Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/Q3eDXLfCPHAoJdzCeN56I_jFqFE.roa
File: Q3eDXLfCPHAoJdzCeN56I_jFqFE.roa (raw, json)
Hash identifier: RWw+9J/s4cqWkWRZOZZ7Wz9rvv1dsxlwglX3JGpd19Y=
Subject key identifier: 43:77:83:5C:B7:C2:3C:70:28:25:DC:C2:78:DE:7A:23:F8:C5:A8:51
Certificate issuer: /CN=b9954499977278a75570b3403f4d3aa00b1b36e8
Certificate serial: 019EACD2BAFED015098C306AFE06679953FD
Authority key identifier: B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/Q3eDXLfCPHAoJdzCeN56I_jFqFE.roa
Signing time: Tue 09 Jun 2026 14:39:11 +0000
ROA not before: Tue 09 Jun 2026 14:39:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 12741
IP address blocks: 5.226.64.0/18 maxlen: 18
5.226.92.0/24 maxlen: 24
5.226.128.0/22 maxlen: 24
5.226.135.0/24 maxlen: 24
37.128.0.0/17 maxlen: 17
37.128.0.0/19 maxlen: 19
37.128.32.0/20 maxlen: 20
37.128.48.0/20 maxlen: 20
37.128.64.0/18 maxlen: 18
62.87.128.0/17 maxlen: 17
62.89.64.0/18 maxlen: 18
62.111.128.0/17 maxlen: 17
62.111.250.0/24 maxlen: 24
62.148.64.0/19 maxlen: 19
62.181.160.0/19 maxlen: 19
62.233.128.0/17 maxlen: 17
62.244.128.0/19 maxlen: 19
77.65.134.0/24 maxlen: 24
77.65.155.0/24 maxlen: 24
77.65.171.0/24 maxlen: 24
77.65.188.0/24 maxlen: 24
77.65.193.0/24 maxlen: 24
77.65.209.0/24 maxlen: 24
77.65.226.0/24 maxlen: 24
77.65.227.0/24 maxlen: 24
77.252.0.0/14 maxlen: 14
77.252.0.0/16 maxlen: 24
78.8.0.0/14 maxlen: 14
81.168.128.0/17 maxlen: 17
81.210.0.0/17 maxlen: 17
81.219.0.0/16 maxlen: 16
82.143.128.0/18 maxlen: 18
83.142.112.0/21 maxlen: 21
83.238.0.0/16 maxlen: 16
84.40.128.0/17 maxlen: 17
84.40.128.0/20 maxlen: 20
84.40.136.0/24 maxlen: 24
84.40.144.0/21 maxlen: 21
84.40.152.0/21 maxlen: 21
84.40.160.0/19 maxlen: 19
84.40.192.0/20 maxlen: 20
84.40.208.0/21 maxlen: 21
84.40.216.0/21 maxlen: 21
84.40.224.0/21 maxlen: 21
84.40.236.0/24 maxlen: 24
84.40.240.0/20 maxlen: 20
85.31.252.0/24 maxlen: 24
85.128.0.0/17 maxlen: 17
85.202.54.0/24 maxlen: 24
85.202.59.0/24 maxlen: 24
87.105.0.0/16 maxlen: 16
87.204.0.0/15 maxlen: 15
87.204.0.0/16 maxlen: 16
87.205.0.0/17 maxlen: 17
87.205.128.0/17 maxlen: 17
87.239.216.0/21 maxlen: 22
89.171.0.0/16 maxlen: 16
91.192.88.0/22 maxlen: 22
91.193.196.0/22 maxlen: 22
93.159.0.0/18 maxlen: 18
93.180.160.0/19 maxlen: 19
159.205.0.0/16 maxlen: 16
178.16.116.0/24 maxlen: 24
178.16.121.0/24 maxlen: 24
178.16.125.0/24 maxlen: 24
178.36.0.0/15 maxlen: 15
185.18.176.0/22 maxlen: 22
185.58.160.0/22 maxlen: 22
185.58.160.0/23 maxlen: 23
185.58.162.0/23 maxlen: 23
185.72.184.0/22 maxlen: 22
185.164.140.0/22 maxlen: 22
185.244.96.0/22 maxlen: 22
188.114.66.0/24 maxlen: 24
188.127.0.0/19 maxlen: 19
193.19.104.0/23 maxlen: 23
193.91.16.0/20 maxlen: 20
193.192.173.0/24 maxlen: 24
193.192.181.0/24 maxlen: 24
193.192.188.0/24 maxlen: 24
193.192.190.0/24 maxlen: 24
195.114.160.0/19 maxlen: 19
212.49.32.0/19 maxlen: 19
212.106.0.0/19 maxlen: 19
212.106.0.0/20 maxlen: 20
212.106.16.0/20 maxlen: 20
213.17.128.0/17 maxlen: 17
213.17.244.0/24 maxlen: 24
213.134.128.0/19 maxlen: 19
213.146.32.0/19 maxlen: 19
213.186.64.0/19 maxlen: 19
213.195.128.0/18 maxlen: 18
213.216.64.0/18 maxlen: 18
213.238.64.0/18 maxlen: 18
213.241.0.0/17 maxlen: 17
213.241.89.0/24 maxlen: 24
217.30.128.0/19 maxlen: 19
2001:16b0::/32 maxlen: 32
2001:41b0::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/uZVEmZdyeKdVcLNAP006oAsbNug.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/uZVEmZdyeKdVcLNAP006oAsbNug.mft
rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 11:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:ac:d2:ba:fe:d0:15:09:8c:30:6a:fe:06:67:99:53:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9954499977278a75570b3403f4d3aa00b1b36e8
Validity
Not Before: Jun 9 14:39:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4377835cb7c23c702825dcc278de7a23f8c5a851
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:cf:a4:fd:18:ae:09:a9:6c:72:ae:23:45:01:
21:1c:d1:77:fa:5a:50:a7:a8:1b:38:8d:e4:73:e6:
b0:16:58:ac:7b:00:29:f4:2f:47:56:50:c8:35:3d:
89:f3:56:66:cf:0e:51:7a:6b:d9:7a:00:be:33:10:
d9:78:c7:8f:aa:0e:8a:40:e2:87:5d:f4:9e:f7:ba:
f9:49:63:16:7f:ec:21:49:97:2e:53:f4:09:e3:b9:
22:a3:18:22:16:1f:db:d6:6b:b6:7c:7a:40:61:3d:
d2:cd:57:77:4c:8a:37:cc:c1:cb:ff:9d:54:51:6d:
f3:11:f5:04:4b:17:aa:20:ad:65:a5:61:4f:5f:04:
3f:69:6c:0f:f5:61:02:4a:88:7a:36:44:e1:5e:6a:
ce:22:10:1d:12:4b:d9:8e:57:fe:2e:45:40:3b:ec:
0e:24:7b:e9:fc:39:89:c7:b2:9f:45:fc:54:50:22:
3d:2a:ca:7f:fc:2a:1e:54:a5:9f:4c:5a:7b:86:e2:
83:bb:bc:c9:62:34:b7:26:52:05:84:38:1e:80:12:
15:7e:2a:8d:8c:a0:32:64:1e:e0:82:c2:c8:d0:80:
81:ae:09:9f:1a:2e:4a:d6:9e:5b:22:ae:be:96:7e:
5d:67:7a:16:02:bc:fc:52:f7:5e:a4:a7:c0:2b:83:
bc:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:77:83:5C:B7:C2:3C:70:28:25:DC:C2:78:DE:7A:23:F8:C5:A8:51
X509v3 Authority Key Identifier:
keyid:B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/Q3eDXLfCPHAoJdzCeN56I_jFqFE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/uZVEmZdyeKdVcLNAP006oAsbNug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.226.64.0-5.226.131.255
5.226.135.0/24
37.128.0.0/17
62.87.128.0/17
62.89.64.0/18
62.111.128.0/17
62.148.64.0/19
62.181.160.0/19
62.233.128.0/17
62.244.128.0/19
77.65.134.0/24
77.65.155.0/24
77.65.171.0/24
77.65.188.0/24
77.65.193.0/24
77.65.209.0/24
77.65.226.0/23
77.252.0.0/14
78.8.0.0/14
81.168.128.0/17
81.210.0.0/17
81.219.0.0/16
82.143.128.0/18
83.142.112.0/21
83.238.0.0/16
84.40.128.0/17
85.31.252.0/24
85.128.0.0/17
85.202.54.0/24
85.202.59.0/24
87.105.0.0/16
87.204.0.0/15
87.239.216.0/21
89.171.0.0/16
91.192.88.0/22
91.193.196.0/22
93.159.0.0/18
93.180.160.0/19
159.205.0.0/16
178.16.116.0/24
178.16.121.0/24
178.16.125.0/24
178.36.0.0/15
185.18.176.0/22
185.58.160.0/22
185.72.184.0/22
185.164.140.0/22
185.244.96.0/22
188.114.66.0/24
188.127.0.0/19
193.19.104.0/23
193.91.16.0/20
193.192.173.0/24
193.192.181.0/24
193.192.188.0/24
193.192.190.0/24
195.114.160.0/19
212.49.32.0/19
212.106.0.0/19
213.17.128.0/17
213.134.128.0/19
213.146.32.0/19
213.186.64.0/19
213.195.128.0/18
213.216.64.0/18
213.238.64.0/18
213.241.0.0/17
217.30.128.0/19
IPv6:
2001:16b0::/32
2001:41b0::/32
Signature Algorithm: sha256WithRSAEncryption
27:7f:00:e1:49:62:96:f5:44:ca:bd:df:2e:de:32:81:d3:f9:
a2:bd:ba:a0:77:94:47:f9:86:d0:61:8e:9b:9b:18:f5:49:31:
58:cf:81:a1:79:f4:85:f8:aa:be:b8:38:89:66:7c:fa:89:47:
d9:f5:24:56:5e:18:cb:08:5c:8f:4c:3e:3f:01:bb:cb:cc:10:
96:a2:08:10:fa:06:b4:86:eb:0c:f6:27:44:dd:7a:58:98:d5:
e2:b3:b6:7b:42:58:26:6e:5f:aa:5d:f0:6f:53:1c:31:23:76:
56:bc:f1:ac:e6:a7:6f:2d:c5:91:f6:de:85:b4:6c:38:15:35:
b1:8d:76:3d:27:de:ba:b0:a8:31:ac:87:7b:e7:95:93:10:f7:
d3:69:16:d7:da:35:75:a2:b2:bc:91:9e:4e:b2:9b:f8:35:53:
56:3f:1d:b8:96:2b:8c:36:c8:75:d4:a9:17:a2:34:f9:e7:42:
60:20:ef:44:29:72:ba:d3:0b:86:5c:77:ab:ac:c2:f1:ed:f5:
90:e5:03:eb:05:dc:c9:d0:7b:90:45:8f:8b:b6:42:92:1b:fc:
ee:04:89:dc:a5:76:83:b0:eb:87:e1:27:8c:6c:3a:fa:a5:82:
f9:e2:2e:9f:e2:b8:8d:99:ff:bd:96:c9:43:bf:4d:80:20:55:
e2:1e:08:88
-----BEGIN CERTIFICATE-----
MIIGrjCCBZagAwIBAgISAZ6s0rr+0BUJjDBq/gZnmVP9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5OTU0NDk5OTc3Mjc4YTc1NTcwYjM0MDNmNGQzYWEwMGIx
YjM2ZTgwHhcNMjYwNjA5MTQzOTExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Mzc3ODM1Y2I3YzIzYzcwMjgyNWRjYzI3OGRlN2EyM2Y4YzVhODUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz8+k/RiuCalscq4jRQEhHNF3+lpQ
p6gbOI3kc+awFlisewAp9C9HVlDINT2J81Zmzw5RemvZegC+MxDZeMePqg6KQOKH
XfSe97r5SWMWf+whSZcuU/QJ47kioxgiFh/b1mu2fHpAYT3SzVd3TIo3zMHL/51U
UW3zEfUESxeqIK1lpWFPXwQ/aWwP9WECSoh6NkThXmrOIhAdEkvZjlf+LkVAO+wO
JHvp/DmJx7KfRfxUUCI9Ksp//CoeVKWfTFp7huKDu7zJYjS3JlIFhDgegBIVfiqN
jKAyZB7ggsLI0ICBrgmfGi5K1p5bIq6+ln5dZ3oWArz8UvdepKfAK4O8ywIDAQAB
o4IDujCCA7YwHQYDVR0OBBYEFEN3g1y3wjxwKCXcwnjeeiP4xahRMB8GA1UdIwQY
MBaAFLmVRJmXcninVXCzQD9NOqALGzboMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVpWRW1aZHllS2RWY0xOQVAwMDZvQXNiTnVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny83ODg4MDMtYmUxMi00MzNmLWE4ZDAt
MDI0YjE2NTVjMjQ3LzEvUTNlRFhMZkNQSEFvSmR6Q2VONTZJX2pGcUZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny83ODg4MDMtYmUxMi00MzNmLWE4ZDAtMDI0YjE2NTVjMjQ3
LzEvdVpWRW1aZHllS2RWY0xOQVAwMDZvQXNiTnVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBzgYIKwYBBQUHAQcBAf8EggG9MIIBuTCCAZ8EAgABMIIB
lzAMAwQGBeJAAwQCBeKAAwQABeKHAwQHJYAAAwQHPleAAwQGPllAAwQHPm+AAwQF
PpRAAwQFPrWgAwQHPumAAwQFPvSAAwQATUGGAwQATUGbAwQATUGrAwQATUG8AwQA
TUHBAwQATUHRAwQBTUHiAwMCTfwDAwJOCAMEB1GogAMEB1HSAAMDAFHbAwQGUo+A
AwQDU45wAwMAU+4DBAdUKIADBABVH/wDBAdVgAADBABVyjYDBABVyjsDAwBXaQMD
AVfMAwQDV+/YAwMAWasDBAJbwFgDBAJbwcQDBAZdnwADBAVdtKADAwCfzQMEALIQ
dAMEALIQeQMEALIQfQMDAbIkAwQCuRKwAwQCuTqgAwQCuUi4AwQCuaSMAwQCufRg
AwQAvHJCAwQFvH8AAwQBwRNoAwQEwVsQAwQAwcCtAwQAwcC1AwQAwcC8AwQAwcC+
AwQFw3KgAwQF1DEgAwQF1GoAAwQH1RGAAwQF1YaAAwQF1ZIgAwQF1bpAAwQG1cOA
AwQG1dhAAwQG1e5AAwQH1fEAAwQF2R6AMBQEAgACMA4DBQAgARawAwUAIAFBsDAN
BgkqhkiG9w0BAQsFAAOCAQEAJ38A4UlilvVEyr3fLt4ygdP5or26oHeUR/mG0GGO
m5sY9UkxWM+BoXn0hfiqvrg4iWZ8+olH2fUkVl4Yywhcj0w+PwG7y8wQlqIIEPoG
tIbrDPYnRN16WJjV4rO2e0JYJm5fql3wb1McMSN2VrzxrOanby3FkfbehbRsOBU1
sY12PSfeurCoMayHe+eVkxD302kW19o1daKyvJGeTrKb+DVTVj8duJYrjDbIddSp
F6I0+edCYCDvRClyutMLhlx3q6zC8e31kOUD6wXcydB7kEWPi7ZCkhv87gSJ3KV2
g7Drh+EnjGw6+qWC+eIun+K4jZn/vZbJQ79NgCBV4h4IiA==
-----END CERTIFICATE-----
Generated at Thu Jun 11 18:55:23 2026 by rpki-client