Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/iiUeWWy4vNdQT2JqfLyriOKyBds.roa
File: iiUeWWy4vNdQT2JqfLyriOKyBds.roa (raw, json)
Hash identifier: X//YchsgfpGi9KC+KU3RuTcaBCPtGN0++IEL/F/EXV0=
Subject key identifier: 8A:25:1E:59:6C:B8:BC:D7:50:4F:62:6A:7C:BC:AB:88:E2:B2:05:DB
Certificate issuer: /CN=70e5b30272e43053208978dbe44bfee10a5d007e
Certificate serial: 019E0D3C9D9DDCA53DE358D4858C4D2B4238
Authority key identifier: 70:E5:B3:02:72:E4:30:53:20:89:78:DB:E4:4B:FE:E1:0A:5D:00:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/iiUeWWy4vNdQT2JqfLyriOKyBds.roa
Signing time: Sat 09 May 2026 14:55:36 +0000
ROA not before: Sat 09 May 2026 14:55:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 48018
IP address blocks: 31.172.64.0/24 maxlen: 24
31.172.66.0/24 maxlen: 24
31.172.67.0/24 maxlen: 24
31.172.76.0/24 maxlen: 24
81.85.78.0/24 maxlen: 24
89.127.197.0/24 maxlen: 24
89.127.209.0/24 maxlen: 24
89.127.217.0/24 maxlen: 24
199.68.197.0/24 maxlen: 24
217.177.74.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.mft
rsync://rpki.ripe.net/repository/DEFAULT/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:0d:3c:9d:9d:dc:a5:3d:e3:58:d4:85:8c:4d:2b:42:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70e5b30272e43053208978dbe44bfee10a5d007e
Validity
Not Before: May 9 14:55:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8a251e596cb8bcd7504f626a7cbcab88e2b205db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:c2:33:25:25:3e:2a:1e:06:eb:d4:13:01:86:
a1:6b:ab:60:66:d7:17:03:76:b3:8a:ca:ab:24:1c:
78:40:51:59:4a:db:61:92:93:c6:ce:43:86:e1:d7:
fc:f0:a3:d1:5e:df:fc:36:60:a6:6a:cf:15:3f:c0:
ee:86:68:e6:88:ed:41:6b:8e:e0:18:3c:c2:a0:b0:
16:ca:d2:82:77:a5:08:20:e5:50:87:4f:ef:09:47:
ed:65:0d:26:57:64:9b:70:4a:01:c4:ed:4c:fa:35:
07:7c:1a:d5:da:e4:5a:af:30:8c:9a:46:ad:83:a7:
19:27:8e:2c:fa:2f:93:5b:76:0a:0c:52:2a:40:0d:
c6:6d:3e:a6:2a:0c:5b:c7:c0:e1:a5:75:30:32:93:
b3:47:b3:3a:43:b3:d2:55:a0:1f:e2:ec:cd:20:a5:
d2:14:36:2a:bb:95:11:e5:17:b5:f9:70:a4:ce:cb:
4c:ee:97:4c:22:90:58:6b:fe:ea:9a:c6:d6:08:5c:
7f:76:a0:3e:07:45:ea:f2:64:42:e9:e2:bf:9c:db:
66:6a:bb:b5:94:56:cf:80:f3:c3:b1:59:62:7b:ed:
49:ab:d7:34:6f:0d:17:83:0b:56:ad:28:a7:24:88:
bd:ea:8e:c3:a3:39:c4:64:f7:7d:92:85:37:02:fd:
3f:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:25:1E:59:6C:B8:BC:D7:50:4F:62:6A:7C:BC:AB:88:E2:B2:05:DB
X509v3 Authority Key Identifier:
keyid:70:E5:B3:02:72:E4:30:53:20:89:78:DB:E4:4B:FE:E1:0A:5D:00:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/iiUeWWy4vNdQT2JqfLyriOKyBds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.172.64.0/24
31.172.66.0/23
31.172.76.0/24
81.85.78.0/24
89.127.197.0/24
89.127.209.0/24
89.127.217.0/24
199.68.197.0/24
217.177.74.0/24
Signature Algorithm: sha256WithRSAEncryption
43:03:06:23:22:f9:b7:c4:1c:56:d9:d7:74:24:38:2c:75:17:
b8:a4:45:4f:89:67:13:b6:77:13:57:fa:b3:d4:f5:34:14:af:
a5:ea:5c:99:ec:c1:14:65:c0:f6:7c:c7:f7:85:7d:38:16:ec:
de:0c:4e:2d:61:0d:7c:cb:b6:94:f4:37:36:4d:a0:d9:46:92:
de:23:58:4d:d1:7f:ac:7f:5f:80:85:8e:d4:03:fa:97:07:1a:
42:b6:d3:b1:76:c6:27:2c:28:15:b2:c4:e3:f8:5a:9c:ef:1f:
e6:e6:16:ef:a1:c2:d6:d7:0f:04:7a:58:00:ea:d2:24:08:1f:
90:05:d4:cc:20:0c:c2:3b:42:89:78:93:8f:25:4b:a0:34:86:
12:4d:3b:c9:dd:9c:da:79:1c:24:93:7b:a3:bb:bf:26:f5:82:
28:b0:5d:0a:8c:84:fa:68:46:1b:82:9b:e2:e9:cd:22:1d:0d:
86:28:7f:a8:88:6f:3d:3e:09:2c:ef:6f:37:c9:6d:9b:b3:59:
cc:ef:d3:cd:da:90:ed:6b:ab:92:22:8a:c3:7a:f3:76:b6:b6:
3a:be:89:aa:de:8a:0b:42:72:47:85:5c:99:1d:24:c8:a2:6e:
f4:52:19:42:d6:b3:91:f0:38:ac:52:32:b8:78:36:e6:58:1f:
95:d7:d7:b1
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZ4NPJ2d3KU941jUhYxNK0I4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwZTViMzAyNzJlNDMwNTMyMDg5NzhkYmU0NGJmZWUxMGE1
ZDAwN2UwHhcNMjYwNTA5MTQ1NTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTI1MWU1OTZjYjhiY2Q3NTA0ZjYyNmE3Y2JjYWI4OGUyYjIwNWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArcIzJSU+Kh4G69QTAYaha6tgZtcX
A3azisqrJBx4QFFZStthkpPGzkOG4df88KPRXt/8NmCmas8VP8DuhmjmiO1Ba47g
GDzCoLAWytKCd6UIIOVQh0/vCUftZQ0mV2SbcEoBxO1M+jUHfBrV2uRarzCMmkat
g6cZJ44s+i+TW3YKDFIqQA3GbT6mKgxbx8DhpXUwMpOzR7M6Q7PSVaAf4uzNIKXS
FDYqu5UR5Re1+XCkzstM7pdMIpBYa/7qmsbWCFx/dqA+B0Xq8mRC6eK/nNtmaru1
lFbPgPPDsVlie+1Jq9c0bw0XgwtWrSinJIi96o7DoznEZPd9koU3Av0/1QIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFIolHllsuLzXUE9iany8q4jisgXbMB8GA1UdIwQY
MBaAFHDlswJy5DBTIIl42+RL/uEKXQB+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY09XekFuTGtNRk1naVhqYjVFdi00UXBkQUg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8yMmYxZDUtZjI2OS00ZjRmLWJmOGEt
MWZiYzY0MWI1MGIxLzEvaWlVZVdXeTR2TmRRVDJKcWZMeXJpT0t5QmRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS8yMmYxZDUtZjI2OS00ZjRmLWJmOGEtMWZiYzY0MWI1MGIx
LzEvY09XekFuTGtNRk1naVhqYjVFdi00UXBkQUg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAH6xAAwQB
H6xCAwQAH6xMAwQAUVVOAwQAWX/FAwQAWX/RAwQAWX/ZAwQAx0TFAwQA2bFKMA0G
CSqGSIb3DQEBCwUAA4IBAQBDAwYjIvm3xBxW2dd0JDgsdRe4pEVPiWcTtncTV/qz
1PU0FK+l6lyZ7MEUZcD2fMf3hX04FuzeDE4tYQ18y7aU9Dc2TaDZRpLeI1hN0X+s
f1+AhY7UA/qXBxpCttOxdsYnLCgVssTj+Fqc7x/m5hbvocLW1w8EelgA6tIkCB+Q
BdTMIAzCO0KJeJOPJUugNIYSTTvJ3ZzaeRwkk3uju78m9YIosF0KjIT6aEYbgpvi
6c0iHQ2GKH+oiG89Pgks7283yW2bs1nM79PN2pDta6uSIorDevN2trY6vomq3ooL
QnJHhVyZHSTIom70UhlC1rOR8DisUjK4eDbmWB+V19ex
-----END CERTIFICATE-----
Generated at Tue May 12 21:52:51 2026 by rpki-client