Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/a407a0-8bc1-4416-9437-24246682bf00/1/opb3Dk9q7WglcwVKydeR4HMjMxM.roa
File: opb3Dk9q7WglcwVKydeR4HMjMxM.roa (raw, json)
Hash identifier: 3tNhFHkdfs4fq11SDf2cq5GThxVsi6mCSUEyz5phCxY=
Subject key identifier: A2:96:F7:0E:4F:6A:ED:68:25:73:05:4A:C9:D7:91:E0:73:23:33:13
Certificate issuer: /CN=0ae4bc9401d9f87772c8c9c69834077512f42611
Certificate serial: 019D7CD35E352C468C4AE80EE43F7EA9EFDA
Authority key identifier: 0A:E4:BC:94:01:D9:F8:77:72:C8:C9:C6:98:34:07:75:12:F4:26:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CuS8lAHZ-HdyyMnGmDQHdRL0JhE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/a407a0-8bc1-4416-9437-24246682bf00/1/opb3Dk9q7WglcwVKydeR4HMjMxM.roa
Signing time: Sat 11 Apr 2026 13:55:19 +0000
ROA not before: Sat 11 Apr 2026 13:55:19 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 50053
IP address blocks: 81.85.72.0/24 maxlen: 24
81.85.74.0/24 maxlen: 24
81.85.75.0/24 maxlen: 24
185.5.75.0/24 maxlen: 24
185.9.24.0/24 maxlen: 24
185.9.25.0/24 maxlen: 24
185.9.26.0/24 maxlen: 24
185.28.172.0/24 maxlen: 24
185.28.173.0/24 maxlen: 24
185.28.174.0/24 maxlen: 24
213.155.9.0/24 maxlen: 24
213.155.10.0/24 maxlen: 24
213.155.11.0/24 maxlen: 24
213.155.12.0/24 maxlen: 24
213.155.14.0/24 maxlen: 24
213.155.15.0/24 maxlen: 24
213.155.28.0/24 maxlen: 24
217.177.32.0/24 maxlen: 24
217.177.33.0/24 maxlen: 24
217.177.34.0/24 maxlen: 24
217.177.44.0/24 maxlen: 24
217.177.45.0/24 maxlen: 24
217.177.46.0/24 maxlen: 24
217.177.47.0/24 maxlen: 24
217.179.48.0/24 maxlen: 24
217.179.49.0/24 maxlen: 24
2a11:2cc0:2::/47 maxlen: 47
2a11:2cc0:4::/47 maxlen: 47
2a11:2cc0:6::/47 maxlen: 47
2a11:2cc0:8::/47 maxlen: 47
2a11:2cc0:10::/47 maxlen: 47
2a11:2cc0:20::/47 maxlen: 47
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/a407a0-8bc1-4416-9437-24246682bf00/1/CuS8lAHZ-HdyyMnGmDQHdRL0JhE.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/a407a0-8bc1-4416-9437-24246682bf00/1/CuS8lAHZ-HdyyMnGmDQHdRL0JhE.mft
rsync://rpki.ripe.net/repository/DEFAULT/CuS8lAHZ-HdyyMnGmDQHdRL0JhE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 04:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:7c:d3:5e:35:2c:46:8c:4a:e8:0e:e4:3f:7e:a9:ef:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ae4bc9401d9f87772c8c9c69834077512f42611
Validity
Not Before: Apr 11 13:55:19 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a296f70e4f6aed682573054ac9d791e073233313
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:9a:85:71:44:8d:6f:e0:54:ee:51:bc:7d:e8:
d3:b7:01:af:05:6c:f5:f1:d6:eb:1c:ea:f3:a2:e8:
f1:91:2b:09:7c:05:1a:9f:9d:51:38:47:cf:e9:e9:
b7:84:2e:1e:e0:77:bb:08:51:71:1a:12:c7:88:10:
ca:77:c1:c4:9b:42:d3:fc:73:2c:91:c2:c3:11:75:
ac:f7:16:c5:24:fd:92:92:a5:f6:1a:0b:03:5e:3a:
7c:2d:fd:ef:16:e2:9b:a0:64:37:71:0e:71:1a:e6:
b7:25:de:a8:50:67:5a:cf:a5:3b:f8:1e:8d:08:b8:
4f:8c:3e:5b:f7:39:3e:2a:5f:de:5c:b4:cd:88:93:
16:13:16:2a:5d:75:64:07:89:43:de:6f:df:94:e5:
51:5c:95:da:f5:7e:03:ed:e9:42:be:dc:3f:ea:d9:
9e:e8:0a:99:3b:fe:3f:42:65:61:28:be:cf:4b:6b:
ed:25:be:79:61:82:6e:43:ce:bf:83:47:a2:7f:69:
38:d5:96:d8:84:76:82:29:13:60:2c:31:5b:40:a8:
e3:01:c6:3b:14:4b:39:ca:fe:24:c5:8b:d8:d8:48:
13:1e:11:87:6a:b9:0d:77:67:ee:df:34:97:4d:08:
4b:14:8e:2b:2c:76:b3:40:89:d5:89:85:b2:ef:68:
b7:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:96:F7:0E:4F:6A:ED:68:25:73:05:4A:C9:D7:91:E0:73:23:33:13
X509v3 Authority Key Identifier:
keyid:0A:E4:BC:94:01:D9:F8:77:72:C8:C9:C6:98:34:07:75:12:F4:26:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CuS8lAHZ-HdyyMnGmDQHdRL0JhE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/a407a0-8bc1-4416-9437-24246682bf00/1/opb3Dk9q7WglcwVKydeR4HMjMxM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/a407a0-8bc1-4416-9437-24246682bf00/1/CuS8lAHZ-HdyyMnGmDQHdRL0JhE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.85.72.0/24
81.85.74.0/23
185.5.75.0/24
185.9.24.0-185.9.26.255
185.28.172.0-185.28.174.255
213.155.9.0-213.155.12.255
213.155.14.0/23
213.155.28.0/24
217.177.32.0-217.177.34.255
217.177.44.0/22
217.179.48.0/23
IPv6:
2a11:2cc0:2::-2a11:2cc0:9:ffff:ffff:ffff:ffff:ffff
2a11:2cc0:10::/47
2a11:2cc0:20::/47
Signature Algorithm: sha256WithRSAEncryption
5f:7c:bf:41:94:92:ed:11:fa:86:58:ae:a6:e2:a5:28:9b:fd:
ac:7b:61:81:f0:62:5d:60:33:ec:45:27:96:fb:b7:74:f8:16:
20:43:e7:a3:20:fd:44:ee:56:46:a1:83:ae:88:fc:64:47:d2:
a4:d0:28:62:98:32:e8:5d:51:9c:09:6b:d8:4c:01:b2:8f:8c:
eb:73:9e:89:19:84:49:da:d2:47:58:9a:5a:14:18:4a:3f:7b:
88:7e:70:bb:22:6b:a1:a6:83:4f:1d:23:41:29:b0:2a:a4:b2:
6d:3a:25:e0:3a:a1:ec:f5:94:99:ba:9b:67:37:be:d0:b3:41:
3e:3a:b1:61:af:77:8c:6e:0d:5b:a7:92:23:e4:dd:9e:a3:22:
d3:59:ec:27:1d:39:4e:ba:65:90:6d:15:1f:94:93:c5:7e:51:
52:67:85:6d:62:e2:a5:1f:a0:51:2a:dc:af:3e:2d:a5:86:d9:
3a:e8:b7:03:30:ab:2e:93:41:23:b1:82:e6:70:20:b4:b8:b3:
ff:c4:24:89:29:74:c0:be:54:1f:5a:61:9d:51:61:c9:30:71:
79:40:f1:11:98:6e:54:d0:fc:3b:79:83:ef:d1:3c:75:b1:4f:
7d:41:1f:d9:46:b9:d9:bf:c0:35:5b:15:60:9d:33:11:01:5c:
46:cb:60:71
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgISAZ180141LEaMSugO5D9+qe/aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhZTRiYzk0MDFkOWY4Nzc3MmM4YzljNjk4MzQwNzc1MTJm
NDI2MTEwHhcNMjYwNDExMTM1NTE5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjk2ZjcwZTRmNmFlZDY4MjU3MzA1NGFjOWQ3OTFlMDczMjMzMzEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzJqFcUSNb+BU7lG8fejTtwGvBWz1
8dbrHOrzoujxkSsJfAUan51ROEfP6em3hC4e4He7CFFxGhLHiBDKd8HEm0LT/HMs
kcLDEXWs9xbFJP2SkqX2GgsDXjp8Lf3vFuKboGQ3cQ5xGua3Jd6oUGdaz6U7+B6N
CLhPjD5b9zk+Kl/eXLTNiJMWExYqXXVkB4lD3m/flOVRXJXa9X4D7elCvtw/6tme
6AqZO/4/QmVhKL7PS2vtJb55YYJuQ86/g0eif2k41ZbYhHaCKRNgLDFbQKjjAcY7
FEs5yv4kxYvY2EgTHhGHarkNd2fu3zSXTQhLFI4rLHazQInViYWy72i33wIDAQAB
o4ICljCCApIwHQYDVR0OBBYEFKKW9w5Pau1oJXMFSsnXkeBzIzMTMB8GA1UdIwQY
MBaAFArkvJQB2fh3csjJxpg0B3US9CYRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3VTOGxBSFotSGR5eU1uR21EUUhkUkwwSmhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC9hNDA3YTAtOGJjMS00NDE2LTk0Mzct
MjQyNDY2ODJiZjAwLzEvb3BiM0RrOXE3V2dsY3dWS3lkZVI0SE1qTXhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC9hNDA3YTAtOGJjMS00NDE2LTk0MzctMjQyNDY2ODJiZjAw
LzEvQ3VTOGxBSFotSGR5eU1uR21EUUhkUkwwSmhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGrBggrBgEFBQcBBwEB/wSBmzCBmDBoBAIAATBiAwQAUVVI
AwQBUVVKAwQAuQVLMAwDBAO5CRgDBAC5CRowDAMEArkcrAMEALkcrjAMAwQA1ZsJ
AwQA1ZsMAwQB1ZsOAwQA1ZscMAwDBAXZsSADBADZsSIDBALZsSwDBAHZszAwLAQC
AAIwJjASAwcBKhEswAACAwcBKhEswAAIAwcBKhEswAAQAwcBKhEswAAgMA0GCSqG
SIb3DQEBCwUAA4IBAQBffL9BlJLtEfqGWK6m4qUom/2se2GB8GJdYDPsRSeW+7d0
+BYgQ+ejIP1E7lZGoYOuiPxkR9Kk0ChimDLoXVGcCWvYTAGyj4zrc56JGYRJ2tJH
WJpaFBhKP3uIfnC7ImuhpoNPHSNBKbAqpLJtOiXgOqHs9ZSZuptnN77Qs0E+OrFh
r3eMbg1bp5Ij5N2eoyLTWewnHTlOumWQbRUflJPFflFSZ4VtYuKlH6BRKtyvPi2l
htk66LcDMKsuk0EjsYLmcCC0uLP/xCSJKXTAvlQfWmGdUWHJMHF5QPERmG5U0Pw7
eYPv0Tx1sU99QR/ZRrnZv8A1WxVgnTMRAVxGy2Bx
-----END CERTIFICATE-----
Generated at Fri Apr 17 11:59:37 2026 by rpki-client