Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/KO3mbecsHziWft5oSlk1_j2d34M.roa
File: KO3mbecsHziWft5oSlk1_j2d34M.roa (raw, json)
Hash identifier: f8pLS1dd6igj0miudYVCW/atCJnG106OYVdNd0IpsmE=
Subject key identifier: 28:ED:E6:6D:E7:2C:1F:38:96:7E:DE:68:4A:59:35:FE:3D:9D:DF:83
Certificate issuer: /CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Certificate serial: 019C629404CD6161F4240B2BDE7466D1E1DE
Authority key identifier: E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/KO3mbecsHziWft5oSlk1_j2d34M.roa
Signing time: Sun 15 Feb 2026 18:33:13 +0000
ROA not before: Sun 15 Feb 2026 18:33:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 209372
IP address blocks: 5.104.72.0/24 maxlen: 24
5.104.74.0/24 maxlen: 24
31.40.192.0/24 maxlen: 24
31.40.194.0/24 maxlen: 24
45.130.184.0/24 maxlen: 24
45.130.185.0/24 maxlen: 24
45.130.186.0/24 maxlen: 24
45.130.187.0/24 maxlen: 24
45.140.4.0/24 maxlen: 24
45.140.6.0/24 maxlen: 24
45.140.7.0/24 maxlen: 24
45.152.136.0/24 maxlen: 24
45.152.137.0/24 maxlen: 24
45.154.120.0/22 maxlen: 24
77.83.20.0/22 maxlen: 24
77.83.48.0/23 maxlen: 24
77.83.48.0/24 maxlen: 24
77.83.49.0/24 maxlen: 24
77.83.50.0/23 maxlen: 24
80.243.230.0/23 maxlen: 24
84.252.64.0/22 maxlen: 24
85.31.52.0/24 maxlen: 24
86.62.53.0/24 maxlen: 24
86.62.54.0/24 maxlen: 24
86.62.55.0/24 maxlen: 24
88.218.80.0/24 maxlen: 24
88.218.81.0/24 maxlen: 24
88.218.82.0/23 maxlen: 24
88.218.239.0/24 maxlen: 24
91.132.126.0/24 maxlen: 24
91.132.127.0/24 maxlen: 24
91.245.238.0/24 maxlen: 24
91.245.239.0/24 maxlen: 24
93.177.92.0/24 maxlen: 24
93.177.93.0/24 maxlen: 24
95.214.83.0/24 maxlen: 24
95.214.92.0/24 maxlen: 24
95.214.93.0/24 maxlen: 24
95.214.95.0/24 maxlen: 24
95.214.244.0/22 maxlen: 24
176.113.40.0/23 maxlen: 24
176.118.188.0/24 maxlen: 24
176.118.189.0/24 maxlen: 24
176.118.191.0/24 maxlen: 24
185.155.100.0/24 maxlen: 24
185.177.76.0/24 maxlen: 24
185.177.77.0/24 maxlen: 24
185.177.78.0/23 maxlen: 24
193.9.57.0/24 maxlen: 24
193.9.58.0/24 maxlen: 24
193.9.59.0/24 maxlen: 24
193.31.124.0/23 maxlen: 24
193.47.36.0/22 maxlen: 24
193.56.22.0/24 maxlen: 24
193.160.68.0/24 maxlen: 24
193.160.72.0/24 maxlen: 24
193.160.74.0/24 maxlen: 24
193.160.75.0/24 maxlen: 24
194.28.157.0/24 maxlen: 24
194.53.188.0/22 maxlen: 24
194.104.4.0/24 maxlen: 24
194.104.7.0/24 maxlen: 24
194.124.41.0/24 maxlen: 24
212.69.133.0/24 maxlen: 24
212.69.135.0/24 maxlen: 24
213.109.188.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.mft
rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:62:94:04:cd:61:61:f4:24:0b:2b:de:74:66:d1:e1:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Validity
Not Before: Feb 15 18:33:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=28ede66de72c1f38967ede684a5935fe3d9ddf83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:4e:31:96:01:96:94:ee:5a:ef:e8:6e:58:86:
00:29:be:98:59:f2:8f:1a:58:31:a3:31:6f:59:00:
3e:2f:4d:13:64:9f:40:ab:46:fe:97:e9:a1:3b:32:
b6:d5:78:63:61:29:20:af:1a:fb:61:ff:5e:30:a6:
1a:41:33:b9:3d:cf:18:50:cf:15:98:df:dd:8b:05:
71:d9:16:7d:2e:1b:3f:3d:ed:da:44:de:5e:db:a4:
0b:f6:f1:dc:f8:5f:0d:c9:bb:72:5e:c6:dc:1c:88:
a1:07:4b:69:82:f2:c7:bb:c9:3f:c1:5c:54:94:9a:
a6:f9:90:ac:c5:b3:7e:07:fb:56:b8:da:c9:c0:9b:
50:4a:27:d0:46:bc:88:48:b9:21:a4:d8:c5:e7:77:
05:5a:bc:8e:ac:9f:6b:38:60:5d:99:be:7b:b2:7f:
be:c5:64:93:72:fb:4a:ec:0c:a8:0b:fc:57:5e:de:
27:de:3f:17:20:ea:4a:6e:48:93:b4:03:cb:38:c3:
a4:ea:10:56:09:0b:61:2c:bf:50:e6:58:ee:a0:fe:
40:54:ff:a5:e8:c5:20:18:e3:2d:13:88:86:c3:e7:
c0:d1:0b:0e:b7:46:71:a1:c2:6d:32:60:82:93:aa:
ab:40:f7:2b:c7:d4:1a:70:32:64:e6:16:03:75:d1:
5c:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:ED:E6:6D:E7:2C:1F:38:96:7E:DE:68:4A:59:35:FE:3D:9D:DF:83
X509v3 Authority Key Identifier:
keyid:E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/KO3mbecsHziWft5oSlk1_j2d34M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.72.0/24
5.104.74.0/24
31.40.192.0/24
31.40.194.0/24
45.130.184.0/22
45.140.4.0/24
45.140.6.0/23
45.152.136.0/23
45.154.120.0/22
77.83.20.0/22
77.83.48.0/22
80.243.230.0/23
84.252.64.0/22
85.31.52.0/24
86.62.53.0-86.62.55.255
88.218.80.0/22
88.218.239.0/24
91.132.126.0/23
91.245.238.0/23
93.177.92.0/23
95.214.83.0/24
95.214.92.0/23
95.214.95.0/24
95.214.244.0/22
176.113.40.0/23
176.118.188.0/23
176.118.191.0/24
185.155.100.0/24
185.177.76.0/22
193.9.57.0-193.9.59.255
193.31.124.0/23
193.47.36.0/22
193.56.22.0/24
193.160.68.0/24
193.160.72.0/24
193.160.74.0/23
194.28.157.0/24
194.53.188.0/22
194.104.4.0/24
194.104.7.0/24
194.124.41.0/24
212.69.133.0/24
212.69.135.0/24
213.109.188.0/22
Signature Algorithm: sha256WithRSAEncryption
48:a5:1a:28:54:cb:56:c2:63:65:50:91:0d:49:81:6e:7d:8f:
5a:8e:83:7e:84:6f:9b:32:da:ad:ff:95:c8:6e:0d:85:84:80:
3a:34:90:ae:2a:e9:85:bb:b5:e0:0c:7a:e0:cc:1a:30:8a:8b:
54:a6:c3:2b:87:d5:71:1e:c4:56:28:0d:6a:b8:39:e5:20:f6:
ed:94:ea:e8:1f:ef:80:f2:f5:a0:72:85:74:f2:0a:98:21:13:
b5:2f:20:69:3d:d3:a1:4c:36:ac:79:5d:ff:22:cf:08:43:b1:
3a:4e:7a:03:0e:e8:1b:1c:5b:1a:79:95:07:d6:48:d6:51:4d:
07:a3:9c:e1:08:9f:c6:63:65:bf:28:f6:26:22:05:35:ed:14:
84:ea:24:5f:a0:7a:26:bc:89:50:fd:8f:f0:5b:cd:10:ca:f6:
8c:f5:5d:1c:92:4d:0c:33:4b:f6:da:44:ad:81:a3:9d:64:1b:
4b:d8:c2:4d:de:67:09:76:b6:98:71:83:70:4a:b8:77:61:75:
5f:f3:3c:a5:3d:38:1a:38:ba:6c:63:de:03:fd:55:d1:08:c9:
43:92:92:a9:ab:f0:0c:7b:a8:04:17:93:b9:c0:16:ef:81:2e:
8f:7b:61:78:82:a3:2d:1f:86:12:f5:a8:b5:09:0f:89:db:7b:
5a:00:a0:45
-----BEGIN CERTIFICATE-----
MIIGGTCCBQGgAwIBAgISAZxilATNYWH0JAsr3nRm0eHeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzJiODM0ZmJjOTFhZjBlYzZiMWQzNGZkNjQwNTRkMjI2
OWExZmQwHhcNMjYwMjE1MTgzMzEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGVkZTY2ZGU3MmMxZjM4OTY3ZWRlNjg0YTU5MzVmZTNkOWRkZjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp04xlgGWlO5a7+huWIYAKb6YWfKP
GlgxozFvWQA+L00TZJ9Aq0b+l+mhOzK21XhjYSkgrxr7Yf9eMKYaQTO5Pc8YUM8V
mN/diwVx2RZ9Lhs/Pe3aRN5e26QL9vHc+F8NybtyXsbcHIihB0tpgvLHu8k/wVxU
lJqm+ZCsxbN+B/tWuNrJwJtQSifQRryISLkhpNjF53cFWryOrJ9rOGBdmb57sn++
xWSTcvtK7AyoC/xXXt4n3j8XIOpKbkiTtAPLOMOk6hBWCQthLL9Q5ljuoP5AVP+l
6MUgGOMtE4iGw+fA0QsOt0ZxocJtMmCCk6qrQPcrx9QacDJk5hYDddFcjwIDAQAB
o4IDJTCCAyEwHQYDVR0OBBYEFCjt5m3nLB84ln7eaEpZNf49nd+DMB8GA1UdIwQY
MBaAFOLCuDT7yRrw7GsdNP1kBU0iaaH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2Et
OTk0ODA2ZjA4MWYwLzEvS08zbWJlY3NIemlXZnQ1b1NsazFfajJkMzRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2EtOTk0ODA2ZjA4MWYw
LzEvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBOQYIKwYBBQUHAQcBAf8EggEoMIIBJDCCASAEAgABMIIB
GAMEAAVoSAMEAAVoSgMEAB8owAMEAB8owgMEAi2CuAMEAC2MBAMEAS2MBgMEAS2Y
iAMEAi2aeAMEAk1TFAMEAk1TMAMEAVDz5gMEAlT8QAMEAFUfNDAMAwQAVj41AwQD
Vj4wAwQCWNpQAwQAWNrvAwQBW4R+AwQBW/XuAwQBXbFcAwQAX9ZTAwQBX9ZcAwQA
X9ZfAwQCX9b0AwQBsHEoAwQBsHa8AwQAsHa/AwQAuZtkAwQCubFMMAwDBADBCTkD
BALBCTgDBAHBH3wDBALBLyQDBADBOBYDBADBoEQDBADBoEgDBAHBoEoDBADCHJ0D
BALCNbwDBADCaAQDBADCaAcDBADCfCkDBADURYUDBADURYcDBALVbbwwDQYJKoZI
hvcNAQELBQADggEBAEilGihUy1bCY2VQkQ1JgW59j1qOg36Eb5sy2q3/lchuDYWE
gDo0kK4q6YW7teAMeuDMGjCKi1SmwyuH1XEexFYoDWq4OeUg9u2U6ugf74Dy9aBy
hXTyCpghE7UvIGk906FMNqx5Xf8izwhDsTpOegMO6BscWxp5lQfWSNZRTQejnOEI
n8ZjZb8o9iYiBTXtFITqJF+geia8iVD9j/BbzRDK9oz1XRySTQwzS/baRK2Bo51k
G0vYwk3eZwl2tphxg3BKuHdhdV/zPKU9OBo4umxj3gP9VdEIyUOSkqmr8Ax7qAQX
k7nAFu+BLo97YXiCoy0fhhL1qLUJD4nbe1oAoEU=
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:29:08 2026 by rpki-client