Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/bpOsvvhDvb2oNTbbIzf3ikgwPfg.roa
File: bpOsvvhDvb2oNTbbIzf3ikgwPfg.roa (raw, json)
Hash identifier: 7AJcyPCgLE0neQA43CsfU92sauGHZs9aveSEomOpMW8=
Subject key identifier: 6E:93:AC:BE:F8:43:BD:BD:A8:35:36:DB:23:37:F7:8A:48:30:3D:F8
Certificate issuer: /CN=f4b769a53dd86352d3440f222bdf907cf09c2dba
Certificate serial: 019DFC755822EDD17D6CC26B43F49FEE7323
Authority key identifier: F4:B7:69:A5:3D:D8:63:52:D3:44:0F:22:2B:DF:90:7C:F0:9C:2D:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9LdppT3YY1LTRA8iK9-QfPCcLbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/bpOsvvhDvb2oNTbbIzf3ikgwPfg.roa
Signing time: Wed 06 May 2026 08:44:01 +0000
ROA not before: Wed 06 May 2026 08:44:01 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 50436
IP address blocks: 5.28.64.0/18 maxlen: 19
5.28.64.0/19 maxlen: 19
5.28.96.0/19 maxlen: 19
37.120.0.0/17 maxlen: 18
77.64.128.0/17 maxlen: 24
77.64.162.0/23 maxlen: 23
77.64.172.0/24 maxlen: 24
77.64.176.0/23 maxlen: 23
77.64.183.0/24 maxlen: 24
77.64.220.0/23 maxlen: 24
82.119.0.0/19 maxlen: 22
83.221.64.0/19 maxlen: 24
89.186.128.0/19 maxlen: 24
92.206.0.0/16 maxlen: 24
92.206.8.0/21 maxlen: 24
92.206.22.0/23 maxlen: 24
92.206.32.0/20 maxlen: 24
92.206.48.0/20 maxlen: 24
92.206.76.0/22 maxlen: 24
92.206.208.0/24 maxlen: 24
92.206.209.0/24 maxlen: 24
92.206.250.0/23 maxlen: 23
92.206.254.0/23 maxlen: 24
94.139.0.0/19 maxlen: 20
94.139.28.0/23 maxlen: 23
217.68.167.0/24 maxlen: 24
2a02:2455:8000::/36 maxlen: 36
2a02:2455:9000::/36 maxlen: 40
2a02:2455:a000::/36 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/9LdppT3YY1LTRA8iK9-QfPCcLbo.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/9LdppT3YY1LTRA8iK9-QfPCcLbo.mft
rsync://rpki.ripe.net/repository/DEFAULT/9LdppT3YY1LTRA8iK9-QfPCcLbo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:fc:75:58:22:ed:d1:7d:6c:c2:6b:43:f4:9f:ee:73:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4b769a53dd86352d3440f222bdf907cf09c2dba
Validity
Not Before: May 6 08:44:01 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6e93acbef843bdbda83536db2337f78a48303df8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:90:31:81:2a:c7:d3:db:54:2c:48:fb:30:dc:
67:41:29:75:1f:ba:6d:dc:cb:95:87:c7:73:cb:72:
f9:ca:5f:a1:a9:52:d1:0f:67:b1:ec:3b:cc:14:ee:
1f:0b:27:15:e8:63:a3:44:9d:6c:61:a8:14:a3:55:
fe:2c:bf:97:14:98:93:ef:ba:2a:82:be:ca:cc:ed:
cb:15:40:c8:59:fc:ad:24:05:50:e2:bc:82:df:db:
7f:a0:b9:89:a8:76:fb:b0:24:7a:56:31:e5:52:4a:
19:43:08:70:28:e9:df:ca:96:bf:9e:50:5b:4b:94:
23:b6:56:bb:fe:9e:ec:4c:c9:f6:aa:7c:ba:dd:ef:
b8:c0:84:79:27:5e:f8:24:99:6f:b0:95:d6:9d:77:
0e:9b:8e:3b:90:3d:90:a9:fe:90:38:28:c7:7d:79:
59:2f:d0:3c:01:a8:ff:56:78:5b:09:58:11:c7:f4:
18:37:fb:7a:72:ad:a1:0e:05:31:40:13:b3:48:44:
ac:08:55:31:26:73:ba:de:67:0b:bc:0e:fd:81:79:
ed:db:67:fb:02:a7:8d:2b:7d:dd:f7:68:de:7e:1b:
c2:88:ed:34:36:7e:3a:0c:2e:d6:b5:bd:58:a2:54:
2c:33:51:ba:4f:98:4a:1e:6f:09:81:42:65:e0:b2:
99:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:93:AC:BE:F8:43:BD:BD:A8:35:36:DB:23:37:F7:8A:48:30:3D:F8
X509v3 Authority Key Identifier:
keyid:F4:B7:69:A5:3D:D8:63:52:D3:44:0F:22:2B:DF:90:7C:F0:9C:2D:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9LdppT3YY1LTRA8iK9-QfPCcLbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/bpOsvvhDvb2oNTbbIzf3ikgwPfg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/9LdppT3YY1LTRA8iK9-QfPCcLbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.28.64.0/18
37.120.0.0/17
77.64.128.0/17
82.119.0.0/19
83.221.64.0/19
89.186.128.0/19
92.206.0.0/16
94.139.0.0/19
217.68.167.0/24
IPv6:
2a02:2455:8000::-2a02:2455:afff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
3a:34:2e:17:79:bf:e7:79:2e:88:d9:28:af:94:a4:43:26:48:
2b:8b:18:95:b5:07:b5:68:48:2a:9b:4c:f1:43:ff:06:1d:e1:
08:03:27:80:e9:49:59:0e:ab:88:8e:e1:77:54:c8:28:c2:c4:
08:f5:07:4c:d7:8a:db:f1:72:68:d6:ac:47:7c:fe:b5:5b:44:
a3:85:29:4f:a8:63:07:15:b4:4f:6d:a7:2c:d4:bb:59:a7:eb:
df:00:71:a0:38:57:31:31:24:eb:90:5c:e4:fd:ab:63:f0:5b:
3f:2a:25:a8:b2:c3:86:62:36:8f:80:21:db:61:21:45:43:03:
b0:3a:d5:92:b9:63:f2:69:1d:ed:59:68:70:a3:ee:21:5d:8f:
50:84:d4:0c:d0:45:6c:fb:ae:97:eb:13:28:3f:9d:f7:84:5b:
73:c2:dd:0f:e2:d5:e6:15:fb:eb:1d:07:56:e4:9b:87:25:21:
bc:04:09:47:30:cd:ab:59:6d:72:1f:11:1a:ad:57:d9:84:11:
4c:30:91:fa:d1:72:14:09:7f:8b:13:e1:1e:b7:dc:5f:f4:45:
4c:54:ad:64:dd:52:d9:03:6a:93:39:b0:ec:08:cd:17:2f:2b:
11:83:f6:a1:1b:55:88:68:3d:dc:56:fe:27:38:3c:3e:1c:72:
84:c6:9a:51
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgISAZ38dVgi7dF9bMJrQ/Sf7nMjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0Yjc2OWE1M2RkODYzNTJkMzQ0MGYyMjJiZGY5MDdjZjA5
YzJkYmEwHhcNMjYwNTA2MDg0NDAxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTkzYWNiZWY4NDNiZGJkYTgzNTM2ZGIyMzM3Zjc4YTQ4MzAzZGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxJAxgSrH09tULEj7MNxnQSl1H7pt
3MuVh8dzy3L5yl+hqVLRD2ex7DvMFO4fCycV6GOjRJ1sYagUo1X+LL+XFJiT77oq
gr7KzO3LFUDIWfytJAVQ4ryC39t/oLmJqHb7sCR6VjHlUkoZQwhwKOnfypa/nlBb
S5Qjtla7/p7sTMn2qny63e+4wIR5J174JJlvsJXWnXcOm447kD2Qqf6QOCjHfXlZ
L9A8Aaj/VnhbCVgRx/QYN/t6cq2hDgUxQBOzSESsCFUxJnO63mcLvA79gXnt22f7
AqeNK33d92jefhvCiO00Nn46DC7Wtb1YolQsM1G6T5hKHm8JgUJl4LKZiQIDAQAB
o4ICUjCCAk4wHQYDVR0OBBYEFG6TrL74Q729qDU22yM394pIMD34MB8GA1UdIwQY
MBaAFPS3aaU92GNS00QPIivfkHzwnC26MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUxkcHBUM1lZMUxUUkE4aUs5LVFmUENjTGJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83MGQ1MGYtZmYzYy00ZjYzLThkZWMt
ZDdjMzZjMjdjMDg3LzEvYnBPc3Z2aER2YjJvTlRiYkl6ZjNpa2d3UGZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83MGQ1MGYtZmYzYy00ZjYzLThkZWMtZDdjMzZjMjdjMDg3
LzEvOUxkcHBUM1lZMUxUUkE4aUs5LVFmUENjTGJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGgGCCsGAQUFBwEHAQH/BFkwVzA7BAIAATA1AwQGBRxAAwQH
JXgAAwQHTUCAAwQFUncAAwQFU91AAwQFWbqAAwMAXM4DBAVeiwADBADZRKcwGAQC
AAIwEjAQAwYHKgIkVYADBgQqAiRVoDANBgkqhkiG9w0BAQsFAAOCAQEAOjQuF3m/
53kuiNkor5SkQyZIK4sYlbUHtWhIKptM8UP/Bh3hCAMngOlJWQ6riI7hd1TIKMLE
CPUHTNeK2/FyaNasR3z+tVtEo4UpT6hjBxW0T22nLNS7Wafr3wBxoDhXMTEk65Bc
5P2rY/BbPyolqLLDhmI2j4Ah22EhRUMDsDrVkrlj8mkd7VlocKPuIV2PUITUDNBF
bPuul+sTKD+d94Rbc8LdD+LV5hX76x0HVuSbhyUhvAQJRzDNq1ltch8RGq1X2YQR
TDCR+tFyFAl/ixPhHrfcX/RFTFStZN1S2QNqkzmw7AjNFy8rEYP2oRtViGg93Fb+
Jzg8PhxyhMaaUQ==
-----END CERTIFICATE-----
Generated at Tue May 12 21:24:51 2026 by rpki-client