Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/3DawKgMiee04mjLAEhG-FPqXnx0.roa
File: 3DawKgMiee04mjLAEhG-FPqXnx0.roa (raw, json)
Hash identifier: V6qmid9yBC7NLZgvuCLsfk91/KpHXjXi8TBc9UeyvR0=
Subject key identifier: DC:36:B0:2A:03:22:79:ED:38:9A:32:C0:12:11:BE:14:FA:97:9F:1D
Certificate issuer: /CN=7e20b034e2c497b1884488def106972704765029
Certificate serial: 019DFD93A10CB5878245AE0E7944B57A470D
Authority key identifier: 7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/3DawKgMiee04mjLAEhG-FPqXnx0.roa
Signing time: Wed 06 May 2026 13:56:43 +0000
ROA not before: Wed 06 May 2026 13:56:43 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 30058
IP address blocks: 82.108.10.0/23 maxlen: 23
82.108.48.0/23 maxlen: 23
82.108.62.0/23 maxlen: 23
82.108.64.0/22 maxlen: 22
82.108.96.0/23 maxlen: 23
82.108.136.0/23 maxlen: 23
82.108.192.0/23 maxlen: 23
87.82.200.0/22 maxlen: 22
87.82.204.0/23 maxlen: 23
87.82.208.0/23 maxlen: 23
87.82.211.0/24 maxlen: 24
87.83.37.0/24 maxlen: 24
87.83.38.0/24 maxlen: 24
87.83.40.0/24 maxlen: 24
87.83.42.0/23 maxlen: 23
87.83.76.0/22 maxlen: 22
87.84.50.0/23 maxlen: 23
87.84.72.0/24 maxlen: 24
87.84.74.0/23 maxlen: 23
87.84.136.0/24 maxlen: 24
87.84.138.0/24 maxlen: 24
87.84.148.0/23 maxlen: 23
87.84.181.0/24 maxlen: 24
87.84.184.0/23 maxlen: 23
87.86.6.0/23 maxlen: 23
87.86.15.0/24 maxlen: 24
87.86.26.0/24 maxlen: 24
195.40.3.0/24 maxlen: 24
195.40.14.0/23 maxlen: 23
195.40.64.0/23 maxlen: 23
195.40.66.0/23 maxlen: 23
195.40.68.0/23 maxlen: 23
195.40.79.0/24 maxlen: 24
195.40.81.0/24 maxlen: 24
195.40.84.0/24 maxlen: 24
195.40.90.0/24 maxlen: 24
195.40.93.0/24 maxlen: 24
195.40.98.0/23 maxlen: 23
195.40.102.0/23 maxlen: 23
195.40.124.0/23 maxlen: 23
195.40.126.0/23 maxlen: 23
195.40.164.0/23 maxlen: 23
195.40.168.0/23 maxlen: 23
195.40.170.0/23 maxlen: 23
195.40.172.0/23 maxlen: 23
195.40.174.0/23 maxlen: 23
195.40.190.0/23 maxlen: 23
195.172.126.0/23 maxlen: 23
195.172.146.0/23 maxlen: 23
195.172.148.0/23 maxlen: 23
195.172.208.0/23 maxlen: 23
212.135.14.0/23 maxlen: 23
212.135.176.0/23 maxlen: 24
212.135.182.0/23 maxlen: 23
212.135.184.0/23 maxlen: 23
212.135.186.0/23 maxlen: 23
212.135.188.0/24 maxlen: 24
212.135.216.0/23 maxlen: 23
212.135.224.0/23 maxlen: 23
212.135.226.0/23 maxlen: 23
212.135.229.0/24 maxlen: 24
212.135.230.0/23 maxlen: 23
212.135.232.0/23 maxlen: 23
212.135.238.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.mft
rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:fd:93:a1:0c:b5:87:82:45:ae:0e:79:44:b5:7a:47:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e20b034e2c497b1884488def106972704765029
Validity
Not Before: May 6 13:56:43 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=dc36b02a032279ed389a32c01211be14fa979f1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:6f:69:84:29:e4:90:5d:af:cc:f3:4f:37:db:
42:80:57:62:1f:6e:b4:7b:56:1a:39:50:d2:36:12:
c7:84:b1:f9:f5:d5:92:75:1a:c2:a8:a4:72:ee:ac:
5b:90:3a:5f:71:59:67:74:db:fa:42:72:c8:bc:ce:
45:2f:c2:ff:85:45:ea:1a:f5:6d:95:d5:21:f9:e2:
0d:c9:a4:b1:2e:23:3d:44:ce:39:2a:4f:4f:02:d3:
85:01:53:31:23:30:7d:e3:51:cc:48:d5:9c:fd:a9:
19:f8:72:d7:f1:18:bc:a9:19:db:dd:b9:c8:d4:8f:
2f:cb:94:ad:b1:bb:83:3c:66:19:0a:4a:f9:d7:45:
b0:60:05:4b:ef:a3:4d:48:5d:bc:ef:c9:c4:a1:83:
66:0e:59:2a:eb:d8:ff:1d:10:08:ef:32:4c:4d:f5:
b7:79:c3:bb:ea:e3:4f:1a:60:1d:d8:c5:e0:54:be:
bb:4d:bc:cc:0b:30:8d:58:90:54:40:e7:3a:9b:d4:
c7:03:2a:86:70:30:80:ef:2c:bc:e2:fa:b5:c9:7b:
15:92:78:65:98:63:14:4b:a5:6a:da:5d:6d:68:a9:
05:47:d5:93:ce:37:90:ef:57:71:aa:36:19:4e:7f:
f8:04:bc:bd:ad:ad:85:e6:42:3e:d9:3d:eb:e4:4b:
8c:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:36:B0:2A:03:22:79:ED:38:9A:32:C0:12:11:BE:14:FA:97:9F:1D
X509v3 Authority Key Identifier:
keyid:7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/3DawKgMiee04mjLAEhG-FPqXnx0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.108.10.0/23
82.108.48.0/23
82.108.62.0-82.108.67.255
82.108.96.0/23
82.108.136.0/23
82.108.192.0/23
87.82.200.0-87.82.205.255
87.82.208.0/23
87.82.211.0/24
87.83.37.0-87.83.38.255
87.83.40.0/24
87.83.42.0/23
87.83.76.0/22
87.84.50.0/23
87.84.72.0/24
87.84.74.0/23
87.84.136.0/24
87.84.138.0/24
87.84.148.0/23
87.84.181.0/24
87.84.184.0/23
87.86.6.0/23
87.86.15.0/24
87.86.26.0/24
195.40.3.0/24
195.40.14.0/23
195.40.64.0-195.40.69.255
195.40.79.0/24
195.40.81.0/24
195.40.84.0/24
195.40.90.0/24
195.40.93.0/24
195.40.98.0/23
195.40.102.0/23
195.40.124.0/22
195.40.164.0/23
195.40.168.0/21
195.40.190.0/23
195.172.126.0/23
195.172.146.0-195.172.149.255
195.172.208.0/23
212.135.14.0/23
212.135.176.0/23
212.135.182.0-212.135.188.255
212.135.216.0/23
212.135.224.0/22
212.135.229.0-212.135.233.255
212.135.238.0/23
Signature Algorithm: sha256WithRSAEncryption
0c:25:36:2c:b0:62:7e:d7:08:86:63:11:65:0d:0a:b3:21:a9:
83:ef:ad:92:12:88:51:08:15:fb:fc:31:3d:9d:92:41:82:c9:
c2:cf:88:9c:0e:11:36:c5:27:d3:7f:3b:66:c2:69:34:17:14:
62:84:c0:10:d9:71:b3:9a:59:4d:d4:81:af:38:d4:17:1a:40:
d4:b3:5f:2d:6e:bf:2a:1c:50:be:f9:a9:bf:b8:48:26:e8:58:
f8:59:61:d9:fc:70:60:38:fd:0b:37:6f:90:48:66:91:81:bf:
90:72:1d:af:49:43:d8:a2:5f:7d:ab:ab:2d:fe:c2:ea:9e:ac:
43:b6:ca:d2:0c:2a:bf:d4:88:40:e0:bf:1e:ba:3a:fc:50:6d:
8e:21:c6:7f:c1:9d:c0:9b:db:29:d9:2c:82:a9:2d:8d:8e:41:
40:d1:bb:92:77:7a:c7:b8:76:d4:d7:72:30:21:88:4f:7f:21:
73:f5:34:1a:09:03:7d:03:34:c6:06:45:25:8f:de:bf:8b:87:
c6:46:92:06:54:3f:09:33:40:be:c8:6c:2e:dd:12:0d:66:0b:
46:b6:d2:91:c9:a2:27:92:e6:cd:fc:09:f7:eb:fb:3c:61:5a:
66:40:3a:8e:04:dd:8a:65:e1:55:31:7c:90:db:00:a7:88:ca:
15:f2:8c:63
-----BEGIN CERTIFICATE-----
MIIGWTCCBUGgAwIBAgISAZ39k6EMtYeCRa4OeUS1ekcNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMjBiMDM0ZTJjNDk3YjE4ODQ0ODhkZWYxMDY5NzI3MDQ3
NjUwMjkwHhcNMjYwNTA2MTM1NjQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzM2YjAyYTAzMjI3OWVkMzg5YTMyYzAxMjExYmUxNGZhOTc5ZjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3G9phCnkkF2vzPNPN9tCgFdiH260
e1YaOVDSNhLHhLH59dWSdRrCqKRy7qxbkDpfcVlndNv6QnLIvM5FL8L/hUXqGvVt
ldUh+eINyaSxLiM9RM45Kk9PAtOFAVMxIzB941HMSNWc/akZ+HLX8Ri8qRnb3bnI
1I8vy5StsbuDPGYZCkr510WwYAVL76NNSF2878nEoYNmDlkq69j/HRAI7zJMTfW3
ecO76uNPGmAd2MXgVL67TbzMCzCNWJBUQOc6m9THAyqGcDCA7yy84vq1yXsVknhl
mGMUS6Vq2l1taKkFR9WTzjeQ71dxqjYZTn/4BLy9ra2F5kI+2T3r5EuMEQIDAQAB
o4IDZTCCA2EwHQYDVR0OBBYEFNw2sCoDInntOJoywBIRvhT6l58dMB8GA1UdIwQY
MBaAFH4gsDTixJexiESI3vEGlycEdlApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2Qt
MDM1ZDk3N2Y0MjE2LzEvM0Rhd0tnTWllZTA0bWpMQUVoRy1GUHFYbngwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2QtMDM1ZDk3N2Y0MjE2
LzEvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBeQYIKwYBBQUHAQcBAf8EggFoMIIBZDCCAWAEAgABMIIB
WAMEAVJsCgMEAVJsMDAMAwQBUmw+AwQCUmxAAwQBUmxgAwQBUmyIAwQBUmzAMAwD
BANXUsgDBAFXUswDBAFXUtADBABXUtMwDAMEAFdTJQMEAFdTJgMEAFdTKAMEAVdT
KgMEAldTTAMEAVdUMgMEAFdUSAMEAVdUSgMEAFdUiAMEAFdUigMEAVdUlAMEAFdU
tQMEAVdUuAMEAVdWBgMEAFdWDwMEAFdWGgMEAMMoAwMEAcMoDjAMAwQGwyhAAwQB
wyhEAwQAwyhPAwQAwyhRAwQAwyhUAwQAwyhaAwQAwyhdAwQBwyhiAwQBwyhmAwQC
wyh8AwQBwyikAwQDwyioAwQBwyi+AwQBw6x+MAwDBAHDrJIDBAHDrJQDBAHDrNAD
BAHUhw4DBAHUh7AwDAMEAdSHtgMEANSHvAMEAdSH2AMEAtSH4DAMAwQA1IflAwQB
1IfoAwQB1IfuMA0GCSqGSIb3DQEBCwUAA4IBAQAMJTYssGJ+1wiGYxFlDQqzIamD
762SEohRCBX7/DE9nZJBgsnCz4icDhE2xSfTfztmwmk0FxRihMAQ2XGzmllN1IGv
ONQXGkDUs18tbr8qHFC++am/uEgm6Fj4WWHZ/HBgOP0LN2+QSGaRgb+Qch2vSUPY
ol99q6st/sLqnqxDtsrSDCq/1IhA4L8eujr8UG2OIcZ/wZ3Am9sp2SyCqS2NjkFA
0buSd3rHuHbU13IwIYhPfyFz9TQaCQN9AzTGBkUlj96/i4fGRpIGVD8JM0C+yGwu
3RINZgtGttKRyaInkubN/An36/s8YVpmQDqOBN2KZeFVMXyQ2wCniMoV8oxj
-----END CERTIFICATE-----
Generated at Wed May 13 06:00:54 2026 by rpki-client