Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/3Q4qtd7h41K_l6KO23OaRaHuFxA.roa
File: 3Q4qtd7h41K_l6KO23OaRaHuFxA.roa (raw, json)
Hash identifier: RSK57esro0r9vFV/VxumPcfiTcgTubFRr566RWGWft0=
Subject key identifier: DD:0E:2A:B5:DE:E1:E3:52:BF:97:A2:8E:DB:73:9A:45:A1:EE:17:10
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 019C2F41484FBD2E54B424BD8D8408113F16
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/3Q4qtd7h41K_l6KO23OaRaHuFxA.roa
Signing time: Thu 05 Feb 2026 19:22:13 +0000
ROA not before: Thu 05 Feb 2026 19:22:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212667
IP address blocks: 5.182.116.0/24 maxlen: 24
45.15.255.0/24 maxlen: 24
45.86.3.0/24 maxlen: 24
45.90.44.0/24 maxlen: 24
45.90.47.0/24 maxlen: 24
45.128.130.0/23 maxlen: 23
45.128.228.0/22 maxlen: 22
46.149.174.0/24 maxlen: 24
46.174.192.0/24 maxlen: 24
46.174.193.0/24 maxlen: 24
46.174.194.0/24 maxlen: 24
46.174.195.0/24 maxlen: 24
46.174.197.0/24 maxlen: 24
46.174.198.0/24 maxlen: 24
46.174.199.0/24 maxlen: 24
62.204.32.0/24 maxlen: 24
178.212.78.0/24 maxlen: 24
185.253.2.0/24 maxlen: 24
188.64.140.0/24 maxlen: 24
188.93.136.0/24 maxlen: 24
195.96.141.0/24 maxlen: 24
212.18.98.0/24 maxlen: 24
212.52.13.0/24 maxlen: 24
212.60.6.0/24 maxlen: 24
212.107.24.0/24 maxlen: 24
212.115.48.0/24 maxlen: 24
212.115.50.0/24 maxlen: 24
213.166.92.0/24 maxlen: 24
213.166.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 09:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:2f:41:48:4f:bd:2e:54:b4:24:bd:8d:84:08:11:3f:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Feb 5 19:22:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=dd0e2ab5dee1e352bf97a28edb739a45a1ee1710
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:9e:7b:45:5c:5a:e4:26:78:3b:e6:73:82:6b:
7e:4a:6c:8e:cc:4d:14:1d:d5:a8:04:73:68:d9:76:
98:46:f9:b3:35:91:e2:06:a6:e0:c1:9d:40:52:63:
f2:16:80:f3:7c:6f:ca:2e:db:76:d5:78:2a:ed:fa:
7e:80:f2:0a:0a:a2:08:24:ff:de:43:d2:58:0e:c5:
3a:63:67:67:e1:5a:eb:24:cf:57:c6:26:f6:3a:b3:
a7:c4:ff:e1:ae:53:d7:d7:09:e7:5d:34:84:f9:fb:
69:1c:88:a0:88:d9:f3:69:de:30:ef:fa:12:d8:4e:
a8:b0:aa:0a:c9:ee:cb:84:5a:fb:23:d3:23:8a:13:
f0:8a:c7:5c:ab:df:da:8c:e6:ba:1e:cd:38:4c:a7:
31:86:4f:23:a8:4a:01:f2:e7:98:a3:05:4c:6c:e4:
61:1d:50:ca:f9:f9:28:95:cc:f8:48:c4:0e:30:6c:
d9:99:f4:52:16:01:b5:6e:e0:af:6c:94:40:40:d2:
31:62:c1:71:7e:af:c5:37:16:0c:de:2f:73:c4:ec:
5a:f0:1e:68:62:07:f0:01:26:ac:99:e4:b6:24:2f:
8e:3d:05:f8:d1:fd:48:90:18:3e:19:7c:08:51:b1:
cc:1e:6a:b8:f9:09:6e:2f:c5:eb:a1:3d:d2:37:bb:
d5:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:0E:2A:B5:DE:E1:E3:52:BF:97:A2:8E:DB:73:9A:45:A1:EE:17:10
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/3Q4qtd7h41K_l6KO23OaRaHuFxA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.116.0/24
45.15.255.0/24
45.86.3.0/24
45.90.44.0/24
45.90.47.0/24
45.128.130.0/23
45.128.228.0/22
46.149.174.0/24
46.174.192.0/22
46.174.197.0-46.174.199.255
62.204.32.0/24
178.212.78.0/24
185.253.2.0/24
188.64.140.0/24
188.93.136.0/24
195.96.141.0/24
212.18.98.0/24
212.52.13.0/24
212.60.6.0/24
212.107.24.0/24
212.115.48.0/24
212.115.50.0/24
213.166.92.0/24
213.166.95.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:e8:00:5b:a3:1f:12:9f:f2:ec:e1:ba:98:05:56:57:2b:46:
68:48:f0:12:30:d0:86:35:03:75:03:4d:85:f6:06:85:02:c5:
1d:1e:53:31:d7:73:5e:bc:da:86:4a:c6:fa:e0:57:25:c1:9d:
2e:6d:43:39:42:01:37:09:00:8f:40:67:f1:e7:3f:10:2c:af:
ee:47:2d:e0:24:e5:4b:e0:d0:ef:dd:96:b6:7a:90:3b:6e:6e:
67:9a:42:66:df:7b:e3:04:d7:3f:80:66:96:24:c6:0c:cf:fd:
7b:66:f3:9e:e6:d9:48:49:89:72:0a:10:44:5c:b0:49:a8:6b:
3f:45:8a:57:0c:ae:e0:e4:cf:93:e1:5a:e7:be:2e:be:dd:a5:
80:6e:e0:08:aa:2f:46:e1:c2:af:d4:44:f4:e2:59:33:3d:c1:
31:06:23:fe:d2:27:39:20:f1:d7:e7:48:68:66:e5:c2:2d:d3:
90:40:f8:10:f7:b8:a4:25:16:77:bd:17:68:b0:55:b9:c1:1b:
c8:2c:4a:5f:d5:bd:7e:90:0d:66:0c:f0:05:2f:74:73:b5:8a:
b6:77:a8:ae:47:41:76:ec:f4:2b:86:2c:a0:a8:3a:7d:67:fb:
be:30:43:31:b5:9a:af:80:1f:da:8a:9a:aa:64:2c:78:7f:26:
96:ae:bb:6d
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAZwvQUhPvS5UtCS9jYQIET8WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjYwMjA1MTkyMjEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDBlMmFiNWRlZTFlMzUyYmY5N2EyOGVkYjczOWE0NWExZWUxNzEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt557RVxa5CZ4O+Zzgmt+SmyOzE0U
HdWoBHNo2XaYRvmzNZHiBqbgwZ1AUmPyFoDzfG/KLtt21Xgq7fp+gPIKCqIIJP/e
Q9JYDsU6Y2dn4VrrJM9Xxib2OrOnxP/hrlPX1wnnXTSE+ftpHIigiNnzad4w7/oS
2E6osKoKye7LhFr7I9MjihPwisdcq9/ajOa6Hs04TKcxhk8jqEoB8ueYowVMbORh
HVDK+fkolcz4SMQOMGzZmfRSFgG1buCvbJRAQNIxYsFxfq/FNxYM3i9zxOxa8B5o
YgfwASasmeS2JC+OPQX40f1IkBg+GXwIUbHMHmq4+QluL8XroT3SN7vVcwIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFN0OKrXe4eNSv5eijttzmkWh7hcQMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvM1E0cXRkN2g0MUtfbDZLTzIzT2FSYUh1RnhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG1BggrBgEFBQcBBwEB/wSBpTCBojCBnwQCAAEwgZgDBAAF
tnQDBAAtD/8DBAAtVgMDBAAtWiwDBAAtWi8DBAEtgIIDBAItgOQDBAAula4DBAIu
rsAwDAMEAC6uxQMEAy6uwAMEAD7MIAMEALLUTgMEALn9AgMEALxAjAMEALxdiAME
AMNgjQMEANQSYgMEANQ0DQMEANQ8BgMEANRrGAMEANRzMAMEANRzMgMEANWmXAME
ANWmXzANBgkqhkiG9w0BAQsFAAOCAQEALugAW6MfEp/y7OG6mAVWVytGaEjwEjDQ
hjUDdQNNhfYGhQLFHR5TMddzXrzahkrG+uBXJcGdLm1DOUIBNwkAj0Bn8ec/ECyv
7kct4CTlS+DQ792WtnqQO25uZ5pCZt974wTXP4BmliTGDM/9e2bznubZSEmJcgoQ
RFywSahrP0WKVwyu4OTPk+Fa574uvt2lgG7gCKovRuHCr9RE9OJZMz3BMQYj/tIn
OSDx1+dIaGblwi3TkED4EPe4pCUWd70XaLBVucEbyCxKX9W9fpANZgzwBS90c7WK
tneorkdBduz0K4YsoKg6fWf7vjBDMbWar4Af2oqaqmQseH8mlq67bQ==
-----END CERTIFICATE-----
Generated at Sun Mar 1 20:19:53 2026 by rpki-client