Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/Nxs6tS3gpvVZDTXgWewi49rURC4.roa
File: Nxs6tS3gpvVZDTXgWewi49rURC4.roa (raw, json)
Hash identifier: 1LA5/OqatPnKwLIuRVLOa6iMj8y9qkygVQE1vbKraWQ=
Subject key identifier: 37:1B:3A:B5:2D:E0:A6:F5:59:0D:35:E0:59:EC:22:E3:DA:D4:44:2E
Certificate issuer: /CN=70e5b30272e43053208978dbe44bfee10a5d007e
Certificate serial: 019D23BDDF772CB61059F0AF640366D3A9BD
Authority key identifier: 70:E5:B3:02:72:E4:30:53:20:89:78:DB:E4:4B:FE:E1:0A:5D:00:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/Nxs6tS3gpvVZDTXgWewi49rURC4.roa
Signing time: Wed 25 Mar 2026 06:45:39 +0000
ROA not before: Wed 25 Mar 2026 06:45:39 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 16003
IP address blocks: 31.172.74.0/24 maxlen: 24
31.172.78.0/24 maxlen: 24
79.132.137.0/24 maxlen: 24
79.132.139.0/24 maxlen: 24
81.85.76.0/24 maxlen: 24
103.75.125.0/24 maxlen: 24
103.75.126.0/24 maxlen: 24
162.248.161.0/24 maxlen: 24
185.18.52.0/22 maxlen: 22
185.18.52.0/24 maxlen: 24
185.21.9.0/24 maxlen: 24
185.21.10.0/24 maxlen: 24
194.154.26.0/24 maxlen: 24
217.177.11.0/24 maxlen: 24
217.177.73.0/24 maxlen: 24
217.194.148.0/24 maxlen: 24
2a02:6b40:8002::/48 maxlen: 48
2a02:6b40:8003::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.mft
rsync://rpki.ripe.net/repository/DEFAULT/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 13:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:23:bd:df:77:2c:b6:10:59:f0:af:64:03:66:d3:a9:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70e5b30272e43053208978dbe44bfee10a5d007e
Validity
Not Before: Mar 25 06:45:39 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=371b3ab52de0a6f5590d35e059ec22e3dad4442e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:7e:c7:35:d1:ec:ee:1f:a4:48:6c:33:5a:22:
da:aa:c4:d0:92:28:af:8e:79:a7:f3:28:3b:8e:f2:
00:6d:8c:bb:6d:0e:c5:2f:5b:8d:8a:0f:99:85:34:
a2:0f:c0:00:b5:4c:9c:a7:7b:5e:87:f8:45:95:38:
c0:eb:36:95:99:3d:02:87:d7:30:3e:f7:22:6f:c6:
e7:a1:6f:79:b5:71:bd:78:4d:96:5b:a9:02:d2:99:
10:de:60:92:1c:26:76:fa:6e:da:2b:31:53:24:4b:
33:bd:40:f3:56:15:30:7d:f6:af:eb:4f:c9:45:dd:
3f:f7:bf:0b:b1:f5:82:61:93:9d:3d:64:f5:7d:93:
50:5c:a6:ea:33:de:0a:6c:5b:a2:78:35:6f:9f:ff:
6e:de:71:9e:2b:2a:8a:50:f7:ff:be:cc:f9:a8:a5:
db:b8:5d:59:20:65:43:43:bf:7b:c5:15:b1:35:ea:
63:c3:c8:e4:30:63:6f:e0:fe:1a:09:8c:36:9c:ce:
5a:07:de:9b:e9:50:a5:7f:be:7c:47:83:d2:99:90:
a4:20:6d:70:a4:0f:67:2c:46:43:a4:b5:04:cf:91:
0f:1f:52:ff:07:91:82:d7:20:ba:04:c7:79:78:c3:
b3:c4:6b:22:92:f7:a7:a1:84:f9:bf:32:d4:52:61:
d4:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:1B:3A:B5:2D:E0:A6:F5:59:0D:35:E0:59:EC:22:E3:DA:D4:44:2E
X509v3 Authority Key Identifier:
keyid:70:E5:B3:02:72:E4:30:53:20:89:78:DB:E4:4B:FE:E1:0A:5D:00:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/Nxs6tS3gpvVZDTXgWewi49rURC4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.172.74.0/24
31.172.78.0/24
79.132.137.0/24
79.132.139.0/24
81.85.76.0/24
103.75.125.0-103.75.126.255
162.248.161.0/24
185.18.52.0/22
185.21.9.0-185.21.10.255
194.154.26.0/24
217.177.11.0/24
217.177.73.0/24
217.194.148.0/24
IPv6:
2a02:6b40:8002::/47
Signature Algorithm: sha256WithRSAEncryption
2f:16:bb:98:e4:7c:37:e8:09:50:90:37:79:96:36:d4:16:ba:
05:aa:5c:09:9f:42:e6:09:b0:92:88:35:50:52:e0:69:91:68:
25:9c:1e:c6:01:c4:d8:78:dd:54:34:41:27:a5:17:2d:08:09:
00:b6:ea:1b:d7:88:96:29:dc:e8:b7:0b:55:03:11:eb:bb:d4:
65:49:80:91:bf:07:a4:91:eb:3c:70:f0:9e:42:dc:a6:de:d4:
60:9d:7d:1f:3d:78:30:f7:2b:2a:e0:b7:70:e4:8f:08:bd:32:
9b:47:0c:b4:4a:f7:3e:4c:71:f0:04:9a:f8:f6:82:74:00:b2:
c9:4d:0a:d0:d4:f9:5a:46:71:94:e4:94:67:0c:04:6b:a6:64:
a0:2e:ed:45:31:5e:e6:a9:4a:60:0f:3c:ef:06:f1:7c:6a:6c:
d3:81:b1:27:76:34:3a:1f:ad:0b:ef:83:91:41:a2:11:0e:7f:
6a:cf:f7:88:4e:fb:84:6f:21:a7:69:d0:df:2c:af:28:55:23:
d0:58:4c:d0:5f:2b:6a:ad:cf:26:ed:1e:11:7e:31:65:8e:fb:
8f:02:48:39:ef:df:53:6d:b1:50:ff:5b:24:e8:13:50:c5:a6:
d5:e8:f6:31:10:8a:f5:34:cc:01:f4:75:74:e7:e7:c6:e1:3b:
28:42:77:11
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgISAZ0jvd93LLYQWfCvZANm06m9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwZTViMzAyNzJlNDMwNTMyMDg5NzhkYmU0NGJmZWUxMGE1
ZDAwN2UwHhcNMjYwMzI1MDY0NTM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzFiM2FiNTJkZTBhNmY1NTkwZDM1ZTA1OWVjMjJlM2RhZDQ0NDJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtn7HNdHs7h+kSGwzWiLaqsTQkiiv
jnmn8yg7jvIAbYy7bQ7FL1uNig+ZhTSiD8AAtUycp3teh/hFlTjA6zaVmT0Ch9cw
Pvcib8bnoW95tXG9eE2WW6kC0pkQ3mCSHCZ2+m7aKzFTJEszvUDzVhUwffav60/J
Rd0/978LsfWCYZOdPWT1fZNQXKbqM94KbFuieDVvn/9u3nGeKyqKUPf/vsz5qKXb
uF1ZIGVDQ797xRWxNepjw8jkMGNv4P4aCYw2nM5aB96b6VClf758R4PSmZCkIG1w
pA9nLEZDpLUEz5EPH1L/B5GC1yC6BMd5eMOzxGsikvenoYT5vzLUUmHUlQIDAQAB
o4ICczCCAm8wHQYDVR0OBBYEFDcbOrUt4Kb1WQ014FnsIuPa1EQuMB8GA1UdIwQY
MBaAFHDlswJy5DBTIIl42+RL/uEKXQB+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY09XekFuTGtNRk1naVhqYjVFdi00UXBkQUg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8yMmYxZDUtZjI2OS00ZjRmLWJmOGEt
MWZiYzY0MWI1MGIxLzEvTnhzNnRTM2dwdlZaRFRYZ1dld2k0OXJVUkM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS8yMmYxZDUtZjI2OS00ZjRmLWJmOGEtMWZiYzY0MWI1MGIx
LzEvY09XekFuTGtNRk1naVhqYjVFdi00UXBkQUg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGIBggrBgEFBQcBBwEB/wR5MHcwZAQCAAEwXgMEAB+sSgME
AB+sTgMEAE+EiQMEAE+EiwMEAFFVTDAMAwQAZ0t9AwQAZ0t+AwQAovihAwQCuRI0
MAwDBAC5FQkDBAC5FQoDBADCmhoDBADZsQsDBADZsUkDBADZwpQwDwQCAAIwCQMH
ASoCa0CAAjANBgkqhkiG9w0BAQsFAAOCAQEALxa7mOR8N+gJUJA3eZY21Ba6Bapc
CZ9C5gmwkog1UFLgaZFoJZwexgHE2HjdVDRBJ6UXLQgJALbqG9eIlinc6LcLVQMR
67vUZUmAkb8HpJHrPHDwnkLcpt7UYJ19Hz14MPcrKuC3cOSPCL0ym0cMtEr3Pkxx
8ASa+PaCdACyyU0K0NT5WkZxlOSUZwwEa6ZkoC7tRTFe5qlKYA887wbxfGps04Gx
J3Y0Oh+tC++DkUGiEQ5/as/3iE77hG8hp2nQ3yyvKFUj0FhM0F8raq3PJu0eEX4x
ZY77jwJIOe/fU22xUP9bJOgTUMWm1ej2MRCK9TTMAfR1dOfnxuE7KEJ3EQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 23:26:04 2026 by rpki-client