Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/dc7030-78cc-4800-888d-1427dd16efa4/1/o4O2QobbJXdc_ZoUPu3pY45RaXw.roa
File: o4O2QobbJXdc_ZoUPu3pY45RaXw.roa (raw, json)
Hash identifier: p5E90cgzMtxqooCgfC6YdKNzNDwIJawPDk8/BJmTVIk=
Subject key identifier: A3:83:B6:42:86:DB:25:77:5C:FD:9A:14:3E:ED:E9:63:8E:51:69:7C
Certificate issuer: /CN=2e368b0aec6c7fd48d0d96b4077a23f906a86a48
Certificate serial: 019D01816268B09658298BD4738087B4A1C4
Authority key identifier: 2E:36:8B:0A:EC:6C:7F:D4:8D:0D:96:B4:07:7A:23:F9:06:A8:6A:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LjaLCuxsf9SNDZa0B3oj-Qaoakg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/dc7030-78cc-4800-888d-1427dd16efa4/1/o4O2QobbJXdc_ZoUPu3pY45RaXw.roa
Signing time: Wed 18 Mar 2026 15:12:29 +0000
ROA not before: Wed 18 Mar 2026 15:12:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 199242
IP address blocks: 5.255.57.0/24 maxlen: 24
5.255.61.0/24 maxlen: 24
5.255.62.0/23 maxlen: 23
23.252.66.0/23 maxlen: 23
23.252.68.0/24 maxlen: 24
23.252.71.0/24 maxlen: 24
23.252.75.0/24 maxlen: 24
23.252.76.0/24 maxlen: 24
23.252.79.0/24 maxlen: 24
31.222.234.0/24 maxlen: 24
37.72.142.0/24 maxlen: 24
62.3.11.0/24 maxlen: 24
62.106.90.0/24 maxlen: 24
62.233.61.0/24 maxlen: 24
80.71.144.0/24 maxlen: 24
91.92.112.0/23 maxlen: 23
91.246.50.0/24 maxlen: 24
107.150.162.0/23 maxlen: 23
107.150.171.0/24 maxlen: 24
107.150.175.0/24 maxlen: 24
107.150.177.0/24 maxlen: 24
146.19.4.0/24 maxlen: 24
146.19.199.0/24 maxlen: 24
146.19.203.0/24 maxlen: 24
162.222.88.0/23 maxlen: 23
162.222.90.0/24 maxlen: 24
167.160.4.0/24 maxlen: 24
167.160.11.0/24 maxlen: 24
167.160.27.0/24 maxlen: 24
176.97.217.0/24 maxlen: 24
176.126.101.0/24 maxlen: 24
185.4.224.0/23 maxlen: 23
185.165.47.0/24 maxlen: 24
185.234.12.0/24 maxlen: 24
185.252.210.0/24 maxlen: 24
188.244.119.0/24 maxlen: 24
193.9.48.0/24 maxlen: 24
193.162.132.0/24 maxlen: 24
193.162.133.0/24 maxlen: 24
194.26.230.0/24 maxlen: 24
194.26.231.0/24 maxlen: 24
194.99.158.0/24 maxlen: 24
195.96.130.0/24 maxlen: 24
195.96.131.0/24 maxlen: 24
212.52.14.0/24 maxlen: 24
212.52.28.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/dc7030-78cc-4800-888d-1427dd16efa4/1/LjaLCuxsf9SNDZa0B3oj-Qaoakg.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/dc7030-78cc-4800-888d-1427dd16efa4/1/LjaLCuxsf9SNDZa0B3oj-Qaoakg.mft
rsync://rpki.ripe.net/repository/DEFAULT/LjaLCuxsf9SNDZa0B3oj-Qaoakg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 04:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:01:81:62:68:b0:96:58:29:8b:d4:73:80:87:b4:a1:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e368b0aec6c7fd48d0d96b4077a23f906a86a48
Validity
Not Before: Mar 18 15:12:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a383b64286db25775cfd9a143eede9638e51697c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:80:6e:43:37:5b:51:3e:fe:f2:9f:28:47:0f:
c7:0c:0e:27:ac:c3:3c:f1:9f:96:9b:4b:6e:d5:9a:
75:67:b1:1e:3a:b7:ef:3a:6b:bd:a9:00:94:19:c8:
e3:6a:41:05:4f:d8:e4:32:ff:be:91:9a:6e:54:b9:
a6:44:df:19:f2:84:23:a2:78:51:91:6f:08:08:67:
b7:13:9e:f0:bb:27:b5:16:e2:39:ff:1e:33:0b:47:
7d:80:d0:32:bb:28:03:b1:82:fe:58:24:d3:ca:0d:
7e:06:65:58:9c:7f:67:59:54:73:7f:61:e2:62:36:
d9:38:c3:99:39:57:1a:2a:6e:f7:34:52:79:b4:cc:
97:da:41:1f:ff:2c:a8:f7:dd:70:a8:e7:5d:2c:ac:
3c:28:92:f6:68:4e:e9:aa:0a:12:8e:e6:20:16:8e:
f8:3b:64:bc:87:85:32:d4:87:4b:c2:a0:6a:46:11:
ef:24:96:57:72:5c:e0:3d:02:d3:36:b7:f9:9b:ed:
6b:e0:32:46:fa:38:d2:37:e6:eb:11:95:95:77:09:
9e:f9:d2:f0:e1:a8:0b:f2:c3:c3:6a:1f:b0:04:c9:
5e:e0:8d:cc:8a:e7:cf:7f:5c:ac:3c:54:0e:5f:5d:
fe:4d:24:91:d3:db:43:c4:65:c7:72:2a:fc:ac:0c:
6d:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:83:B6:42:86:DB:25:77:5C:FD:9A:14:3E:ED:E9:63:8E:51:69:7C
X509v3 Authority Key Identifier:
keyid:2E:36:8B:0A:EC:6C:7F:D4:8D:0D:96:B4:07:7A:23:F9:06:A8:6A:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LjaLCuxsf9SNDZa0B3oj-Qaoakg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/dc7030-78cc-4800-888d-1427dd16efa4/1/o4O2QobbJXdc_ZoUPu3pY45RaXw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/dc7030-78cc-4800-888d-1427dd16efa4/1/LjaLCuxsf9SNDZa0B3oj-Qaoakg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.255.57.0/24
5.255.61.0-5.255.63.255
23.252.66.0-23.252.68.255
23.252.71.0/24
23.252.75.0-23.252.76.255
23.252.79.0/24
31.222.234.0/24
37.72.142.0/24
62.3.11.0/24
62.106.90.0/24
62.233.61.0/24
80.71.144.0/24
91.92.112.0/23
91.246.50.0/24
107.150.162.0/23
107.150.171.0/24
107.150.175.0/24
107.150.177.0/24
146.19.4.0/24
146.19.199.0/24
146.19.203.0/24
162.222.88.0-162.222.90.255
167.160.4.0/24
167.160.11.0/24
167.160.27.0/24
176.97.217.0/24
176.126.101.0/24
185.4.224.0/23
185.165.47.0/24
185.234.12.0/24
185.252.210.0/24
188.244.119.0/24
193.9.48.0/24
193.162.132.0/23
194.26.230.0/23
194.99.158.0/24
195.96.130.0/23
212.52.14.0/24
212.52.28.0/24
Signature Algorithm: sha256WithRSAEncryption
31:f0:c2:e5:61:6f:46:8d:12:9d:95:64:fd:2b:f3:48:51:d5:
7d:a3:c8:7a:01:b8:e5:01:30:77:c2:65:6e:14:12:53:55:ab:
66:36:47:88:cf:4a:56:63:df:49:e3:b3:ac:69:28:75:54:58:
42:03:9b:65:59:ac:bf:b3:c5:12:63:fa:e7:1b:f6:b8:57:c1:
9d:e0:76:d7:95:47:ae:7f:c4:80:41:84:a6:ad:3c:71:01:b2:
05:ee:cb:15:12:fa:4a:c9:b9:a1:9d:e9:66:e6:17:f8:65:3c:
1a:dc:0c:16:40:d8:a1:9e:61:24:fa:d8:cd:a8:0d:f9:29:72:
c0:80:49:46:46:60:3e:cc:ee:50:35:b4:6e:fa:46:ea:46:d1:
ea:d8:02:8c:36:5d:c9:c8:64:d7:d7:6b:d5:6c:8f:eb:30:cb:
13:71:7e:b1:a1:76:20:08:8e:72:3c:d2:c3:49:88:dd:7d:91:
ed:61:6a:a3:2a:30:15:5e:70:d9:7d:a1:50:5c:bc:70:02:aa:
c5:24:75:32:a3:a6:83:f4:2c:c6:f5:bc:b3:b7:23:37:ca:29:
ad:a8:ef:46:e9:76:db:01:8e:80:cc:43:0e:86:c7:73:07:1a:
33:0d:4e:e7:2c:73:32:94:f7:7d:2d:42:b7:06:67:8c:eb:f3:
f4:e4:2f:0a
-----BEGIN CERTIFICATE-----
MIIGCzCCBPOgAwIBAgISAZ0BgWJosJZYKYvUc4CHtKHEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlMzY4YjBhZWM2YzdmZDQ4ZDBkOTZiNDA3N2EyM2Y5MDZh
ODZhNDgwHhcNMjYwMzE4MTUxMjI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzgzYjY0Mjg2ZGIyNTc3NWNmZDlhMTQzZWVkZTk2MzhlNTE2OTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9oBuQzdbUT7+8p8oRw/HDA4nrMM8
8Z+Wm0tu1Zp1Z7EeOrfvOmu9qQCUGcjjakEFT9jkMv++kZpuVLmmRN8Z8oQjonhR
kW8ICGe3E57wuye1FuI5/x4zC0d9gNAyuygDsYL+WCTTyg1+BmVYnH9nWVRzf2Hi
YjbZOMOZOVcaKm73NFJ5tMyX2kEf/yyo991wqOddLKw8KJL2aE7pqgoSjuYgFo74
O2S8h4Uy1IdLwqBqRhHvJJZXclzgPQLTNrf5m+1r4DJG+jjSN+brEZWVdwme+dLw
4agL8sPDah+wBMle4I3MiufPf1ysPFQOX13+TSSR09tDxGXHcir8rAxtwQIDAQAB
o4IDFzCCAxMwHQYDVR0OBBYEFKODtkKG2yV3XP2aFD7t6WOOUWl8MB8GA1UdIwQY
MBaAFC42iwrsbH/UjQ2WtAd6I/kGqGpIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGphTEN1eHNmOVNORFphMEIzb2otUWFvYWtnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9kYzcwMzAtNzhjYy00ODAwLTg4OGQt
MTQyN2RkMTZlZmE0LzEvbzRPMlFvYmJKWGRjX1pvVVB1M3BZNDVSYVh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9kYzcwMzAtNzhjYy00ODAwLTg4OGQtMTQyN2RkMTZlZmE0
LzEvTGphTEN1eHNmOVNORFphMEIzb2otUWFvYWtnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBKwYIKwYBBQUHAQcBAf8EggEaMIIBFjCCARIEAgABMIIB
CgMEAAX/OTAMAwQABf89AwQGBf8AMAwDBAEX/EIDBAAX/EQDBAAX/EcwDAMEABf8
SwMEABf8TAMEABf8TwMEAB/e6gMEACVIjgMEAD4DCwMEAD5qWgMEAD7pPQMEAFBH
kAMEAVtccAMEAFv2MgMEAWuWogMEAGuWqwMEAGuWrwMEAGuWsQMEAJITBAMEAJIT
xwMEAJITyzAMAwQDot5YAwQAot5aAwQAp6AEAwQAp6ALAwQAp6AbAwQAsGHZAwQA
sH5lAwQBuQTgAwQAuaUvAwQAueoMAwQAufzSAwQAvPR3AwQAwQkwAwQBwaKEAwQB
whrmAwQAwmOeAwQBw2CCAwQA1DQOAwQA1DQcMA0GCSqGSIb3DQEBCwUAA4IBAQAx
8MLlYW9GjRKdlWT9K/NIUdV9o8h6AbjlATB3wmVuFBJTVatmNkeIz0pWY99J47Os
aSh1VFhCA5tlWay/s8USY/rnG/a4V8Gd4HbXlUeuf8SAQYSmrTxxAbIF7ssVEvpK
ybmhnelm5hf4ZTwa3AwWQNihnmEk+tjNqA35KXLAgElGRmA+zO5QNbRu+kbqRtHq
2AKMNl3JyGTX12vVbI/rMMsTcX6xoXYgCI5yPNLDSYjdfZHtYWqjKjAVXnDZfaFQ
XLxwAqrFJHUyo6aD9CzG9byztyM3yimtqO9G6XbbAY6AzEMOhsdzBxozDU7nLHMy
lPd9LUK3BmeM6/P05C8K
-----END CERTIFICATE-----
Generated at Sat Mar 28 12:50:28 2026 by rpki-client