Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/471aa5-c3f7-4afd-b122-9c8e59c2771c/1/pymD6G72589Oba-aGcwNBSEPvAc.roa
File: pymD6G72589Oba-aGcwNBSEPvAc.roa (raw, json)
Hash identifier: feLa1gIg1JzrgtYpxZ/ePf9OqqCvewculgKFr1l4YaE=
Subject key identifier: A7:29:83:E8:6E:F6:E7:CF:4E:6D:AF:9A:19:CC:0D:05:21:0F:BC:07
Certificate issuer: /CN=dc86e3e928c7f0c9db69515ff3aa1f678cee43c0
Certificate serial: 019DFBF5A12066BB3F43F19C13A4A9FDFE30
Authority key identifier: DC:86:E3:E9:28:C7:F0:C9:DB:69:51:5F:F3:AA:1F:67:8C:EE:43:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3Ibj6SjH8MnbaVFf86ofZ4zuQ8A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/471aa5-c3f7-4afd-b122-9c8e59c2771c/1/pymD6G72589Oba-aGcwNBSEPvAc.roa
Signing time: Wed 06 May 2026 06:24:31 +0000
ROA not before: Wed 06 May 2026 06:24:31 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 200350
IP address blocks: 31.44.8.0/21 maxlen: 32
37.230.168.0/23 maxlen: 32
37.230.172.0/22 maxlen: 32
37.230.188.0/22 maxlen: 32
45.133.96.0/22 maxlen: 32
45.159.136.0/22 maxlen: 32
45.159.136.0/24 maxlen: 32
45.159.137.0/24 maxlen: 32
45.159.138.0/24 maxlen: 32
46.21.244.0/22 maxlen: 32
46.243.209.0/24 maxlen: 32
46.243.210.0/23 maxlen: 32
46.243.212.0/24 maxlen: 32
51.250.0.0/17 maxlen: 32
62.84.112.0/20 maxlen: 32
81.26.176.0/20 maxlen: 32
84.201.128.0/18 maxlen: 32
84.252.128.0/20 maxlen: 32
89.104.112.0/23 maxlen: 32
89.169.128.0/18 maxlen: 32
89.232.188.0/22 maxlen: 32
92.255.1.0/24 maxlen: 32
92.255.3.0/24 maxlen: 32
92.255.13.0/24 maxlen: 32
92.255.15.0/24 maxlen: 32
93.77.160.0/19 maxlen: 32
103.76.52.0/22 maxlen: 32
111.88.144.0/20 maxlen: 32
111.88.240.0/20 maxlen: 32
130.193.32.0/19 maxlen: 32
158.160.0.0/16 maxlen: 32
178.154.192.0/18 maxlen: 32
185.206.164.0/22 maxlen: 32
185.216.194.0/23 maxlen: 32
193.32.216.0/22 maxlen: 32
194.247.51.0/24 maxlen: 32
213.130.80.0/21 maxlen: 32
213.165.192.0/19 maxlen: 32
213.165.200.0/21 maxlen: 32
217.28.224.0/20 maxlen: 32
217.198.168.0/21 maxlen: 32
2a0d:d6c0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/471aa5-c3f7-4afd-b122-9c8e59c2771c/1/3Ibj6SjH8MnbaVFf86ofZ4zuQ8A.crl
rsync://rpki.ripe.net/repository/DEFAULT/e8/471aa5-c3f7-4afd-b122-9c8e59c2771c/1/3Ibj6SjH8MnbaVFf86ofZ4zuQ8A.mft
rsync://rpki.ripe.net/repository/DEFAULT/3Ibj6SjH8MnbaVFf86ofZ4zuQ8A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:fb:f5:a1:20:66:bb:3f:43:f1:9c:13:a4:a9:fd:fe:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc86e3e928c7f0c9db69515ff3aa1f678cee43c0
Validity
Not Before: May 6 06:24:31 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a72983e86ef6e7cf4e6daf9a19cc0d05210fbc07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:69:94:0e:c0:02:b5:cb:18:09:78:2f:32:25:
79:d9:f2:ec:59:50:6d:46:1d:7b:e3:cd:41:1e:50:
57:05:76:fe:88:fa:5d:ea:91:97:ce:be:95:f6:bf:
c3:cb:15:53:b2:ad:85:07:87:92:d3:9a:79:3b:9f:
61:7c:3b:49:03:c8:cb:b8:6f:fb:77:a5:8a:d3:bf:
85:d0:d7:ba:42:9a:ad:d4:6f:eb:b7:b6:48:45:78:
67:7b:79:ce:f0:24:a9:54:08:a7:58:f7:6b:8a:30:
b5:d0:c3:29:1e:6c:92:43:79:64:10:bb:b0:90:fa:
22:42:30:64:72:ff:29:52:5a:ba:1c:2b:c1:5d:00:
1e:a3:2c:e5:b6:e4:c7:66:54:21:71:92:ce:61:ab:
29:c2:7c:65:30:ce:e4:ab:95:a7:29:82:63:4b:5e:
61:da:cf:00:ac:bb:be:14:bb:9f:41:21:64:d2:8a:
29:d3:15:b8:12:e3:42:78:f7:f0:84:da:fc:c2:bd:
36:58:31:99:2b:24:10:c7:9c:db:9c:ee:ba:47:c4:
7f:9d:e4:6c:28:11:93:8c:7c:48:fe:38:0d:28:ef:
17:bb:5a:e6:32:8e:6f:23:20:45:30:52:12:66:d5:
3c:d1:ea:08:c8:32:e9:8e:38:e9:a9:84:34:8b:82:
e1:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:29:83:E8:6E:F6:E7:CF:4E:6D:AF:9A:19:CC:0D:05:21:0F:BC:07
X509v3 Authority Key Identifier:
keyid:DC:86:E3:E9:28:C7:F0:C9:DB:69:51:5F:F3:AA:1F:67:8C:EE:43:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Ibj6SjH8MnbaVFf86ofZ4zuQ8A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/471aa5-c3f7-4afd-b122-9c8e59c2771c/1/pymD6G72589Oba-aGcwNBSEPvAc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/471aa5-c3f7-4afd-b122-9c8e59c2771c/1/3Ibj6SjH8MnbaVFf86ofZ4zuQ8A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.44.8.0/21
37.230.168.0/23
37.230.172.0/22
37.230.188.0/22
45.133.96.0/22
45.159.136.0/22
46.21.244.0/22
46.243.209.0-46.243.212.255
51.250.0.0/17
62.84.112.0/20
81.26.176.0/20
84.201.128.0/18
84.252.128.0/20
89.104.112.0/23
89.169.128.0/18
89.232.188.0/22
92.255.1.0/24
92.255.3.0/24
92.255.13.0/24
92.255.15.0/24
93.77.160.0/19
103.76.52.0/22
111.88.144.0/20
111.88.240.0/20
130.193.32.0/19
158.160.0.0/16
178.154.192.0/18
185.206.164.0/22
185.216.194.0/23
193.32.216.0/22
194.247.51.0/24
213.130.80.0/21
213.165.192.0/19
217.28.224.0/20
217.198.168.0/21
IPv6:
2a0d:d6c0::/29
Signature Algorithm: sha256WithRSAEncryption
b2:26:21:81:42:53:5b:a8:b3:50:81:e1:88:a2:e2:4e:ba:09:
53:c7:5f:79:cb:cc:cb:06:e9:23:c5:e1:66:93:31:1d:f5:c6:
6c:7d:16:bc:c1:9b:c4:06:b1:ce:c8:46:f8:2d:fe:b7:8c:b4:
08:f0:5e:6d:bd:9e:a5:0e:c6:db:01:f9:3e:a5:7f:a9:b1:94:
06:df:30:64:a5:30:a0:b8:eb:3e:21:b7:4c:c8:93:4e:94:b3:
da:fa:16:c1:1a:78:75:30:ca:bf:6e:43:3e:d2:56:d8:35:a4:
b8:d2:82:30:47:d8:8c:ac:0b:57:dd:ff:3f:34:0f:c3:b6:66:
b8:0a:55:f7:2d:72:d8:0a:2b:7d:4e:a8:25:ee:e3:89:d2:43:
6e:0b:d0:d8:1d:91:6f:9f:c3:3c:4b:1b:0c:4f:b6:af:c4:5f:
27:e6:2e:52:69:00:c2:36:38:5d:2c:2a:f8:95:b6:e0:fa:5b:
9c:bf:47:92:2c:be:c5:6d:fa:b4:c2:68:97:dc:be:58:05:5f:
a0:e9:73:90:18:d4:e7:41:8a:9a:5d:70:da:3b:2a:de:28:71:
24:cb:73:17:2c:56:ac:22:af:20:12:28:b8:d5:e2:6c:6c:61:
a9:e3:27:d2:12:42:b4:e4:02:90:cb:2c:7c:d3:e8:49:8b:74:
34:b2:23:88
-----BEGIN CERTIFICATE-----
MIIF5TCCBM2gAwIBAgISAZ379aEgZrs/Q/GcE6Sp/f4wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjODZlM2U5MjhjN2YwYzlkYjY5NTE1ZmYzYWExZjY3OGNl
ZTQzYzAwHhcNMjYwNTA2MDYyNDMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzI5ODNlODZlZjZlN2NmNGU2ZGFmOWExOWNjMGQwNTIxMGZiYzA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2mUDsACtcsYCXgvMiV52fLsWVBt
Rh17481BHlBXBXb+iPpd6pGXzr6V9r/DyxVTsq2FB4eS05p5O59hfDtJA8jLuG/7
d6WK07+F0Ne6Qpqt1G/rt7ZIRXhne3nO8CSpVAinWPdrijC10MMpHmySQ3lkELuw
kPoiQjBkcv8pUlq6HCvBXQAeoyzltuTHZlQhcZLOYaspwnxlMM7kq5WnKYJjS15h
2s8ArLu+FLufQSFk0oop0xW4EuNCePfwhNr8wr02WDGZKyQQx5zbnO66R8R/neRs
KBGTjHxI/jgNKO8Xu1rmMo5vIyBFMFISZtU80eoIyDLpjjjpqYQ0i4LhBwIDAQAB
o4IC8TCCAu0wHQYDVR0OBBYEFKcpg+hu9ufPTm2vmhnMDQUhD7wHMB8GA1UdIwQY
MBaAFNyG4+kox/DJ22lRX/OqH2eM7kPAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0liajZTakg4TW5iYVZGZjg2b2ZaNHp1UThBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC80NzFhYTUtYzNmNy00YWZkLWIxMjIt
OWM4ZTU5YzI3NzFjLzEvcHltRDZHNzI1ODlPYmEtYUdjd05CU0VQdkFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC80NzFhYTUtYzNmNy00YWZkLWIxMjItOWM4ZTU5YzI3NzFj
LzEvM0liajZTakg4TW5iYVZGZjg2b2ZaNHp1UThBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBBQYIKwYBBQUHAQcBAf8EgfUwgfIwgeAEAgABMIHZAwQD
HywIAwQBJeaoAwQCJeasAwQCJea8AwQCLYVgAwQCLZ+IAwQCLhX0MAwDBAAu89ED
BAAu89QDBAcz+gADBAQ+VHADBARRGrADBAZUyYADBARU/IADBAFZaHADBAZZqYAD
BAJZ6LwDBABc/wEDBABc/wMDBABc/w0DBABc/w8DBAVdTaADBAJnTDQDBARvWJAD
BARvWPADBAWCwSADAwCeoAMEBrKawAMEArnOpAMEAbnYwgMEAsEg2AMEAML3MwME
A9WCUAMEBdWlwAMEBNkc4AMEA9nGqDANBAIAAjAHAwUDKg3WwDANBgkqhkiG9w0B
AQsFAAOCAQEAsiYhgUJTW6izUIHhiKLiTroJU8dfecvMywbpI8XhZpMxHfXGbH0W
vMGbxAaxzshG+C3+t4y0CPBebb2epQ7G2wH5PqV/qbGUBt8wZKUwoLjrPiG3TMiT
TpSz2voWwRp4dTDKv25DPtJW2DWkuNKCMEfYjKwLV93/PzQPw7ZmuApV9y1y2Aor
fU6oJe7jidJDbgvQ2B2Rb5/DPEsbDE+2r8RfJ+YuUmkAwjY4XSwq+JW24PpbnL9H
kiy+xW36tMJol9y+WAVfoOlzkBjU50GKml1w2jsq3ihxJMtzFyxWrCKvIBIouNXi
bGxhqeMn0hJCtOQCkMssfNPoSYt0NLIjiA==
-----END CERTIFICATE-----
Generated at Wed May 13 01:11:29 2026 by rpki-client