Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/t3pdRfKg9vRZuho18SU4sz61E8E.roa
File: t3pdRfKg9vRZuho18SU4sz61E8E.roa (raw, json)
Hash identifier: b45C4gL+ScH3KExCK0HAfDIRzNCHEOb/I9PjveaM9Ys=
Subject key identifier: B7:7A:5D:45:F2:A0:F6:F4:59:BA:1A:35:F1:25:38:B3:3E:B5:13:C1
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 019D20FA29F2F27520405F9DD9D4C21EB115
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/t3pdRfKg9vRZuho18SU4sz61E8E.roa
Signing time: Tue 24 Mar 2026 17:52:38 +0000
ROA not before: Tue 24 Mar 2026 17:52:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 62235
IP address blocks: 89.44.82.0/24 maxlen: 24
89.45.220.0/22 maxlen: 24
89.45.220.0/23 maxlen: 24
89.45.222.0/23 maxlen: 24
89.46.35.0/24 maxlen: 24
89.46.37.0/24 maxlen: 24
89.46.39.0/24 maxlen: 24
89.46.247.0/24 maxlen: 24
92.119.0.0/22 maxlen: 24
92.119.0.0/23 maxlen: 24
92.119.2.0/23 maxlen: 24
94.177.0.0/22 maxlen: 24
94.177.0.0/23 maxlen: 24
94.177.2.0/23 maxlen: 24
185.41.244.0/22 maxlen: 24
185.41.244.0/23 maxlen: 24
185.41.246.0/23 maxlen: 24
185.56.76.0/22 maxlen: 24
185.56.76.0/23 maxlen: 24
185.56.78.0/23 maxlen: 24
185.87.128.0/22 maxlen: 24
185.87.128.0/23 maxlen: 24
185.87.130.0/23 maxlen: 24
188.212.16.0/22 maxlen: 24
188.212.16.0/23 maxlen: 24
188.212.18.0/23 maxlen: 24
188.213.80.0/22 maxlen: 24
188.213.80.0/23 maxlen: 24
188.213.82.0/23 maxlen: 24
188.213.83.0/24 maxlen: 24
188.214.112.0/21 maxlen: 24
188.214.112.0/22 maxlen: 24
188.214.116.0/22 maxlen: 24
188.214.118.0/24 maxlen: 24
194.124.56.0/22 maxlen: 24
194.124.56.0/23 maxlen: 24
194.124.58.0/23 maxlen: 24
195.82.98.0/23 maxlen: 24
195.82.98.0/24 maxlen: 24
195.82.99.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.mft
rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:20:fa:29:f2:f2:75:20:40:5f:9d:d9:d4:c2:1e:b1:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Mar 24 17:52:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b77a5d45f2a0f6f459ba1a35f12538b33eb513c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:0f:17:f5:a8:c1:a2:53:e3:84:6b:92:8e:a9:
49:dd:9d:77:b1:74:87:c6:a7:ec:7c:22:e1:0b:f1:
52:9b:02:32:85:00:2b:a8:76:ee:38:22:82:28:fa:
34:79:98:52:ce:b4:22:78:30:5e:26:b9:53:57:05:
d4:9c:fc:18:02:3d:40:63:8e:28:ef:3d:05:2e:d3:
e4:02:3d:b9:be:a3:3d:fd:89:87:cc:7c:a8:6d:e6:
4d:a7:ab:0e:65:25:f7:b4:07:47:18:a6:cc:6d:39:
79:7e:67:ba:aa:f0:af:8f:b6:7f:1e:17:76:a8:37:
27:b3:d2:75:2e:b7:44:60:62:f2:60:62:8c:21:81:
6f:22:2e:67:0b:30:3a:bd:a9:d6:ac:e7:f6:be:6e:
0f:6f:78:8d:fe:a0:2e:92:39:3e:ab:72:9a:64:e5:
bf:2c:e4:9d:51:2e:bf:3c:9c:34:2d:20:2f:3b:73:
6e:6e:3d:48:0b:bf:e9:7d:74:ab:46:73:09:a3:7d:
10:e3:da:9e:26:33:ba:d0:c2:06:72:ca:69:88:f8:
32:87:c4:b3:b3:24:d8:58:98:ff:a4:5c:60:37:bb:
c8:41:a6:d4:6e:62:b4:d1:96:98:2c:ea:76:49:56:
67:f8:16:c2:d9:7e:f5:21:2b:af:24:1e:8b:9a:20:
ed:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:7A:5D:45:F2:A0:F6:F4:59:BA:1A:35:F1:25:38:B3:3E:B5:13:C1
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/t3pdRfKg9vRZuho18SU4sz61E8E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.44.82.0/24
89.45.220.0/22
89.46.35.0/24
89.46.37.0/24
89.46.39.0/24
89.46.247.0/24
92.119.0.0/22
94.177.0.0/22
185.41.244.0/22
185.56.76.0/22
185.87.128.0/22
188.212.16.0/22
188.213.80.0/22
188.214.112.0/21
194.124.56.0/22
195.82.98.0/23
Signature Algorithm: sha256WithRSAEncryption
36:34:2a:23:ea:2e:00:23:2e:57:39:cc:62:2d:b2:71:b0:fb:
7b:ba:b3:8b:af:aa:9a:d3:48:d1:5c:b4:c4:c5:c9:1d:27:7d:
a9:89:29:97:87:e7:35:4a:59:70:ea:8b:52:bb:aa:d3:9f:2f:
8b:7c:7f:e0:7b:7a:32:09:51:d8:03:4f:54:b2:d9:9d:f2:5b:
a4:da:ce:a9:09:1a:88:5e:ac:5b:ed:bb:0e:b6:6b:b1:81:b9:
7e:2b:f7:d4:00:ec:f4:3e:76:fd:cf:72:e1:7b:d3:32:46:51:
ff:87:22:c7:b4:5f:2d:35:89:71:5f:ca:f6:cb:7d:98:3e:08:
85:d9:b3:db:58:c6:8d:89:0d:36:9d:11:38:9e:29:de:3e:16:
de:92:2f:62:ef:d6:07:de:b5:fe:97:99:91:f5:5b:48:2d:14:
55:f7:32:3e:d7:c9:9c:d5:62:5e:ab:20:22:ac:ff:45:a8:9b:
6d:bb:28:2d:10:ad:15:21:88:e3:02:a0:e5:11:33:2b:5b:b4:
4b:52:4e:14:2a:c4:8e:a0:b5:e2:8d:44:a2:62:33:6d:0d:71:
86:e5:0f:44:69:e8:64:ca:57:7a:1a:77:4a:58:66:b6:19:8b:
ac:09:15:80:66:da:ac:02:39:66:1a:d5:84:d3:96:8e:d4:88:
80:14:dc:86
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAZ0g+iny8nUgQF+d2dTCHrEVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjYwMzI0MTc1MjM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzdhNWQ0NWYyYTBmNmY0NTliYTFhMzVmMTI1MzhiMzNlYjUxM2MxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQ8X9ajBolPjhGuSjqlJ3Z13sXSH
xqfsfCLhC/FSmwIyhQArqHbuOCKCKPo0eZhSzrQieDBeJrlTVwXUnPwYAj1AY44o
7z0FLtPkAj25vqM9/YmHzHyobeZNp6sOZSX3tAdHGKbMbTl5fme6qvCvj7Z/Hhd2
qDcns9J1LrdEYGLyYGKMIYFvIi5nCzA6vanWrOf2vm4Pb3iN/qAukjk+q3KaZOW/
LOSdUS6/PJw0LSAvO3Nubj1IC7/pfXSrRnMJo30Q49qeJjO60MIGcsppiPgyh8Sz
syTYWJj/pFxgN7vIQabUbmK00ZaYLOp2SVZn+BbC2X71ISuvJB6LmiDtAQIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFLd6XUXyoPb0WboaNfElOLM+tRPBMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvdDNwZFJmS2c5dlJadWhvMThTVTRzejYxRThFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBmBAIAATBgAwQAWSxSAwQC
WS3cAwQAWS4jAwQAWS4lAwQAWS4nAwQAWS73AwQCXHcAAwQCXrEAAwQCuSn0AwQC
uThMAwQCuVeAAwQCvNQQAwQCvNVQAwQDvNZwAwQCwnw4AwQBw1JiMA0GCSqGSIb3
DQEBCwUAA4IBAQA2NCoj6i4AIy5XOcxiLbJxsPt7urOLr6qa00jRXLTExckdJ32p
iSmXh+c1Sllw6otSu6rTny+LfH/ge3oyCVHYA09Ustmd8luk2s6pCRqIXqxb7bsO
tmuxgbl+K/fUAOz0Pnb9z3Lhe9MyRlH/hyLHtF8tNYlxX8r2y32YPgiF2bPbWMaN
iQ02nRE4ninePhbeki9i79YH3rX+l5mR9VtILRRV9zI+18mc1WJeqyAirP9FqJtt
uygtEK0VIYjjAqDlETMrW7RLUk4UKsSOoLXijUSiYjNtDXGG5Q9Eaehkyld6GndK
WGa2GYusCRWAZtqsAjlmGtWE05aO1IiAFNyG
-----END CERTIFICATE-----
Generated at Thu Mar 26 16:40:57 2026 by rpki-client