Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/ddb424-7eb2-495e-8bb6-72fb97d59ce4/1/uZbkTMDgiuHZdZDDd4qspq7Rqmk.roa
File: uZbkTMDgiuHZdZDDd4qspq7Rqmk.roa (raw, json)
Hash identifier: qDORJv5XEXaYN8VvbkYvbmDenwpX1dMKSW1ci6gD9CA=
Subject key identifier: B9:96:E4:4C:C0:E0:8A:E1:D9:75:90:C3:77:8A:AC:A6:AE:D1:AA:69
Certificate issuer: /CN=95d108f0e85868c2bbe7db6d7377034c131eb224
Certificate serial: 019E7033444B41DB7184933507B54F1FB1B3
Authority key identifier: 95:D1:08:F0:E8:58:68:C2:BB:E7:DB:6D:73:77:03:4C:13:1E:B2:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ldEI8OhYaMK759ttc3cDTBMesiQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/ddb424-7eb2-495e-8bb6-72fb97d59ce4/1/uZbkTMDgiuHZdZDDd4qspq7Rqmk.roa
Signing time: Thu 28 May 2026 20:07:48 +0000
ROA not before: Thu 28 May 2026 20:07:48 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 202656
IP address blocks: 152.234.162.0/24 maxlen: 24
152.234.163.0/24 maxlen: 24
152.234.166.0/24 maxlen: 24
152.234.172.0/24 maxlen: 24
177.1.50.0/24 maxlen: 24
177.1.53.0/24 maxlen: 24
177.1.58.0/24 maxlen: 24
177.177.209.0/24 maxlen: 24
177.177.210.0/24 maxlen: 24
177.177.211.0/24 maxlen: 24
177.177.212.0/24 maxlen: 24
177.177.215.0/24 maxlen: 24
177.177.216.0/24 maxlen: 24
177.177.219.0/24 maxlen: 24
177.177.222.0/24 maxlen: 24
177.177.223.0/24 maxlen: 24
177.202.194.0/24 maxlen: 24
177.202.198.0/24 maxlen: 24
177.202.202.0/24 maxlen: 24
177.203.48.0/24 maxlen: 24
177.203.50.0/24 maxlen: 24
177.203.52.0/24 maxlen: 24
177.203.53.0/24 maxlen: 24
177.203.56.0/24 maxlen: 24
177.203.59.0/24 maxlen: 24
177.203.62.0/24 maxlen: 24
177.203.63.0/24 maxlen: 24
179.66.176.0/24 maxlen: 24
179.66.178.0/24 maxlen: 24
179.66.180.0/24 maxlen: 24
179.66.181.0/24 maxlen: 24
179.66.184.0/24 maxlen: 24
179.66.187.0/24 maxlen: 24
179.66.188.0/24 maxlen: 24
179.66.190.0/24 maxlen: 24
179.66.191.0/24 maxlen: 24
179.236.32.0/24 maxlen: 24
179.236.34.0/24 maxlen: 24
179.236.36.0/24 maxlen: 24
179.236.37.0/24 maxlen: 24
179.236.40.0/24 maxlen: 24
179.236.43.0/24 maxlen: 24
179.236.46.0/24 maxlen: 24
179.252.208.0/24 maxlen: 24
179.252.210.0/24 maxlen: 24
179.252.212.0/24 maxlen: 24
179.252.213.0/24 maxlen: 24
179.252.219.0/24 maxlen: 24
179.252.220.0/24 maxlen: 24
179.252.222.0/24 maxlen: 24
179.255.176.0/24 maxlen: 24
179.255.178.0/24 maxlen: 24
179.255.181.0/24 maxlen: 24
186.240.178.0/24 maxlen: 24
186.240.184.0/24 maxlen: 24
186.240.191.0/24 maxlen: 24
187.5.224.0/24 maxlen: 24
187.5.226.0/24 maxlen: 24
187.5.227.0/24 maxlen: 24
187.5.228.0/24 maxlen: 24
187.5.229.0/24 maxlen: 24
187.5.231.0/24 maxlen: 24
187.5.232.0/24 maxlen: 24
187.5.235.0/24 maxlen: 24
187.5.236.0/24 maxlen: 24
187.5.238.0/24 maxlen: 24
187.5.239.0/24 maxlen: 24
187.52.196.0/24 maxlen: 24
187.52.201.0/24 maxlen: 24
187.52.202.0/24 maxlen: 24
187.126.34.0/24 maxlen: 24
187.126.36.0/24 maxlen: 24
187.126.42.0/24 maxlen: 24
200.225.164.0/24 maxlen: 24
200.225.170.0/24 maxlen: 24
200.225.173.0/24 maxlen: 24
200.225.178.0/24 maxlen: 24
200.225.179.0/24 maxlen: 24
200.225.181.0/24 maxlen: 24
200.225.185.0/24 maxlen: 24
200.225.188.0/24 maxlen: 24
201.4.100.0/24 maxlen: 24
201.4.104.0/24 maxlen: 24
201.4.106.0/24 maxlen: 24
201.4.109.0/24 maxlen: 24
201.4.115.0/24 maxlen: 24
201.4.117.0/24 maxlen: 24
201.4.118.0/24 maxlen: 24
201.4.121.0/24 maxlen: 24
201.4.122.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/ddb424-7eb2-495e-8bb6-72fb97d59ce4/1/ldEI8OhYaMK759ttc3cDTBMesiQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/98/ddb424-7eb2-495e-8bb6-72fb97d59ce4/1/ldEI8OhYaMK759ttc3cDTBMesiQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/ldEI8OhYaMK759ttc3cDTBMesiQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:70:33:44:4b:41:db:71:84:93:35:07:b5:4f:1f:b1:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95d108f0e85868c2bbe7db6d7377034c131eb224
Validity
Not Before: May 28 20:07:48 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b996e44cc0e08ae1d97590c3778aaca6aed1aa69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:2a:43:18:c8:f7:e5:15:9b:ff:51:6e:b0:d9:
2a:e8:66:25:48:22:1b:43:8e:bc:d8:f0:8b:6b:02:
d4:71:38:60:e5:c1:a6:6a:4a:3b:62:68:6b:5e:ef:
a2:df:29:2b:3f:a6:9d:13:14:fb:4e:48:07:39:b6:
e2:23:78:75:e8:0e:08:e2:ad:a3:f9:11:00:f2:84:
d1:c3:76:4c:7b:70:91:f1:6b:3e:c8:8e:c4:df:fb:
c7:d8:d8:0a:41:dc:31:06:e7:e2:12:5f:88:b1:61:
81:55:36:a8:97:07:a1:ac:76:e3:2c:d7:2d:04:9b:
5b:26:77:90:b2:6a:9e:3a:0e:72:82:1b:8d:a6:56:
e5:34:46:69:27:70:3f:0f:ac:45:1f:a1:fc:d8:ee:
e3:0d:59:af:93:83:0e:ca:f7:61:5e:15:29:1e:0b:
71:f3:64:c4:ca:f7:db:5f:de:e1:b5:9e:4d:08:73:
1d:98:af:a0:df:74:1d:62:63:37:ee:c9:dd:4e:be:
f3:61:7e:10:91:62:3d:dc:68:4c:84:e9:73:90:f2:
19:9c:4d:ed:a9:dd:62:41:4b:33:2d:11:fe:a3:ec:
26:8a:dd:96:e2:40:1b:35:85:69:8b:77:c5:7b:2b:
2a:96:5d:41:ae:c5:a5:95:63:50:2d:99:e6:e5:7d:
b4:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:96:E4:4C:C0:E0:8A:E1:D9:75:90:C3:77:8A:AC:A6:AE:D1:AA:69
X509v3 Authority Key Identifier:
keyid:95:D1:08:F0:E8:58:68:C2:BB:E7:DB:6D:73:77:03:4C:13:1E:B2:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ldEI8OhYaMK759ttc3cDTBMesiQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/ddb424-7eb2-495e-8bb6-72fb97d59ce4/1/uZbkTMDgiuHZdZDDd4qspq7Rqmk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/ddb424-7eb2-495e-8bb6-72fb97d59ce4/1/ldEI8OhYaMK759ttc3cDTBMesiQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.234.162.0/23
152.234.166.0/24
152.234.172.0/24
177.1.50.0/24
177.1.53.0/24
177.1.58.0/24
177.177.209.0-177.177.212.255
177.177.215.0-177.177.216.255
177.177.219.0/24
177.177.222.0/23
177.202.194.0/24
177.202.198.0/24
177.202.202.0/24
177.203.48.0/24
177.203.50.0/24
177.203.52.0/23
177.203.56.0/24
177.203.59.0/24
177.203.62.0/23
179.66.176.0/24
179.66.178.0/24
179.66.180.0/23
179.66.184.0/24
179.66.187.0-179.66.188.255
179.66.190.0/23
179.236.32.0/24
179.236.34.0/24
179.236.36.0/23
179.236.40.0/24
179.236.43.0/24
179.236.46.0/24
179.252.208.0/24
179.252.210.0/24
179.252.212.0/23
179.252.219.0-179.252.220.255
179.252.222.0/24
179.255.176.0/24
179.255.178.0/24
179.255.181.0/24
186.240.178.0/24
186.240.184.0/24
186.240.191.0/24
187.5.224.0/24
187.5.226.0-187.5.229.255
187.5.231.0-187.5.232.255
187.5.235.0-187.5.236.255
187.5.238.0/23
187.52.196.0/24
187.52.201.0-187.52.202.255
187.126.34.0/24
187.126.36.0/24
187.126.42.0/24
200.225.164.0/24
200.225.170.0/24
200.225.173.0/24
200.225.178.0/23
200.225.181.0/24
200.225.185.0/24
200.225.188.0/24
201.4.100.0/24
201.4.104.0/24
201.4.106.0/24
201.4.109.0/24
201.4.115.0/24
201.4.117.0-201.4.118.255
201.4.121.0-201.4.122.255
Signature Algorithm: sha256WithRSAEncryption
21:07:36:0d:2b:5e:ed:ec:36:74:a5:36:db:29:21:d6:e8:a4:
7d:b3:10:3d:b7:e4:7f:87:d1:ee:d2:c3:a2:36:65:fe:56:94:
70:5f:63:72:2f:27:08:37:90:d6:42:5b:ba:db:e0:4a:8c:0a:
c9:30:6d:78:fa:ac:58:eb:11:61:ed:fe:b6:da:0b:0a:c5:65:
66:e7:37:ca:3f:e0:05:f9:8d:37:16:cd:dd:39:9e:d9:aa:d7:
2e:79:ff:bb:53:02:4f:2f:98:7a:11:6b:7c:84:bd:2e:19:4e:
f7:80:cc:3d:c2:e0:1f:14:a9:1a:90:33:34:3a:68:ec:71:3d:
f8:82:44:12:33:de:a3:39:d4:0f:3b:fd:36:9c:1d:66:be:00:
2c:95:73:63:eb:7f:02:81:df:98:f8:81:13:bc:38:62:81:a6:
e5:77:a8:72:0e:12:ba:87:64:da:34:4e:63:6f:29:2f:cf:ce:
b6:63:04:01:7a:97:a5:22:cf:c9:70:c5:c8:9f:64:a8:87:f6:
2b:ec:ef:b1:1a:76:9c:d9:c2:a1:9e:6a:7d:27:9f:06:d3:c3:
55:b6:14:ea:29:34:2a:2a:a7:6e:0c:1d:85:dc:1f:e6:af:fb:
76:71:c5:9d:87:71:e5:32:c2:00:d5:b6:fe:f3:c6:73:41:31:
f3:27:0a:e6
-----BEGIN CERTIFICATE-----
MIIG3TCCBcWgAwIBAgISAZ5wM0RLQdtxhJM1B7VPH7GzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1ZDEwOGYwZTg1ODY4YzJiYmU3ZGI2ZDczNzcwMzRjMTMx
ZWIyMjQwHhcNMjYwNTI4MjAwNzQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTk2ZTQ0Y2MwZTA4YWUxZDk3NTkwYzM3NzhhYWNhNmFlZDFhYTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiypDGMj35RWb/1FusNkq6GYlSCIb
Q4682PCLawLUcThg5cGmako7YmhrXu+i3ykrP6adExT7TkgHObbiI3h16A4I4q2j
+REA8oTRw3ZMe3CR8Ws+yI7E3/vH2NgKQdwxBufiEl+IsWGBVTaolwehrHbjLNct
BJtbJneQsmqeOg5yghuNplblNEZpJ3A/D6xFH6H82O7jDVmvk4MOyvdhXhUpHgtx
82TEyvfbX97htZ5NCHMdmK+g33QdYmM37sndTr7zYX4QkWI93GhMhOlzkPIZnE3t
qd1iQUszLRH+o+wmit2W4kAbNYVpi3fFeysqll1BrsWllWNQLZnm5X20KQIDAQAB
o4ID6TCCA+UwHQYDVR0OBBYEFLmW5EzA4Irh2XWQw3eKrKau0appMB8GA1UdIwQY
MBaAFJXRCPDoWGjCu+fbbXN3A0wTHrIkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGRFSThPaFlhTUs3NTl0dGMzY0RUQk1lc2lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC9kZGI0MjQtN2ViMi00OTVlLThiYjYt
NzJmYjk3ZDU5Y2U0LzEvdVpia1RNRGdpdUhaZFpERGQ0cXNwcTdScW1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC9kZGI0MjQtN2ViMi00OTVlLThiYjYtNzJmYjk3ZDU5Y2U0
LzEvbGRFSThPaFlhTUs3NTl0dGMzY0RUQk1lc2lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIB/QYIKwYBBQUHAQcBAf8EggHsMIIB6DCCAeQEAgABMIIB
3AMEAZjqogMEAJjqpgMEAJjqrAMEALEBMgMEALEBNQMEALEBOjAMAwQAsbHRAwQA
sbHUMAwDBACxsdcDBACxsdgDBACxsdsDBAGxsd4DBACxysIDBACxysYDBACxysoD
BACxyzADBACxyzIDBAGxyzQDBACxyzgDBACxyzsDBAGxyz4DBACzQrADBACzQrID
BAGzQrQDBACzQrgwDAMEALNCuwMEALNCvAMEAbNCvgMEALPsIAMEALPsIgMEAbPs
JAMEALPsKAMEALPsKwMEALPsLgMEALP80AMEALP80gMEAbP81DAMAwQAs/zbAwQA
s/zcAwQAs/zeAwQAs/+wAwQAs/+yAwQAs/+1AwQAuvCyAwQAuvC4AwQAuvC/AwQA
uwXgMAwDBAG7BeIDBAG7BeQwDAMEALsF5wMEALsF6DAMAwQAuwXrAwQAuwXsAwQB
uwXuAwQAuzTEMAwDBAC7NMkDBAC7NMoDBAC7fiIDBAC7fiQDBAC7fioDBADI4aQD
BADI4aoDBADI4a0DBAHI4bIDBADI4bUDBADI4bkDBADI4bwDBADJBGQDBADJBGgD
BADJBGoDBADJBG0DBADJBHMwDAMEAMkEdQMEAMkEdjAMAwQAyQR5AwQAyQR6MA0G
CSqGSIb3DQEBCwUAA4IBAQAhBzYNK17t7DZ0pTbbKSHW6KR9sxA9t+R/h9Hu0sOi
NmX+VpRwX2NyLycIN5DWQlu62+BKjArJMG14+qxY6xFh7f622gsKxWVm5zfKP+AF
+Y03Fs3dOZ7Zqtcuef+7UwJPL5h6EWt8hL0uGU73gMw9wuAfFKkakDM0OmjscT34
gkQSM96jOdQPO/02nB1mvgAslXNj638Cgd+Y+IETvDhigabld6hyDhK6h2TaNE5j
bykvz862YwQBepelIs/JcMXIn2Soh/Yr7O+xGnac2cKhnmp9J58G08NVthTqKTQq
KqduDB2F3B/mr/t2ccWdh3HlMsIA1bb+88ZzQTHzJwrm
-----END CERTIFICATE-----
Generated at Thu Jun 4 07:55:29 2026 by rpki-client