Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/c7b9dc-7ac6-4aca-a43b-3cbad5b904b5/1/iIRFh2isINzb-UynrOD-rtgXRQg.roa
File: iIRFh2isINzb-UynrOD-rtgXRQg.roa (raw, json)
Hash identifier: IHKfVtc/CE8x8eA0WV7X+4nNnjsdNpcsuMxSl+7FiyI=
Subject key identifier: 88:84:45:87:68:AC:20:DC:DB:F9:4C:A7:AC:E0:FE:AE:D8:17:45:08
Certificate issuer: /CN=5503251db69693362a927e2b130467945c54f0fc
Certificate serial: 019D4D068439043CD53BA9E54A5C7F7FC69F
Authority key identifier: 55:03:25:1D:B6:96:93:36:2A:92:7E:2B:13:04:67:94:5C:54:F0:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VQMlHbaWkzYqkn4rEwRnlFxU8Pw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/c7b9dc-7ac6-4aca-a43b-3cbad5b904b5/1/iIRFh2isINzb-UynrOD-rtgXRQg.roa
Signing time: Thu 02 Apr 2026 07:09:25 +0000
ROA not before: Thu 02 Apr 2026 07:09:25 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 48282
IP address blocks: 45.150.36.0/24 maxlen: 24
45.150.37.0/24 maxlen: 24
45.150.38.0/24 maxlen: 24
45.150.39.0/24 maxlen: 24
62.113.112.0/24 maxlen: 24
62.113.113.0/24 maxlen: 24
62.113.114.0/24 maxlen: 24
62.113.115.0/24 maxlen: 24
62.113.116.0/24 maxlen: 24
62.113.117.0/24 maxlen: 24
62.113.118.0/24 maxlen: 24
62.113.119.0/24 maxlen: 24
83.217.212.0/24 maxlen: 24
83.217.213.0/24 maxlen: 24
83.217.214.0/24 maxlen: 24
83.217.215.0/24 maxlen: 24
84.54.44.0/24 maxlen: 24
84.54.47.0/24 maxlen: 24
85.198.108.0/24 maxlen: 24
85.198.109.0/24 maxlen: 24
85.198.110.0/24 maxlen: 24
85.198.111.0/24 maxlen: 24
88.210.34.0/24 maxlen: 24
88.210.35.0/24 maxlen: 24
88.210.52.0/24 maxlen: 24
88.210.53.0/24 maxlen: 24
88.210.54.0/24 maxlen: 24
88.210.55.0/24 maxlen: 24
88.218.60.0/24 maxlen: 24
88.218.61.0/24 maxlen: 24
88.218.62.0/24 maxlen: 24
88.218.63.0/24 maxlen: 24
91.142.72.0/24 maxlen: 24
91.142.73.0/24 maxlen: 24
91.142.74.0/24 maxlen: 24
91.142.75.0/24 maxlen: 24
91.184.244.0/24 maxlen: 24
91.184.245.0/24 maxlen: 24
91.184.246.0/24 maxlen: 24
91.184.247.0/24 maxlen: 24
91.212.150.0/24 maxlen: 24
93.183.92.0/24 maxlen: 24
93.183.93.0/24 maxlen: 24
93.183.94.0/24 maxlen: 24
93.183.95.0/24 maxlen: 24
94.103.83.0/24 maxlen: 24
94.103.84.0/24 maxlen: 24
94.103.85.0/24 maxlen: 24
94.103.86.0/24 maxlen: 24
94.103.87.0/24 maxlen: 24
94.103.88.0/24 maxlen: 24
94.103.89.0/24 maxlen: 24
94.103.90.0/24 maxlen: 24
94.103.91.0/24 maxlen: 24
94.103.92.0/24 maxlen: 24
94.103.93.0/24 maxlen: 24
95.142.33.0/24 maxlen: 24
95.142.34.0/24 maxlen: 24
95.142.45.0/24 maxlen: 24
95.142.46.0/24 maxlen: 24
95.142.47.0/24 maxlen: 24
109.172.84.0/24 maxlen: 24
109.172.85.0/24 maxlen: 24
109.172.86.0/24 maxlen: 24
109.172.87.0/24 maxlen: 24
109.172.88.0/24 maxlen: 24
109.172.89.0/24 maxlen: 24
109.172.90.0/24 maxlen: 24
109.172.91.0/24 maxlen: 24
178.20.40.0/24 maxlen: 24
178.20.41.0/24 maxlen: 24
178.20.42.0/24 maxlen: 24
178.20.43.0/24 maxlen: 24
178.20.44.0/24 maxlen: 24
178.20.45.0/24 maxlen: 24
178.20.46.0/24 maxlen: 24
178.20.47.0/24 maxlen: 24
178.130.131.0/24 maxlen: 24
178.217.98.0/24 maxlen: 24
178.217.99.0/24 maxlen: 24
185.209.28.0/24 maxlen: 24
185.209.29.0/24 maxlen: 24
185.209.30.0/24 maxlen: 24
185.209.31.0/24 maxlen: 24
185.231.152.0/24 maxlen: 24
185.231.153.0/24 maxlen: 24
185.231.154.0/24 maxlen: 24
185.231.155.0/24 maxlen: 24
192.144.56.0/24 maxlen: 24
192.144.57.0/24 maxlen: 24
192.144.58.0/24 maxlen: 24
192.144.59.0/24 maxlen: 24
193.124.64.0/24 maxlen: 24
193.124.65.0/24 maxlen: 24
193.124.66.0/24 maxlen: 24
193.124.67.0/24 maxlen: 24
193.124.128.0/24 maxlen: 24
193.124.129.0/24 maxlen: 24
193.124.130.0/24 maxlen: 24
193.124.131.0/24 maxlen: 24
193.178.170.0/24 maxlen: 24
195.2.66.0/24 maxlen: 24
195.2.67.0/24 maxlen: 24
195.2.70.0/24 maxlen: 24
195.2.71.0/24 maxlen: 24
195.2.73.0/24 maxlen: 24
195.2.74.0/24 maxlen: 24
195.2.75.0/24 maxlen: 24
195.2.76.0/24 maxlen: 24
195.2.78.0/24 maxlen: 24
195.2.79.0/24 maxlen: 24
195.2.80.0/24 maxlen: 24
195.2.81.0/24 maxlen: 24
195.2.84.0/24 maxlen: 24
195.2.85.0/24 maxlen: 24
212.118.45.0/24 maxlen: 24
212.118.56.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/c7b9dc-7ac6-4aca-a43b-3cbad5b904b5/1/VQMlHbaWkzYqkn4rEwRnlFxU8Pw.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/c7b9dc-7ac6-4aca-a43b-3cbad5b904b5/1/VQMlHbaWkzYqkn4rEwRnlFxU8Pw.mft
rsync://rpki.ripe.net/repository/DEFAULT/VQMlHbaWkzYqkn4rEwRnlFxU8Pw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 16:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:4d:06:84:39:04:3c:d5:3b:a9:e5:4a:5c:7f:7f:c6:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5503251db69693362a927e2b130467945c54f0fc
Validity
Not Before: Apr 2 07:09:25 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8884458768ac20dcdbf94ca7ace0feaed8174508
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:93:a4:f7:2c:cf:9d:90:42:2c:bc:bb:69:b9:
fd:f9:d4:07:37:11:22:b0:e7:72:40:f9:46:44:58:
4b:ce:33:89:69:ef:5e:12:55:ca:a6:4c:f2:e4:99:
79:e9:ab:ed:c4:29:e8:cc:14:37:e6:e0:40:bc:1f:
22:ff:a6:4a:05:c9:ed:de:c0:b0:03:00:fb:fc:d6:
6e:73:5a:a2:9d:5f:89:5f:0b:ab:36:9c:e3:4f:c4:
02:c5:dd:52:d8:e6:33:ba:03:35:8c:55:f3:b2:e2:
33:cf:8f:77:e2:0c:b1:63:37:78:ee:f7:c9:cb:10:
e3:ef:79:26:03:41:62:9c:51:c6:e2:82:2a:c6:b4:
89:be:25:09:bf:39:e8:55:34:77:86:c7:22:7b:b6:
e7:31:1e:3b:76:59:e2:5e:02:31:98:1a:75:ac:8f:
5d:5d:39:f6:79:e5:cb:15:53:a5:63:a5:70:cb:5c:
23:c7:2b:22:ef:1a:41:ab:17:6f:e8:11:9e:bb:f4:
be:61:c8:4b:8f:9f:7e:02:d4:5b:f7:6e:cb:83:22:
33:e3:d3:da:2e:87:1a:68:04:42:4c:ea:98:31:bd:
5b:53:5f:7f:5c:8c:9e:01:09:01:f1:71:40:74:c3:
5a:7b:b9:77:28:db:fd:4c:e3:ea:11:30:1e:26:3f:
96:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:84:45:87:68:AC:20:DC:DB:F9:4C:A7:AC:E0:FE:AE:D8:17:45:08
X509v3 Authority Key Identifier:
keyid:55:03:25:1D:B6:96:93:36:2A:92:7E:2B:13:04:67:94:5C:54:F0:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VQMlHbaWkzYqkn4rEwRnlFxU8Pw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/c7b9dc-7ac6-4aca-a43b-3cbad5b904b5/1/iIRFh2isINzb-UynrOD-rtgXRQg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/c7b9dc-7ac6-4aca-a43b-3cbad5b904b5/1/VQMlHbaWkzYqkn4rEwRnlFxU8Pw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.36.0/22
62.113.112.0/21
83.217.212.0/22
84.54.44.0/24
84.54.47.0/24
85.198.108.0/22
88.210.34.0/23
88.210.52.0/22
88.218.60.0/22
91.142.72.0/22
91.184.244.0/22
91.212.150.0/24
93.183.92.0/22
94.103.83.0-94.103.93.255
95.142.33.0-95.142.34.255
95.142.45.0-95.142.47.255
109.172.84.0-109.172.91.255
178.20.40.0/21
178.130.131.0/24
178.217.98.0/23
185.209.28.0/22
185.231.152.0/22
192.144.56.0/22
193.124.64.0/22
193.124.128.0/22
193.178.170.0/24
195.2.66.0/23
195.2.70.0/23
195.2.73.0-195.2.76.255
195.2.78.0-195.2.81.255
195.2.84.0/23
212.118.45.0/24
212.118.56.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:95:4f:bf:36:9d:7d:7f:85:e9:61:25:2d:6a:3a:d9:ac:e8:
f4:01:fd:56:26:9c:c7:62:75:11:bf:83:aa:0b:e9:cb:56:5f:
9b:f8:5e:d0:d7:7b:da:7a:1b:67:dd:49:34:ef:96:8f:fe:33:
b7:54:0a:4a:4a:25:79:2b:ae:3f:85:f6:07:7f:a7:34:61:34:
76:8f:dd:d9:77:23:ac:d0:ff:55:dc:1d:07:9c:2a:2a:6a:e5:
cd:32:6f:cf:24:d9:53:64:a1:7c:66:e6:49:7e:ce:e1:ba:2e:
f0:e0:14:72:49:54:f3:9c:eb:cf:d8:5b:dd:b8:b9:a2:58:75:
de:26:57:42:eb:77:2d:ab:f7:2c:96:6b:1e:7e:8d:fc:16:aa:
24:3d:f4:79:1d:e8:f1:ae:63:ec:85:e1:95:75:b1:f2:f4:af:
82:36:ce:54:38:24:5f:c3:7f:9b:8d:db:73:c7:4b:c8:41:60:
3c:78:80:70:ab:dd:02:37:42:1a:e7:cf:54:69:36:d5:54:e3:
ba:21:ce:58:d7:cc:77:98:da:a2:6b:71:38:07:b7:b8:f2:21:
ee:b7:b0:87:d4:d7:95:4d:dc:2e:79:67:f5:e9:6a:5e:b7:95:
40:23:9f:da:c7:48:44:ed:d4:e9:27:1d:3f:5c:06:54:c6:8a:
79:da:da:a1
-----BEGIN CERTIFICATE-----
MIIF9TCCBN2gAwIBAgISAZ1NBoQ5BDzVO6nlSlx/f8afMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1MDMyNTFkYjY5NjkzMzYyYTkyN2UyYjEzMDQ2Nzk0NWM1
NGYwZmMwHhcNMjYwNDAyMDcwOTI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODg0NDU4NzY4YWMyMGRjZGJmOTRjYTdhY2UwZmVhZWQ4MTc0NTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs5Ok9yzPnZBCLLy7abn9+dQHNxEi
sOdyQPlGRFhLzjOJae9eElXKpkzy5Jl56avtxCnozBQ35uBAvB8i/6ZKBcnt3sCw
AwD7/NZuc1qinV+JXwurNpzjT8QCxd1S2OYzugM1jFXzsuIzz4934gyxYzd47vfJ
yxDj73kmA0FinFHG4oIqxrSJviUJvznoVTR3hscie7bnMR47dlniXgIxmBp1rI9d
XTn2eeXLFVOlY6Vwy1wjxysi7xpBqxdv6BGeu/S+YchLj59+AtRb927LgyIz49Pa
LocaaARCTOqYMb1bU19/XIyeAQkB8XFAdMNae7l3KNv9TOPqETAeJj+WcQIDAQAB
o4IDATCCAv0wHQYDVR0OBBYEFIiERYdorCDc2/lMp6zg/q7YF0UIMB8GA1UdIwQY
MBaAFFUDJR22lpM2KpJ+KxMEZ5RcVPD8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVlFNbEhiYVdrellxa240ckV3Um5sRnhVOFB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9jN2I5ZGMtN2FjNi00YWNhLWE0M2It
M2NiYWQ1YjkwNGI1LzEvaUlSRmgyaXNJTnpiLVV5bnJPRC1ydGdYUlFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9jN2I5ZGMtN2FjNi00YWNhLWE0M2ItM2NiYWQ1YjkwNGI1
LzEvVlFNbEhiYVdrellxa240ckV3Um5sRnhVOFB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBFQYIKwYBBQUHAQcBAf8EggEEMIIBADCB/QQCAAEwgfYD
BAItliQDBAM+cXADBAJT2dQDBABUNiwDBABUNi8DBAJVxmwDBAFY0iIDBAJY0jQD
BAJY2jwDBAJbjkgDBAJbuPQDBABb1JYDBAJdt1wwDAMEAF5nUwMEAV5nXDAMAwQA
X44hAwQAX44iMAwDBABfji0DBARfjiAwDAMEAm2sVAMEAm2sWAMEA7IUKAMEALKC
gwMEAbLZYgMEArnRHAMEArnnmAMEAsCQOAMEAsF8QAMEAsF8gAMEAMGyqgMEAcMC
QgMEAcMCRjAMAwQAwwJJAwQAwwJMMAwDBAHDAk4DBAHDAlADBAHDAlQDBADUdi0D
BADUdjgwDQYJKoZIhvcNAQELBQADggEBALeVT782nX1/helhJS1qOtms6PQB/VYm
nMdidRG/g6oL6ctWX5v4XtDXe9p6G2fdSTTvlo/+M7dUCkpKJXkrrj+F9gd/pzRh
NHaP3dl3I6zQ/1XcHQecKipq5c0yb88k2VNkoXxm5kl+zuG6LvDgFHJJVPOc68/Y
W924uaJYdd4mV0Lrdy2r9yyWax5+jfwWqiQ99Hkd6PGuY+yF4ZV1sfL0r4I2zlQ4
JF/Df5uN23PHS8hBYDx4gHCr3QI3Qhrnz1RpNtVU47ohzljXzHeY2qJrcTgHt7jy
Ie63sIfU15VN3C55Z/Xpal63lUAjn9rHSETt1OknHT9cBlTGinna2qE=
-----END CERTIFICATE-----
Generated at Fri Apr 17 21:19:37 2026 by rpki-client