gXOM4abWhtoJ
//PB8xXwS4fKduQHbxNulpMSdOQiR3zAnQoTzWK0MnZQiBsx10VeBN5Co8O3RA6z
aEV7ARQG+YStjc0Fmlzl3U7dDiowTNyjNoAk9DQcXGJt65H7o3sh14yjcFYP9Evr
McStC/+MNvT/f4va8lcYzzcAFiDJ+wEqH3fqhanRzPoFu6as2CKsCD7G7A68UA1G
bnuXEG86o/EPbxaiOH8+sahPxIUwfKSHeH9Q/79JAP/mSMwSsiKzP3pD0DKLysnC
W3qhATljUlsy6ZZuARFr/xfL+d61WOO2T+x/VTBpaBeQ2dvXQU8xCLVYSwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFFK2KMt8QKD2wQ1D/ocSYZ/r+Hr/MB8GA1UdIwQY
MBaAFHvVmX7QdcIpi0YSJeEGD1d7HX1NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTlXWmZ0QjF3aW1MUmhJbDRRWVBWM3NkZlUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS80ZDdmNDAtNDllYy00Y2UyLTg4MmUt
NWFjN2YwNjYyMzBiLzEvVXJZb3kzeEFvUGJCRFVQLWh4SmhuLXY0ZXY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS80ZDdmNDAtNDllYy00Y2UyLTg4MmUtNWFjN2YwNjYyMzBi
LzEvZTlXWmZ0QjF3aW1MUmhJbDRRWVBWM3NkZlUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQDH7kIMAwD
BAVZ+eADBABZ+e4DBAK5fLAwDQYJKoZIhvcNAQELBQADggEBAE8PD3SVE1EqHUSb
7bv+7BDKFD258eandbljdRtUTw1m+zwrSQzgARSvYjc4I4VlbVtTZrcBDn2O8Bkb
evD2ntXQ2wcZERjMJqvkVamf494EM0VNPgn5e2J+Wp1G6zidXQNBKJc+tOMHCIk8
a79fvuNsZn735h1DzWbGh19q+4W7et0c6qCuyf1i+afaJJkMIqji+Y7m9V0YcW5+
d3lxqermcPqovCidA1PhHZ1lswYaP5oio+aUEbSnF818cFb0bYZY9WfsyplrNkkh
DtFtXBlGwFQqUlZyXo76X+eNRuYF+c+glWYfLGnsfCzYatdZKYMKPG+Glw7/VDHX
hx1zp9k=
-----END CERTIFICATE-----
Generated at Tue May 12 21:48:08 2026 by rpki-client