
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/O82A9uBdQeVc6xfM9T7PvTllFHQ.roa
File: O82A9uBdQeVc6xfM9T7PvTllFHQ.roa (raw, json)
Hash identifier: g34w1HVAYqCfPcfO9lGKgZDvmQ5288F6TcdguQ6PfgQ=
Subject key identifier: 3B:CD:80:F6:E0:5D:41:E5:5C:EB:17:CC:F5:3E:CF:BD:39:65:14:74
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019F1C72AB969B5D889ED84606036A68D7CB
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/O82A9uBdQeVc6xfM9T7PvTllFHQ.roa
Signing time: Wed 01 Jul 2026 06:51:44 +0000
ROA not before: Wed 01 Jul 2026 06:51:44 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 37.139.128.0/24 maxlen: 24
45.66.228.0/24 maxlen: 24
45.66.231.0/24 maxlen: 24
45.89.247.0/24 maxlen: 24
45.91.194.0/24 maxlen: 24
45.129.85.0/24 maxlen: 24
45.141.158.0/24 maxlen: 24
81.161.238.0/24 maxlen: 24
83.143.113.0/24 maxlen: 24
85.217.130.0/23 maxlen: 24
87.120.87.0/24 maxlen: 24
87.120.126.0/24 maxlen: 24
87.120.166.0/24 maxlen: 24
87.120.192.0/23 maxlen: 24
87.121.62.0/24 maxlen: 24
87.121.63.0/24 maxlen: 24
87.121.114.0/23 maxlen: 24
87.121.114.0/24 maxlen: 24
87.121.115.0/24 maxlen: 24
87.121.221.0/24 maxlen: 24
92.249.50.0/24 maxlen: 24
93.123.100.0/23 maxlen: 24
93.123.109.0/24 maxlen: 24
94.156.188.0/24 maxlen: 32
147.78.101.0/24 maxlen: 24
185.218.84.0/22 maxlen: 24
185.222.160.0/24 maxlen: 24
185.246.221.0/24 maxlen: 24
185.252.177.0/24 maxlen: 24
194.55.186.0/24 maxlen: 24
194.169.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 Jul 2026 06:51:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9f:1c:72:ab:96:9b:5d:88:9e:d8:46:06:03:6a:68:d7:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jul 1 06:51:44 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3bcd80f6e05d41e55ceb17ccf53ecfbd39651474
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:8d:be:2c:52:9f:61:99:4f:2c:0d:50:96:7e:
14:5b:98:1a:18:4a:d7:81:47:d4:17:57:9e:1c:ba:
cc:af:59:a4:27:85:e3:65:46:1f:a4:4e:ee:67:25:
24:de:fb:e6:2f:b3:d8:4e:49:5f:23:dc:94:6a:b5:
a6:50:8c:cb:65:71:87:cc:ee:38:dd:b0:bc:21:d1:
2e:ba:09:21:f6:57:ef:52:67:bd:48:b6:52:4c:fa:
72:59:18:71:5b:6e:fe:6f:b9:e2:33:3a:49:77:b7:
6c:df:66:66:9f:9b:ad:ac:b6:d0:d1:2c:70:b5:66:
6d:cc:25:cd:02:31:0a:f3:36:6f:25:62:1a:71:59:
2e:70:49:a6:11:70:a0:bc:0f:e6:2a:b1:4e:d7:40:
05:4e:79:2e:c4:ed:da:ba:54:4f:f1:a1:d7:5c:2e:
6c:fe:de:f5:78:41:10:05:4d:1c:3a:bb:17:46:01:
21:0d:b4:2f:08:91:c1:07:73:c1:79:83:06:01:43:
fb:ec:89:4a:98:f5:e9:8e:67:d7:b4:d3:a1:0e:df:
55:a1:9f:6e:a4:c2:6e:12:8a:77:ac:4c:a3:f4:3f:
de:83:78:0f:6d:df:2f:0e:a1:3f:9a:40:d0:9f:51:
60:c3:c8:02:1f:c3:c8:97:ec:05:3d:c8:a9:66:29:
93:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:CD:80:F6:E0:5D:41:E5:5C:EB:17:CC:F5:3E:CF:BD:39:65:14:74
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/O82A9uBdQeVc6xfM9T7PvTllFHQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.128.0/24
45.66.228.0/24
45.66.231.0/24
45.89.247.0/24
45.91.194.0/24
45.129.85.0/24
45.141.158.0/24
81.161.238.0/24
83.143.113.0/24
85.217.130.0/23
87.120.87.0/24
87.120.126.0/24
87.120.166.0/24
87.120.192.0/23
87.121.62.0/23
87.121.114.0/23
87.121.221.0/24
92.249.50.0/24
93.123.100.0/23
93.123.109.0/24
94.156.188.0/24
147.78.101.0/24
185.218.84.0/22
185.222.160.0/24
185.246.221.0/24
185.252.177.0/24
194.55.186.0/24
194.169.175.0/24
Signature Algorithm: sha256WithRSAEncryption
58:fe:c4:d9:09:f7:59:42:a8:a0:9b:88:54:64:07:51:3f:4d:
52:22:52:3a:e6:f6:a7:8c:5c:fa:a0:e9:15:cb:bd:d0:49:e2:
8b:9f:f8:f8:d9:89:71:c2:83:bf:a7:df:19:af:87:ca:a3:c8:
2e:c5:c3:e7:96:93:af:20:5f:df:8e:36:5d:53:87:9f:a2:7d:
90:a7:c8:4e:e4:69:f4:9d:10:df:a0:8d:2b:da:32:2f:41:f9:
2e:d1:58:72:a3:2e:06:3e:05:b2:34:1d:e2:6b:66:e6:98:ad:
2a:66:fd:cb:49:48:91:bb:cb:c9:2d:22:de:92:06:f1:86:7a:
1b:c2:83:ad:27:eb:22:df:77:c5:61:bf:da:fe:c0:b4:3a:eb:
b6:b1:63:c3:de:d8:c0:e6:36:b4:1a:21:69:19:a0:37:de:3e:
0b:c5:a7:f1:8d:b9:ac:51:70:fd:06:a3:d5:6b:1b:75:df:c5:
45:79:21:ae:4b:95:4c:bf:b3:74:f1:63:96:cc:11:d1:38:d6:
d6:d0:99:05:85:54:a3:da:0f:ba:93:21:96:d4:9d:d7:31:6e:
57:eb:ed:ae:b7:63:cb:2b:70:06:11:ae:70:f2:47:7f:8d:9e:
47:30:ef:83:cc:42:d4:3f:17:d9:91:a8:b0:5d:e2:86:15:8f:
65:98:9f:f8
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgISAZ8ccquWm12InthGBgNqaNfLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjYwNzAxMDY1MTQ0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmNkODBmNmUwNWQ0MWU1NWNlYjE3Y2NmNTNlY2ZiZDM5NjUxNDc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApo2+LFKfYZlPLA1Qln4UW5gaGErX
gUfUF1eeHLrMr1mkJ4XjZUYfpE7uZyUk3vvmL7PYTklfI9yUarWmUIzLZXGHzO44
3bC8IdEuugkh9lfvUme9SLZSTPpyWRhxW27+b7niMzpJd7ds32Zmn5utrLbQ0Sxw
tWZtzCXNAjEK8zZvJWIacVkucEmmEXCgvA/mKrFO10AFTnkuxO3aulRP8aHXXC5s
/t71eEEQBU0cOrsXRgEhDbQvCJHBB3PBeYMGAUP77IlKmPXpjmfXtNOhDt9VoZ9u
pMJuEop3rEyj9D/eg3gPbd8vDqE/mkDQn1Fgw8gCH8PIl+wFPcipZimTWQIDAQAB
o4ICsDCCAqwwHQYDVR0OBBYEFDvNgPbgXUHlXOsXzPU+z705ZRR0MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvTzgyQTl1QmRRZVZjNnhmTTlUN1B2VGxsRkhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHFBggrBgEFBQcBBwEB/wSBtTCBsjCBrwQCAAEwgagDBAAl
i4ADBAAtQuQDBAAtQucDBAAtWfcDBAAtW8IDBAAtgVUDBAAtjZ4DBABRoe4DBABT
j3EDBAFV2YIDBABXeFcDBABXeH4DBABXeKYDBAFXeMADBAFXeT4DBAFXeXIDBABX
ed0DBABc+TIDBAFde2QDBABde20DBABenLwDBACTTmUDBAK52lQDBAC53qADBAC5
9t0DBAC5/LEDBADCN7oDBADCqa8wDQYJKoZIhvcNAQELBQADggEBAFj+xNkJ91lC
qKCbiFRkB1E/TVIiUjrm9qeMXPqg6RXLvdBJ4ouf+PjZiXHCg7+n3xmvh8qjyC7F
w+eWk68gX9+ONl1Th5+ifZCnyE7kafSdEN+gjSvaMi9B+S7RWHKjLgY+BbI0HeJr
ZuaYrSpm/ctJSJG7y8ktIt6SBvGGehvCg60n6yLfd8Vhv9r+wLQ667axY8Pe2MDm
NrQaIWkZoDfePgvFp/GNuaxRcP0Go9VrG3XfxUV5Ia5LlUy/s3TxY5bMEdE41tbQ
mQWFVKPaD7qTIZbUndcxblfr7a63Y8srcAYRrnDyR3+Nnkcw74PMQtQ/F9mRqLBd
4oYVj2WYn/g=
-----END CERTIFICATE-----
Generated at Wed Jul 1 10:51:37 2026 by rpki-client