Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/a0c444-9796-4f06-83f2-aa788a420aec/1/gDfDao3a0Zdg1NjYg2DDNUy1-zY.roa
File: gDfDao3a0Zdg1NjYg2DDNUy1-zY.roa (raw, json)
Hash identifier: 43Y4/29GJlvHmdmct51Gv0aODZGLSjRagV2dnZcmslU=
Subject key identifier: 80:37:C3:6A:8D:DA:D1:97:60:D4:D8:D8:83:60:C3:35:4C:B5:FB:36
Certificate issuer: /CN=a74c6706e3fbebdff146a8a14ec2a3284a92ba62
Certificate serial: 019EF8C8E3356CC0C8178002C8FDEF59ABC6
Authority key identifier: A7:4C:67:06:E3:FB:EB:DF:F1:46:A8:A1:4E:C2:A3:28:4A:92:BA:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p0xnBuP769_xRqihTsKjKEqSumI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/a0c444-9796-4f06-83f2-aa788a420aec/1/gDfDao3a0Zdg1NjYg2DDNUy1-zY.roa
Signing time: Wed 24 Jun 2026 08:39:35 +0000
ROA not before: Wed 24 Jun 2026 08:39:35 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 1836
IP address blocks: 80.86.192.0/20 maxlen: 21
80.86.192.0/24 maxlen: 24
80.86.193.0/24 maxlen: 24
80.253.80.0/21 maxlen: 22
80.254.160.0/19 maxlen: 20
81.6.0.0/19 maxlen: 20
81.6.48.0/20 maxlen: 21
81.221.0.0/16 maxlen: 17
81.221.250.0/24 maxlen: 24
81.221.252.0/24 maxlen: 24
81.221.254.0/24 maxlen: 24
82.195.224.0/19 maxlen: 20
146.228.0.0/16 maxlen: 17
146.228.64.0/24 maxlen: 24
193.72.0.0/18 maxlen: 19
193.72.64.0/21 maxlen: 21
193.72.72.0/22 maxlen: 22
193.72.76.0/23 maxlen: 23
193.72.78.0/24 maxlen: 24
193.72.81.0/24 maxlen: 24
193.72.82.0/23 maxlen: 24
193.72.84.0/22 maxlen: 23
193.72.88.0/21 maxlen: 22
193.72.96.0/19 maxlen: 20
193.72.128.0/20 maxlen: 21
193.72.148.0/22 maxlen: 23
193.72.152.0/21 maxlen: 22
193.72.160.0/22 maxlen: 23
193.72.164.0/23 maxlen: 24
193.72.167.0/24 maxlen: 24
193.72.168.0/21 maxlen: 22
193.72.176.0/21 maxlen: 22
193.72.184.0/23 maxlen: 24
193.72.187.0/24 maxlen: 24
193.72.188.0/22 maxlen: 23
193.72.192.0/20 maxlen: 21
193.72.208.0/21 maxlen: 22
193.72.217.0/24 maxlen: 24
193.72.218.0/23 maxlen: 24
193.72.220.0/22 maxlen: 23
193.72.224.0/19 maxlen: 20
193.73.0.0/18 maxlen: 19
193.73.64.0/19 maxlen: 20
193.73.80.0/20 maxlen: 20
193.73.96.0/21 maxlen: 21
193.73.96.0/22 maxlen: 22
193.73.100.0/22 maxlen: 22
193.73.104.0/23 maxlen: 24
193.73.108.0/22 maxlen: 23
193.73.112.0/24 maxlen: 24
193.73.115.0/24 maxlen: 24
193.73.116.0/22 maxlen: 23
193.73.120.0/23 maxlen: 24
193.73.123.0/24 maxlen: 24
193.73.124.0/24 maxlen: 24
193.73.126.0/23 maxlen: 24
193.73.128.0/18 maxlen: 19
193.73.192.0/20 maxlen: 21
193.73.209.0/24 maxlen: 24
193.73.210.0/24 maxlen: 24
193.73.212.0/22 maxlen: 23
193.73.216.0/21 maxlen: 22
193.73.224.0/21 maxlen: 22
193.73.232.0/22 maxlen: 23
193.73.236.0/23 maxlen: 24
193.73.239.0/24 maxlen: 24
193.73.240.0/23 maxlen: 24
193.73.244.0/22 maxlen: 23
193.73.248.0/23 maxlen: 24
193.73.252.0/22 maxlen: 23
193.193.128.0/19 maxlen: 20
194.191.0.0/16 maxlen: 17
194.191.16.0/24 maxlen: 24
194.191.18.0/24 maxlen: 24
194.191.19.0/24 maxlen: 24
194.191.20.0/24 maxlen: 24
194.191.24.0/24 maxlen: 24
194.191.25.0/24 maxlen: 24
194.191.26.0/24 maxlen: 24
194.191.28.0/24 maxlen: 24
194.191.29.0/24 maxlen: 24
194.191.30.0/24 maxlen: 24
194.191.31.0/24 maxlen: 24
195.48.0.0/16 maxlen: 17
195.48.221.0/24 maxlen: 24
195.49.0.0/17 maxlen: 18
195.49.6.0/24 maxlen: 24
195.49.16.0/24 maxlen: 24
195.49.78.0/24 maxlen: 24
195.49.79.0/24 maxlen: 24
195.130.160.0/19 maxlen: 20
212.59.128.0/18 maxlen: 19
2001:1b50::/29 maxlen: 29
2a01:2a8::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/a0c444-9796-4f06-83f2-aa788a420aec/1/p0xnBuP769_xRqihTsKjKEqSumI.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/a0c444-9796-4f06-83f2-aa788a420aec/1/p0xnBuP769_xRqihTsKjKEqSumI.mft
rsync://rpki.ripe.net/repository/DEFAULT/p0xnBuP769_xRqihTsKjKEqSumI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Jun 2026 14:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:f8:c8:e3:35:6c:c0:c8:17:80:02:c8:fd:ef:59:ab:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a74c6706e3fbebdff146a8a14ec2a3284a92ba62
Validity
Not Before: Jun 24 08:39:35 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8037c36a8ddad19760d4d8d88360c3354cb5fb36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:8e:c0:bf:33:80:54:60:60:a5:ae:e2:12:47:
df:07:36:b9:b1:13:41:84:5f:57:95:a3:af:9c:6c:
f1:95:ea:cf:45:23:6e:5b:5d:d4:22:f4:1b:16:9d:
61:95:8c:85:72:14:5a:8d:d7:e8:3d:50:28:8e:72:
11:8e:da:f2:9e:0e:0e:78:64:8c:f1:a2:49:4b:49:
08:13:2b:32:c2:0a:ec:43:82:ca:70:e2:ed:41:40:
c7:5a:4d:e7:af:c1:3e:a7:3f:64:73:c2:8a:33:c8:
df:c5:52:e3:c0:df:85:17:f9:ac:10:79:d4:61:ad:
23:d1:3c:4b:e2:9d:86:c2:34:14:04:08:2a:55:a6:
89:9e:d9:0a:77:40:c1:a6:72:20:4f:ac:d1:2d:15:
2b:ec:3b:a4:57:94:1d:a2:27:b2:5b:45:eb:c5:82:
a8:9e:76:ac:77:6f:00:e8:e1:4f:34:e0:d3:21:d0:
28:8f:5d:cb:b8:55:70:d3:44:4d:53:ed:79:89:d6:
95:fa:2f:38:b9:3a:d1:57:dd:6b:91:9a:cf:01:85:
75:56:46:b1:c6:ac:3f:ed:3e:e1:6d:2a:21:e1:4c:
ef:e6:e8:64:13:4a:95:27:0b:3e:ee:b8:59:17:b1:
08:2b:f6:be:31:22:b2:30:8e:1d:6c:7c:b2:87:2b:
48:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:37:C3:6A:8D:DA:D1:97:60:D4:D8:D8:83:60:C3:35:4C:B5:FB:36
X509v3 Authority Key Identifier:
keyid:A7:4C:67:06:E3:FB:EB:DF:F1:46:A8:A1:4E:C2:A3:28:4A:92:BA:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p0xnBuP769_xRqihTsKjKEqSumI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/a0c444-9796-4f06-83f2-aa788a420aec/1/gDfDao3a0Zdg1NjYg2DDNUy1-zY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/a0c444-9796-4f06-83f2-aa788a420aec/1/p0xnBuP769_xRqihTsKjKEqSumI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.86.192.0/20
80.253.80.0/21
80.254.160.0/19
81.6.0.0/19
81.6.48.0/20
81.221.0.0/16
82.195.224.0/19
146.228.0.0/16
193.72.0.0-193.72.78.255
193.72.81.0-193.72.143.255
193.72.148.0-193.72.165.255
193.72.167.0-193.72.185.255
193.72.187.0-193.72.215.255
193.72.217.0-193.73.105.255
193.73.108.0-193.73.112.255
193.73.115.0-193.73.121.255
193.73.123.0-193.73.124.255
193.73.126.0-193.73.207.255
193.73.209.0-193.73.210.255
193.73.212.0-193.73.237.255
193.73.239.0-193.73.241.255
193.73.244.0-193.73.249.255
193.73.252.0/22
193.193.128.0/19
194.191.0.0/16
195.48.0.0-195.49.127.255
195.130.160.0/19
212.59.128.0/18
IPv6:
2001:1b50::/29
2a01:2a8::/29
Signature Algorithm: sha256WithRSAEncryption
c9:0f:70:2e:2c:a3:5c:c0:93:8e:9f:e0:e9:94:2c:9d:7b:d9:
3f:6a:b7:e2:aa:30:37:4d:14:01:a0:35:a6:65:8f:09:6c:ac:
19:c8:77:a7:97:d0:66:27:cc:f9:4e:3e:14:af:05:ba:19:83:
26:40:ed:1a:eb:a7:70:33:80:6e:22:65:ea:57:c1:a1:8b:b9:
3e:f6:6a:4e:83:7b:db:bd:9f:f4:1a:1b:43:77:73:23:1e:c9:
57:c9:10:6c:8c:f2:c9:bd:c3:a0:c9:68:42:63:13:36:c3:26:
c8:d9:cf:2f:c6:1b:d5:64:d5:9d:8f:51:d5:e8:e1:c6:f2:0e:
90:de:46:b1:9b:02:12:eb:82:7d:e4:33:37:85:42:d3:05:26:
90:8c:81:c5:f2:d1:16:e5:9d:1a:d4:39:cf:ed:67:de:9d:a4:
40:4f:24:8b:54:65:95:0d:d4:0d:f9:e2:8e:fe:24:cd:c9:fa:
71:a2:ad:98:96:ab:68:6e:b1:b2:67:f5:61:46:66:98:58:bb:
df:22:9e:4a:57:03:98:96:67:2e:56:7a:5b:9b:a4:e3:66:85:
b2:66:65:4b:53:f9:73:5a:4d:58:34:8b:79:ed:95:94:52:31:
01:c4:8c:c5:a0:5c:36:8c:95:95:8a:60:d4:2b:a9:5a:85:ef:
a4:c2:b7:a3
-----BEGIN CERTIFICATE-----
MIIGMjCCBRqgAwIBAgISAZ74yOM1bMDIF4ACyP3vWavGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3NGM2NzA2ZTNmYmViZGZmMTQ2YThhMTRlYzJhMzI4NGE5
MmJhNjIwHhcNMjYwNjI0MDgzOTM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDM3YzM2YThkZGFkMTk3NjBkNGQ4ZDg4MzYwYzMzNTRjYjVmYjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmI7AvzOAVGBgpa7iEkffBza5sRNB
hF9XlaOvnGzxlerPRSNuW13UIvQbFp1hlYyFchRajdfoPVAojnIRjtryng4OeGSM
8aJJS0kIEysywgrsQ4LKcOLtQUDHWk3nr8E+pz9kc8KKM8jfxVLjwN+FF/msEHnU
Ya0j0TxL4p2GwjQUBAgqVaaJntkKd0DBpnIgT6zRLRUr7DukV5QdoieyW0XrxYKo
nnasd28A6OFPNODTIdAoj13LuFVw00RNU+15idaV+i84uTrRV91rkZrPAYV1Vkax
xqw/7T7hbSoh4Uzv5uhkE0qVJws+7rhZF7EIK/a+MSKyMI4dbHyyhytI/wIDAQAB
o4IDPjCCAzowHQYDVR0OBBYEFIA3w2qN2tGXYNTY2INgwzVMtfs2MB8GA1UdIwQY
MBaAFKdMZwbj++vf8UaooU7CoyhKkrpiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDB4bkJ1UDc2OV94UnFpaFRzS2pLRXFTdW1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9hMGM0NDQtOTc5Ni00ZjA2LTgzZjIt
YWE3ODhhNDIwYWVjLzEvZ0RmRGFvM2EwWmRnMU5qWWcyREROVXkxLXpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9hMGM0NDQtOTc5Ni00ZjA2LTgzZjItYWE3ODhhNDIwYWVj
LzEvcDB4bkJ1UDc2OV94UnFpaFRzS2pLRXFTdW1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBUgYIKwYBBQUHAQcBAf8EggFBMIIBPTCCASMEAgABMIIB
GwMEBFBWwAMEA1D9UAMEBVD+oAMEBVEGAAMEBFEGMAMDAFHdAwQFUsPgAwMAkuQw
CwMDA8FIAwQAwUhOMAwDBADBSFEDBATBSIAwDAMEAsFIlAMEAcFIpDAMAwQAwUin
AwQBwUi4MAwDBADBSLsDBAPBSNAwDAMEAMFI2QMEAcFJaDAMAwQCwUlsAwQAwUlw
MAwDBADBSXMDBAHBSXgwDAMEAMFJewMEAMFJfDAMAwQBwUl+AwQEwUnAMAwDBADB
SdEDBADBSdIwDAMEAsFJ1AMEAcFJ7DAMAwQAwUnvAwQBwUnwMAwDBALBSfQDBAHB
SfgDBALBSfwDBAXBwYADAwDCvzALAwMEwzADBAfDMQADBAXDgqADBAbUO4AwFAQC
AAIwDgMFAyABG1ADBQMqAQKoMA0GCSqGSIb3DQEBCwUAA4IBAQDJD3AuLKNcwJOO
n+DplCyde9k/arfiqjA3TRQBoDWmZY8JbKwZyHenl9BmJ8z5Tj4UrwW6GYMmQO0a
66dwM4BuImXqV8Ghi7k+9mpOg3vbvZ/0GhtDd3MjHslXyRBsjPLJvcOgyWhCYxM2
wybI2c8vxhvVZNWdj1HV6OHG8g6Q3kaxmwIS64J95DM3hULTBSaQjIHF8tEW5Z0a
1DnP7WfenaRATySLVGWVDdQN+eKO/iTNyfpxoq2YlqtobrGyZ/VhRmaYWLvfIp5K
VwOYlmcuVnpbm6TjZoWyZmVLU/lzWk1YNIt57ZWUUjEBxIzFoFw2jJWVimDUK6la
he+kwrej
-----END CERTIFICATE-----
Generated at Mon Jun 29 23:29:23 2026 by rpki-client