Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/4TwmNuGfyBIVeU9HIdhUXSI6OKM.roa
File: 4TwmNuGfyBIVeU9HIdhUXSI6OKM.roa (raw, json)
Hash identifier: WbADxTwqJ7Nrf6tTkOO3B9hub+mYE5UyXmlSkAhmv0Q=
Subject key identifier: E1:3C:26:36:E1:9F:C8:12:15:79:4F:47:21:D8:54:5D:22:3A:38:A3
Certificate issuer: /CN=70e5b30272e43053208978dbe44bfee10a5d007e
Certificate serial: 019D268710488F3125990D6B1081F9BE6DB2
Authority key identifier: 70:E5:B3:02:72:E4:30:53:20:89:78:DB:E4:4B:FE:E1:0A:5D:00:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/4TwmNuGfyBIVeU9HIdhUXSI6OKM.roa
Signing time: Wed 25 Mar 2026 19:44:38 +0000
ROA not before: Wed 25 Mar 2026 19:44:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 44051
IP address blocks: 2.58.64.0/24 maxlen: 24
2.58.65.0/24 maxlen: 24
2.58.66.0/24 maxlen: 24
2.58.67.0/24 maxlen: 24
5.187.0.0/24 maxlen: 24
5.187.1.0/24 maxlen: 24
5.187.2.0/24 maxlen: 24
5.187.3.0/24 maxlen: 24
5.187.4.0/24 maxlen: 24
5.187.5.0/24 maxlen: 24
5.187.6.0/24 maxlen: 24
5.187.7.0/24 maxlen: 24
31.172.68.0/24 maxlen: 24
31.172.70.0/24 maxlen: 24
31.172.71.0/24 maxlen: 24
31.172.72.0/24 maxlen: 24
31.172.73.0/24 maxlen: 24
31.172.75.0/24 maxlen: 24
31.172.77.0/24 maxlen: 24
79.132.136.0/24 maxlen: 24
79.132.138.0/24 maxlen: 24
79.132.140.0/24 maxlen: 24
79.132.142.0/24 maxlen: 24
79.132.143.0/24 maxlen: 24
91.228.152.0/24 maxlen: 24
91.228.153.0/24 maxlen: 24
91.228.154.0/24 maxlen: 24
91.228.155.0/24 maxlen: 24
103.75.124.0/24 maxlen: 24
103.75.127.0/24 maxlen: 24
103.228.168.0/24 maxlen: 24
103.228.169.0/24 maxlen: 24
103.228.170.0/24 maxlen: 24
103.228.171.0/24 maxlen: 24
162.248.160.0/24 maxlen: 24
162.248.164.0/24 maxlen: 24
162.248.165.0/24 maxlen: 24
162.248.166.0/24 maxlen: 24
162.248.167.0/24 maxlen: 24
185.21.8.0/24 maxlen: 24
185.44.206.0/24 maxlen: 24
185.44.207.0/24 maxlen: 24
194.154.24.0/24 maxlen: 24
194.154.30.0/24 maxlen: 24
195.26.237.0/24 maxlen: 24
212.2.234.0/24 maxlen: 24
212.2.235.0/24 maxlen: 24
217.177.10.0/24 maxlen: 24
217.177.72.0/24 maxlen: 24
2a02:6b40::/32 maxlen: 32
2a02:6b40::/48 maxlen: 48
2a02:6b40:1::/48 maxlen: 48
2a02:6b40:1000::/48 maxlen: 48
2a02:6b40:2000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.mft
rsync://rpki.ripe.net/repository/DEFAULT/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:26:87:10:48:8f:31:25:99:0d:6b:10:81:f9:be:6d:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70e5b30272e43053208978dbe44bfee10a5d007e
Validity
Not Before: Mar 25 19:44:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e13c2636e19fc81215794f4721d8545d223a38a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:97:c5:41:3d:7b:c9:1f:4e:5d:9b:d1:57:bc:
dc:31:a5:1c:a3:6a:fd:f3:0c:4f:df:10:b8:d5:4b:
65:5f:96:c8:e7:32:6e:2e:b5:78:0f:81:5c:77:be:
f8:89:8e:a9:bb:f8:dc:e6:d7:7e:5e:4f:d8:f7:b7:
4d:ab:3e:87:78:25:fd:76:92:d6:8b:41:cd:32:dc:
76:0f:df:17:9d:a2:0a:ea:1f:53:5f:97:d7:b3:a8:
78:ce:ff:7d:c4:b7:f7:75:32:b3:9a:5c:78:6c:3e:
62:68:40:41:78:30:0c:4a:a6:3f:81:53:10:b1:34:
ea:b8:a6:fd:32:f0:15:e0:91:fa:9d:e5:00:46:a2:
c7:81:18:8b:a2:d3:fc:22:71:59:26:52:92:40:ae:
ba:d0:ce:b0:ef:a4:c5:d1:77:b8:9e:db:3f:fd:f9:
95:23:f7:88:69:23:10:3e:73:fd:ad:38:9d:36:45:
d5:ec:7b:80:43:16:a8:68:9b:4b:82:0d:1e:d3:92:
fc:f2:ce:27:95:85:ce:e2:6a:ef:e8:6c:d6:33:06:
c2:cd:a8:00:70:a4:df:50:98:4f:68:1c:37:cf:f2:
7b:ce:31:f2:60:41:2c:ed:26:ff:6f:06:71:8a:2a:
b7:d5:39:e0:1d:90:1e:cf:08:51:7a:03:82:6f:52:
96:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:3C:26:36:E1:9F:C8:12:15:79:4F:47:21:D8:54:5D:22:3A:38:A3
X509v3 Authority Key Identifier:
keyid:70:E5:B3:02:72:E4:30:53:20:89:78:DB:E4:4B:FE:E1:0A:5D:00:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/4TwmNuGfyBIVeU9HIdhUXSI6OKM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.64.0/22
5.187.0.0/21
31.172.68.0/24
31.172.70.0-31.172.73.255
31.172.75.0/24
31.172.77.0/24
79.132.136.0/24
79.132.138.0/24
79.132.140.0/24
79.132.142.0/23
91.228.152.0/22
103.75.124.0/24
103.75.127.0/24
103.228.168.0/22
162.248.160.0/24
162.248.164.0/22
185.21.8.0/24
185.44.206.0/23
194.154.24.0/24
194.154.30.0/24
195.26.237.0/24
212.2.234.0/23
217.177.10.0/24
217.177.72.0/24
IPv6:
2a02:6b40::/32
Signature Algorithm: sha256WithRSAEncryption
44:e1:0f:87:0f:ed:a6:74:32:f2:8b:80:13:05:0c:50:34:62:
78:fb:82:86:12:52:9d:e4:ff:6b:48:0d:c7:98:25:8d:70:6f:
e7:b2:ed:49:6b:66:26:63:b4:44:fa:a9:d8:2c:86:02:cc:0d:
32:81:89:81:24:67:c4:da:ad:91:f2:7a:2d:27:11:91:15:a7:
24:9a:43:5b:2a:20:0a:32:fd:11:69:3f:d2:a8:c6:a0:3e:5c:
20:a8:95:cd:da:03:91:66:f9:ab:dd:dd:08:38:58:da:0f:63:
b7:91:fa:50:47:d8:07:5f:fe:0c:e1:91:41:bd:46:a2:1e:7a:
68:b7:ff:0c:43:52:0e:8e:81:30:cf:ec:e6:66:1e:80:f9:b5:
bf:c3:81:b8:99:99:50:f1:bb:21:d5:b7:1e:8b:42:bd:c6:40:
92:c8:27:6a:11:90:4d:f1:35:31:d5:7a:32:e4:6b:84:79:bd:
aa:23:bb:4e:df:18:f7:c2:f8:fe:91:6b:3e:34:ef:7f:29:f1:
25:9d:65:91:e0:5a:af:cf:09:18:ec:d4:ba:5a:a7:3e:4a:3d:
a9:c8:a5:65:37:18:7b:35:1c:f2:4d:8d:7b:7b:84:db:f7:a7:
ec:89:a6:cf:7d:81:ec:a5:d6:6f:f5:6e:4f:89:a8:f1:ed:e8:
99:1a:eb:72
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZ0mhxBIjzElmQ1rEIH5vm2yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwZTViMzAyNzJlNDMwNTMyMDg5NzhkYmU0NGJmZWUxMGE1
ZDAwN2UwHhcNMjYwMzI1MTk0NDM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTNjMjYzNmUxOWZjODEyMTU3OTRmNDcyMWQ4NTQ1ZDIyM2EzOGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr5fFQT17yR9OXZvRV7zcMaUco2r9
8wxP3xC41UtlX5bI5zJuLrV4D4Fcd774iY6pu/jc5td+Xk/Y97dNqz6HeCX9dpLW
i0HNMtx2D98XnaIK6h9TX5fXs6h4zv99xLf3dTKzmlx4bD5iaEBBeDAMSqY/gVMQ
sTTquKb9MvAV4JH6neUARqLHgRiLotP8InFZJlKSQK660M6w76TF0Xe4nts//fmV
I/eIaSMQPnP9rTidNkXV7HuAQxaoaJtLgg0e05L88s4nlYXO4mrv6GzWMwbCzagA
cKTfUJhPaBw3z/J7zjHyYEEs7Sb/bwZxiiq31TngHZAezwhRegOCb1KWCQIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFOE8Jjbhn8gSFXlPRyHYVF0iOjijMB8GA1UdIwQY
MBaAFHDlswJy5DBTIIl42+RL/uEKXQB+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY09XekFuTGtNRk1naVhqYjVFdi00UXBkQUg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8yMmYxZDUtZjI2OS00ZjRmLWJmOGEt
MWZiYzY0MWI1MGIxLzEvNFR3bU51R2Z5QklWZVU5SElkaFVYU0k2T0tNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS8yMmYxZDUtZjI2OS00ZjRmLWJmOGEtMWZiYzY0MWI1MGIx
LzEvY09XekFuTGtNRk1naVhqYjVFdi00UXBkQUg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHEBggrBgEFBQcBBwEB/wSBtDCBsTCBnwQCAAEwgZgDBAIC
OkADBAMFuwADBAAfrEQwDAMEAR+sRgMEAR+sSAMEAB+sSwMEAB+sTQMEAE+EiAME
AE+EigMEAE+EjAMEAU+EjgMEAlvkmAMEAGdLfAMEAGdLfwMEAmfkqAMEAKL4oAME
AqL4pAMEALkVCAMEAbkszgMEAMKaGAMEAMKaHgMEAMMa7QMEAdQC6gMEANmxCgME
ANmxSDANBAIAAjAHAwUAKgJrQDANBgkqhkiG9w0BAQsFAAOCAQEAROEPhw/tpnQy
8ouAEwUMUDRiePuChhJSneT/a0gNx5gljXBv57LtSWtmJmO0RPqp2CyGAswNMoGJ
gSRnxNqtkfJ6LScRkRWnJJpDWyogCjL9EWk/0qjGoD5cIKiVzdoDkWb5q93dCDhY
2g9jt5H6UEfYB1/+DOGRQb1Goh56aLf/DENSDo6BMM/s5mYegPm1v8OBuJmZUPG7
IdW3HotCvcZAksgnahGQTfE1MdV6MuRrhHm9qiO7Tt8Y98L4/pFrPjTvfynxJZ1l
keBar88JGOzUulqnPko9qcilZTcYezUc8k2Ne3uE2/en7Immz32B7KXWb/VuT4mo
8e3omRrrcg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 16:54:31 2026 by rpki-client