Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/PlycBkJVRlYYFmQzay1A51_AwHs.roa
File: PlycBkJVRlYYFmQzay1A51_AwHs.roa (raw, json)
Hash identifier: a9d7iSYfjQZ/RZwNw8j5BbxH3Enh7kPBW5aC/sSN+B4=
Subject key identifier: 3E:5C:9C:06:42:55:46:56:18:16:64:33:6B:2D:40:E7:5F:C0:C0:7B
Certificate issuer: /CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Certificate serial: 019D9541564F343548E6C3C3127150D50920
Authority key identifier: 38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/PlycBkJVRlYYFmQzay1A51_AwHs.roa
Signing time: Thu 16 Apr 2026 07:46:20 +0000
ROA not before: Thu 16 Apr 2026 07:46:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 56534
IP address blocks: 82.179.248.0/22 maxlen: 22
85.142.82.0/24 maxlen: 24
85.142.84.0/24 maxlen: 24
85.142.88.0/22 maxlen: 24
85.142.136.0/24 maxlen: 24
85.142.147.0/24 maxlen: 24
85.142.164.0/22 maxlen: 22
85.142.168.0/21 maxlen: 21
85.142.176.0/22 maxlen: 22
85.142.192.0/22 maxlen: 24
85.142.208.0/22 maxlen: 22
85.142.231.0/24 maxlen: 24
85.142.236.0/22 maxlen: 24
85.142.244.0/24 maxlen: 24
85.142.252.0/24 maxlen: 24
85.143.144.0/22 maxlen: 22
85.143.160.0/21 maxlen: 21
85.143.176.0/22 maxlen: 22
85.143.184.0/22 maxlen: 22
85.143.203.0/24 maxlen: 24
85.143.204.0/22 maxlen: 22
85.143.250.0/24 maxlen: 24
85.143.252.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.mft
rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 Apr 2026 22:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:95:41:56:4f:34:35:48:e6:c3:c3:12:71:50:d5:09:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Validity
Not Before: Apr 16 07:46:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3e5c9c0642554656181664336b2d40e75fc0c07b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:fb:8d:9f:f1:5c:ec:d3:cd:48:0b:ae:22:6f:
96:57:34:9b:ab:af:48:ff:c8:f3:52:f4:6a:95:bf:
f5:0e:10:02:ac:49:af:da:50:39:f9:50:e1:b8:56:
24:99:69:c2:19:2e:34:5a:8b:eb:36:89:53:cb:f8:
0e:e4:8b:8f:de:13:81:64:c7:26:cc:5d:c0:06:dc:
f6:2b:23:d0:ea:7c:c3:9c:43:73:17:df:8b:ee:a2:
77:78:bb:e4:8f:1c:12:f9:37:99:7c:38:c8:67:22:
aa:0f:34:33:68:80:89:f7:66:e6:3b:e6:99:10:b4:
39:c2:d5:7c:a3:f8:24:7b:eb:c0:a2:73:10:79:90:
f5:60:2e:91:83:4f:f0:47:13:c9:00:3e:01:f3:e3:
89:8c:51:81:18:5a:d1:d0:e6:27:d5:66:1e:95:53:
66:9a:1a:f8:15:d2:87:f1:a5:45:0f:ee:4b:44:31:
36:69:7d:1a:e5:cb:1e:23:56:08:09:33:8c:07:e0:
8e:a2:d9:22:fc:a2:6d:11:04:f5:15:ee:12:5e:8a:
a7:a6:83:6b:0d:25:0a:46:33:c6:0e:37:89:1d:ca:
21:05:06:13:5d:37:4a:4a:2e:04:11:b7:df:98:fd:
97:9a:d7:23:05:37:6e:0b:18:d4:aa:5d:53:ca:64:
57:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:5C:9C:06:42:55:46:56:18:16:64:33:6B:2D:40:E7:5F:C0:C0:7B
X509v3 Authority Key Identifier:
keyid:38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/PlycBkJVRlYYFmQzay1A51_AwHs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.179.248.0/22
85.142.82.0/24
85.142.84.0/24
85.142.88.0/22
85.142.136.0/24
85.142.147.0/24
85.142.164.0-85.142.179.255
85.142.192.0/22
85.142.208.0/22
85.142.231.0/24
85.142.236.0/22
85.142.244.0/24
85.142.252.0/24
85.143.144.0/22
85.143.160.0/21
85.143.176.0/22
85.143.184.0/22
85.143.203.0-85.143.207.255
85.143.250.0/24
85.143.252.0/22
Signature Algorithm: sha256WithRSAEncryption
0e:03:2b:b7:62:d1:b7:be:d9:dd:4f:e8:05:96:3f:0d:4e:df:
69:25:ad:42:07:1d:83:5b:c7:3d:2b:0d:7e:7c:96:4d:a0:66:
de:cf:a3:0d:4b:d6:32:65:05:25:cf:d8:2f:ef:88:49:a2:d1:
27:96:83:f8:39:6a:d5:63:fe:ce:95:66:05:a5:bb:63:60:53:
40:64:a9:00:86:04:f4:7e:e1:58:3b:48:13:e0:70:63:1d:2d:
f5:e2:12:b5:76:9a:22:7b:7c:80:03:31:4e:e2:ac:0f:cd:af:
26:88:76:6b:a8:10:f3:c0:8b:2a:11:d4:d9:f2:13:2d:fe:d6:
7f:d0:5f:c4:98:b8:b2:2d:9a:43:b3:cb:48:bf:6d:28:7c:b4:
c4:fd:81:89:53:3c:1e:b8:90:e0:9f:e0:ce:90:68:8f:6c:c0:
01:a1:fe:21:22:c5:57:08:68:bd:92:f5:ca:bf:d2:0a:4d:61:
87:b9:25:4d:5d:94:a6:eb:9c:71:0b:0b:6c:95:1f:d6:c1:57:
5e:d1:cd:5e:08:a3:2a:17:e5:c1:eb:dd:ea:d0:7c:b6:1e:2d:
32:e1:06:61:40:cb:3c:3f:7f:91:67:df:4e:f0:35:2c:64:e6:
e9:c0:3b:99:c1:3c:10:80:25:48:b2:70:9e:e8:c1:5c:70:3e:
34:1e:3b:eb
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgISAZ2VQVZPNDVI5sPDEnFQ1QkgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YjIyMDIzYjZlYWQ0YzI5NjgzYTlmZWQ0NDkzZDAzZGVl
MmM2ODUwHhcNMjYwNDE2MDc0NjIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTVjOWMwNjQyNTU0NjU2MTgxNjY0MzM2YjJkNDBlNzVmYzBjMDdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtPuNn/Fc7NPNSAuuIm+WVzSbq69I
/8jzUvRqlb/1DhACrEmv2lA5+VDhuFYkmWnCGS40WovrNolTy/gO5IuP3hOBZMcm
zF3ABtz2KyPQ6nzDnENzF9+L7qJ3eLvkjxwS+TeZfDjIZyKqDzQzaICJ92bmO+aZ
ELQ5wtV8o/gke+vAonMQeZD1YC6Rg0/wRxPJAD4B8+OJjFGBGFrR0OYn1WYelVNm
mhr4FdKH8aVFD+5LRDE2aX0a5cseI1YICTOMB+COotki/KJtEQT1Fe4SXoqnpoNr
DSUKRjPGDjeJHcohBQYTXTdKSi4EEbffmP2XmtcjBTduCxjUql1TymRX2QIDAQAB
o4ICkDCCAowwHQYDVR0OBBYEFD5cnAZCVUZWGBZkM2stQOdfwMB7MB8GA1UdIwQY
MBaAFDiyICO26tTCloOp/tRJPQPe4saFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMt
NDBkOTViZDMzZmNiLzEvUGx5Y0JrSlZSbFlZRm1RemF5MUE1MV9Bd0hzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMtNDBkOTViZDMzZmNi
LzEvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGlBggrBgEFBQcBBwEB/wSBlTCBkjCBjwQCAAEwgYgDBAJS
s/gDBABVjlIDBABVjlQDBAJVjlgDBABVjogDBABVjpMwDAMEAlWOpAMEAlWOsAME
AlWOwAMEAlWO0AMEAFWO5wMEAlWO7AMEAFWO9AMEAFWO/AMEAlWPkAMEA1WPoAME
AlWPsAMEAlWPuDAMAwQAVY/LAwQEVY/AAwQAVY/6AwQCVY/8MA0GCSqGSIb3DQEB
CwUAA4IBAQAOAyu3YtG3vtndT+gFlj8NTt9pJa1CBx2DW8c9Kw1+fJZNoGbez6MN
S9YyZQUlz9gv74hJotEnloP4OWrVY/7OlWYFpbtjYFNAZKkAhgT0fuFYO0gT4HBj
HS314hK1dpoie3yAAzFO4qwPza8miHZrqBDzwIsqEdTZ8hMt/tZ/0F/EmLiyLZpD
s8tIv20ofLTE/YGJUzweuJDgn+DOkGiPbMABof4hIsVXCGi9kvXKv9IKTWGHuSVN
XZSm65xxCwtslR/WwVde0c1eCKMqF+XB693q0Hy2Hi0y4QZhQMs8P3+RZ99O8DUs
ZObpwDuZwTwQgCVIsnCe6MFccD40Hjvr
-----END CERTIFICATE-----
Generated at Sun Apr 19 08:47:32 2026 by rpki-client