Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/c27fa6-b2b0-4dcb-a899-1030cdbe6bd4/1/zOhOt3SPCz5Zu7LyM7-Bd8VLrB4.roa
File: zOhOt3SPCz5Zu7LyM7-Bd8VLrB4.roa (raw, json)
Hash identifier: PIAfbyfbKoy/IJJGD/Tv2EYSuAXUaHIR8E6fc2UOY3M=
Subject key identifier: CC:E8:4E:B7:74:8F:0B:3E:59:BB:B2:F2:33:BF:81:77:C5:4B:AC:1E
Certificate issuer: /CN=43015654082578c4946cd27be1e89a3dd7562fa4
Certificate serial: 019D0A96D363C9F363F9F819FC3C9AAA5F32
Authority key identifier: 43:01:56:54:08:25:78:C4:94:6C:D2:7B:E1:E8:9A:3D:D7:56:2F:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwFWVAgleMSUbNJ74eiaPddWL6Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/c27fa6-b2b0-4dcb-a899-1030cdbe6bd4/1/zOhOt3SPCz5Zu7LyM7-Bd8VLrB4.roa
Signing time: Fri 20 Mar 2026 09:32:29 +0000
ROA not before: Fri 20 Mar 2026 09:32:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 8315
IP address blocks: 5.100.224.0/21 maxlen: 24
79.99.184.0/21 maxlen: 24
85.92.128.0/19 maxlen: 24
85.158.160.0/21 maxlen: 24
85.222.192.0/21 maxlen: 24
91.200.48.0/23 maxlen: 24
91.200.51.0/24 maxlen: 24
91.216.113.0/24 maxlen: 24
91.216.141.0/24 maxlen: 24
93.175.176.0/20 maxlen: 24
94.198.24.0/21 maxlen: 24
134.0.88.0/21 maxlen: 24
162.248.196.0/22 maxlen: 24
162.251.32.0/21 maxlen: 24
176.62.192.0/21 maxlen: 24
178.251.192.0/21 maxlen: 24
185.12.132.0/22 maxlen: 24
185.30.236.0/22 maxlen: 24
185.38.156.0/22 maxlen: 24
185.74.76.0/24 maxlen: 24
185.74.77.0/24 maxlen: 24
185.77.120.0/22 maxlen: 24
185.113.52.0/22 maxlen: 24
185.113.196.0/22 maxlen: 24
185.113.224.0/22 maxlen: 24
185.116.72.0/22 maxlen: 24
193.34.150.0/23 maxlen: 24
194.105.128.0/23 maxlen: 24
194.165.34.0/24 maxlen: 24
195.234.173.0/24 maxlen: 24
213.171.128.0/19 maxlen: 24
213.214.96.0/19 maxlen: 24
213.247.32.0/19 maxlen: 24
217.195.112.0/20 maxlen: 24
2001:16f8::/32 maxlen: 48
2a00:1bd8::/32 maxlen: 48
2a01:40e0::/32 maxlen: 48
2a02:20b0::/32 maxlen: 32
2a02:20b1::/32 maxlen: 32
2a02:2858::/29 maxlen: 48
2a03:5500::/31 maxlen: 48
2a0d:5040::/29 maxlen: 29
2a0d:5040::/32 maxlen: 32
2a0d:5041::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/c27fa6-b2b0-4dcb-a899-1030cdbe6bd4/1/QwFWVAgleMSUbNJ74eiaPddWL6Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/c27fa6-b2b0-4dcb-a899-1030cdbe6bd4/1/QwFWVAgleMSUbNJ74eiaPddWL6Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/QwFWVAgleMSUbNJ74eiaPddWL6Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 16:32:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:0a:96:d3:63:c9:f3:63:f9:f8:19:fc:3c:9a:aa:5f:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43015654082578c4946cd27be1e89a3dd7562fa4
Validity
Not Before: Mar 20 09:32:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=cce84eb7748f0b3e59bbb2f233bf8177c54bac1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:bf:62:07:0f:33:31:16:2a:f2:79:ea:13:47:
7d:d1:b0:80:94:ca:8f:0b:ad:25:68:e1:29:ee:70:
d7:7d:42:a6:c3:95:65:70:99:8a:60:7d:76:d1:b9:
72:21:e8:17:bd:8b:61:9a:c3:45:a6:61:e4:09:e7:
0d:84:58:a6:e2:78:eb:d8:04:f4:8d:42:eb:89:02:
00:23:a9:f3:e2:8d:7d:7e:fd:e2:12:7a:b2:b0:77:
8d:11:15:7e:f4:be:bb:30:e0:68:1f:14:75:24:b3:
de:26:c0:36:7f:e1:11:75:e4:fc:b2:d5:29:f3:7b:
76:9d:2d:4a:56:5e:40:e7:88:86:7f:df:ed:40:41:
9e:e7:af:db:c5:10:69:17:c2:ef:14:ec:33:25:99:
0a:5d:36:7b:b8:3c:30:e1:78:26:d0:54:8e:2b:c1:
e8:93:31:ac:e6:fd:93:18:f1:8c:88:0b:7e:bb:83:
e9:0d:16:d8:54:70:97:de:9e:b5:65:be:ed:2e:cc:
4d:b0:fe:95:ee:cb:d4:b1:c4:c5:79:3e:14:e4:28:
4a:86:76:9c:79:4b:29:63:25:ce:b5:e8:52:ce:84:
d7:b4:52:93:26:7b:3a:26:75:ea:f8:70:6a:25:b1:
af:b3:96:63:95:41:23:0d:a3:8d:cb:1c:01:54:15:
1d:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:E8:4E:B7:74:8F:0B:3E:59:BB:B2:F2:33:BF:81:77:C5:4B:AC:1E
X509v3 Authority Key Identifier:
keyid:43:01:56:54:08:25:78:C4:94:6C:D2:7B:E1:E8:9A:3D:D7:56:2F:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwFWVAgleMSUbNJ74eiaPddWL6Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/c27fa6-b2b0-4dcb-a899-1030cdbe6bd4/1/zOhOt3SPCz5Zu7LyM7-Bd8VLrB4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/c27fa6-b2b0-4dcb-a899-1030cdbe6bd4/1/QwFWVAgleMSUbNJ74eiaPddWL6Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.100.224.0/21
79.99.184.0/21
85.92.128.0/19
85.158.160.0/21
85.222.192.0/21
91.200.48.0/23
91.200.51.0/24
91.216.113.0/24
91.216.141.0/24
93.175.176.0/20
94.198.24.0/21
134.0.88.0/21
162.248.196.0/22
162.251.32.0/21
176.62.192.0/21
178.251.192.0/21
185.12.132.0/22
185.30.236.0/22
185.38.156.0/22
185.74.76.0/23
185.77.120.0/22
185.113.52.0/22
185.113.196.0/22
185.113.224.0/22
185.116.72.0/22
193.34.150.0/23
194.105.128.0/23
194.165.34.0/24
195.234.173.0/24
213.171.128.0/19
213.214.96.0/19
213.247.32.0/19
217.195.112.0/20
IPv6:
2001:16f8::/32
2a00:1bd8::/32
2a01:40e0::/32
2a02:20b0::/31
2a02:2858::/29
2a03:5500::/31
2a0d:5040::/29
Signature Algorithm: sha256WithRSAEncryption
28:ea:89:8c:86:41:5c:9c:88:17:60:c4:70:2b:25:3f:0a:70:
60:a9:77:9d:44:93:5e:b0:88:da:85:1f:33:de:5f:4b:a7:f2:
33:ae:c3:49:72:16:3e:af:25:77:45:d9:0f:d4:98:7b:13:1e:
6f:d5:19:7e:87:4b:30:70:74:55:40:eb:6d:a5:27:42:18:04:
2f:07:76:bc:af:2f:8a:e9:db:96:73:51:2f:a2:01:84:87:46:
b1:71:59:a1:22:73:dd:eb:d0:20:bc:39:32:61:4d:a8:34:69:
45:b2:54:93:ac:1d:b6:98:88:c4:d8:8e:97:d5:b2:60:5b:13:
9b:f9:e0:2d:24:1b:e6:a2:9a:56:5e:9a:16:b5:2b:ee:44:66:
f3:3c:3f:a8:e6:78:71:98:aa:32:f4:67:1d:b7:b3:af:4d:09:
16:b1:3c:44:b1:61:76:5b:a6:6f:e4:6e:bb:85:a3:a8:7e:ff:
89:42:fc:4a:6c:d5:60:71:44:55:9f:7a:98:fe:36:53:ce:0b:
81:35:89:10:ea:e4:c6:02:c5:38:44:22:f9:77:ec:c3:cd:b4:
2a:44:f2:72:8d:c1:b7:2c:f6:94:69:67:3e:e7:ca:8f:d2:cb:
05:d5:6b:63:de:d3:f6:95:06:79:b5:7e:54:4d:ff:b8:8a:45:
61:43:87:ee
-----BEGIN CERTIFICATE-----
MIIF/jCCBOagAwIBAgISAZ0KltNjyfNj+fgZ/Dyaql8yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDE1NjU0MDgyNTc4YzQ5NDZjZDI3YmUxZTg5YTNkZDc1
NjJmYTQwHhcNMjYwMzIwMDkzMjI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2U4NGViNzc0OGYwYjNlNTliYmIyZjIzM2JmODE3N2M1NGJhYzFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3L9iBw8zMRYq8nnqE0d90bCAlMqP
C60laOEp7nDXfUKmw5VlcJmKYH120blyIegXvYthmsNFpmHkCecNhFim4njr2AT0
jULriQIAI6nz4o19fv3iEnqysHeNERV+9L67MOBoHxR1JLPeJsA2f+ERdeT8stUp
83t2nS1KVl5A54iGf9/tQEGe56/bxRBpF8LvFOwzJZkKXTZ7uDww4Xgm0FSOK8Ho
kzGs5v2TGPGMiAt+u4PpDRbYVHCX3p61Zb7tLsxNsP6V7svUscTFeT4U5ChKhnac
eUspYyXOtehSzoTXtFKTJns6JnXq+HBqJbGvs5ZjlUEjDaONyxwBVBUd1wIDAQAB
o4IDCjCCAwYwHQYDVR0OBBYEFMzoTrd0jws+Wbuy8jO/gXfFS6weMB8GA1UdIwQY
MBaAFEMBVlQIJXjElGzSe+Homj3XVi+kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdGV1ZBZ2xlTVNVYk5KNzRlaWFQZGRXTDZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9jMjdmYTYtYjJiMC00ZGNiLWE4OTkt
MTAzMGNkYmU2YmQ0LzEvek9oT3QzU1BDejVadTdMeU03LUJkOFZMckI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9jMjdmYTYtYjJiMC00ZGNiLWE4OTktMTAzMGNkYmU2YmQ0
LzEvUXdGV1ZBZ2xlTVNVYk5KNzRlaWFQZGRXTDZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBHgYIKwYBBQUHAQcBAf8EggENMIIBCTCBzQQCAAEwgcYD
BAMFZOADBANPY7gDBAVVXIADBANVnqADBANV3sADBAFbyDADBABbyDMDBABb2HED
BABb2I0DBARdr7ADBANexhgDBAOGAFgDBAKi+MQDBAOi+yADBAOwPsADBAOy+8AD
BAK5DIQDBAK5HuwDBAK5JpwDBAG5SkwDBAK5TXgDBAK5cTQDBAK5ccQDBAK5ceAD
BAK5dEgDBAHBIpYDBAHCaYADBADCpSIDBADD6q0DBAXVq4ADBAXV1mADBAXV9yAD
BATZw3AwNwQCAAIwMQMFACABFvgDBQAqABvYAwUAKgFA4AMFASoCILADBQMqAihY
AwUBKgNVAAMFAyoNUEAwDQYJKoZIhvcNAQELBQADggEBACjqiYyGQVyciBdgxHAr
JT8KcGCpd51Ek16wiNqFHzPeX0un8jOuw0lyFj6vJXdF2Q/UmHsTHm/VGX6HSzBw
dFVA622lJ0IYBC8HdryvL4rp25ZzUS+iAYSHRrFxWaEic93r0CC8OTJhTag0aUWy
VJOsHbaYiMTYjpfVsmBbE5v54C0kG+aimlZemha1K+5EZvM8P6jmeHGYqjL0Zx23
s69NCRaxPESxYXZbpm/kbruFo6h+/4lC/Eps1WBxRFWfepj+NlPOC4E1iRDq5MYC
xThEIvl37MPNtCpE8nKNwbcs9pRpZz7nyo/SywXVa2Pe0/aVBnm1flRN/7iKRWFD
h+4=
-----END CERTIFICATE-----
Generated at Fri Mar 27 00:06:46 2026 by rpki-client