Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/BReMM-HKMDiHcQvoyIT1xPxsg3w.roa
File: BReMM-HKMDiHcQvoyIT1xPxsg3w.roa (raw, json)
Hash identifier: aXBnjHE3xDdUmCqEBO3waOLTZzIvmij/g3V6Hn6E6Fs=
Subject key identifier: 05:17:8C:33:E1:CA:30:38:87:71:0B:E8:C8:84:F5:C4:FC:6C:83:7C
Certificate issuer: /CN=70e5b30272e43053208978dbe44bfee10a5d007e
Certificate serial: 019DE482C73BE88446A09371E340CF79903F
Authority key identifier: 70:E5:B3:02:72:E4:30:53:20:89:78:DB:E4:4B:FE:E1:0A:5D:00:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/BReMM-HKMDiHcQvoyIT1xPxsg3w.roa
Signing time: Fri 01 May 2026 17:07:49 +0000
ROA not before: Fri 01 May 2026 17:07:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 16003
IP address blocks: 31.172.74.0/24 maxlen: 24
31.172.78.0/24 maxlen: 24
79.132.137.0/24 maxlen: 24
79.132.139.0/24 maxlen: 24
81.85.76.0/24 maxlen: 24
89.127.195.0/24 maxlen: 24
89.127.202.0/24 maxlen: 24
89.127.205.0/24 maxlen: 24
89.127.206.0/24 maxlen: 24
89.127.211.0/24 maxlen: 24
89.127.214.0/24 maxlen: 24
89.127.216.0/24 maxlen: 24
103.75.125.0/24 maxlen: 24
103.75.126.0/24 maxlen: 24
162.248.161.0/24 maxlen: 24
185.18.52.0/22 maxlen: 22
185.18.52.0/24 maxlen: 24
185.21.9.0/24 maxlen: 24
185.21.10.0/24 maxlen: 24
194.154.26.0/24 maxlen: 24
213.239.157.0/24 maxlen: 24
213.239.159.0/24 maxlen: 24
217.177.11.0/24 maxlen: 24
217.177.73.0/24 maxlen: 24
217.194.148.0/24 maxlen: 24
2a02:6b40:8002::/48 maxlen: 48
2a02:6b40:8003::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.mft
rsync://rpki.ripe.net/repository/DEFAULT/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:e4:82:c7:3b:e8:84:46:a0:93:71:e3:40:cf:79:90:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70e5b30272e43053208978dbe44bfee10a5d007e
Validity
Not Before: May 1 17:07:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=05178c33e1ca303887710be8c884f5c4fc6c837c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:ce:bc:6e:83:f7:4f:e2:ad:ff:a0:5b:e4:6d:
41:46:6d:da:b0:c7:5e:0e:36:f2:9f:96:cc:6d:ee:
3c:76:77:83:d0:c8:49:ff:2c:39:a2:55:71:be:5d:
7e:ce:a1:7d:9b:d3:c6:89:0c:31:5a:44:b2:14:c6:
88:41:b3:fb:6b:2d:7e:f9:88:60:eb:b5:e5:0b:33:
8c:1f:2b:e9:8a:40:d1:c4:0d:64:c6:a2:4b:48:88:
ab:4e:6c:20:36:3e:db:95:e1:16:df:9d:46:b0:38:
4e:e8:3c:0e:16:e0:80:13:ed:b7:f3:ba:67:ef:cb:
d9:23:fe:ab:0d:7c:6b:75:c2:40:b9:e8:41:fb:0d:
d6:69:ee:9a:56:fb:eb:59:b0:3c:27:b3:5e:5c:bf:
69:c2:22:c4:ef:56:49:c2:14:eb:89:6e:98:ca:40:
36:1a:98:b7:64:3e:09:0f:d4:90:06:48:c5:52:b8:
f8:a5:c2:60:b2:8c:56:b5:46:40:20:0c:a8:3f:59:
56:6b:04:08:ff:7a:8e:6a:ec:70:c1:76:86:f0:e7:
4d:72:15:4e:b8:c4:31:10:75:26:b8:b1:17:b3:15:
79:52:1f:6a:65:e8:06:ea:64:33:aa:b1:01:54:8e:
9a:92:27:78:ff:a4:28:c3:30:ce:b8:ef:f8:ed:30:
f5:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:17:8C:33:E1:CA:30:38:87:71:0B:E8:C8:84:F5:C4:FC:6C:83:7C
X509v3 Authority Key Identifier:
keyid:70:E5:B3:02:72:E4:30:53:20:89:78:DB:E4:4B:FE:E1:0A:5D:00:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/BReMM-HKMDiHcQvoyIT1xPxsg3w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.172.74.0/24
31.172.78.0/24
79.132.137.0/24
79.132.139.0/24
81.85.76.0/24
89.127.195.0/24
89.127.202.0/24
89.127.205.0-89.127.206.255
89.127.211.0/24
89.127.214.0/24
89.127.216.0/24
103.75.125.0-103.75.126.255
162.248.161.0/24
185.18.52.0/22
185.21.9.0-185.21.10.255
194.154.26.0/24
213.239.157.0/24
213.239.159.0/24
217.177.11.0/24
217.177.73.0/24
217.194.148.0/24
IPv6:
2a02:6b40:8002::/47
Signature Algorithm: sha256WithRSAEncryption
41:5a:16:25:60:69:9e:ee:b9:c3:4d:68:fd:17:4e:77:09:a2:
e6:60:48:f0:1a:f9:5b:8d:be:1a:ee:92:70:b4:c3:1b:81:48:
36:17:34:a6:dc:39:70:1e:44:19:ca:8b:17:6f:3f:7f:2b:d2:
3b:87:43:20:22:bf:10:bb:d4:a2:a1:ea:9b:46:0e:3b:e9:e3:
8a:ab:1d:19:a5:76:72:3d:40:fb:19:f4:83:c1:24:76:ed:b8:
3f:d7:c1:e6:51:1d:ff:5f:8b:1e:bf:25:5a:8e:ec:60:1f:c2:
22:a5:38:02:3d:cf:2d:b2:7a:9d:b9:fd:b9:16:d0:b3:4b:b4:
27:be:c4:95:07:2e:fd:4b:a3:44:5e:d9:08:74:1c:c9:94:dc:
bb:e4:9d:9e:40:23:11:87:a6:3f:31:f7:cb:30:c4:8f:c1:e5:
fe:cd:48:f0:83:39:92:8f:73:e7:93:d2:0f:44:e9:0b:ba:d7:
08:39:87:24:ac:c7:7c:87:8d:9e:15:d8:b6:a6:0f:de:f4:31:
e3:98:5c:cf:b1:2b:c5:f1:33:0b:49:5e:29:c2:ae:33:5e:3f:
fd:58:8a:6a:66:94:92:75:44:10:e3:f2:95:e8:46:21:33:4a:
0e:07:25:3e:e4:50:3e:7c:0d:af:60:11:59:c9:1b:43:9d:7e:
b0:cb:c6:06
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZ3kgsc76IRGoJNx40DPeZA/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwZTViMzAyNzJlNDMwNTMyMDg5NzhkYmU0NGJmZWUxMGE1
ZDAwN2UwHhcNMjYwNTAxMTcwNzQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTE3OGMzM2UxY2EzMDM4ODc3MTBiZThjODg0ZjVjNGZjNmM4MzdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApc68boP3T+Kt/6Bb5G1BRm3asMde
Djbyn5bMbe48dneD0MhJ/yw5olVxvl1+zqF9m9PGiQwxWkSyFMaIQbP7ay1++Yhg
67XlCzOMHyvpikDRxA1kxqJLSIirTmwgNj7bleEW351GsDhO6DwOFuCAE+2387pn
78vZI/6rDXxrdcJAuehB+w3Wae6aVvvrWbA8J7NeXL9pwiLE71ZJwhTriW6YykA2
Gpi3ZD4JD9SQBkjFUrj4pcJgsoxWtUZAIAyoP1lWawQI/3qOauxwwXaG8OdNchVO
uMQxEHUmuLEXsxV5Uh9qZegG6mQzqrEBVI6akid4/6QowzDOuO/47TD1vQIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFAUXjDPhyjA4h3EL6MiE9cT8bIN8MB8GA1UdIwQY
MBaAFHDlswJy5DBTIIl42+RL/uEKXQB+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY09XekFuTGtNRk1naVhqYjVFdi00UXBkQUg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8yMmYxZDUtZjI2OS00ZjRmLWJmOGEt
MWZiYzY0MWI1MGIxLzEvQlJlTU0tSEtNRGlIY1F2b3lJVDF4UHhzZzN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS8yMmYxZDUtZjI2OS00ZjRmLWJmOGEtMWZiYzY0MWI1MGIx
LzEvY09XekFuTGtNRk1naVhqYjVFdi00UXBkQUg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHEBggrBgEFBQcBBwEB/wSBtDCBsTCBnQQCAAEwgZYDBAAf
rEoDBAAfrE4DBABPhIkDBABPhIsDBABRVUwDBABZf8MDBABZf8owDAMEAFl/zQME
AFl/zgMEAFl/0wMEAFl/1gMEAFl/2DAMAwQAZ0t9AwQAZ0t+AwQAovihAwQCuRI0
MAwDBAC5FQkDBAC5FQoDBADCmhoDBADV750DBADV758DBADZsQsDBADZsUkDBADZ
wpQwDwQCAAIwCQMHASoCa0CAAjANBgkqhkiG9w0BAQsFAAOCAQEAQVoWJWBpnu65
w01o/RdOdwmi5mBI8Br5W42+Gu6ScLTDG4FINhc0ptw5cB5EGcqLF28/fyvSO4dD
ICK/ELvUoqHqm0YOO+njiqsdGaV2cj1A+xn0g8Ekdu24P9fB5lEd/1+LHr8lWo7s
YB/CIqU4Aj3PLbJ6nbn9uRbQs0u0J77ElQcu/UujRF7ZCHQcyZTcu+SdnkAjEYem
PzH3yzDEj8Hl/s1I8IM5ko9z55PSD0TpC7rXCDmHJKzHfIeNnhXYtqYP3vQx45hc
z7ErxfEzC0leKcKuM14//ViKamaUknVEEOPylehGITNKDgclPuRQPnwNr2ARWckb
Q51+sMvGBg==
-----END CERTIFICATE-----
Generated at Tue May 12 21:32:04 2026 by rpki-client