Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/4zDIIwkkcxVpxAD4Ld49dgJmlTE.roa
File: 4zDIIwkkcxVpxAD4Ld49dgJmlTE.roa (raw, json)
Hash identifier: esO60N/BUXe1ZEtYCo3l4vh4zvqgK1lBCvqnu2datfc=
Subject key identifier: E3:30:C8:23:09:24:73:15:69:C4:00:F8:2D:DE:3D:76:02:66:95:31
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 019DD85396CF24578813E2498A5AEF6D2295
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/4zDIIwkkcxVpxAD4Ld49dgJmlTE.roa
Signing time: Wed 29 Apr 2026 08:20:49 +0000
ROA not before: Wed 29 Apr 2026 08:20:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 57630
IP address blocks: 192.36.200.0/24 maxlen: 24
192.71.0.0/24 maxlen: 24
192.71.206.0/24 maxlen: 24
192.165.3.0/24 maxlen: 24
192.165.134.0/23 maxlen: 23
192.165.152.0/22 maxlen: 24
192.165.157.0/24 maxlen: 24
192.165.194.0/24 maxlen: 24
193.180.92.0/24 maxlen: 24
193.181.34.0/24 maxlen: 24
193.183.20.0/24 maxlen: 24
193.183.49.0/24 maxlen: 24
193.183.59.0/24 maxlen: 24
193.234.3.0/24 maxlen: 24
193.234.94.0/24 maxlen: 24
193.234.116.0/22 maxlen: 22
193.234.144.0/24 maxlen: 24
193.234.205.0/24 maxlen: 24
194.14.57.0/24 maxlen: 24
194.68.22.0/23 maxlen: 23
194.68.24.0/24 maxlen: 24
194.68.181.0/24 maxlen: 24
194.71.0.0/23 maxlen: 23
194.71.106.0/24 maxlen: 24
194.71.219.0/24 maxlen: 24
194.103.3.0/24 maxlen: 24
194.103.16.0/23 maxlen: 24
194.103.95.0/24 maxlen: 24
194.103.145.0/24 maxlen: 24
194.103.197.0/24 maxlen: 24
194.132.120.0/24 maxlen: 24
194.132.164.0/24 maxlen: 24
194.132.166.0/24 maxlen: 24
194.132.172.0/23 maxlen: 23
194.132.186.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 21:01:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:d8:53:96:cf:24:57:88:13:e2:49:8a:5a:ef:6d:22:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Apr 29 08:20:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e330c8230924731569c400f82dde3d7602669531
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:8a:db:67:7c:fa:01:06:f4:e4:3d:01:9a:d8:
28:5b:e0:42:5d:b5:7d:77:36:fe:50:10:52:66:83:
25:59:dd:13:f9:4b:ac:c1:af:cf:4a:c1:10:98:b7:
67:0b:80:ea:c7:75:24:51:81:4f:a4:e8:66:ff:fb:
de:09:05:63:ff:5d:ed:26:e9:0d:05:f5:6d:10:1a:
85:3a:3c:43:93:53:f4:b2:c5:1a:0c:c6:14:d9:23:
f9:00:93:92:ef:07:7e:ae:bd:29:a8:5a:4d:f4:9c:
97:d1:29:71:37:8e:a3:3a:ab:d7:19:d6:f9:6e:de:
fd:45:b0:45:ea:fe:14:f9:ee:bc:c5:19:18:29:4c:
01:36:58:16:93:5a:02:61:af:d7:12:d3:4e:27:4b:
1e:8b:f8:35:14:d1:02:77:b2:84:35:4f:d1:c9:23:
90:0a:b9:40:ff:db:b6:ce:61:81:67:9a:5f:e3:87:
3f:f6:9e:6b:cd:c3:c2:fc:8c:30:bd:46:f7:43:2b:
f9:0c:7f:68:76:11:2e:e9:3e:e1:23:cc:d8:9c:fd:
eb:11:55:53:d3:ac:f0:92:5e:83:72:e4:aa:ec:87:
e0:c0:3d:dd:53:c4:e3:fe:07:7d:9e:f5:39:71:af:
78:f3:18:ee:e5:e5:68:fd:fa:e5:f6:e4:27:25:0e:
ba:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:30:C8:23:09:24:73:15:69:C4:00:F8:2D:DE:3D:76:02:66:95:31
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/4zDIIwkkcxVpxAD4Ld49dgJmlTE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.200.0/24
192.71.0.0/24
192.71.206.0/24
192.165.3.0/24
192.165.134.0/23
192.165.152.0/22
192.165.157.0/24
192.165.194.0/24
193.180.92.0/24
193.181.34.0/24
193.183.20.0/24
193.183.49.0/24
193.183.59.0/24
193.234.3.0/24
193.234.94.0/24
193.234.116.0/22
193.234.144.0/24
193.234.205.0/24
194.14.57.0/24
194.68.22.0-194.68.24.255
194.68.181.0/24
194.71.0.0/23
194.71.106.0/24
194.71.219.0/24
194.103.3.0/24
194.103.16.0/23
194.103.95.0/24
194.103.145.0/24
194.103.197.0/24
194.132.120.0/24
194.132.164.0/24
194.132.166.0/24
194.132.172.0/23
194.132.186.0/24
Signature Algorithm: sha256WithRSAEncryption
bf:d2:67:05:58:23:52:be:89:4d:6b:d7:ad:ea:e1:b5:fc:54:
34:2c:0b:1c:5f:5b:48:30:7b:4d:3e:dd:f9:49:75:62:b3:6d:
7f:5a:62:21:72:36:e7:a4:c4:44:8a:8e:4a:f9:69:37:e4:b4:
c7:6b:b0:07:48:cb:fa:62:2b:fd:5c:1e:be:25:94:2e:09:d4:
bb:9a:cb:f2:c0:34:50:1b:91:d9:1c:4d:5e:c2:0a:8e:36:64:
36:98:ef:97:91:63:45:c9:a7:cf:ac:ad:2f:d2:6e:9e:80:0d:
03:38:4e:c4:9c:85:08:a5:b1:5c:e7:27:25:79:97:fd:26:62:
0c:77:4a:66:a5:6a:8e:c3:44:da:ae:54:c9:e3:7a:f8:49:25:
1f:ef:92:4a:68:00:bd:43:bf:d4:b5:f9:8c:98:d3:03:54:a6:
bf:3b:62:8d:37:c9:94:30:7a:da:be:73:ec:52:a6:2f:bd:19:
91:3b:69:1b:53:df:06:5a:7f:aa:04:16:f7:e2:50:0f:10:23:
9c:4c:b7:ac:3c:d8:11:b9:20:b5:e6:47:5a:fd:06:ad:7f:eb:
23:ce:e6:b5:bd:b6:b9:a2:de:e8:83:88:c0:48:88:ec:7b:b0:
15:57:fd:18:d2:08:06:8e:31:c2:a4:da:a4:3a:9a:f7:87:32:
40:29:d6:fc
-----BEGIN CERTIFICATE-----
MIIF0DCCBLigAwIBAgISAZ3YU5bPJFeIE+JJilrvbSKVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjYwNDI5MDgyMDQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzMwYzgyMzA5MjQ3MzE1NjljNDAwZjgyZGRlM2Q3NjAyNjY5NTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsIrbZ3z6AQb05D0BmtgoW+BCXbV9
dzb+UBBSZoMlWd0T+Uuswa/PSsEQmLdnC4Dqx3UkUYFPpOhm//veCQVj/13tJukN
BfVtEBqFOjxDk1P0ssUaDMYU2SP5AJOS7wd+rr0pqFpN9JyX0SlxN46jOqvXGdb5
bt79RbBF6v4U+e68xRkYKUwBNlgWk1oCYa/XEtNOJ0sei/g1FNECd7KENU/RySOQ
CrlA/9u2zmGBZ5pf44c/9p5rzcPC/IwwvUb3Qyv5DH9odhEu6T7hI8zYnP3rEVVT
06zwkl6DcuSq7IfgwD3dU8Tj/gd9nvU5ca948xju5eVo/frl9uQnJQ66mQIDAQAB
o4IC3DCCAtgwHQYDVR0OBBYEFOMwyCMJJHMVacQA+C3ePXYCZpUxMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvNHpESUl3a2tjeFZweEFENExkNDlkZ0ptbFRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHxBggrBgEFBQcBBwEB/wSB4TCB3jCB2wQCAAEwgdQDBADA
JMgDBADARwADBADAR84DBADApQMDBAHApYYDBALApZgDBADApZ0DBADApcIDBADB
tFwDBADBtSIDBADBtxQDBADBtzEDBADBtzsDBADB6gMDBADB6l4DBALB6nQDBADB
6pADBADB6s0DBADCDjkwDAMEAcJEFgMEAMJEGAMEAMJEtQMEAcJHAAMEAMJHagME
AMJH2wMEAMJnAwMEAcJnEAMEAMJnXwMEAMJnkQMEAMJnxQMEAMKEeAMEAMKEpAME
AMKEpgMEAcKErAMEAMKEujANBgkqhkiG9w0BAQsFAAOCAQEAv9JnBVgjUr6JTWvX
rerhtfxUNCwLHF9bSDB7TT7d+Ul1YrNtf1piIXI256TERIqOSvlpN+S0x2uwB0jL
+mIr/VweviWULgnUu5rL8sA0UBuR2RxNXsIKjjZkNpjvl5FjRcmnz6ytL9JunoAN
AzhOxJyFCKWxXOcnJXmX/SZiDHdKZqVqjsNE2q5UyeN6+EklH++SSmgAvUO/1LX5
jJjTA1SmvztijTfJlDB62r5z7FKmL70ZkTtpG1PfBlp/qgQW9+JQDxAjnEy3rDzY
EbkgteZHWv0GrX/rI87mtb22uaLe6IOIwEiI7HuwFVf9GNIIBo4xwqTapDqa94cy
QCnW/A==
-----END CERTIFICATE-----
Generated at Wed May 13 04:54:59 2026 by rpki-client