Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/OyAWaEIsKIgv7Jn7dBkCkStVk2s.roa
File: OyAWaEIsKIgv7Jn7dBkCkStVk2s.roa (raw, json)
Hash identifier: eO/ApCHElrIH+bplHuQ650+apMsnEMyvMRDfoJCZCkY=
Subject key identifier: 3B:20:16:68:42:2C:28:88:2F:EC:99:FB:74:19:02:91:2B:55:93:6B
Certificate issuer: /CN=81eed4091383d9ed4056d9f4eff7d2622ddce205
Certificate serial: 019D8C31637669F1FF1CA8694DB7DB5E27D2
Authority key identifier: 81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/OyAWaEIsKIgv7Jn7dBkCkStVk2s.roa
Signing time: Tue 14 Apr 2026 13:32:20 +0000
ROA not before: Tue 14 Apr 2026 13:32:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 1136
IP address blocks: 37.251.0.0/17 maxlen: 17
46.227.232.0/21 maxlen: 21
62.131.0.0/16 maxlen: 16
62.216.0.0/19 maxlen: 19
62.251.0.0/17 maxlen: 17
77.160.0.0/13 maxlen: 13
77.168.0.0/14 maxlen: 14
77.172.0.0/16 maxlen: 16
77.173.0.0/16 maxlen: 16
77.174.0.0/16 maxlen: 16
77.175.0.0/16 maxlen: 16
77.175.0.0/17 maxlen: 17
77.175.128.0/17 maxlen: 17
80.60.0.0/15 maxlen: 15
80.100.0.0/15 maxlen: 15
81.204.0.0/14 maxlen: 14
82.92.0.0/14 maxlen: 14
82.136.192.0/18 maxlen: 18
82.161.0.0/16 maxlen: 16
82.168.0.0/15 maxlen: 15
82.170.0.0/16 maxlen: 16
83.68.0.0/19 maxlen: 19
84.39.0.0/19 maxlen: 19
84.80.0.0/16 maxlen: 16
84.82.0.0/15 maxlen: 15
84.84.0.0/14 maxlen: 14
85.113.224.0/19 maxlen: 19
86.80.0.0/13 maxlen: 13
86.88.0.0/15 maxlen: 15
86.90.0.0/16 maxlen: 16
86.92.0.0/14 maxlen: 14
88.159.0.0/16 maxlen: 16
109.72.32.0/20 maxlen: 20
128.127.32.0/20 maxlen: 20
188.142.0.0/17 maxlen: 17
194.109.0.0/16 maxlen: 16
195.64.64.0/19 maxlen: 19
195.240.0.0/16 maxlen: 16
195.240.0.0/17 maxlen: 17
195.240.128.0/18 maxlen: 18
195.240.192.0/18 maxlen: 18
195.241.0.0/16 maxlen: 16
212.123.128.0/18 maxlen: 18
212.182.128.0/18 maxlen: 18
212.238.0.0/16 maxlen: 16
213.10.0.0/16 maxlen: 16
213.84.0.0/16 maxlen: 16
213.148.224.0/19 maxlen: 19
213.197.0.0/18 maxlen: 18
213.222.0.0/19 maxlen: 19
2001:888::/29 maxlen: 29
2001:980::/29 maxlen: 29
2a02:a400::/25 maxlen: 25
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/ge7UCROD2e1AVtn07_fSYi3c4gU.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/ge7UCROD2e1AVtn07_fSYi3c4gU.mft
rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 04:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:8c:31:63:76:69:f1:ff:1c:a8:69:4d:b7:db:5e:27:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81eed4091383d9ed4056d9f4eff7d2622ddce205
Validity
Not Before: Apr 14 13:32:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3b201668422c28882fec99fb741902912b55936b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:f2:1c:ef:71:dd:32:47:a4:f1:f3:32:a6:5f:
b1:78:ac:c5:2c:30:8a:2f:f7:5c:36:39:7e:54:21:
73:f5:97:fd:27:3e:ef:bc:bd:b2:00:dc:21:12:7b:
41:db:b3:11:93:30:82:5b:d6:d4:38:d9:f9:8c:d3:
df:06:b0:28:37:26:00:7f:27:0f:1b:99:eb:1d:af:
7e:a7:b0:b2:d1:2d:c4:36:8f:b6:40:fe:d9:3c:bb:
8d:3b:33:23:cb:c0:96:27:2d:4f:f7:bb:d8:7b:d3:
75:a7:17:0d:2a:89:24:bf:e9:a7:f2:dd:56:df:d9:
84:89:72:79:04:c9:fb:ab:ea:aa:ec:a3:18:d5:f5:
85:de:e4:cf:1a:cb:37:35:7c:31:21:72:2f:0e:12:
c4:20:cc:ed:c0:b3:71:d4:3f:bd:48:1e:9f:5f:45:
f8:6c:cc:3f:a5:4a:c7:44:c9:80:45:08:9b:f2:cf:
48:39:b6:5a:ea:88:52:3f:c9:86:fd:b0:41:77:08:
38:76:05:4b:e0:cc:7b:79:05:ac:df:9c:2c:9a:ca:
bc:4d:30:0c:d9:fc:33:c8:6a:fe:1a:5d:00:66:d7:
83:97:b1:00:aa:8d:56:df:10:7c:14:26:8b:48:65:
0b:95:0c:d2:5d:87:e1:53:07:38:bd:64:23:74:9c:
c1:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:20:16:68:42:2C:28:88:2F:EC:99:FB:74:19:02:91:2B:55:93:6B
X509v3 Authority Key Identifier:
keyid:81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/OyAWaEIsKIgv7Jn7dBkCkStVk2s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/ge7UCROD2e1AVtn07_fSYi3c4gU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.251.0.0/17
46.227.232.0/21
62.131.0.0/16
62.216.0.0/19
62.251.0.0/17
77.160.0.0/12
80.60.0.0/15
80.100.0.0/15
81.204.0.0/14
82.92.0.0/14
82.136.192.0/18
82.161.0.0/16
82.168.0.0-82.170.255.255
83.68.0.0/19
84.39.0.0/19
84.80.0.0/16
84.82.0.0-84.87.255.255
85.113.224.0/19
86.80.0.0-86.90.255.255
86.92.0.0/14
88.159.0.0/16
109.72.32.0/20
128.127.32.0/20
188.142.0.0/17
194.109.0.0/16
195.64.64.0/19
195.240.0.0/15
212.123.128.0/18
212.182.128.0/18
212.238.0.0/16
213.10.0.0/16
213.84.0.0/16
213.148.224.0/19
213.197.0.0/18
213.222.0.0/19
IPv6:
2001:888::/29
2001:980::/29
2a02:a400::/25
Signature Algorithm: sha256WithRSAEncryption
a5:94:3c:6d:9b:98:71:1d:ca:15:5e:d6:8e:bb:cc:af:ed:95:
87:8e:32:54:4a:67:7b:87:30:c7:81:f7:39:f6:ad:9d:4c:6f:
26:52:0d:00:5b:53:31:45:bc:3b:be:c6:ba:bc:09:6b:fd:7c:
c6:d4:25:2f:58:26:2d:20:0d:8a:97:44:4d:c7:49:90:cb:9f:
07:3a:db:dc:86:98:42:8d:8f:3f:93:df:cb:f0:4d:46:70:78:
0f:e8:45:24:5a:4f:e8:50:cf:33:3b:68:aa:30:24:7b:49:36:
fe:96:3c:fc:73:9a:bd:75:94:82:98:ea:8d:16:f1:b1:9e:93:
a2:1b:a1:8f:58:22:5d:88:d1:7f:ae:b7:1a:f1:11:fa:8f:52:
ad:ce:bc:71:bc:46:90:6c:ab:cd:7c:39:da:05:fc:bd:62:45:
85:89:2f:a3:fd:8b:4d:16:e8:52:ea:e7:62:28:95:86:7a:de:
09:9d:0e:ee:b4:2d:b1:7d:db:83:a7:77:94:fd:20:14:3d:bf:
7d:b8:a6:3b:90:68:ed:8f:03:a8:5d:4b:d6:14:7d:e1:c2:bf:
43:1b:d0:f1:8c:cb:d6:5d:ac:8b:a8:a0:aa:59:5a:ab:fa:d9:
df:40:ca:68:44:39:10:ef:a2:11:5a:7b:45:ff:7c:80:f7:ba:
30:2c:ed:b8
-----BEGIN CERTIFICATE-----
MIIF7zCCBNegAwIBAgISAZ2MMWN2afH/HKhpTbfbXifSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxZWVkNDA5MTM4M2Q5ZWQ0MDU2ZDlmNGVmZjdkMjYyMmRk
Y2UyMDUwHhcNMjYwNDE0MTMzMjIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjIwMTY2ODQyMmMyODg4MmZlYzk5ZmI3NDE5MDI5MTJiNTU5MzZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtPIc73HdMkek8fMypl+xeKzFLDCK
L/dcNjl+VCFz9Zf9Jz7vvL2yANwhEntB27MRkzCCW9bUONn5jNPfBrAoNyYAfycP
G5nrHa9+p7Cy0S3ENo+2QP7ZPLuNOzMjy8CWJy1P97vYe9N1pxcNKokkv+mn8t1W
39mEiXJ5BMn7q+qq7KMY1fWF3uTPGss3NXwxIXIvDhLEIMztwLNx1D+9SB6fX0X4
bMw/pUrHRMmARQib8s9IObZa6ohSP8mG/bBBdwg4dgVL4Mx7eQWs35wsmsq8TTAM
2fwzyGr+Gl0AZteDl7EAqo1W3xB8FCaLSGULlQzSXYfhUwc4vWQjdJzBHQIDAQAB
o4IC+zCCAvcwHQYDVR0OBBYEFDsgFmhCLCiIL+yZ+3QZApErVZNrMB8GA1UdIwQY
MBaAFIHu1AkTg9ntQFbZ9O/30mIt3OIFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2U3VUNST0QyZTFBVnRuMDdfZlNZaTNjNGdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS80YTljYzQtMmI5YS00ZWYyLWEzM2Et
ODcyYjM3MTBjMmExLzEvT3lBV2FFSXNLSWd2N0puN2RCa0NrU3RWazJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS80YTljYzQtMmI5YS00ZWYyLWEzM2EtODcyYjM3MTBjMmEx
LzEvZ2U3VUNST0QyZTFBVnRuMDdfZlNZaTNjNGdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBDwYIKwYBBQUHAQcBAf8Egf8wgfwwgdwEAgABMIHVAwQH
JfsAAwQDLuPoAwMAPoMDBAU+2AADBAc++wADAwRNoAMDAVA8AwMBUGQDAwJRzAMD
AlJcAwQGUojAAwMAUqEwCgMDA1KoAwMAUqoDBAVTRAADBAVUJwADAwBUUDAKAwMB
VFIDAwNUUAMEBVVx4DAKAwMEVlADAwBWWgMDAlZcAwMAWJ8DBARtSCADBASAfyAD
BAe8jgADAwDCbQMEBcNAQAMDAcPwAwQG1HuAAwQG1LaAAwMA1O4DAwDVCgMDANVU
AwQF1ZTgAwQG1cUAAwQF1d4AMBsEAgACMBUDBQMgAQiIAwUDIAEJgAMFByoCpAAw
DQYJKoZIhvcNAQELBQADggEBAKWUPG2bmHEdyhVe1o67zK/tlYeOMlRKZ3uHMMeB
9zn2rZ1MbyZSDQBbUzFFvDu+xrq8CWv9fMbUJS9YJi0gDYqXRE3HSZDLnwc629yG
mEKNjz+T38vwTUZweA/oRSRaT+hQzzM7aKowJHtJNv6WPPxzmr11lIKY6o0W8bGe
k6IboY9YIl2I0X+utxrxEfqPUq3OvHG8RpBsq818OdoF/L1iRYWJL6P9i00W6FLq
52IolYZ63gmdDu60LbF924Ond5T9IBQ9v324pjuQaO2PA6hdS9YUfeHCv0Mb0PGM
y9ZdrIuooKpZWqv62d9AymhEORDvohFae0X/fID3ujAs7bg=
-----END CERTIFICATE-----
Generated at Sun Apr 19 12:58:13 2026 by rpki-client