Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/wIQN1qjszJK_EWTG2KZPYPb7pjY.roa
File: wIQN1qjszJK_EWTG2KZPYPb7pjY.roa (raw, json)
Hash identifier: gRnICZ8LPFfQ15En6Kpg0jEOMzCzPNmoOaQr/MOyZDw=
Subject key identifier: C0:84:0D:D6:A8:EC:CC:92:BF:11:64:C6:D8:A6:4F:60:F6:FB:A6:36
Certificate issuer: /CN=081b7a22e51cfb9cf84205e4449998ad55d8f065
Certificate serial: 019C47C3635A7FCEA8BB59ACDC551A76B3B9
Authority key identifier: 08:1B:7A:22:E5:1C:FB:9C:F8:42:05:E4:44:99:98:AD:55:D8:F0:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CBt6IuUc-5z4QgXkRJmYrVXY8GU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/wIQN1qjszJK_EWTG2KZPYPb7pjY.roa
Signing time: Tue 10 Feb 2026 13:35:13 +0000
ROA not before: Tue 10 Feb 2026 13:35:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 44285
IP address blocks: 5.1.43.0/24 maxlen: 24
37.32.32.0/21 maxlen: 21
37.32.32.0/22 maxlen: 22
37.32.32.0/24 maxlen: 24
37.32.33.0/24 maxlen: 24
37.32.34.0/24 maxlen: 24
37.32.35.0/24 maxlen: 24
37.32.37.0/24 maxlen: 24
37.32.38.0/24 maxlen: 24
37.32.39.0/24 maxlen: 24
37.75.243.0/24 maxlen: 24
37.75.244.0/22 maxlen: 22
37.75.244.0/24 maxlen: 24
37.75.245.0/24 maxlen: 24
37.75.246.0/24 maxlen: 24
37.75.247.0/24 maxlen: 24
45.9.252.0/22 maxlen: 24
45.9.252.0/24 maxlen: 24
45.9.253.0/24 maxlen: 24
45.9.254.0/24 maxlen: 24
45.87.4.0/23 maxlen: 24
45.140.224.0/22 maxlen: 22
46.28.72.0/21 maxlen: 24
46.28.72.0/24 maxlen: 24
46.28.73.0/24 maxlen: 24
46.28.74.0/24 maxlen: 24
78.110.120.0/22 maxlen: 24
80.249.112.0/23 maxlen: 23
80.249.114.0/24 maxlen: 24
84.47.224.0/21 maxlen: 21
84.47.224.0/22 maxlen: 22
84.47.224.0/24 maxlen: 24
84.47.225.0/24 maxlen: 24
84.47.226.0/24 maxlen: 24
84.47.227.0/24 maxlen: 24
84.47.228.0/22 maxlen: 22
84.47.228.0/24 maxlen: 24
84.47.229.0/24 maxlen: 24
84.47.230.0/23 maxlen: 24
84.47.231.0/24 maxlen: 24
85.198.24.0/22 maxlen: 24
88.135.37.0/24 maxlen: 24
88.135.38.0/24 maxlen: 24
88.135.39.0/24 maxlen: 24
91.236.168.0/23 maxlen: 23
91.236.168.0/24 maxlen: 24
91.236.169.0/24 maxlen: 24
185.18.212.0/22 maxlen: 22
185.18.212.0/24 maxlen: 24
185.18.213.0/24 maxlen: 24
185.18.214.0/24 maxlen: 24
185.18.215.0/24 maxlen: 24
185.51.200.0/24 maxlen: 24
185.51.201.0/24 maxlen: 24
185.51.202.0/24 maxlen: 24
185.51.203.0/24 maxlen: 24
185.121.128.0/22 maxlen: 24
185.121.128.0/24 maxlen: 24
185.121.129.0/24 maxlen: 24
185.121.130.0/24 maxlen: 24
185.121.131.0/24 maxlen: 24
185.128.136.0/24 maxlen: 24
185.128.137.0/24 maxlen: 24
185.128.138.0/24 maxlen: 24
185.128.139.0/24 maxlen: 24
185.141.132.0/24 maxlen: 24
185.141.133.0/24 maxlen: 24
185.141.134.0/24 maxlen: 24
185.141.135.0/24 maxlen: 24
185.182.248.0/22 maxlen: 22
185.182.248.0/23 maxlen: 23
185.182.250.0/23 maxlen: 23
185.182.250.0/24 maxlen: 24
185.182.251.0/24 maxlen: 24
188.209.152.0/23 maxlen: 23
195.110.38.0/23 maxlen: 23
195.110.38.0/24 maxlen: 24
195.110.39.0/24 maxlen: 24
217.172.120.0/21 maxlen: 24
217.172.124.0/23 maxlen: 23
217.172.126.0/23 maxlen: 23
217.172.127.0/24 maxlen: 24
2a02:828::/29 maxlen: 29
2a02:828::/32 maxlen: 32
2a02:828::/48 maxlen: 48
2a02:828::/64 maxlen: 64
2a02:828:1::/48 maxlen: 48
2a02:829::/32 maxlen: 32
2a02:82a::/32 maxlen: 32
2a02:82b::/32 maxlen: 32
2a02:82c::/32 maxlen: 32
2a02:82d::/32 maxlen: 32
2a02:82e::/32 maxlen: 32
2a02:82f::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/CBt6IuUc-5z4QgXkRJmYrVXY8GU.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/CBt6IuUc-5z4QgXkRJmYrVXY8GU.mft
rsync://rpki.ripe.net/repository/DEFAULT/CBt6IuUc-5z4QgXkRJmYrVXY8GU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 03:01:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:47:c3:63:5a:7f:ce:a8:bb:59:ac:dc:55:1a:76:b3:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=081b7a22e51cfb9cf84205e4449998ad55d8f065
Validity
Not Before: Feb 10 13:35:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c0840dd6a8eccc92bf1164c6d8a64f60f6fba636
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:4b:0d:db:a4:dc:ba:51:55:2b:ec:6b:76:83:
26:75:f8:28:8f:8e:80:99:2e:9e:35:f7:d7:4e:a9:
59:af:f2:b7:5c:82:b9:6d:20:ab:4c:c4:75:f7:1f:
47:51:9e:81:f0:e4:a1:df:0e:14:50:9c:5e:5b:52:
3a:fb:87:7f:48:c5:07:fd:ed:67:70:5a:3d:92:d9:
9f:38:e4:d9:62:4c:57:ad:76:18:00:98:4b:cf:56:
23:a2:ad:fa:ba:cc:d8:7f:08:9a:ba:b2:9c:b6:63:
42:5f:f3:57:67:57:18:96:2a:39:96:0c:91:b1:c7:
06:01:d1:1c:08:93:16:1f:46:38:d9:48:1f:99:54:
41:3a:c0:f3:c5:af:48:14:34:5b:80:fc:f9:06:80:
f3:49:d8:28:f8:bc:66:ec:18:a0:3b:64:85:43:26:
ea:d7:7f:d2:9e:1a:72:99:64:5d:9a:5b:bc:54:dd:
65:23:98:e3:68:81:29:43:98:5a:11:26:9a:b1:87:
3a:d9:b7:2a:76:df:92:e1:30:1c:38:67:12:a2:b0:
8d:c3:3a:f7:0e:f9:7d:e6:b0:76:96:7e:0d:67:34:
91:5a:32:c2:9a:b1:df:72:cb:36:fa:9b:dc:6f:98:
85:49:86:55:e6:36:cd:19:d0:69:3d:16:5a:4f:4f:
eb:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:84:0D:D6:A8:EC:CC:92:BF:11:64:C6:D8:A6:4F:60:F6:FB:A6:36
X509v3 Authority Key Identifier:
keyid:08:1B:7A:22:E5:1C:FB:9C:F8:42:05:E4:44:99:98:AD:55:D8:F0:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CBt6IuUc-5z4QgXkRJmYrVXY8GU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/wIQN1qjszJK_EWTG2KZPYPb7pjY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/CBt6IuUc-5z4QgXkRJmYrVXY8GU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.1.43.0/24
37.32.32.0/21
37.75.243.0-37.75.247.255
45.9.252.0/22
45.87.4.0/23
45.140.224.0/22
46.28.72.0/21
78.110.120.0/22
80.249.112.0-80.249.114.255
84.47.224.0/21
85.198.24.0/22
88.135.37.0-88.135.39.255
91.236.168.0/23
185.18.212.0/22
185.51.200.0/22
185.121.128.0/22
185.128.136.0/22
185.141.132.0/22
185.182.248.0/22
188.209.152.0/23
195.110.38.0/23
217.172.120.0/21
IPv6:
2a02:828::/29
Signature Algorithm: sha256WithRSAEncryption
61:33:84:fa:1b:a8:12:29:4c:c3:08:5a:6b:cd:c8:9d:1e:80:
3e:d0:b0:8a:3e:dc:dc:ac:7b:86:9a:04:16:33:25:ba:08:18:
7a:32:0f:60:1b:c2:56:a1:31:d7:4c:e1:9a:e3:27:35:32:d7:
48:f8:2e:42:da:20:dc:ad:bf:f9:21:09:1b:7f:73:ce:d3:cd:
cc:61:89:18:7a:b9:15:62:4d:c2:e7:a5:cd:44:50:74:52:de:
b3:51:fa:6e:9e:b1:fa:37:17:cd:6a:75:65:2d:78:3b:d7:40:
6e:7d:16:4d:1b:b4:6a:76:2e:6a:e1:81:3e:15:bb:6e:89:68:
38:75:24:c5:2a:79:cb:52:7a:87:45:84:54:9d:0f:a1:91:e0:
7f:a0:2c:ce:00:59:90:e0:5e:9e:6d:fa:2e:31:4e:c3:49:09:
c9:2e:4f:fd:15:0e:0d:36:bb:fe:b3:d5:40:90:69:4f:2c:4a:
21:45:a8:83:6c:6c:5e:c5:dc:89:9e:dd:dd:92:90:84:4d:45:
a9:f8:ff:05:e9:fc:e8:ff:0e:74:0e:4f:b4:9b:e6:56:97:2f:
03:f3:fa:ff:59:6b:22:f5:38:da:65:c8:dd:60:7a:13:b3:e8:
ca:3b:a3:60:80:6b:53:76:ec:85:d5:ac:d9:89:22:ed:4f:39:
13:d4:14:b0
-----BEGIN CERTIFICATE-----
MIIFpzCCBI+gAwIBAgISAZxHw2Naf86ou1ms3FUadrO5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MWI3YTIyZTUxY2ZiOWNmODQyMDVlNDQ0OTk5OGFkNTVk
OGYwNjUwHhcNMjYwMjEwMTMzNTEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDg0MGRkNmE4ZWNjYzkyYmYxMTY0YzZkOGE2NGY2MGY2ZmJhNjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjksN26TculFVK+xrdoMmdfgoj46A
mS6eNffXTqlZr/K3XIK5bSCrTMR19x9HUZ6B8OSh3w4UUJxeW1I6+4d/SMUH/e1n
cFo9ktmfOOTZYkxXrXYYAJhLz1Yjoq36uszYfwiaurKctmNCX/NXZ1cYlio5lgyR
sccGAdEcCJMWH0Y42UgfmVRBOsDzxa9IFDRbgPz5BoDzSdgo+Lxm7BigO2SFQybq
13/SnhpymWRdmlu8VN1lI5jjaIEpQ5haESaasYc62bcqdt+S4TAcOGcSorCNwzr3
Dvl95rB2ln4NZzSRWjLCmrHfcss2+pvcb5iFSYZV5jbNGdBpPRZaT0/rKQIDAQAB
o4ICszCCAq8wHQYDVR0OBBYEFMCEDdao7MySvxFkxtimT2D2+6Y2MB8GA1UdIwQY
MBaAFAgbeiLlHPuc+EIF5ESZmK1V2PBlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0J0Nkl1VWMtNXo0UWdYa1JKbVlyVlhZOEdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9jNTE1YzktZGYwOC00MjZjLTgwZTYt
MDM2NzI2OGZmODcxLzEvd0lRTjFxanN6SktfRVdURzJLWlBZUGI3cGpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9jNTE1YzktZGYwOC00MjZjLTgwZTYtMDM2NzI2OGZmODcx
LzEvQ0J0Nkl1VWMtNXo0UWdYa1JKbVlyVlhZOEdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHIBggrBgEFBQcBBwEB/wSBuDCBtTCBowQCAAEwgZwDBAAF
ASsDBAMlICAwDAMEACVL8wMEAyVL8AMEAi0J/AMEAS1XBAMEAi2M4AMEAy4cSAME
Ak5ueDAMAwQEUPlwAwQAUPlyAwQDVC/gAwQCVcYYMAwDBABYhyUDBANYhyADBAFb
7KgDBAK5EtQDBAK5M8gDBAK5eYADBAK5gIgDBAK5jYQDBAK5tvgDBAG80ZgDBAHD
biYDBAPZrHgwDQQCAAIwBwMFAyoCCCgwDQYJKoZIhvcNAQELBQADggEBAGEzhPob
qBIpTMMIWmvNyJ0egD7QsIo+3Nyse4aaBBYzJboIGHoyD2AbwlahMddM4ZrjJzUy
10j4LkLaINytv/khCRt/c87TzcxhiRh6uRViTcLnpc1EUHRS3rNR+m6esfo3F81q
dWUteDvXQG59Fk0btGp2LmrhgT4Vu26JaDh1JMUqectSeodFhFSdD6GR4H+gLM4A
WZDgXp5t+i4xTsNJCckuT/0VDg02u/6z1UCQaU8sSiFFqINsbF7F3Ime3d2SkIRN
Ran4/wXp/Oj/DnQOT7Sb5laXLwPz+v9ZayL1ONplyN1gehOz6Mo7o2CAa1N27IXV
rNmJIu1PORPUFLA=
-----END CERTIFICATE-----
Generated at Mon Mar 2 12:53:43 2026 by rpki-client