Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/1pHn4hqgEKi5WJeiJ2I6cNmqUs4.roa
File: 1pHn4hqgEKi5WJeiJ2I6cNmqUs4.roa (raw, json)
Hash identifier: rm285URNEpurD6hEamOB1NODDegbZPZxULRcBNqYUGw=
Subject key identifier: D6:91:E7:E2:1A:A0:10:A8:B9:58:97:A2:27:62:3A:70:D9:AA:52:CE
Certificate issuer: /CN=4ee843a85dd664e9dc0310892bd7dd9ce52591c7
Certificate serial: 019CAF36250D715B465C344A981A90BFCD1D
Authority key identifier: 4E:E8:43:A8:5D:D6:64:E9:DC:03:10:89:2B:D7:DD:9C:E5:25:91:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TuhDqF3WZOncAxCJK9fdnOUlkcc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/1pHn4hqgEKi5WJeiJ2I6cNmqUs4.roa
Signing time: Mon 02 Mar 2026 15:41:27 +0000
ROA not before: Mon 02 Mar 2026 15:41:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 25160
IP address blocks: 5.10.144.0/20 maxlen: 20
31.28.65.0/24 maxlen: 24
31.28.67.0/24 maxlen: 24
31.28.68.0/24 maxlen: 24
31.28.70.0/24 maxlen: 24
31.28.72.0/24 maxlen: 24
31.28.75.0/24 maxlen: 24
31.28.80.0/22 maxlen: 22
31.28.84.0/23 maxlen: 23
31.28.86.0/24 maxlen: 24
37.157.32.0/21 maxlen: 21
45.88.112.0/22 maxlen: 22
82.163.112.0/21 maxlen: 21
82.163.124.0/22 maxlen: 22
82.163.192.0/19 maxlen: 24
82.163.205.0/24 maxlen: 24
91.238.221.0/24 maxlen: 24
94.126.43.0/24 maxlen: 24
94.126.47.0/24 maxlen: 24
144.98.0.0/16 maxlen: 16
158.41.64.0/18 maxlen: 18
165.65.0.0/16 maxlen: 16
178.18.116.0/23 maxlen: 23
178.18.119.0/24 maxlen: 24
185.28.240.0/22 maxlen: 22
185.53.224.0/22 maxlen: 22
185.120.204.0/22 maxlen: 22
185.121.76.0/22 maxlen: 22
185.135.164.0/22 maxlen: 22
185.237.48.0/22 maxlen: 22
193.0.176.0/23 maxlen: 23
193.221.128.0/19 maxlen: 19
194.8.254.0/23 maxlen: 23
195.250.16.0/22 maxlen: 22
206.245.192.0/18 maxlen: 24
2a00:e340::/29 maxlen: 29
2a01:a220::/29 maxlen: 30
2a10:d700::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/TuhDqF3WZOncAxCJK9fdnOUlkcc.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/TuhDqF3WZOncAxCJK9fdnOUlkcc.mft
rsync://rpki.ripe.net/repository/DEFAULT/TuhDqF3WZOncAxCJK9fdnOUlkcc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 05 Mar 2026 09:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:af:36:25:0d:71:5b:46:5c:34:4a:98:1a:90:bf:cd:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ee843a85dd664e9dc0310892bd7dd9ce52591c7
Validity
Not Before: Mar 2 15:41:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d691e7e21aa010a8b95897a227623a70d9aa52ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:89:e3:e0:2e:93:d0:30:c3:26:3b:f0:fd:dc:
92:02:a5:c5:20:bd:e4:f3:ef:dd:3a:a9:0d:ad:1a:
9c:4d:6f:90:f4:0f:76:4f:86:6a:f0:63:03:50:46:
62:3c:ad:0b:60:e2:d3:ee:a6:3d:eb:e9:b2:7d:93:
05:ce:ea:c6:44:a4:d5:7c:9a:9d:41:5c:22:fd:7a:
c8:33:4c:bd:f7:a8:4e:b7:75:c8:fb:48:5a:8c:d9:
55:05:69:3d:24:27:5e:6f:9c:ba:b3:e6:5f:a8:f3:
0a:b0:24:74:e3:57:cd:0b:a5:35:42:c8:7a:f9:e8:
64:8c:62:92:76:a3:57:6f:8a:72:e5:a7:48:5a:72:
42:3b:91:08:80:7b:7f:c0:b9:93:8b:bd:b2:48:fa:
df:c3:c4:d9:36:c9:35:2c:5b:d8:89:b5:e1:cc:16:
30:b0:72:05:8d:44:1e:c9:c9:bc:0c:89:7b:cd:6c:
91:20:03:8a:b3:14:01:da:b3:a6:e3:d2:25:f1:77:
47:ed:46:36:f5:34:b9:36:a6:bc:2b:f3:ee:af:35:
22:6f:14:e5:e7:48:d1:2d:87:6d:92:d8:75:9f:8c:
8d:55:40:f4:40:16:dc:80:26:df:2d:ba:84:b3:f3:
a2:2a:42:3f:d8:20:5b:5d:0d:3c:23:5f:d9:17:36:
fd:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:91:E7:E2:1A:A0:10:A8:B9:58:97:A2:27:62:3A:70:D9:AA:52:CE
X509v3 Authority Key Identifier:
keyid:4E:E8:43:A8:5D:D6:64:E9:DC:03:10:89:2B:D7:DD:9C:E5:25:91:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TuhDqF3WZOncAxCJK9fdnOUlkcc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/1pHn4hqgEKi5WJeiJ2I6cNmqUs4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/TuhDqF3WZOncAxCJK9fdnOUlkcc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.144.0/20
31.28.65.0/24
31.28.67.0-31.28.68.255
31.28.70.0/24
31.28.72.0/24
31.28.75.0/24
31.28.80.0-31.28.86.255
37.157.32.0/21
45.88.112.0/22
82.163.112.0/21
82.163.124.0/22
82.163.192.0/19
91.238.221.0/24
94.126.43.0/24
94.126.47.0/24
144.98.0.0/16
158.41.64.0/18
165.65.0.0/16
178.18.116.0/23
178.18.119.0/24
185.28.240.0/22
185.53.224.0/22
185.120.204.0/22
185.121.76.0/22
185.135.164.0/22
185.237.48.0/22
193.0.176.0/23
193.221.128.0/19
194.8.254.0/23
195.250.16.0/22
206.245.192.0/18
IPv6:
2a00:e340::/29
2a01:a220::/29
2a10:d700::/29
Signature Algorithm: sha256WithRSAEncryption
bd:c1:12:d4:96:1f:f5:b0:61:67:02:69:d3:30:49:51:b8:6e:
48:63:5f:f1:d9:de:cb:cc:23:86:14:52:b4:2f:a7:a3:36:fa:
68:c9:09:7c:dd:4b:8d:f1:31:b4:9c:83:93:4c:d0:b1:fb:42:
97:6f:2b:39:68:1c:7a:ed:1e:3a:8a:4e:d6:63:ba:c0:e2:8c:
90:0b:c4:36:42:bf:7c:6a:cd:ef:3d:2d:4c:33:ff:f6:88:59:
00:da:26:a6:95:9b:c3:49:90:76:04:dc:d5:0a:9c:ca:52:c9:
75:fc:00:dc:3a:e1:a1:76:08:25:1f:5d:78:36:fb:6f:be:b0:
8f:2d:e3:d6:18:70:3f:94:94:24:0c:51:ca:db:9d:2a:8f:ad:
ca:0d:7c:92:ab:de:46:2d:ac:e2:8d:aa:cb:ea:3f:87:ad:86:
a0:2b:6f:87:a5:6d:2d:2b:20:9c:c9:75:68:55:92:c8:f4:b2:
f1:ab:b3:f9:41:0a:fe:46:50:cc:f1:c5:60:70:06:ff:be:af:
9e:60:76:bb:dd:4f:86:13:15:af:1f:20:0c:bb:99:e9:1f:95:
0e:78:61:64:0a:d1:c8:7c:c6:8f:68:37:78:63:ad:e8:a4:bd:
69:ea:f8:37:99:39:40:da:52:fb:e6:30:25:66:ff:9f:09:01:
dc:ab:62:1c
-----BEGIN CERTIFICATE-----
MIIF4jCCBMqgAwIBAgISAZyvNiUNcVtGXDRKmBqQv80dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlZTg0M2E4NWRkNjY0ZTlkYzAzMTA4OTJiZDdkZDljZTUy
NTkxYzcwHhcNMjYwMzAyMTU0MTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjkxZTdlMjFhYTAxMGE4Yjk1ODk3YTIyNzYyM2E3MGQ5YWE1MmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmYnj4C6T0DDDJjvw/dySAqXFIL3k
8+/dOqkNrRqcTW+Q9A92T4Zq8GMDUEZiPK0LYOLT7qY96+myfZMFzurGRKTVfJqd
QVwi/XrIM0y996hOt3XI+0hajNlVBWk9JCdeb5y6s+ZfqPMKsCR041fNC6U1Qsh6
+ehkjGKSdqNXb4py5adIWnJCO5EIgHt/wLmTi72ySPrfw8TZNsk1LFvYibXhzBYw
sHIFjUQeycm8DIl7zWyRIAOKsxQB2rOm49Il8XdH7UY29TS5Nqa8K/PurzUibxTl
50jRLYdtkth1n4yNVUD0QBbcgCbfLbqEs/OiKkI/2CBbXQ08I1/ZFzb9twIDAQAB
o4IC7jCCAuowHQYDVR0OBBYEFNaR5+IaoBCouViXoidiOnDZqlLOMB8GA1UdIwQY
MBaAFE7oQ6hd1mTp3AMQiSvX3ZzlJZHHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHVoRHFGM1daT25jQXhDSks5ZmRuT1Vsa2NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9hZGFkMjAtYzUxMi00ZmIwLWExMjct
NDhjZjQxMmIzODdiLzEvMXBIbjRocWdFS2k1V0plaUoySTZjTm1xVXM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9hZGFkMjAtYzUxMi00ZmIwLWExMjctNDhjZjQxMmIzODdi
LzEvVHVoRHFGM1daT25jQXhDSks5ZmRuT1Vsa2NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAgYIKwYBBQUHAQcBAf8EgfIwge8wgc8EAgABMIHIAwQE
BQqQAwQAHxxBMAwDBAAfHEMDBAAfHEQDBAAfHEYDBAAfHEgDBAAfHEswDAMEBB8c
UAMEAB8cVgMEAyWdIAMEAi1YcAMEA1KjcAMEAlKjfAMEBVKjwAMEAFvu3QMEAF5+
KwMEAF5+LwMDAJBiAwQGnilAAwMApUEDBAGyEnQDBACyEncDBAK5HPADBAK5NeAD
BAK5eMwDBAK5eUwDBAK5h6QDBAK57TADBAHBALADBAXB3YADBAHCCP4DBALD+hAD
BAbO9cAwGwQCAAIwFQMFAyoA40ADBQMqAaIgAwUDKhDXADANBgkqhkiG9w0BAQsF
AAOCAQEAvcES1JYf9bBhZwJp0zBJUbhuSGNf8dney8wjhhRStC+nozb6aMkJfN1L
jfExtJyDk0zQsftCl28rOWgceu0eOopO1mO6wOKMkAvENkK/fGrN7z0tTDP/9ohZ
ANomppWbw0mQdgTc1QqcylLJdfwA3DrhoXYIJR9deDb7b76wjy3j1hhwP5SUJAxR
ytudKo+tyg18kqveRi2s4o2qy+o/h62GoCtvh6VtLSsgnMl1aFWSyPSy8auz+UEK
/kZQzPHFYHAG/76vnmB2u91PhhMVrx8gDLuZ6R+VDnhhZArRyHzGj2g3eGOt6KS9
aer4N5k5QNpS++YwJWb/nwkB3KtiHA==
-----END CERTIFICATE-----
Generated at Wed Mar 4 14:21:30 2026 by rpki-client