Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/ddb424-7eb2-495e-8bb6-72fb97d59ce4/1/3FWP7V-FXpjXJ8qT_nK1ApWUTe8.roa
File: 3FWP7V-FXpjXJ8qT_nK1ApWUTe8.roa (raw, json)
Hash identifier: 4qunKMd7lr5mGLKWGnGHlTizo4GbcKUIIoZzDR/Kfi8=
Subject key identifier: DC:55:8F:ED:5F:85:5E:98:D7:27:CA:93:FE:72:B5:02:95:94:4D:EF
Certificate issuer: /CN=95d108f0e85868c2bbe7db6d7377034c131eb224
Certificate serial: 019E835A812365D7A4BDFDF0C6229D69AA1B
Authority key identifier: 95:D1:08:F0:E8:58:68:C2:BB:E7:DB:6D:73:77:03:4C:13:1E:B2:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ldEI8OhYaMK759ttc3cDTBMesiQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/ddb424-7eb2-495e-8bb6-72fb97d59ce4/1/3FWP7V-FXpjXJ8qT_nK1ApWUTe8.roa
Signing time: Mon 01 Jun 2026 13:23:27 +0000
ROA not before: Mon 01 Jun 2026 13:23:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 48031
IP address blocks: 152.234.165.0/24 maxlen: 24
177.177.208.0/24 maxlen: 24
177.177.213.0/24 maxlen: 24
177.177.214.0/24 maxlen: 24
177.177.217.0/24 maxlen: 24
177.177.218.0/24 maxlen: 24
177.177.220.0/24 maxlen: 24
177.177.221.0/24 maxlen: 24
177.202.197.0/24 maxlen: 24
177.203.49.0/24 maxlen: 24
177.203.51.0/24 maxlen: 24
177.203.54.0/24 maxlen: 24
177.203.55.0/24 maxlen: 24
177.203.57.0/24 maxlen: 24
177.203.58.0/24 maxlen: 24
177.203.60.0/24 maxlen: 24
177.203.61.0/24 maxlen: 24
179.66.177.0/24 maxlen: 24
179.66.179.0/24 maxlen: 24
179.66.182.0/24 maxlen: 24
179.66.183.0/24 maxlen: 24
179.66.185.0/24 maxlen: 24
179.66.186.0/24 maxlen: 24
179.66.189.0/24 maxlen: 24
179.236.33.0/24 maxlen: 24
179.236.35.0/24 maxlen: 24
179.236.38.0/24 maxlen: 24
179.236.39.0/24 maxlen: 24
179.236.41.0/24 maxlen: 24
179.236.42.0/24 maxlen: 24
179.236.44.0/24 maxlen: 24
179.236.45.0/24 maxlen: 24
179.236.47.0/24 maxlen: 24
179.252.209.0/24 maxlen: 24
179.252.211.0/24 maxlen: 24
179.252.214.0/24 maxlen: 24
179.252.215.0/24 maxlen: 24
179.252.216.0/24 maxlen: 24
179.252.217.0/24 maxlen: 24
179.252.218.0/24 maxlen: 24
179.252.221.0/24 maxlen: 24
179.252.223.0/24 maxlen: 24
179.255.177.0/24 maxlen: 24
179.255.179.0/24 maxlen: 24
179.255.180.0/24 maxlen: 24
179.255.182.0/24 maxlen: 24
179.255.183.0/24 maxlen: 24
186.240.187.0/24 maxlen: 24
186.240.188.0/24 maxlen: 24
186.240.189.0/24 maxlen: 24
186.240.190.0/24 maxlen: 24
187.5.225.0/24 maxlen: 24
187.5.230.0/24 maxlen: 24
187.5.233.0/24 maxlen: 24
187.5.234.0/24 maxlen: 24
187.5.237.0/24 maxlen: 24
200.225.169.0/24 maxlen: 24
200.225.182.0/24 maxlen: 24
200.225.183.0/24 maxlen: 24
200.225.186.0/24 maxlen: 24
201.4.105.0/24 maxlen: 24
201.4.119.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/ddb424-7eb2-495e-8bb6-72fb97d59ce4/1/ldEI8OhYaMK759ttc3cDTBMesiQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/98/ddb424-7eb2-495e-8bb6-72fb97d59ce4/1/ldEI8OhYaMK759ttc3cDTBMesiQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/ldEI8OhYaMK759ttc3cDTBMesiQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:83:5a:81:23:65:d7:a4:bd:fd:f0:c6:22:9d:69:aa:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95d108f0e85868c2bbe7db6d7377034c131eb224
Validity
Not Before: Jun 1 13:23:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=dc558fed5f855e98d727ca93fe72b50295944def
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:cd:a8:b4:91:74:aa:5d:73:f4:1f:39:94:a5:
fa:af:a3:16:7a:3a:61:8d:09:e0:05:a6:e8:9f:62:
d4:e8:41:9f:31:bb:d6:3a:64:52:a9:e7:65:ac:b8:
42:94:8f:26:e4:fc:59:94:c6:9d:b5:14:cc:61:4f:
a2:da:0c:43:50:62:ee:f4:20:5a:57:4c:aa:13:e0:
01:5d:51:b6:87:6b:3d:6a:98:00:f6:a5:44:4c:6f:
bd:6d:48:37:e6:30:e1:01:83:1c:33:fd:59:d2:55:
54:28:1d:78:e3:7a:03:c6:99:d3:26:0d:83:ac:a6:
8e:48:d1:53:c1:da:31:c6:41:df:97:ca:ff:10:a8:
8f:40:89:76:92:25:39:78:c1:55:9d:0f:6f:ba:4d:
be:93:4c:3e:38:8a:91:6d:92:ad:e1:a3:a1:b3:52:
5e:9d:f1:f8:61:8d:e7:bc:84:2d:b9:d8:64:a5:32:
b5:10:31:90:cb:a1:cf:6b:a2:f0:59:a4:e6:61:b9:
8b:1a:a5:e9:90:5b:3a:4a:c8:f6:e6:a4:80:21:ea:
ad:ac:de:25:96:7c:e3:f6:55:97:ef:09:6a:a8:9c:
1f:ac:ad:36:42:1d:bc:d5:73:44:a5:4e:c5:f9:57:
c4:dc:be:5a:50:6d:9c:50:48:7d:89:dd:8c:d9:35:
fb:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:55:8F:ED:5F:85:5E:98:D7:27:CA:93:FE:72:B5:02:95:94:4D:EF
X509v3 Authority Key Identifier:
keyid:95:D1:08:F0:E8:58:68:C2:BB:E7:DB:6D:73:77:03:4C:13:1E:B2:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ldEI8OhYaMK759ttc3cDTBMesiQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/ddb424-7eb2-495e-8bb6-72fb97d59ce4/1/3FWP7V-FXpjXJ8qT_nK1ApWUTe8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/ddb424-7eb2-495e-8bb6-72fb97d59ce4/1/ldEI8OhYaMK759ttc3cDTBMesiQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.234.165.0/24
177.177.208.0/24
177.177.213.0-177.177.214.255
177.177.217.0-177.177.218.255
177.177.220.0/23
177.202.197.0/24
177.203.49.0/24
177.203.51.0/24
177.203.54.0/23
177.203.57.0-177.203.58.255
177.203.60.0/23
179.66.177.0/24
179.66.179.0/24
179.66.182.0/23
179.66.185.0-179.66.186.255
179.66.189.0/24
179.236.33.0/24
179.236.35.0/24
179.236.38.0/23
179.236.41.0-179.236.42.255
179.236.44.0/23
179.236.47.0/24
179.252.209.0/24
179.252.211.0/24
179.252.214.0-179.252.218.255
179.252.221.0/24
179.252.223.0/24
179.255.177.0/24
179.255.179.0-179.255.180.255
179.255.182.0/23
186.240.187.0-186.240.190.255
187.5.225.0/24
187.5.230.0/24
187.5.233.0-187.5.234.255
187.5.237.0/24
200.225.169.0/24
200.225.182.0/23
200.225.186.0/24
201.4.105.0/24
201.4.119.0/24
Signature Algorithm: sha256WithRSAEncryption
77:07:04:81:ca:ac:6c:4d:e6:4b:00:44:30:4a:54:55:ee:40:
b6:63:a0:3f:93:df:78:72:5a:7a:92:2a:c6:b9:ff:fb:ce:ec:
12:c7:c8:2e:bb:57:d8:f6:6e:2f:b2:d5:2e:c7:6c:1a:fe:76:
0e:8d:ef:0b:1c:90:8d:0f:f2:ef:ec:09:17:85:e1:40:3a:e2:
b4:46:21:33:8a:56:5a:03:41:91:f8:f2:3a:1d:e8:27:20:25:
73:b4:d8:d8:e6:b6:fb:7a:0c:c3:2f:ef:07:f2:5c:44:de:4c:
6e:b6:9e:8d:3d:d6:9e:31:92:35:c0:ed:4b:30:a4:1d:a5:8f:
f4:7c:13:24:d4:85:de:4c:35:5e:46:23:04:63:31:19:3d:df:
db:17:9a:81:57:61:af:b5:27:a3:12:89:bc:12:ab:02:f4:34:
40:c1:c6:60:5d:ec:ad:97:49:05:e2:70:b5:7d:d0:a5:04:00:
a3:4d:19:5f:16:25:08:f1:f4:3b:bb:f6:67:4c:e1:7f:7c:c3:
38:0d:ff:e2:8e:1b:1c:32:8d:e1:28:f5:46:b6:bd:6e:d1:a2:
b2:39:85:4e:05:8b:77:dd:67:da:e0:c8:56:83:43:a0:53:85:
a6:6f:4e:88:43:2f:4d:09:9a:cb:8c:96:1c:ca:43:a7:6a:78:
14:06:c9:f6
-----BEGIN CERTIFICATE-----
MIIGOTCCBSGgAwIBAgISAZ6DWoEjZdekvf3wxiKdaaobMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1ZDEwOGYwZTg1ODY4YzJiYmU3ZGI2ZDczNzcwMzRjMTMx
ZWIyMjQwHhcNMjYwNjAxMTMyMzI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzU1OGZlZDVmODU1ZTk4ZDcyN2NhOTNmZTcyYjUwMjk1OTQ0ZGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtc2otJF0ql1z9B85lKX6r6MWejph
jQngBabon2LU6EGfMbvWOmRSqedlrLhClI8m5PxZlMadtRTMYU+i2gxDUGLu9CBa
V0yqE+ABXVG2h2s9apgA9qVETG+9bUg35jDhAYMcM/1Z0lVUKB1443oDxpnTJg2D
rKaOSNFTwdoxxkHfl8r/EKiPQIl2kiU5eMFVnQ9vuk2+k0w+OIqRbZKt4aOhs1Je
nfH4YY3nvIQtudhkpTK1EDGQy6HPa6LwWaTmYbmLGqXpkFs6Ssj25qSAIeqtrN4l
lnzj9lWX7wlqqJwfrK02Qh281XNEpU7F+VfE3L5aUG2cUEh9id2M2TX7rQIDAQAB
o4IDRTCCA0EwHQYDVR0OBBYEFNxVj+1fhV6Y1yfKk/5ytQKVlE3vMB8GA1UdIwQY
MBaAFJXRCPDoWGjCu+fbbXN3A0wTHrIkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGRFSThPaFlhTUs3NTl0dGMzY0RUQk1lc2lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC9kZGI0MjQtN2ViMi00OTVlLThiYjYt
NzJmYjk3ZDU5Y2U0LzEvM0ZXUDdWLUZYcGpYSjhxVF9uSzFBcFdVVGU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC9kZGI0MjQtN2ViMi00OTVlLThiYjYtNzJmYjk3ZDU5Y2U0
LzEvbGRFSThPaFlhTUs3NTl0dGMzY0RUQk1lc2lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBWQYIKwYBBQUHAQcBAf8EggFIMIIBRDCCAUAEAgABMIIB
OAMEAJjqpQMEALGx0DAMAwQAsbHVAwQAsbHWMAwDBACxsdkDBACxsdoDBAGxsdwD
BACxysUDBACxyzEDBACxyzMDBAGxyzYwDAMEALHLOQMEALHLOgMEAbHLPAMEALNC
sQMEALNCswMEAbNCtjAMAwQAs0K5AwQAs0K6AwQAs0K9AwQAs+whAwQAs+wjAwQB
s+wmMAwDBACz7CkDBACz7CoDBAGz7CwDBACz7C8DBACz/NEDBACz/NMwDAMEAbP8
1gMEALP82gMEALP83QMEALP83wMEALP/sTAMAwQAs/+zAwQAs/+0AwQBs/+2MAwD
BAC68LsDBAC68L4DBAC7BeEDBAC7BeYwDAMEALsF6QMEALsF6gMEALsF7QMEAMjh
qQMEAcjhtgMEAMjhugMEAMkEaQMEAMkEdzANBgkqhkiG9w0BAQsFAAOCAQEAdwcE
gcqsbE3mSwBEMEpUVe5AtmOgP5PfeHJaepIqxrn/+87sEsfILrtX2PZuL7LVLsds
Gv52Do3vCxyQjQ/y7+wJF4XhQDritEYhM4pWWgNBkfjyOh3oJyAlc7TY2Oa2+3oM
wy/vB/JcRN5MbraejT3WnjGSNcDtSzCkHaWP9HwTJNSF3kw1XkYjBGMxGT3f2xea
gVdhr7UnoxKJvBKrAvQ0QMHGYF3srZdJBeJwtX3QpQQAo00ZXxYlCPH0O7v2Z0zh
f3zDOA3/4o4bHDKN4Sj1Rra9btGisjmFTgWLd91n2uDIVoNDoFOFpm9OiEMvTQma
y4yWHMpDp2p4FAbJ9g==
-----END CERTIFICATE-----
Generated at Thu Jun 4 08:55:30 2026 by rpki-client