Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/x0_-uqsHWcjbfW_hfshaOvwbb1c.roa
File: x0_-uqsHWcjbfW_hfshaOvwbb1c.roa (raw, json)
Hash identifier: eircYIt1XhTSC/xdu+VsYyP07LVygp/amJt3YsTVS8Y=
Subject key identifier: C7:4F:FE:BA:AB:07:59:C8:DB:7D:6F:E1:7E:C8:5A:3A:FC:1B:6F:57
Certificate issuer: /CN=81eed4091383d9ed4056d9f4eff7d2622ddce205
Certificate serial: 019DF1AF94EF6D5CC5EE6F603AEC7018974C
Authority key identifier: 81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/x0_-uqsHWcjbfW_hfshaOvwbb1c.roa
Signing time: Mon 04 May 2026 06:31:49 +0000
ROA not before: Mon 04 May 2026 06:31:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 1136
IP address blocks: 37.251.0.0/17 maxlen: 17
46.227.232.0/21 maxlen: 21
62.131.0.0/16 maxlen: 16
62.216.0.0/19 maxlen: 19
62.251.0.0/17 maxlen: 17
77.160.0.0/13 maxlen: 13
77.168.0.0/14 maxlen: 14
77.172.0.0/16 maxlen: 16
77.173.0.0/16 maxlen: 16
77.174.0.0/16 maxlen: 16
77.175.0.0/16 maxlen: 16
77.175.0.0/17 maxlen: 17
77.175.128.0/17 maxlen: 17
80.60.0.0/15 maxlen: 15
80.100.0.0/15 maxlen: 15
81.204.0.0/14 maxlen: 14
82.92.0.0/14 maxlen: 14
82.94.0.0/15 maxlen: 15
82.136.192.0/18 maxlen: 18
82.161.0.0/16 maxlen: 16
82.168.0.0/15 maxlen: 15
82.170.0.0/16 maxlen: 16
83.68.0.0/19 maxlen: 19
84.39.0.0/19 maxlen: 19
84.80.0.0/16 maxlen: 16
84.82.0.0/15 maxlen: 15
84.84.0.0/14 maxlen: 14
85.113.224.0/19 maxlen: 19
86.80.0.0/13 maxlen: 13
86.88.0.0/15 maxlen: 15
86.90.0.0/16 maxlen: 16
86.92.0.0/14 maxlen: 14
88.159.0.0/16 maxlen: 16
109.72.32.0/20 maxlen: 20
128.127.32.0/20 maxlen: 20
188.142.0.0/17 maxlen: 17
194.109.0.0/16 maxlen: 16
195.64.64.0/19 maxlen: 19
195.121.0.0/16 maxlen: 16
195.240.0.0/16 maxlen: 16
195.240.0.0/17 maxlen: 17
195.240.128.0/18 maxlen: 18
195.240.192.0/18 maxlen: 18
195.241.0.0/16 maxlen: 16
212.123.128.0/18 maxlen: 18
212.182.128.0/18 maxlen: 18
212.238.0.0/16 maxlen: 16
213.10.0.0/16 maxlen: 16
213.75.0.0/16 maxlen: 16
213.84.0.0/16 maxlen: 16
213.148.224.0/19 maxlen: 19
213.197.0.0/18 maxlen: 18
213.222.0.0/19 maxlen: 19
2001:888::/29 maxlen: 29
2001:980::/29 maxlen: 29
2a02:a400::/25 maxlen: 25
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/ge7UCROD2e1AVtn07_fSYi3c4gU.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/ge7UCROD2e1AVtn07_fSYi3c4gU.mft
rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 21:01:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:f1:af:94:ef:6d:5c:c5:ee:6f:60:3a:ec:70:18:97:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81eed4091383d9ed4056d9f4eff7d2622ddce205
Validity
Not Before: May 4 06:31:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c74ffebaab0759c8db7d6fe17ec85a3afc1b6f57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:84:1e:3c:f8:58:06:03:60:ad:00:7a:32:8d:
76:72:47:9b:68:b4:73:b9:aa:9e:c2:05:82:7c:f1:
58:bc:4e:ef:ac:fe:a6:eb:d1:f3:96:9f:c0:59:42:
2b:16:fc:5d:5c:08:1d:2b:b2:05:52:51:94:8c:58:
f4:4f:af:5b:f3:00:1a:ca:f3:5d:7e:ed:56:df:97:
02:21:c4:54:db:4c:64:61:65:56:95:09:09:d1:51:
a4:86:05:ea:65:33:32:48:90:73:ef:03:49:8f:7c:
b1:ce:1d:fa:24:b8:47:56:05:2d:1f:63:13:68:9f:
66:cc:de:2b:1a:99:32:f3:c4:4c:90:e3:3f:68:d4:
ff:41:af:60:26:a7:26:12:44:41:3d:0e:7e:d7:11:
78:53:3c:46:b7:f5:76:b2:a8:76:2c:31:27:4f:30:
6d:a9:2a:32:94:1f:27:ba:cd:83:1d:cf:fa:9e:5f:
28:86:36:9a:0c:74:4a:b6:91:8c:8a:70:61:db:a1:
18:1d:43:df:f8:4c:5c:05:12:5c:07:2d:0f:87:a0:
de:b0:27:4a:b5:f3:3d:8e:d5:d5:52:71:65:a0:2a:
35:74:e1:de:13:9b:c3:a9:45:e3:e5:52:38:b8:f0:
b4:75:2b:f6:31:a0:a1:71:c3:0f:1e:55:c2:80:76:
74:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:4F:FE:BA:AB:07:59:C8:DB:7D:6F:E1:7E:C8:5A:3A:FC:1B:6F:57
X509v3 Authority Key Identifier:
keyid:81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/x0_-uqsHWcjbfW_hfshaOvwbb1c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/ge7UCROD2e1AVtn07_fSYi3c4gU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.251.0.0/17
46.227.232.0/21
62.131.0.0/16
62.216.0.0/19
62.251.0.0/17
77.160.0.0/12
80.60.0.0/15
80.100.0.0/15
81.204.0.0/14
82.92.0.0/14
82.136.192.0/18
82.161.0.0/16
82.168.0.0-82.170.255.255
83.68.0.0/19
84.39.0.0/19
84.80.0.0/16
84.82.0.0-84.87.255.255
85.113.224.0/19
86.80.0.0-86.90.255.255
86.92.0.0/14
88.159.0.0/16
109.72.32.0/20
128.127.32.0/20
188.142.0.0/17
194.109.0.0/16
195.64.64.0/19
195.121.0.0/16
195.240.0.0/15
212.123.128.0/18
212.182.128.0/18
212.238.0.0/16
213.10.0.0/16
213.75.0.0/16
213.84.0.0/16
213.148.224.0/19
213.197.0.0/18
213.222.0.0/19
IPv6:
2001:888::/29
2001:980::/29
2a02:a400::/25
Signature Algorithm: sha256WithRSAEncryption
1a:56:62:15:aa:87:e5:97:ea:ca:90:c0:d6:a6:82:f6:1e:0a:
02:29:c4:91:c8:4c:de:4f:2d:b0:71:09:d6:c9:dc:0c:81:1f:
db:51:4a:e4:e3:cc:51:15:6b:a4:06:6d:f2:f4:14:58:d1:a1:
6e:9e:be:44:09:b1:00:6a:bf:ab:c2:a8:8c:a0:9d:7a:ef:34:
81:bb:83:73:80:7d:2b:ee:96:8c:b9:ee:0d:8a:37:9d:c7:bf:
5a:a4:9e:1f:9b:79:f7:3c:0e:60:b8:b7:f1:f6:34:e9:3a:dd:
b7:7b:31:12:78:da:c3:e2:f1:6e:2f:08:e9:e6:52:b9:aa:a8:
97:55:b8:07:68:63:f8:75:30:b5:e8:27:f4:be:e9:52:dd:51:
d3:27:70:3b:4b:3c:6b:8a:84:70:45:c6:de:ca:e1:58:3a:3f:
f6:d5:8d:02:00:f3:d7:b9:90:54:e3:e3:90:c2:48:01:34:66:
bb:44:55:70:61:d8:08:7c:bc:ba:7f:f6:fb:d6:52:1b:fd:8b:
33:a0:aa:a4:cf:51:b5:ee:81:e9:39:b6:19:85:a5:a1:a6:cb:
3f:b2:9f:f0:87:e5:11:48:20:ac:a7:78:d5:55:fc:b1:f9:a3:
56:ad:0d:b0:de:35:78:a9:17:6b:65:ee:31:25:cd:39:7f:fc:
2d:d2:b5:1c
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgISAZ3xr5TvbVzF7m9gOuxwGJdMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxZWVkNDA5MTM4M2Q5ZWQ0MDU2ZDlmNGVmZjdkMjYyMmRk
Y2UyMDUwHhcNMjYwNTA0MDYzMTQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzRmZmViYWFiMDc1OWM4ZGI3ZDZmZTE3ZWM4NWEzYWZjMWI2ZjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjoQePPhYBgNgrQB6Mo12ckebaLRz
uaqewgWCfPFYvE7vrP6m69Hzlp/AWUIrFvxdXAgdK7IFUlGUjFj0T69b8wAayvNd
fu1W35cCIcRU20xkYWVWlQkJ0VGkhgXqZTMySJBz7wNJj3yxzh36JLhHVgUtH2MT
aJ9mzN4rGpky88RMkOM/aNT/Qa9gJqcmEkRBPQ5+1xF4UzxGt/V2sqh2LDEnTzBt
qSoylB8nus2DHc/6nl8ohjaaDHRKtpGMinBh26EYHUPf+ExcBRJcBy0Ph6DesCdK
tfM9jtXVUnFloCo1dOHeE5vDqUXj5VI4uPC0dSv2MaChccMPHlXCgHZ08QIDAQAB
o4IDBzCCAwMwHQYDVR0OBBYEFMdP/rqrB1nI231v4X7IWjr8G29XMB8GA1UdIwQY
MBaAFIHu1AkTg9ntQFbZ9O/30mIt3OIFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2U3VUNST0QyZTFBVnRuMDdfZlNZaTNjNGdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS80YTljYzQtMmI5YS00ZWYyLWEzM2Et
ODcyYjM3MTBjMmExLzEveDBfLXVxc0hXY2piZldfaGZzaGFPdndiYjFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS80YTljYzQtMmI5YS00ZWYyLWEzM2EtODcyYjM3MTBjMmEx
LzEvZ2U3VUNST0QyZTFBVnRuMDdfZlNZaTNjNGdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBGwYIKwYBBQUHAQcBAf8EggEKMIIBBjCB5gQCAAEwgd8D
BAcl+wADBAMu4+gDAwA+gwMEBT7YAAMEBz77AAMDBE2gAwMBUDwDAwFQZAMDAlHM
AwMCUlwDBAZSiMADAwBSoTAKAwMDUqgDAwBSqgMEBVNEAAMEBVQnAAMDAFRQMAoD
AwFUUgMDA1RQAwQFVXHgMAoDAwRWUAMDAFZaAwMCVlwDAwBYnwMEBG1IIAMEBIB/
IAMEB7yOAAMDAMJtAwQFw0BAAwMAw3kDAwHD8AMEBtR7gAMEBtS2gAMDANTuAwMA
1QoDAwDVSwMDANVUAwQF1ZTgAwQG1cUAAwQF1d4AMBsEAgACMBUDBQMgAQiIAwUD
IAEJgAMFByoCpAAwDQYJKoZIhvcNAQELBQADggEBABpWYhWqh+WX6sqQwNamgvYe
CgIpxJHITN5PLbBxCdbJ3AyBH9tRSuTjzFEVa6QGbfL0FFjRoW6evkQJsQBqv6vC
qIygnXrvNIG7g3OAfSvuloy57g2KN53Hv1qknh+befc8DmC4t/H2NOk63bd7MRJ4
2sPi8W4vCOnmUrmqqJdVuAdoY/h1MLXoJ/S+6VLdUdMncDtLPGuKhHBFxt7K4Vg6
P/bVjQIA89e5kFTj45DCSAE0ZrtEVXBh2Ah8vLp/9vvWUhv9izOgqqTPUbXugek5
thmFpaGmyz+yn/CH5RFIIKyneNVV/LH5o1atDbDeNXipF2tl7jElzTl//C3StRw=
-----END CERTIFICATE-----
Generated at Wed May 13 04:00:20 2026 by rpki-client