Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/68303f-e8b0-4fe0-96b6-a9657eb1f8d7/1/fMeNzPlM2n3ZQmyeAfkbn67m0Pg.roa
File: fMeNzPlM2n3ZQmyeAfkbn67m0Pg.roa (raw, json)
Hash identifier: RtgOjR2mPpgHq9CnqdpYs2+p2F0KpELsY40+hxzmt9M=
Subject key identifier: 7C:C7:8D:CC:F9:4C:DA:7D:D9:42:6C:9E:01:F9:1B:9F:AE:E6:D0:F8
Certificate issuer: /CN=f571bbf1d3d3c0efe36de110392be0c7ac447a84
Certificate serial: 019DE8240A09F769A646F89BC0659C687E28
Authority key identifier: F5:71:BB:F1:D3:D3:C0:EF:E3:6D:E1:10:39:2B:E0:C7:AC:44:7A:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9XG78dPTwO_jbeEQOSvgx6xEeoQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/68303f-e8b0-4fe0-96b6-a9657eb1f8d7/1/fMeNzPlM2n3ZQmyeAfkbn67m0Pg.roa
Signing time: Sat 02 May 2026 10:02:49 +0000
ROA not before: Sat 02 May 2026 10:02:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 197328
IP address blocks: 31.210.96.0/24 maxlen: 24
31.210.97.0/24 maxlen: 24
31.210.98.0/24 maxlen: 24
31.210.99.0/24 maxlen: 24
31.210.100.0/24 maxlen: 24
31.210.101.0/24 maxlen: 24
31.210.102.0/24 maxlen: 24
31.210.103.0/24 maxlen: 24
31.210.104.0/24 maxlen: 24
31.210.105.0/24 maxlen: 24
31.210.106.0/24 maxlen: 24
31.210.107.0/24 maxlen: 24
31.210.108.0/24 maxlen: 24
31.210.109.0/24 maxlen: 24
31.210.110.0/24 maxlen: 24
31.210.111.0/24 maxlen: 24
31.210.112.0/24 maxlen: 24
31.210.113.0/24 maxlen: 24
31.210.114.0/24 maxlen: 24
31.210.115.0/24 maxlen: 24
31.210.116.0/24 maxlen: 24
31.210.117.0/24 maxlen: 24
31.210.118.0/24 maxlen: 24
31.210.119.0/24 maxlen: 24
31.210.120.0/24 maxlen: 24
31.210.121.0/24 maxlen: 24
31.210.122.0/24 maxlen: 24
31.210.123.0/24 maxlen: 24
31.210.124.0/24 maxlen: 24
31.210.125.0/24 maxlen: 24
31.210.126.0/24 maxlen: 24
31.210.127.0/24 maxlen: 24
46.45.128.0/24 maxlen: 24
46.45.136.0/24 maxlen: 24
46.45.137.0/24 maxlen: 24
46.45.138.0/24 maxlen: 24
46.45.139.0/24 maxlen: 24
46.45.140.0/24 maxlen: 24
46.45.141.0/24 maxlen: 24
46.45.142.0/24 maxlen: 24
46.45.143.0/24 maxlen: 24
46.45.168.0/24 maxlen: 24
46.45.169.0/24 maxlen: 24
46.45.170.0/24 maxlen: 24
46.45.171.0/24 maxlen: 24
46.45.172.0/24 maxlen: 24
46.45.173.0/24 maxlen: 24
46.45.174.0/24 maxlen: 24
46.45.175.0/24 maxlen: 24
46.45.176.0/24 maxlen: 24
46.45.177.0/24 maxlen: 24
46.45.178.0/24 maxlen: 24
46.45.179.0/24 maxlen: 24
46.45.180.0/24 maxlen: 24
46.45.181.0/24 maxlen: 24
46.45.182.0/24 maxlen: 24
46.45.183.0/24 maxlen: 24
176.53.18.0/24 maxlen: 24
176.53.19.0/24 maxlen: 24
176.53.20.0/24 maxlen: 24
176.53.21.0/24 maxlen: 24
176.53.22.0/24 maxlen: 24
176.53.23.0/24 maxlen: 24
176.53.24.0/24 maxlen: 24
176.53.25.0/24 maxlen: 24
176.53.26.0/24 maxlen: 24
176.53.27.0/24 maxlen: 24
176.53.28.0/24 maxlen: 24
176.53.29.0/24 maxlen: 24
176.53.30.0/24 maxlen: 24
176.53.31.0/24 maxlen: 24
176.53.113.0/24 maxlen: 24
176.53.114.0/24 maxlen: 24
176.53.115.0/24 maxlen: 24
176.53.116.0/24 maxlen: 24
176.53.117.0/24 maxlen: 24
176.53.118.0/24 maxlen: 24
176.53.119.0/24 maxlen: 24
176.53.120.0/24 maxlen: 24
176.53.121.0/24 maxlen: 24
176.53.122.0/24 maxlen: 24
176.53.123.0/24 maxlen: 24
176.53.124.0/24 maxlen: 24
176.53.125.0/24 maxlen: 24
176.53.126.0/24 maxlen: 24
176.53.127.0/24 maxlen: 24
178.211.32.0/24 maxlen: 24
178.211.33.0/24 maxlen: 24
178.211.34.0/24 maxlen: 24
178.211.35.0/24 maxlen: 24
178.211.36.0/24 maxlen: 24
178.211.37.0/24 maxlen: 24
178.211.38.0/24 maxlen: 24
178.211.39.0/24 maxlen: 24
178.211.40.0/24 maxlen: 24
178.211.41.0/24 maxlen: 24
178.211.43.0/24 maxlen: 24
178.211.44.0/24 maxlen: 24
178.211.45.0/24 maxlen: 24
178.211.46.0/24 maxlen: 24
178.211.47.0/24 maxlen: 24
213.128.80.0/24 maxlen: 24
213.128.81.0/24 maxlen: 24
213.128.82.0/24 maxlen: 24
213.128.83.0/24 maxlen: 24
213.128.84.0/24 maxlen: 24
213.128.85.0/24 maxlen: 24
213.128.86.0/24 maxlen: 24
213.128.87.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/68303f-e8b0-4fe0-96b6-a9657eb1f8d7/1/9XG78dPTwO_jbeEQOSvgx6xEeoQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/68303f-e8b0-4fe0-96b6-a9657eb1f8d7/1/9XG78dPTwO_jbeEQOSvgx6xEeoQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/9XG78dPTwO_jbeEQOSvgx6xEeoQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 13:01:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:e8:24:0a:09:f7:69:a6:46:f8:9b:c0:65:9c:68:7e:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f571bbf1d3d3c0efe36de110392be0c7ac447a84
Validity
Not Before: May 2 10:02:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7cc78dccf94cda7dd9426c9e01f91b9faee6d0f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:48:71:d5:c7:e1:db:d8:40:a8:2e:1c:63:95:
6f:41:13:d0:5c:87:61:6a:fc:06:9a:b2:e8:5a:d2:
cf:30:14:b5:b8:49:73:03:e0:d2:7f:62:33:75:a2:
f5:7a:f8:d2:ee:bd:1f:52:dd:55:50:3f:ec:7a:31:
80:91:d4:46:f8:78:81:1e:35:23:4c:e9:3a:05:eb:
0d:b6:87:b3:4c:60:b8:ed:4e:ac:5d:66:cc:b2:c6:
5a:ee:fc:77:2a:8e:e9:56:07:2f:bd:e8:24:89:3c:
a3:4a:3b:fe:87:5e:9f:d3:59:ab:47:90:de:5b:79:
19:07:87:79:16:67:28:05:70:c6:df:fb:12:e8:da:
0a:bf:97:0c:53:2e:06:6c:21:a6:58:dd:b1:38:e0:
3d:7a:ab:a6:28:65:e9:62:b9:3b:f9:8f:d9:34:72:
9f:ab:89:8c:de:e5:a1:37:d5:2b:3d:4c:4e:a5:78:
bc:c6:b9:6c:04:b7:6d:90:87:22:ea:a8:7b:58:ff:
91:4f:c9:59:2a:fa:26:d4:78:9d:56:40:4f:1c:8b:
91:46:e3:f8:a4:26:b4:ef:38:13:dc:90:b1:59:58:
d5:db:d3:01:ab:57:e2:8e:3d:9e:cd:6a:7c:4f:bc:
a0:4b:63:24:35:9f:c0:e3:4d:00:49:09:0c:19:ea:
7a:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:C7:8D:CC:F9:4C:DA:7D:D9:42:6C:9E:01:F9:1B:9F:AE:E6:D0:F8
X509v3 Authority Key Identifier:
keyid:F5:71:BB:F1:D3:D3:C0:EF:E3:6D:E1:10:39:2B:E0:C7:AC:44:7A:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9XG78dPTwO_jbeEQOSvgx6xEeoQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/68303f-e8b0-4fe0-96b6-a9657eb1f8d7/1/fMeNzPlM2n3ZQmyeAfkbn67m0Pg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/68303f-e8b0-4fe0-96b6-a9657eb1f8d7/1/9XG78dPTwO_jbeEQOSvgx6xEeoQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.96.0/19
46.45.128.0/24
46.45.136.0/21
46.45.168.0-46.45.183.255
176.53.18.0-176.53.31.255
176.53.113.0-176.53.127.255
178.211.32.0-178.211.41.255
178.211.43.0-178.211.47.255
213.128.80.0/21
Signature Algorithm: sha256WithRSAEncryption
01:71:c8:65:16:e3:1a:ba:ab:82:69:3e:14:f6:f4:67:62:13:
f3:bf:87:b9:7a:3b:58:be:bc:ce:cf:c2:5c:2d:55:d0:a7:d9:
a8:38:e7:96:0b:fe:17:ab:53:72:96:d2:a3:96:5f:7a:0d:bb:
f3:f0:22:18:a1:06:cf:0b:9c:68:64:e1:7f:40:8d:f7:0b:85:
2d:a9:8b:f9:06:ca:63:1d:b7:f6:1a:2b:3e:b7:8f:d6:a3:4a:
4b:96:4f:e4:69:be:c0:bd:f8:8e:72:5f:6c:12:b1:14:0e:01:
c3:38:1d:da:4d:62:f6:ff:9a:8b:5a:b1:a7:e0:35:9f:eb:ff:
22:c7:e2:a0:70:0c:f0:b3:47:6c:0e:21:26:d4:44:bb:c9:19:
2e:8e:a7:37:e4:14:c6:35:74:79:90:c5:31:88:1b:db:8c:57:
b2:45:2f:bf:73:10:9a:b6:99:33:05:23:51:78:ee:d8:5d:33:
e7:cb:e6:a1:ed:6b:9c:af:a0:ee:72:ed:32:28:d2:b5:44:e2:
8d:54:28:df:d0:4b:a0:ea:23:49:51:0e:c0:7f:4f:bc:61:8f:
13:b3:f4:44:13:5b:8f:00:a4:bd:5f:22:25:b3:67:3a:f9:a7:
ed:cd:1a:cd:da:97:48:44:5a:84:1a:21:ea:59:54:e2:f2:da:
3c:07:bc:11
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAZ3oJAoJ92mmRvibwGWcaH4oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1NzFiYmYxZDNkM2MwZWZlMzZkZTExMDM5MmJlMGM3YWM0
NDdhODQwHhcNMjYwNTAyMTAwMjQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2M3OGRjY2Y5NGNkYTdkZDk0MjZjOWUwMWY5MWI5ZmFlZTZkMGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoUhx1cfh29hAqC4cY5VvQRPQXIdh
avwGmrLoWtLPMBS1uElzA+DSf2IzdaL1evjS7r0fUt1VUD/sejGAkdRG+HiBHjUj
TOk6BesNtoezTGC47U6sXWbMssZa7vx3Ko7pVgcvvegkiTyjSjv+h16f01mrR5De
W3kZB4d5FmcoBXDG3/sS6NoKv5cMUy4GbCGmWN2xOOA9equmKGXpYrk7+Y/ZNHKf
q4mM3uWhN9UrPUxOpXi8xrlsBLdtkIci6qh7WP+RT8lZKvom1HidVkBPHIuRRuP4
pCa07zgT3JCxWVjV29MBq1fijj2ezWp8T7ygS2MkNZ/A400ASQkMGep65wIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFHzHjcz5TNp92UJsngH5G5+u5tD4MB8GA1UdIwQY
MBaAFPVxu/HT08Dv423hEDkr4MesRHqEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVhHNzhkUFR3T19qYmVFUU9Tdmd4NnhFZW9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi82ODMwM2YtZThiMC00ZmUwLTk2YjYt
YTk2NTdlYjFmOGQ3LzEvZk1lTnpQbE0ybjNaUW15ZUFma2JuNjdtMFBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi82ODMwM2YtZThiMC00ZmUwLTk2YjYtYTk2NTdlYjFmOGQ3
LzEvOVhHNzhkUFR3T19qYmVFUU9Tdmd4NnhFZW9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBkBAIAATBeAwQFH9JgAwQA
Li2AAwQDLi2IMAwDBAMuLagDBAMuLbAwDAMEAbA1EgMEBbA1ADAMAwQAsDVxAwQH
sDUAMAwDBAWy0yADBAGy0ygwDAMEALLTKwMEBLLTIAMEA9WAUDANBgkqhkiG9w0B
AQsFAAOCAQEAAXHIZRbjGrqrgmk+FPb0Z2IT87+HuXo7WL68zs/CXC1V0KfZqDjn
lgv+F6tTcpbSo5Zfeg278/AiGKEGzwucaGThf0CN9wuFLamL+QbKYx239horPreP
1qNKS5ZP5Gm+wL34jnJfbBKxFA4Bwzgd2k1i9v+ai1qxp+A1n+v/IsfioHAM8LNH
bA4hJtREu8kZLo6nN+QUxjV0eZDFMYgb24xXskUvv3MQmraZMwUjUXju2F0z58vm
oe1rnK+g7nLtMijStUTijVQo39BLoOojSVEOwH9PvGGPE7P0RBNbjwCkvV8iJbNn
Ovmn7c0azdqXSERahBoh6llU4vLaPAe8EQ==
-----END CERTIFICATE-----
Generated at Tue May 12 21:39:11 2026 by rpki-client