Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/OTudHmFNPy5T-L1hWQnog6A_ceI.roa
File: OTudHmFNPy5T-L1hWQnog6A_ceI.roa (raw, json)
Hash identifier: wIvVhud/9mGvpy1rcC5MEiOLhE/0LwqjcBJHlLA5qFQ=
Subject key identifier: 39:3B:9D:1E:61:4D:3F:2E:53:F8:BD:61:59:09:E8:83:A0:3F:71:E2
Certificate issuer: /CN=4173eeb8d02f5f64788b3fdc78d6bab8a55fd16a
Certificate serial: 019C9EC6A9114F7BBBEA952AAE134BBAD1C7
Authority key identifier: 41:73:EE:B8:D0:2F:5F:64:78:8B:3F:DC:78:D6:BA:B8:A5:5F:D1:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/OTudHmFNPy5T-L1hWQnog6A_ceI.roa
Signing time: Fri 27 Feb 2026 11:05:45 +0000
ROA not before: Fri 27 Feb 2026 11:05:45 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 9002
IP address blocks: 2.58.98.0/24 maxlen: 24
31.128.32.0/22 maxlen: 24
37.233.82.0/23 maxlen: 24
37.233.84.0/23 maxlen: 24
37.233.86.0/24 maxlen: 24
45.11.94.0/24 maxlen: 24
45.92.174.0/24 maxlen: 24
45.130.212.0/22 maxlen: 24
45.137.188.0/24 maxlen: 24
45.145.5.0/24 maxlen: 24
45.145.6.0/24 maxlen: 24
45.145.163.0/24 maxlen: 24
45.145.168.0/24 maxlen: 24
45.152.86.0/24 maxlen: 24
45.152.87.0/24 maxlen: 24
45.156.20.0/24 maxlen: 24
46.173.20.0/24 maxlen: 24
77.73.233.0/24 maxlen: 24
77.73.235.0/24 maxlen: 24
77.73.238.0/24 maxlen: 24
83.222.20.0/23 maxlen: 24
89.40.204.0/24 maxlen: 24
90.156.254.0/23 maxlen: 24
91.193.25.0/24 maxlen: 24
91.218.142.0/23 maxlen: 24
155.212.224.0/21 maxlen: 24
185.77.231.0/24 maxlen: 24
193.22.244.0/24 maxlen: 24
193.23.3.0/24 maxlen: 24
193.28.186.0/24 maxlen: 24
193.43.72.0/24 maxlen: 24
193.56.188.0/24 maxlen: 24
193.56.190.0/24 maxlen: 24
193.242.106.0/24 maxlen: 24
193.242.109.0/24 maxlen: 24
194.36.208.0/24 maxlen: 24
194.113.209.0/24 maxlen: 24
212.74.231.0/24 maxlen: 24
213.139.229.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.crl
rsync://rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.mft
rsync://rpki.ripe.net/repository/DEFAULT/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 17:01:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:9e:c6:a9:11:4f:7b:bb:ea:95:2a:ae:13:4b:ba:d1:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4173eeb8d02f5f64788b3fdc78d6bab8a55fd16a
Validity
Not Before: Feb 27 11:05:45 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=393b9d1e614d3f2e53f8bd615909e883a03f71e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:a6:9e:2d:5c:6b:85:70:fa:54:de:e7:0b:c9:
34:ac:b8:c7:92:8b:63:04:21:64:7d:10:dd:3e:81:
25:c5:6c:48:c5:a8:97:04:c0:8c:0e:c2:96:be:d5:
34:42:b1:65:0c:06:df:fa:98:53:84:9e:a3:d6:d9:
7b:de:59:aa:2e:a0:fa:7e:9e:20:80:37:17:6b:c8:
20:1c:80:3f:eb:de:f8:7c:c4:f7:23:43:8d:89:c0:
46:20:d9:96:0a:ee:eb:93:f7:ac:ce:9e:a5:21:c3:
96:3a:c5:82:86:a9:8c:79:e1:ef:54:6a:a2:fd:d4:
dc:67:c0:b7:52:39:2d:bf:68:b3:6d:ba:81:98:ea:
4d:af:6c:f3:91:cf:6d:41:eb:5d:6e:41:6f:df:ca:
59:3f:e0:f0:c3:63:75:4f:3d:7b:e4:38:9e:a1:79:
49:9a:2c:79:f0:42:9a:8c:34:67:cd:6c:63:6c:ee:
5b:e2:62:33:2b:44:ab:19:f1:39:2d:36:dd:77:12:
09:34:ab:1a:71:f6:2e:ec:69:bd:b4:7f:1a:7b:90:
f3:8c:d0:3a:f3:53:98:4f:a4:d1:23:bd:6d:5b:fe:
6a:7e:ef:90:e4:05:f9:4a:7b:66:4d:9e:c0:72:a5:
5d:7b:a4:bb:fd:cf:ea:eb:46:53:36:f3:ee:68:bb:
41:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:3B:9D:1E:61:4D:3F:2E:53:F8:BD:61:59:09:E8:83:A0:3F:71:E2
X509v3 Authority Key Identifier:
keyid:41:73:EE:B8:D0:2F:5F:64:78:8B:3F:DC:78:D6:BA:B8:A5:5F:D1:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/OTudHmFNPy5T-L1hWQnog6A_ceI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.98.0/24
31.128.32.0/22
37.233.82.0-37.233.86.255
45.11.94.0/24
45.92.174.0/24
45.130.212.0/22
45.137.188.0/24
45.145.5.0-45.145.6.255
45.145.163.0/24
45.145.168.0/24
45.152.86.0/23
45.156.20.0/24
46.173.20.0/24
77.73.233.0/24
77.73.235.0/24
77.73.238.0/24
83.222.20.0/23
89.40.204.0/24
90.156.254.0/23
91.193.25.0/24
91.218.142.0/23
155.212.224.0/21
185.77.231.0/24
193.22.244.0/24
193.23.3.0/24
193.28.186.0/24
193.43.72.0/24
193.56.188.0/24
193.56.190.0/24
193.242.106.0/24
193.242.109.0/24
194.36.208.0/24
194.113.209.0/24
212.74.231.0/24
213.139.229.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:ad:b9:6b:c9:b3:4d:19:a3:7b:5e:59:d9:19:76:43:9e:ed:
5e:31:bc:b1:8e:34:c8:98:01:d1:ad:1f:dd:ce:44:8e:aa:7f:
95:1c:5f:a4:fe:99:55:39:69:15:3a:0b:86:db:96:98:5a:9b:
bc:47:84:cb:e5:80:f4:09:79:cd:0a:b4:fb:5c:9c:1a:66:f6:
ad:35:31:65:02:76:32:af:03:9b:8f:45:b2:cb:95:57:45:b7:
57:e1:06:2d:a9:53:98:0a:a6:24:37:56:fd:5f:a5:f1:e3:6e:
d0:ea:18:3b:ef:ed:45:5a:06:c7:12:17:ab:34:44:f5:57:7b:
86:e2:03:30:37:89:8a:a8:dc:f5:58:8f:03:e5:ad:cd:e5:f0:
33:a4:41:fd:0a:72:9e:bf:c3:aa:23:01:78:9f:32:9a:3c:b1:
18:6f:bd:83:dc:99:bf:d1:aa:55:d0:0e:e6:57:0d:54:5b:fb:
6e:8e:af:1e:23:a0:b9:09:25:43:7c:6d:d6:c1:df:52:9e:f3:
ed:83:95:a7:e5:5e:9e:61:ce:c3:5e:cf:bd:c2:10:d4:55:22:
e5:5a:a1:22:ed:fc:12:b4:4f:37:e9:38:62:8e:f6:38:47:7c:
a2:01:10:a2:f4:48:88:10:4b:14:36:27:6c:89:87:dd:1b:68:
18:89:fe:b7
-----BEGIN CERTIFICATE-----
MIIF3jCCBMagAwIBAgISAZyexqkRT3u76pUqrhNLutHHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxNzNlZWI4ZDAyZjVmNjQ3ODhiM2ZkYzc4ZDZiYWI4YTU1
ZmQxNmEwHhcNMjYwMjI3MTEwNTQ1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTNiOWQxZTYxNGQzZjJlNTNmOGJkNjE1OTA5ZTg4M2EwM2Y3MWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkaaeLVxrhXD6VN7nC8k0rLjHkotj
BCFkfRDdPoElxWxIxaiXBMCMDsKWvtU0QrFlDAbf+phThJ6j1tl73lmqLqD6fp4g
gDcXa8ggHIA/6974fMT3I0ONicBGINmWCu7rk/eszp6lIcOWOsWChqmMeeHvVGqi
/dTcZ8C3Ujktv2izbbqBmOpNr2zzkc9tQetdbkFv38pZP+Dww2N1Tz175DieoXlJ
mix58EKajDRnzWxjbO5b4mIzK0SrGfE5LTbddxIJNKsacfYu7Gm9tH8ae5DzjNA6
81OYT6TRI71tW/5qfu+Q5AX5SntmTZ7AcqVde6S7/c/q60ZTNvPuaLtBRQIDAQAB
o4IC6jCCAuYwHQYDVR0OBBYEFDk7nR5hTT8uU/i9YVkJ6IOgP3HiMB8GA1UdIwQY
MBaAFEFz7rjQL19keIs/3HjWurilX9FqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVhQdXVOQXZYMlI0aXpfY2VOYTZ1S1ZmMFdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80ODkyYTktM2IzNy00ZDM5LTljMmIt
ZDgzZWQxNDBkMjhkLzEvT1R1ZEhtRk5QeTVULUwxaFdRbm9nNkFfY2VJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80ODkyYTktM2IzNy00ZDM5LTljMmItZDgzZWQxNDBkMjhk
LzEvUVhQdXVOQXZYMlI0aXpfY2VOYTZ1S1ZmMFdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH/BggrBgEFBQcBBwEB/wSB7zCB7DCB6QQCAAEwgeIDBAAC
OmIDBAIfgCAwDAMEASXpUgMEACXpVgMEAC0LXgMEAC1crgMEAi2C1AMEAC2JvDAM
AwQALZEFAwQALZEGAwQALZGjAwQALZGoAwQBLZhWAwQALZwUAwQALq0UAwQATUnp
AwQATUnrAwQATUnuAwQBU94UAwQAWSjMAwQBWpz+AwQAW8EZAwQBW9qOAwQDm9Tg
AwQAuU3nAwQAwRb0AwQAwRcDAwQAwRy6AwQAwStIAwQAwTi8AwQAwTi+AwQAwfJq
AwQAwfJtAwQAwiTQAwQAwnHRAwQA1ErnAwQA1YvlMA0GCSqGSIb3DQEBCwUAA4IB
AQCNrblrybNNGaN7XlnZGXZDnu1eMbyxjjTImAHRrR/dzkSOqn+VHF+k/plVOWkV
OguG25aYWpu8R4TL5YD0CXnNCrT7XJwaZvatNTFlAnYyrwObj0Wyy5VXRbdX4QYt
qVOYCqYkN1b9X6Xx427Q6hg77+1FWgbHEherNET1V3uG4gMwN4mKqNz1WI8D5a3N
5fAzpEH9CnKev8OqIwF4nzKaPLEYb72D3Jm/0apV0A7mVw1UW/tujq8eI6C5CSVD
fG3Wwd9SnvPtg5Wn5V6eYc7DXs+9whDUVSLlWqEi7fwStE836ThijvY4R3yiARCi
9EiIEEsUNidsiYfdG2gYif63
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:43:26 2026 by rpki-client