Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/37a8d2-3466-4616-bc1c-01240bcfdb42/1/VvI8eF8awzA-rprisCGANCP09is.roa
File: VvI8eF8awzA-rprisCGANCP09is.roa (raw, json)
Hash identifier: yazR+YEWmmMvVKnDG3F3R6o+GlLoe3WtRbilV9EWftM=
Subject key identifier: 56:F2:3C:78:5F:1A:C3:30:3E:AE:9A:E2:B0:21:80:34:23:F4:F6:2B
Certificate issuer: /CN=c19f75b2593ca2b1b0a5fd0c54015de306c47ee6
Certificate serial: 019DE2D90F4493E875DC35DF19B9B06D82FA
Authority key identifier: C1:9F:75:B2:59:3C:A2:B1:B0:A5:FD:0C:54:01:5D:E3:06:C4:7E:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wZ91slk8orGwpf0MVAFd4wbEfuY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/37a8d2-3466-4616-bc1c-01240bcfdb42/1/VvI8eF8awzA-rprisCGANCP09is.roa
Signing time: Fri 01 May 2026 09:22:49 +0000
ROA not before: Fri 01 May 2026 09:22:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 33915
IP address blocks: 31.136.0.0/14 maxlen: 14
37.235.8.0/21 maxlen: 21
62.72.192.0/19 maxlen: 19
62.140.128.0/20 maxlen: 20
62.140.140.0/23 maxlen: 23
62.140.156.0/23 maxlen: 23
80.112.128.0/18 maxlen: 18
80.112.128.0/19 maxlen: 19
80.112.160.0/19 maxlen: 19
80.112.192.0/18 maxlen: 18
80.114.128.0/18 maxlen: 18
80.114.128.0/19 maxlen: 19
80.114.160.0/19 maxlen: 19
80.115.224.0/19 maxlen: 19
80.115.224.0/20 maxlen: 20
80.115.240.0/20 maxlen: 20
80.242.224.0/19 maxlen: 19
80.242.224.0/20 maxlen: 20
80.242.240.0/20 maxlen: 20
83.137.136.0/21 maxlen: 21
83.167.192.0/19 maxlen: 19
85.88.96.0/19 maxlen: 19
85.146.192.0/18 maxlen: 18
91.221.96.0/23 maxlen: 23
93.117.192.0/18 maxlen: 18
109.32.0.0/13 maxlen: 13
159.100.64.0/18 maxlen: 18
185.130.174.0/23 maxlen: 23
195.35.128.0/17 maxlen: 17
195.35.128.0/18 maxlen: 18
195.35.192.0/18 maxlen: 18
195.85.128.0/18 maxlen: 18
195.85.128.0/19 maxlen: 19
195.85.160.0/19 maxlen: 19
212.78.192.0/19 maxlen: 19
212.178.64.0/18 maxlen: 18
212.178.64.0/19 maxlen: 19
212.178.96.0/19 maxlen: 19
212.178.128.0/19 maxlen: 19
212.178.128.0/20 maxlen: 20
212.178.144.0/20 maxlen: 20
212.178.192.0/19 maxlen: 19
212.178.192.0/20 maxlen: 20
212.178.208.0/20 maxlen: 20
212.203.0.0/19 maxlen: 19
212.203.0.0/20 maxlen: 20
212.203.16.0/20 maxlen: 20
213.34.64.0/19 maxlen: 19
213.34.64.0/20 maxlen: 20
213.34.80.0/20 maxlen: 20
213.34.128.0/19 maxlen: 19
213.34.160.0/19 maxlen: 19
213.34.160.0/20 maxlen: 20
213.34.176.0/20 maxlen: 20
213.124.0.0/17 maxlen: 17
213.124.0.0/18 maxlen: 18
213.124.64.0/18 maxlen: 18
213.124.128.0/19 maxlen: 19
213.124.128.0/20 maxlen: 20
213.124.144.0/20 maxlen: 20
213.125.0.0/16 maxlen: 16
213.125.0.0/17 maxlen: 17
213.125.128.0/17 maxlen: 17
213.126.0.0/17 maxlen: 17
213.126.0.0/18 maxlen: 18
213.126.64.0/18 maxlen: 18
213.132.160.0/19 maxlen: 19
213.132.160.0/20 maxlen: 20
213.132.176.0/20 maxlen: 20
217.100.0.0/16 maxlen: 16
217.100.0.0/17 maxlen: 17
217.100.128.0/17 maxlen: 17
217.102.224.0/21 maxlen: 21
217.102.224.0/22 maxlen: 22
217.102.228.0/22 maxlen: 22
217.105.192.0/19 maxlen: 19
217.105.192.0/20 maxlen: 20
217.105.208.0/20 maxlen: 20
2001:41f0::/29 maxlen: 29
2a00:18c8::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ce/37a8d2-3466-4616-bc1c-01240bcfdb42/1/wZ91slk8orGwpf0MVAFd4wbEfuY.crl
rsync://rpki.ripe.net/repository/DEFAULT/ce/37a8d2-3466-4616-bc1c-01240bcfdb42/1/wZ91slk8orGwpf0MVAFd4wbEfuY.mft
rsync://rpki.ripe.net/repository/DEFAULT/wZ91slk8orGwpf0MVAFd4wbEfuY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:e2:d9:0f:44:93:e8:75:dc:35:df:19:b9:b0:6d:82:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c19f75b2593ca2b1b0a5fd0c54015de306c47ee6
Validity
Not Before: May 1 09:22:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=56f23c785f1ac3303eae9ae2b021803423f4f62b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:25:79:d7:72:95:8e:85:20:41:ef:e5:8b:fc:
e7:72:d0:7d:b2:46:81:c2:86:b4:ea:94:07:ac:fc:
c0:df:bc:70:4e:b7:2f:e3:36:f9:d5:fc:af:9c:b7:
22:96:33:35:01:22:f1:63:97:11:bb:c8:c7:c0:d6:
32:f4:09:57:5d:0a:eb:03:9a:7d:7b:8b:4b:2e:63:
32:f1:d9:97:61:12:31:a5:c5:04:be:5b:a9:48:59:
cd:04:c4:e5:25:b4:ec:c7:42:75:a8:5f:a7:d9:de:
22:61:e6:37:70:a6:90:4e:38:34:e3:f1:55:97:52:
7a:08:13:d6:75:d1:c8:4a:26:a7:05:6c:2a:ca:db:
3d:32:a9:97:6b:b8:74:5c:a8:0d:d3:b5:dd:52:96:
64:4f:d3:5d:4e:6a:aa:af:6f:3f:ad:d0:31:d2:5f:
b8:f3:4b:69:b8:1d:a7:8a:67:b6:3a:08:89:84:5f:
72:b5:dd:37:cb:c8:97:fc:66:95:c0:9b:10:fb:1f:
21:50:b7:21:1b:f1:15:3f:78:98:2c:04:e5:e7:c5:
39:9d:23:bc:83:24:0b:cb:e9:8b:8c:88:45:ef:f7:
f9:f8:04:9b:14:8e:13:63:93:97:66:35:c2:8f:fd:
bd:46:55:43:00:0b:19:5c:f3:b0:f6:12:ed:22:c8:
b5:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:F2:3C:78:5F:1A:C3:30:3E:AE:9A:E2:B0:21:80:34:23:F4:F6:2B
X509v3 Authority Key Identifier:
keyid:C1:9F:75:B2:59:3C:A2:B1:B0:A5:FD:0C:54:01:5D:E3:06:C4:7E:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wZ91slk8orGwpf0MVAFd4wbEfuY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/37a8d2-3466-4616-bc1c-01240bcfdb42/1/VvI8eF8awzA-rprisCGANCP09is.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/37a8d2-3466-4616-bc1c-01240bcfdb42/1/wZ91slk8orGwpf0MVAFd4wbEfuY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.136.0.0/14
37.235.8.0/21
62.72.192.0/19
62.140.128.0/20
62.140.156.0/23
80.112.128.0/17
80.114.128.0/18
80.115.224.0/19
80.242.224.0/19
83.137.136.0/21
83.167.192.0/19
85.88.96.0/19
85.146.192.0/18
91.221.96.0/23
93.117.192.0/18
109.32.0.0/13
159.100.64.0/18
185.130.174.0/23
195.35.128.0/17
195.85.128.0/18
212.78.192.0/19
212.178.64.0-212.178.159.255
212.178.192.0/19
212.203.0.0/19
213.34.64.0/19
213.34.128.0/18
213.124.0.0-213.124.159.255
213.125.0.0-213.126.127.255
213.132.160.0/19
217.100.0.0/16
217.102.224.0/21
217.105.192.0/19
IPv6:
2001:41f0::/29
2a00:18c8::/29
Signature Algorithm: sha256WithRSAEncryption
22:12:45:d2:2f:a9:67:b2:80:23:f9:62:58:ab:bd:41:3d:02:
89:18:cb:fe:26:bd:f1:a8:14:9e:35:39:02:47:78:ac:c1:c0:
67:c0:9b:9a:95:b3:84:d5:22:24:2f:bb:bf:96:a7:2c:88:43:
bb:b8:b8:55:c4:08:cc:fa:e0:d2:6e:fb:f6:01:5c:ae:37:02:
9a:7d:bf:4c:73:c3:c5:2f:b2:1c:ca:23:0f:f0:67:45:0a:ee:
42:d6:71:a3:d9:81:c4:a5:77:e7:2a:31:af:8d:5f:b3:c7:a8:
b4:a8:7b:c2:dd:86:25:b4:a8:91:5f:4f:d9:c7:29:d9:94:da:
79:f6:69:95:87:d7:e0:61:7e:a6:9b:62:e1:b6:30:46:50:fa:
1d:e6:1b:e9:b7:68:ee:f5:14:cf:53:7d:85:6f:de:e4:00:d1:
4d:ec:1a:ee:a0:a6:c3:30:1f:64:fa:ba:9b:41:88:69:e3:88:
47:dc:7a:4e:94:d2:5b:02:cc:2f:ed:e3:98:53:4c:39:e2:da:
5a:fa:81:3c:09:b4:65:74:4d:96:98:f8:59:0e:81:51:42:cb:
cd:48:ea:68:b5:e8:66:fb:4f:f9:07:02:15:ba:03:37:a9:8d:
12:a5:02:d1:f4:5e:f9:66:31:ca:e6:99:a6:e1:93:99:6a:67:
f0:e8:8a:01
-----BEGIN CERTIFICATE-----
MIIF5jCCBM6gAwIBAgISAZ3i2Q9Ek+h13DXfGbmwbYL6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxOWY3NWIyNTkzY2EyYjFiMGE1ZmQwYzU0MDE1ZGUzMDZj
NDdlZTYwHhcNMjYwNTAxMDkyMjQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmYyM2M3ODVmMWFjMzMwM2VhZTlhZTJiMDIxODAzNDIzZjRmNjJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3yV513KVjoUgQe/li/znctB9skaB
woa06pQHrPzA37xwTrcv4zb51fyvnLciljM1ASLxY5cRu8jHwNYy9AlXXQrrA5p9
e4tLLmMy8dmXYRIxpcUEvlupSFnNBMTlJbTsx0J1qF+n2d4iYeY3cKaQTjg04/FV
l1J6CBPWddHISianBWwqyts9MqmXa7h0XKgN07XdUpZkT9NdTmqqr28/rdAx0l+4
80tpuB2nime2OgiJhF9ytd03y8iX/GaVwJsQ+x8hULchG/EVP3iYLATl58U5nSO8
gyQLy+mLjIhF7/f5+ASbFI4TY5OXZjXCj/29RlVDAAsZXPOw9hLtIsi1jQIDAQAB
o4IC8jCCAu4wHQYDVR0OBBYEFFbyPHhfGsMwPq6a4rAhgDQj9PYrMB8GA1UdIwQY
MBaAFMGfdbJZPKKxsKX9DFQBXeMGxH7mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1o5MXNsazhvckd3cGYwTVZBRmQ0d2JFZnVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS8zN2E4ZDItMzQ2Ni00NjE2LWJjMWMt
MDEyNDBiY2ZkYjQyLzEvVnZJOGVGOGF3ekEtcnByaXNDR0FOQ1AwOWlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS8zN2E4ZDItMzQ2Ni00NjE2LWJjMWMtMDEyNDBiY2ZkYjQy
LzEvd1o5MXNsazhvckd3cGYwTVZBRmQ0d2JFZnVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBBgYIKwYBBQUHAQcBAf8EgfYwgfMwgdoEAgABMIHTAwMC
H4gDBAMl6wgDBAU+SMADBAQ+jIADBAE+jJwDBAdQcIADBAZQcoADBAVQc+ADBAVQ
8uADBANTiYgDBAVTp8ADBAVVWGADBAZVksADBAFb3WADBAZddcADAwNtIAMEBp9k
QAMEAbmCrgMEB8MjgAMEBsNVgAMEBdROwDAMAwQG1LJAAwQF1LKAAwQF1LLAAwQF
1MsAAwQF1SJAAwQG1SKAMAsDAwLVfAMEBdV8gDALAwMA1X0DBAfVfgADBAXVhKAD
AwDZZAMEA9lm4AMEBdlpwDAUBAIAAjAOAwUDIAFB8AMFAyoAGMgwDQYJKoZIhvcN
AQELBQADggEBACISRdIvqWeygCP5YlirvUE9AokYy/4mvfGoFJ41OQJHeKzBwGfA
m5qVs4TVIiQvu7+WpyyIQ7u4uFXECMz64NJu+/YBXK43App9v0xzw8UvshzKIw/w
Z0UK7kLWcaPZgcSld+cqMa+NX7PHqLSoe8LdhiW0qJFfT9nHKdmU2nn2aZWH1+Bh
fqabYuG2MEZQ+h3mG+m3aO71FM9TfYVv3uQA0U3sGu6gpsMwH2T6uptBiGnjiEfc
ek6U0lsCzC/t45hTTDni2lr6gTwJtGV0TZaY+FkOgVFCy81I6mi16Gb7T/kHAhW6
AzepjRKlAtH0XvlmMcrmmabhk5lqZ/DoigE=
-----END CERTIFICATE-----
Generated at Tue May 12 21:39:07 2026 by rpki-client