Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/188542-d4f7-4aa2-adc7-775a05788cf5/1/ngZkQQAAmyzs-8i5NBKDT7ozzfE.roa
File: ngZkQQAAmyzs-8i5NBKDT7ozzfE.roa (raw, json)
Hash identifier: 6UMNzj0BfpUOXrwKXdq5vGzZXckdpCxU0zZpgK6Silc=
Subject key identifier: 9E:06:64:41:00:00:9B:2C:EC:FB:C8:B9:34:12:83:4F:BA:33:CD:F1
Certificate issuer: /CN=3a6e2e7ff2c702c8ab5149feea7175991c73409c
Certificate serial: 019C9C40EECAEFDFA0E27E4CA0998126DE86
Authority key identifier: 3A:6E:2E:7F:F2:C7:02:C8:AB:51:49:FE:EA:71:75:99:1C:73:40:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Om4uf_LHAsirUUn-6nF1mRxzQJw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/188542-d4f7-4aa2-adc7-775a05788cf5/1/ngZkQQAAmyzs-8i5NBKDT7ozzfE.roa
Signing time: Thu 26 Feb 2026 23:20:26 +0000
ROA not before: Thu 26 Feb 2026 23:20:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 203877
IP address blocks: 37.35.8.0/21 maxlen: 21
62.240.0.0/24 maxlen: 24
62.240.1.0/24 maxlen: 24
62.240.2.0/24 maxlen: 24
62.240.3.0/24 maxlen: 24
62.240.5.0/24 maxlen: 24
62.240.6.0/24 maxlen: 24
62.240.7.0/24 maxlen: 24
62.240.8.0/22 maxlen: 22
62.240.12.0/24 maxlen: 24
62.240.13.0/24 maxlen: 24
62.240.14.0/24 maxlen: 24
62.240.15.0/24 maxlen: 24
62.240.16.0/24 maxlen: 24
62.240.17.0/24 maxlen: 24
62.240.18.0/24 maxlen: 24
62.240.19.0/24 maxlen: 24
62.240.20.0/24 maxlen: 24
85.202.112.0/24 maxlen: 24
85.202.113.0/24 maxlen: 24
85.202.114.0/24 maxlen: 24
85.202.115.0/24 maxlen: 24
85.202.116.0/24 maxlen: 24
85.202.118.0/24 maxlen: 24
85.202.120.0/24 maxlen: 24
85.202.121.0/24 maxlen: 24
85.202.122.0/24 maxlen: 24
85.202.125.0/24 maxlen: 24
85.202.126.0/24 maxlen: 24
85.202.127.0/24 maxlen: 24
91.226.240.0/24 maxlen: 24
91.226.241.0/24 maxlen: 24
91.226.242.0/24 maxlen: 24
91.226.243.0/24 maxlen: 24
93.92.248.0/21 maxlen: 21
109.94.119.0/24 maxlen: 24
109.94.120.0/22 maxlen: 22
109.94.224.0/22 maxlen: 22
178.22.216.0/24 maxlen: 24
178.22.217.0/24 maxlen: 24
178.22.218.0/24 maxlen: 24
178.22.219.0/24 maxlen: 24
178.22.220.0/24 maxlen: 24
178.22.221.0/24 maxlen: 24
178.22.222.0/24 maxlen: 24
178.22.223.0/24 maxlen: 24
185.102.236.0/22 maxlen: 22
185.118.168.0/24 maxlen: 24
185.118.169.0/24 maxlen: 24
185.118.170.0/24 maxlen: 24
185.118.171.0/24 maxlen: 24
212.57.40.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/188542-d4f7-4aa2-adc7-775a05788cf5/1/Om4uf_LHAsirUUn-6nF1mRxzQJw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/188542-d4f7-4aa2-adc7-775a05788cf5/1/Om4uf_LHAsirUUn-6nF1mRxzQJw.mft
rsync://rpki.ripe.net/repository/DEFAULT/Om4uf_LHAsirUUn-6nF1mRxzQJw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 08:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:9c:40:ee:ca:ef:df:a0:e2:7e:4c:a0:99:81:26:de:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a6e2e7ff2c702c8ab5149feea7175991c73409c
Validity
Not Before: Feb 26 23:20:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9e06644100009b2cecfbc8b93412834fba33cdf1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:ad:3f:49:c0:8f:12:62:61:87:fd:c6:28:25:
85:41:c6:3f:42:0b:3c:39:d5:2b:ca:47:d7:fc:9a:
5b:13:42:1b:72:a7:84:4b:e5:1a:1b:2e:b3:3b:0c:
b8:bd:dc:85:b8:3c:d3:47:79:e2:b0:ab:19:3d:19:
60:bc:b2:dd:e5:ce:ba:94:e4:da:cc:bf:95:fa:9b:
56:85:b2:a9:8c:5e:33:77:ae:58:b9:91:75:0b:de:
7e:42:a3:7a:eb:93:f4:47:a4:e0:8b:7d:ff:40:cf:
45:f1:cd:35:33:8a:3a:1c:53:de:84:e8:28:7d:f3:
7f:d4:40:0b:0f:1d:c9:a6:43:0c:d2:5e:30:a8:5d:
23:91:9c:c9:34:3f:d8:90:b4:76:8a:82:78:4e:7a:
bf:8e:fe:d9:06:9a:1b:c6:65:78:ac:84:ab:5c:bf:
a8:66:98:45:d1:0f:8c:da:e0:d6:a0:d2:a5:d5:66:
8b:2a:bb:10:6b:73:ff:01:ac:3c:7c:f1:46:19:a2:
bb:12:bc:e1:f7:40:46:f3:4c:b7:77:1c:38:61:c4:
7c:63:b1:05:45:e0:fa:5e:7d:64:72:fb:69:63:03:
e5:0f:81:8d:d5:76:23:1e:49:a0:a5:2e:37:7a:14:
63:71:bc:bc:a5:42:7c:10:ac:0f:85:d0:6c:5a:11:
36:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:06:64:41:00:00:9B:2C:EC:FB:C8:B9:34:12:83:4F:BA:33:CD:F1
X509v3 Authority Key Identifier:
keyid:3A:6E:2E:7F:F2:C7:02:C8:AB:51:49:FE:EA:71:75:99:1C:73:40:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Om4uf_LHAsirUUn-6nF1mRxzQJw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/188542-d4f7-4aa2-adc7-775a05788cf5/1/ngZkQQAAmyzs-8i5NBKDT7ozzfE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/188542-d4f7-4aa2-adc7-775a05788cf5/1/Om4uf_LHAsirUUn-6nF1mRxzQJw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.35.8.0/21
62.240.0.0/22
62.240.5.0-62.240.20.255
85.202.112.0-85.202.116.255
85.202.118.0/24
85.202.120.0-85.202.122.255
85.202.125.0-85.202.127.255
91.226.240.0/22
93.92.248.0/21
109.94.119.0-109.94.123.255
109.94.224.0/22
178.22.216.0/21
185.102.236.0/22
185.118.168.0/22
212.57.40.0/21
Signature Algorithm: sha256WithRSAEncryption
37:6d:81:b3:86:c2:14:82:52:41:31:6b:cf:0e:9f:cf:fa:bf:
f3:38:cb:b1:54:a0:41:a5:0c:c4:79:3f:51:76:05:a2:bc:84:
e7:9e:b7:70:c5:38:14:ca:de:60:4f:8d:26:26:21:6b:f5:94:
0c:10:6f:bf:bf:3b:c1:14:5d:98:4d:c2:1e:31:a9:7d:d5:60:
35:0e:35:a3:49:32:c4:b0:33:94:80:ba:8a:38:0f:9a:54:c3:
66:21:7f:8b:f0:4b:2b:e7:ed:14:4e:81:86:38:b6:2d:39:88:
7f:84:9f:02:ac:cc:e9:8c:2e:6d:e7:3f:7a:1f:0c:18:12:a0:
06:78:c6:a9:a6:70:6f:6c:d9:41:54:4e:88:cf:8a:17:63:99:
da:59:2f:18:8f:19:f0:38:29:2c:3f:be:23:ac:d7:be:ee:9c:
9a:3a:ab:e6:1a:67:18:02:cc:86:9c:56:09:30:3a:f0:57:de:
d4:b7:c6:66:17:4e:a4:85:16:0b:61:b8:9b:02:56:43:4c:f4:
96:21:38:9d:81:74:d0:3d:ea:3b:84:9b:59:7e:28:ed:22:97:
b6:0d:cb:9c:23:a3:ec:16:ec:c0:ef:c7:f3:1f:ef:c0:0d:af:
38:8d:9f:5f:ea:59:74:c7:bd:08:19:a7:ff:e4:81:94:24:26:
ca:b4:21:5b
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgISAZycQO7K79+g4n5MoJmBJt6GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNmUyZTdmZjJjNzAyYzhhYjUxNDlmZWVhNzE3NTk5MWM3
MzQwOWMwHhcNMjYwMjI2MjMyMDI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTA2NjQ0MTAwMDA5YjJjZWNmYmM4YjkzNDEyODM0ZmJhMzNjZGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvq0/ScCPEmJhh/3GKCWFQcY/Qgs8
OdUrykfX/JpbE0IbcqeES+UaGy6zOwy4vdyFuDzTR3nisKsZPRlgvLLd5c66lOTa
zL+V+ptWhbKpjF4zd65YuZF1C95+QqN665P0R6Tgi33/QM9F8c01M4o6HFPehOgo
ffN/1EALDx3JpkMM0l4wqF0jkZzJND/YkLR2ioJ4Tnq/jv7ZBpobxmV4rISrXL+o
ZphF0Q+M2uDWoNKl1WaLKrsQa3P/Aaw8fPFGGaK7Erzh90BG80y3dxw4YcR8Y7EF
ReD6Xn1kcvtpYwPlD4GN1XYjHkmgpS43ehRjcby8pUJ8EKwPhdBsWhE20wIDAQAB
o4ICijCCAoYwHQYDVR0OBBYEFJ4GZEEAAJss7PvIuTQSg0+6M83xMB8GA1UdIwQY
MBaAFDpuLn/yxwLIq1FJ/upxdZkcc0CcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT200dWZfTEhBc2lyVVVuLTZuRjFtUnh6UUp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi8xODg1NDItZDRmNy00YWEyLWFkYzct
Nzc1YTA1Nzg4Y2Y1LzEvbmdaa1FRQUFteXpzLThpNU5CS0RUN296emZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi8xODg1NDItZDRmNy00YWEyLWFkYzctNzc1YTA1Nzg4Y2Y1
LzEvT200dWZfTEhBc2lyVVVuLTZuRjFtUnh6UUp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGfBggrBgEFBQcBBwEB/wSBjzCBjDCBiQQCAAEwgYIDBAMl
IwgDBAI+8AAwDAMEAD7wBQMEAD7wFDAMAwQEVcpwAwQAVcp0AwQAVcp2MAwDBANV
yngDBABVynowDAMEAFXKfQMEB1XKAAMEAlvi8AMEA11c+DAMAwQAbV53AwQCbV54
AwQCbV7gAwQDshbYAwQCuWbsAwQCuXaoAwQD1DkoMA0GCSqGSIb3DQEBCwUAA4IB
AQA3bYGzhsIUglJBMWvPDp/P+r/zOMuxVKBBpQzEeT9RdgWivITnnrdwxTgUyt5g
T40mJiFr9ZQMEG+/vzvBFF2YTcIeMal91WA1DjWjSTLEsDOUgLqKOA+aVMNmIX+L
8Esr5+0UToGGOLYtOYh/hJ8CrMzpjC5t5z96HwwYEqAGeMappnBvbNlBVE6Iz4oX
Y5naWS8YjxnwOCksP74jrNe+7pyaOqvmGmcYAsyGnFYJMDrwV97Ut8ZmF06khRYL
YbibAlZDTPSWITidgXTQPeo7hJtZfijtIpe2DcucI6PsFuzA78fzH+/ADa84jZ9f
6ll0x70IGaf/5IGUJCbKtCFb
-----END CERTIFICATE-----
Generated at Mon Mar 2 12:32:34 2026 by rpki-client