Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/b8f5e6-c951-4ddb-b4f5-a881ec8228b5/1/gt4NX8URVAv-A4_huezwCBnTr38.roa
File: gt4NX8URVAv-A4_huezwCBnTr38.roa (raw, json)
Hash identifier: vN+Famgpb/hzxjnp6tma5vU9LuyB53AY4c85WPFvJ9g=
Subject key identifier: 82:DE:0D:5F:C5:11:54:0B:FE:03:8F:E1:B9:EC:F0:08:19:D3:AF:7F
Certificate issuer: /CN=5ccdeca171e422c79c938c2732a90d48a8c53c06
Certificate serial: 019CCC519DFC33F8EDCBF66948BC7C03C1F3
Authority key identifier: 5C:CD:EC:A1:71:E4:22:C7:9C:93:8C:27:32:A9:0D:48:A8:C5:3C:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XM3soXHkIseck4wnMqkNSKjFPAY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/b8f5e6-c951-4ddb-b4f5-a881ec8228b5/1/gt4NX8URVAv-A4_huezwCBnTr38.roa
Signing time: Sun 08 Mar 2026 07:20:26 +0000
ROA not before: Sun 08 Mar 2026 07:20:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 34397
IP address blocks: 79.172.128.0/18 maxlen: 18
85.129.128.0/17 maxlen: 17
85.129.164.0/22 maxlen: 22
88.213.0.0/18 maxlen: 18
88.213.6.0/24 maxlen: 24
88.213.64.0/18 maxlen: 18
88.213.64.0/21 maxlen: 21
88.213.64.0/22 maxlen: 22
88.213.72.0/21 maxlen: 21
88.213.78.0/24 maxlen: 24
88.213.80.0/20 maxlen: 20
88.213.80.0/22 maxlen: 22
88.213.92.0/22 maxlen: 22
88.213.92.0/23 maxlen: 23
88.213.96.0/22 maxlen: 22
88.213.100.0/22 maxlen: 22
88.213.126.0/23 maxlen: 23
89.4.0.0/15 maxlen: 15
89.5.220.0/23 maxlen: 23
89.5.220.0/24 maxlen: 24
93.98.0.0/16 maxlen: 16
93.98.127.0/24 maxlen: 24
212.71.32.0/19 maxlen: 19
212.71.32.0/24 maxlen: 24
212.71.33.0/24 maxlen: 24
212.71.35.0/24 maxlen: 24
212.71.37.0/24 maxlen: 24
212.71.41.0/24 maxlen: 24
212.71.42.0/24 maxlen: 24
212.71.51.0/24 maxlen: 24
212.71.52.0/24 maxlen: 24
212.71.53.0/24 maxlen: 24
212.107.96.0/19 maxlen: 19
212.107.97.0/24 maxlen: 24
212.107.99.0/24 maxlen: 24
212.107.103.0/24 maxlen: 24
212.107.105.0/24 maxlen: 24
212.107.106.0/24 maxlen: 24
212.118.96.0/19 maxlen: 19
212.118.100.0/24 maxlen: 24
212.118.102.0/24 maxlen: 24
212.118.106.0/24 maxlen: 24
212.118.107.0/24 maxlen: 24
212.118.108.0/22 maxlen: 22
212.118.115.0/24 maxlen: 24
212.118.117.0/24 maxlen: 24
212.118.119.0/24 maxlen: 24
212.118.122.0/24 maxlen: 24
212.118.124.0/24 maxlen: 24
212.119.64.0/20 maxlen: 20
212.119.64.0/24 maxlen: 24
212.119.69.0/24 maxlen: 24
212.119.74.0/24 maxlen: 24
212.119.80.0/21 maxlen: 21
212.119.81.0/24 maxlen: 24
212.119.82.0/24 maxlen: 24
212.119.88.0/22 maxlen: 22
212.119.92.0/23 maxlen: 23
212.119.92.0/24 maxlen: 24
212.119.93.0/24 maxlen: 24
213.181.160.0/19 maxlen: 19
213.181.160.0/23 maxlen: 23
213.181.160.0/24 maxlen: 24
213.181.161.0/24 maxlen: 24
213.181.163.0/24 maxlen: 24
213.181.166.0/24 maxlen: 24
213.181.190.0/24 maxlen: 24
213.210.192.0/18 maxlen: 18
213.210.195.0/24 maxlen: 24
213.210.196.0/24 maxlen: 24
213.210.216.0/24 maxlen: 24
213.210.227.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/b8f5e6-c951-4ddb-b4f5-a881ec8228b5/1/XM3soXHkIseck4wnMqkNSKjFPAY.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/b8f5e6-c951-4ddb-b4f5-a881ec8228b5/1/XM3soXHkIseck4wnMqkNSKjFPAY.mft
rsync://rpki.ripe.net/repository/DEFAULT/XM3soXHkIseck4wnMqkNSKjFPAY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:cc:51:9d:fc:33:f8:ed:cb:f6:69:48:bc:7c:03:c1:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ccdeca171e422c79c938c2732a90d48a8c53c06
Validity
Not Before: Mar 8 07:20:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=82de0d5fc511540bfe038fe1b9ecf00819d3af7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:9f:15:76:81:42:90:21:31:59:18:68:6b:92:
ca:5e:b5:63:54:ea:5d:7f:89:ae:b7:be:b1:b4:84:
b0:13:4c:29:42:0b:2c:90:0b:29:76:9f:a3:bd:a5:
5e:d6:08:5d:26:b7:cf:fe:45:89:11:70:34:4a:8d:
20:b8:bb:a1:fe:12:ff:bb:14:06:62:b6:e6:8f:04:
91:9c:ed:9f:89:30:f2:2f:9e:44:1f:8c:e1:2b:e6:
8f:22:b1:18:5a:e8:99:02:04:2c:3d:77:cd:09:6a:
98:f5:5e:41:a0:14:23:7e:97:54:0e:9e:34:ec:a4:
e7:c2:7c:36:af:9d:d2:92:eb:a9:b0:b3:92:73:d2:
72:7c:4b:b7:50:fe:8b:c0:6d:81:2f:16:26:49:c4:
7d:40:98:80:aa:73:fb:42:1d:f8:16:a7:34:e9:29:
0c:d8:e0:91:29:ef:ee:23:71:76:66:b7:41:06:1a:
08:1b:cd:3e:47:92:e5:21:74:d9:23:a5:eb:a9:21:
8d:43:b4:a9:c2:4f:2b:b1:55:59:d4:2f:64:0d:46:
3d:5e:8d:cc:92:4c:bc:ba:c1:52:ee:66:de:02:b3:
5d:a7:35:21:93:fc:2a:18:b2:b4:5d:fe:92:1e:d5:
29:be:20:28:40:e6:aa:dc:a2:8e:6b:d3:fb:c0:9a:
de:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:DE:0D:5F:C5:11:54:0B:FE:03:8F:E1:B9:EC:F0:08:19:D3:AF:7F
X509v3 Authority Key Identifier:
keyid:5C:CD:EC:A1:71:E4:22:C7:9C:93:8C:27:32:A9:0D:48:A8:C5:3C:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XM3soXHkIseck4wnMqkNSKjFPAY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/b8f5e6-c951-4ddb-b4f5-a881ec8228b5/1/gt4NX8URVAv-A4_huezwCBnTr38.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/b8f5e6-c951-4ddb-b4f5-a881ec8228b5/1/XM3soXHkIseck4wnMqkNSKjFPAY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.172.128.0/18
85.129.128.0/17
88.213.0.0/17
89.4.0.0/15
93.98.0.0/16
212.71.32.0/19
212.107.96.0/19
212.118.96.0/19
212.119.64.0-212.119.93.255
213.181.160.0/19
213.210.192.0/18
Signature Algorithm: sha256WithRSAEncryption
0a:c3:9f:17:3b:3e:4e:af:58:e6:67:0a:16:1f:5d:d4:63:6e:
36:25:0b:9e:48:72:c7:96:fe:41:3b:ea:11:c4:3a:71:6f:86:
24:08:9b:a5:e5:8a:a1:6f:40:5e:4c:99:fd:f6:57:e9:01:9a:
7d:14:11:84:9a:19:a5:6b:0d:df:48:c3:fc:1e:9a:bc:5a:0f:
11:6a:99:de:56:34:39:45:b5:d8:8e:95:35:8e:6f:78:1c:e3:
69:93:f0:a3:00:ca:cb:bb:93:c3:0d:4e:b8:f8:8b:bb:23:2d:
93:69:a2:94:7b:4e:27:78:9a:e5:df:12:41:9b:b1:c0:5b:75:
7f:21:fd:61:6a:79:64:3f:5f:7e:e8:f3:f7:db:71:e8:28:2c:
d5:ed:c0:93:0e:4f:b9:fd:47:05:fe:4f:01:9d:43:2b:ab:ac:
54:22:c7:c3:a3:7a:9f:a8:99:1b:17:d8:ee:20:23:54:3c:71:
70:56:22:04:c8:2d:9f:f9:5b:3f:a6:91:18:89:2c:2e:56:cc:
47:a2:38:e3:0b:84:f3:17:3d:6a:44:0e:86:98:08:ff:e2:b3:
68:84:bc:24:47:42:b1:6c:00:da:f8:68:de:0f:40:40:ae:cf:
67:c6:60:17:60:a1:f4:6e:4b:db:fe:47:b8:c0:87:cf:fe:5d:
09:c2:a3:ec
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZzMUZ38M/jty/ZpSLx8A8HzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjY2RlY2ExNzFlNDIyYzc5YzkzOGMyNzMyYTkwZDQ4YThj
NTNjMDYwHhcNMjYwMzA4MDcyMDI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmRlMGQ1ZmM1MTE1NDBiZmUwMzhmZTFiOWVjZjAwODE5ZDNhZjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6p8VdoFCkCExWRhoa5LKXrVjVOpd
f4mut76xtISwE0wpQgsskAspdp+jvaVe1ghdJrfP/kWJEXA0So0guLuh/hL/uxQG
YrbmjwSRnO2fiTDyL55EH4zhK+aPIrEYWuiZAgQsPXfNCWqY9V5BoBQjfpdUDp40
7KTnwnw2r53SkuupsLOSc9JyfEu3UP6LwG2BLxYmScR9QJiAqnP7Qh34Fqc06SkM
2OCRKe/uI3F2ZrdBBhoIG80+R5LlIXTZI6XrqSGNQ7Spwk8rsVVZ1C9kDUY9Xo3M
kky8usFS7mbeArNdpzUhk/wqGLK0Xf6SHtUpviAoQOaq3KKOa9P7wJreaQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFILeDV/FEVQL/gOP4bns8AgZ069/MB8GA1UdIwQY
MBaAFFzN7KFx5CLHnJOMJzKpDUioxTwGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWE0zc29YSGtJc2VjazR3bk1xa05TS2pGUEFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9iOGY1ZTYtYzk1MS00ZGRiLWI0ZjUt
YTg4MWVjODIyOGI1LzEvZ3Q0Tlg4VVJWQXYtQTRfaHVlendDQm5UcjM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9iOGY1ZTYtYzk1MS00ZGRiLWI0ZjUtYTg4MWVjODIyOGI1
LzEvWE0zc29YSGtJc2VjazR3bk1xa05TS2pGUEFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQGT6yAAwQH
VYGAAwQHWNUAAwMBWQQDAwBdYgMEBdRHIAMEBdRrYAMEBdR2YDAMAwQG1HdAAwQB
1HdcAwQF1bWgAwQG1dLAMA0GCSqGSIb3DQEBCwUAA4IBAQAKw58XOz5Or1jmZwoW
H13UY242JQueSHLHlv5BO+oRxDpxb4YkCJul5Yqhb0BeTJn99lfpAZp9FBGEmhml
aw3fSMP8Hpq8Wg8RapneVjQ5RbXYjpU1jm94HONpk/CjAMrLu5PDDU64+Iu7Iy2T
aaKUe04neJrl3xJBm7HAW3V/If1hanlkP19+6PP323HoKCzV7cCTDk+5/UcF/k8B
nUMrq6xUIsfDo3qfqJkbF9juICNUPHFwViIEyC2f+Vs/ppEYiSwuVsxHojjjC4Tz
Fz1qRA6GmAj/4rNohLwkR0KxbADa+GjeD0BArs9nxmAXYKH0bkvb/ke4wIfP/l0J
wqPs
-----END CERTIFICATE-----
Generated at Thu Mar 26 19:01:31 2026 by rpki-client