Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/be692b-7932-4554-8c15-94c2fda39ead/1/0h3I5zgUzpeJLPTk8pV1tjp8yIM.roa
File: 0h3I5zgUzpeJLPTk8pV1tjp8yIM.roa (raw, json)
Hash identifier: SSsoh9etsH9TXN8vn8IWBA2YZZ0AYGWGuWnpCUt6WoI=
Subject key identifier: D2:1D:C8:E7:38:14:CE:97:89:2C:F4:E4:F2:95:75:B6:3A:7C:C8:83
Certificate issuer: /CN=e84df52af460ca6fa8c923a49f5cb795ea6707f7
Certificate serial: 019EADC0C2FA45788E4A3A373EEE512B824A
Authority key identifier: E8:4D:F5:2A:F4:60:CA:6F:A8:C9:23:A4:9F:5C:B7:95:EA:67:07:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6E31KvRgym-oySOkn1y3lepnB_c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/be692b-7932-4554-8c15-94c2fda39ead/1/0h3I5zgUzpeJLPTk8pV1tjp8yIM.roa
Signing time: Tue 09 Jun 2026 18:59:11 +0000
ROA not before: Tue 09 Jun 2026 18:59:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 203
IP address blocks: 45.94.14.0/24 maxlen: 24
45.94.15.0/24 maxlen: 24
91.229.52.0/22 maxlen: 22
212.26.0.0/17 maxlen: 17
212.26.6.0/23 maxlen: 24
212.26.7.0/24 maxlen: 24
212.26.8.0/22 maxlen: 24
212.26.16.0/24 maxlen: 24
212.26.17.0/24 maxlen: 24
212.26.18.0/24 maxlen: 24
212.26.19.0/24 maxlen: 24
212.26.20.0/24 maxlen: 24
212.26.21.0/24 maxlen: 24
212.26.22.0/24 maxlen: 24
212.26.23.0/24 maxlen: 24
212.26.24.0/21 maxlen: 24
212.26.26.0/23 maxlen: 24
212.26.28.0/23 maxlen: 24
212.26.32.0/24 maxlen: 24
212.26.36.0/24 maxlen: 25
212.26.37.0/24 maxlen: 25
212.26.38.0/24 maxlen: 24
212.26.39.0/24 maxlen: 24
212.26.40.0/24 maxlen: 24
212.26.41.0/24 maxlen: 24
212.26.42.0/24 maxlen: 24
212.26.43.0/24 maxlen: 24
212.26.44.0/24 maxlen: 24
212.26.45.0/24 maxlen: 24
212.26.46.0/23 maxlen: 24
212.26.48.0/24 maxlen: 24
212.26.50.0/23 maxlen: 24
212.26.53.0/24 maxlen: 24
212.26.54.0/24 maxlen: 24
212.26.71.0/24 maxlen: 24
212.26.72.0/24 maxlen: 25
212.26.76.0/24 maxlen: 24
212.26.78.0/24 maxlen: 24
212.138.0.0/16 maxlen: 16
212.138.41.0/24 maxlen: 25
212.138.52.0/22 maxlen: 24
212.138.56.0/21 maxlen: 24
212.138.64.0/22 maxlen: 24
212.138.70.0/23 maxlen: 24
212.138.70.0/24 maxlen: 24
212.138.71.0/24 maxlen: 24
212.138.72.0/22 maxlen: 24
212.138.76.0/22 maxlen: 24
212.138.80.0/23 maxlen: 23
212.138.82.0/24 maxlen: 24
212.138.83.0/24 maxlen: 24
212.138.84.0/23 maxlen: 24
212.138.88.0/24 maxlen: 25
212.138.92.0/24 maxlen: 24
212.138.94.0/24 maxlen: 24
212.138.96.0/21 maxlen: 24
212.138.97.0/24 maxlen: 24
212.138.98.0/23 maxlen: 23
212.138.104.0/24 maxlen: 24
212.138.108.0/24 maxlen: 24
212.138.115.0/24 maxlen: 24
212.138.116.0/24 maxlen: 24
212.138.117.0/24 maxlen: 24
212.138.118.0/24 maxlen: 24
212.138.119.0/24 maxlen: 24
212.138.120.0/24 maxlen: 24
212.138.121.0/24 maxlen: 24
212.138.125.0/24 maxlen: 25
212.138.126.0/24 maxlen: 25
212.138.127.0/24 maxlen: 25
212.138.128.0/24 maxlen: 24
212.138.130.0/24 maxlen: 24
212.138.132.0/24 maxlen: 24
212.138.134.0/24 maxlen: 24
212.138.139.0/24 maxlen: 24
212.138.147.0/24 maxlen: 24
212.138.150.0/24 maxlen: 24
212.138.153.0/24 maxlen: 25
212.138.155.0/24 maxlen: 25
212.138.157.0/24 maxlen: 24
212.138.160.0/24 maxlen: 24
212.138.162.0/24 maxlen: 24
212.138.164.0/24 maxlen: 25
212.138.166.0/24 maxlen: 24
212.138.168.0/24 maxlen: 24
212.138.170.0/24 maxlen: 24
212.138.172.0/24 maxlen: 24
212.138.175.0/24 maxlen: 25
212.138.176.0/24 maxlen: 24
212.138.177.0/24 maxlen: 24
212.138.180.0/24 maxlen: 24
212.138.181.0/24 maxlen: 25
212.138.183.0/24 maxlen: 25
212.138.185.0/24 maxlen: 24
212.138.188.0/24 maxlen: 25
212.138.192.0/24 maxlen: 24
212.138.194.0/24 maxlen: 24
212.138.196.0/24 maxlen: 24
212.138.201.0/24 maxlen: 24
212.138.202.0/24 maxlen: 24
212.138.203.0/24 maxlen: 24
212.138.210.0/24 maxlen: 24
212.138.210.0/28 maxlen: 28
212.138.250.0/24 maxlen: 24
212.138.251.0/24 maxlen: 24
212.138.252.0/24 maxlen: 24
212.138.253.0/24 maxlen: 24
2001:1490::/48 maxlen: 48
2001:1490:1::/48 maxlen: 48
2001:1490:100::/48 maxlen: 48
2001:1490:101::/48 maxlen: 48
2001:1490:102::/48 maxlen: 48
2001:1490:103::/48 maxlen: 49
2001:1490:106::/48 maxlen: 48
2001:1490:108::/48 maxlen: 48
2001:1490:110::/48 maxlen: 49
2001:1490:110:8000::/49 maxlen: 49
2001:1490:111::/48 maxlen: 48
2001:1490:112::/48 maxlen: 48
2001:1490:113::/48 maxlen: 48
2001:1490:114::/48 maxlen: 48
2001:1490:115::/48 maxlen: 50
2001:1490:116::/48 maxlen: 48
2001:1490:117::/48 maxlen: 49
2001:1497:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f6/be692b-7932-4554-8c15-94c2fda39ead/1/6E31KvRgym-oySOkn1y3lepnB_c.crl
rsync://rpki.ripe.net/repository/DEFAULT/f6/be692b-7932-4554-8c15-94c2fda39ead/1/6E31KvRgym-oySOkn1y3lepnB_c.mft
rsync://rpki.ripe.net/repository/DEFAULT/6E31KvRgym-oySOkn1y3lepnB_c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 17:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:ad:c0:c2:fa:45:78:8e:4a:3a:37:3e:ee:51:2b:82:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e84df52af460ca6fa8c923a49f5cb795ea6707f7
Validity
Not Before: Jun 9 18:59:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d21dc8e73814ce97892cf4e4f29575b63a7cc883
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:1d:0f:47:ae:f1:a7:c1:aa:48:77:ab:79:70:
1a:f0:53:7e:da:0a:53:60:c5:58:f4:1d:1f:b1:6d:
ca:17:e4:f9:43:c6:ad:bf:9d:0e:8c:e2:fa:4e:15:
45:6e:b7:23:b4:76:36:68:b0:3c:ac:2f:4e:4e:34:
2f:ba:85:95:de:c9:df:43:0e:2d:db:08:da:a9:58:
19:fc:cd:21:df:ee:9d:8d:c1:01:3f:a9:53:04:85:
e0:ff:fe:3f:10:bb:ab:a0:27:5e:a3:fd:fa:1c:fa:
1c:34:cd:b0:c6:03:60:fc:40:71:3e:93:6f:55:f2:
4f:c9:a6:7f:a0:e2:9f:69:44:6e:aa:04:a1:6f:6e:
d3:50:df:6c:29:d5:48:79:1b:e5:02:b9:7a:c6:81:
a9:d3:da:72:25:71:ca:90:84:d7:36:2a:1e:db:49:
eb:52:1e:a6:3e:4a:73:b1:1c:49:85:70:ec:e2:3a:
51:87:40:34:53:4b:88:92:99:60:1d:18:3e:5a:40:
a6:80:19:a9:0e:69:e3:6e:30:1e:7e:ff:a4:b2:51:
6b:2d:2e:b1:62:88:3f:89:ac:61:fb:dc:67:db:e0:
3b:c8:3c:47:6e:75:cf:2c:41:43:9f:24:a4:6c:b5:
ef:ca:7a:b6:6d:76:27:91:a3:08:a8:a4:79:3c:40:
94:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:1D:C8:E7:38:14:CE:97:89:2C:F4:E4:F2:95:75:B6:3A:7C:C8:83
X509v3 Authority Key Identifier:
keyid:E8:4D:F5:2A:F4:60:CA:6F:A8:C9:23:A4:9F:5C:B7:95:EA:67:07:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6E31KvRgym-oySOkn1y3lepnB_c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/be692b-7932-4554-8c15-94c2fda39ead/1/0h3I5zgUzpeJLPTk8pV1tjp8yIM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/be692b-7932-4554-8c15-94c2fda39ead/1/6E31KvRgym-oySOkn1y3lepnB_c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.14.0/23
91.229.52.0/22
212.26.0.0/17
212.138.0.0/16
IPv6:
2001:1490::/47
2001:1490:100::/46
2001:1490:106::/48
2001:1490:108::/48
2001:1490:110::/45
2001:1497:2::/48
Signature Algorithm: sha256WithRSAEncryption
10:76:37:ba:cf:65:27:63:6d:33:05:98:b3:7e:71:f6:43:6d:
72:77:a4:8a:23:df:ff:8b:d3:0f:5e:f8:d3:65:c3:db:80:d9:
0c:6f:14:51:5d:81:58:cd:a7:7f:6d:13:b6:44:ef:37:f9:5e:
d6:6d:b2:ab:3b:8e:53:f6:82:dd:03:c1:74:f6:52:6a:fa:98:
86:7c:93:5c:3f:39:71:e0:4d:fb:e4:74:78:98:0f:ac:9b:a9:
77:40:9f:66:36:22:6e:e1:de:89:2f:33:9e:88:18:5f:3d:21:
30:64:b0:fd:9d:c9:b0:39:22:ab:0c:0b:c5:8c:b6:25:24:d5:
34:1b:8f:df:4c:6f:5b:22:d6:e3:ae:9a:29:f3:b1:ad:f3:05:
11:d3:89:09:d8:7c:38:66:23:2b:49:70:ca:f2:bb:6f:1f:cd:
1c:32:5b:4e:de:63:c7:07:4c:a7:80:2f:ec:d5:a1:8d:ea:86:
34:9c:e4:01:6b:00:1a:ba:fe:82:2c:be:11:56:44:26:47:83:
2b:8f:21:5c:68:77:46:85:01:ed:57:d0:5b:fe:a6:ec:cc:de:
58:56:70:cf:99:1f:fb:e9:40:0a:41:03:10:bc:2e:83:70:58:
fd:da:08:f0:fb:61:c7:11:ae:01:25:82:96:0a:3a:b7:f8:98:
9d:ab:5c:c3
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgISAZ6twML6RXiOSjo3Pu5RK4JKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4NGRmNTJhZjQ2MGNhNmZhOGM5MjNhNDlmNWNiNzk1ZWE2
NzA3ZjcwHhcNMjYwNjA5MTg1OTExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjFkYzhlNzM4MTRjZTk3ODkyY2Y0ZTRmMjk1NzViNjNhN2NjODgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAux0PR67xp8GqSHereXAa8FN+2gpT
YMVY9B0fsW3KF+T5Q8atv50OjOL6ThVFbrcjtHY2aLA8rC9OTjQvuoWV3snfQw4t
2wjaqVgZ/M0h3+6djcEBP6lTBIXg//4/ELuroCdeo/36HPocNM2wxgNg/EBxPpNv
VfJPyaZ/oOKfaURuqgShb27TUN9sKdVIeRvlArl6xoGp09pyJXHKkITXNioe20nr
Uh6mPkpzsRxJhXDs4jpRh0A0U0uIkplgHRg+WkCmgBmpDmnjbjAefv+kslFrLS6x
Yog/iaxh+9xn2+A7yDxHbnXPLEFDnySkbLXvynq2bXYnkaMIqKR5PECUkQIDAQAB
o4ICWDCCAlQwHQYDVR0OBBYEFNIdyOc4FM6XiSz05PKVdbY6fMiDMB8GA1UdIwQY
MBaAFOhN9Sr0YMpvqMkjpJ9ct5XqZwf3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkUzMUt2Umd5bS1veVNPa24xeTNsZXBuQl9jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9iZTY5MmItNzkzMi00NTU0LThjMTUt
OTRjMmZkYTM5ZWFkLzEvMGgzSTV6Z1V6cGVKTFBUazhwVjF0anA4eUlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9iZTY5MmItNzkzMi00NTU0LThjMTUtOTRjMmZkYTM5ZWFk
LzEvNkUzMUt2Umd5bS1veVNPa24xeTNsZXBuQl9jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG4GCCsGAQUFBwEHAQH/BF8wXTAdBAIAATAXAwQBLV4OAwQC
W+U0AwQH1BoAAwMA1IowPAQCAAIwNgMHASABFJAAAAMHAiABFJABAAMHACABFJAB
BgMHACABFJABCAMHAyABFJABEAMHACABFJcAAjANBgkqhkiG9w0BAQsFAAOCAQEA
EHY3us9lJ2NtMwWYs35x9kNtcnekiiPf/4vTD17402XD24DZDG8UUV2BWM2nf20T
tkTvN/le1m2yqzuOU/aC3QPBdPZSavqYhnyTXD85ceBN++R0eJgPrJupd0CfZjYi
buHeiS8znogYXz0hMGSw/Z3JsDkiqwwLxYy2JSTVNBuP30xvWyLW466aKfOxrfMF
EdOJCdh8OGYjK0lwyvK7bx/NHDJbTt5jxwdMp4Av7NWhjeqGNJzkAWsAGrr+giy+
EVZEJkeDK48hXGh3RoUB7VfQW/6m7MzeWFZwz5kf++lACkEDELwug3BY/doI8Pth
xxGuASWClgo6t/iYnatcww==
-----END CERTIFICATE-----
Generated at Sun Jun 14 01:25:04 2026 by rpki-client