Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/ZT0U2ijJj0vXViUpLOAEzCjQ1do.roa
File: ZT0U2ijJj0vXViUpLOAEzCjQ1do.roa (raw, json)
Hash identifier: UOZFJqSOKYmqvG9mZ5OAE35KLFgRjtalF/vOyyz5KeU=
Subject key identifier: 65:3D:14:DA:28:C9:8F:4B:D7:56:25:29:2C:E0:04:CC:28:D0:D5:DA
Certificate issuer: /CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Certificate serial: 019E2033BCD508BBF59E8A5E13347AC62D50
Authority key identifier: 38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/ZT0U2ijJj0vXViUpLOAEzCjQ1do.roa
Signing time: Wed 13 May 2026 07:18:42 +0000
ROA not before: Wed 13 May 2026 07:18:42 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 3267
IP address blocks: 80.250.160.0/19 maxlen: 24
82.137.128.0/18 maxlen: 24
82.137.176.0/20 maxlen: 22
82.179.32.0/20 maxlen: 24
82.179.63.0/24 maxlen: 24
82.179.64.0/19 maxlen: 24
82.179.140.0/23 maxlen: 23
82.179.160.0/20 maxlen: 24
82.179.192.0/19 maxlen: 24
83.149.192.0/18 maxlen: 24
85.142.8.0/21 maxlen: 21
85.142.16.0/20 maxlen: 24
85.142.32.0/21 maxlen: 24
85.142.52.0/22 maxlen: 24
85.142.56.0/22 maxlen: 24
85.142.102.0/23 maxlen: 24
85.142.104.0/21 maxlen: 24
85.142.116.0/22 maxlen: 24
85.142.120.0/21 maxlen: 24
85.142.148.0/23 maxlen: 24
85.142.153.0/24 maxlen: 24
85.142.162.0/23 maxlen: 24
85.143.0.0/20 maxlen: 24
85.143.18.0/23 maxlen: 24
85.143.26.0/24 maxlen: 24
85.143.96.0/22 maxlen: 24
85.143.102.0/24 maxlen: 24
85.143.112.0/22 maxlen: 24
85.143.124.0/22 maxlen: 24
85.143.224.0/21 maxlen: 21
85.143.239.0/24 maxlen: 24
86.110.96.0/24 maxlen: 24
86.110.101.0/24 maxlen: 24
86.110.102.0/23 maxlen: 24
86.110.118.0/24 maxlen: 24
185.71.96.0/22 maxlen: 22
185.141.124.0/22 maxlen: 22
188.93.107.0/24 maxlen: 24
193.27.214.0/23 maxlen: 24
194.85.32.0/20 maxlen: 20
194.85.168.0/23 maxlen: 23
194.85.174.0/23 maxlen: 23
194.149.64.0/24 maxlen: 24
194.149.70.0/23 maxlen: 24
194.190.232.0/21 maxlen: 24
194.190.240.0/23 maxlen: 24
194.190.247.0/24 maxlen: 24
194.190.249.0/24 maxlen: 24
194.190.254.0/23 maxlen: 23
194.226.192.0/19 maxlen: 24
195.209.224.0/22 maxlen: 22
195.209.234.0/24 maxlen: 24
195.209.236.0/23 maxlen: 23
195.209.240.0/22 maxlen: 22
2001:b08:22::/48 maxlen: 48
2001:b08:25::/48 maxlen: 48
2001:b08:26::/48 maxlen: 48
2a00:db8::/32 maxlen: 48
2a07:a6c0::/29 maxlen: 29
2a07:a6c4::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.mft
rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 18:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:20:33:bc:d5:08:bb:f5:9e:8a:5e:13:34:7a:c6:2d:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Validity
Not Before: May 13 07:18:42 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=653d14da28c98f4bd75625292ce004cc28d0d5da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:2d:85:c7:14:9e:58:ee:9d:83:db:d5:01:7a:
e2:49:f8:88:90:05:3d:ae:00:40:1c:4d:c1:7a:e2:
c3:9a:96:eb:12:5b:42:c5:48:76:c5:70:ba:38:aa:
d4:40:a6:8e:d5:af:15:ce:e2:ba:38:6f:3e:1c:fe:
64:ba:e6:05:ab:13:2f:33:ac:13:64:5b:39:36:e3:
a1:08:a3:d0:22:f1:d3:d7:a4:16:16:0d:1e:cc:f4:
59:e5:52:59:de:f2:61:de:34:0e:6d:5f:00:13:1d:
08:8f:00:43:16:e4:2a:03:a9:1d:5a:ca:24:b3:e5:
99:6d:f8:ba:8d:ff:f4:3e:4b:29:a2:07:9b:6f:da:
cd:81:05:19:1d:17:09:94:0c:39:19:30:18:0f:be:
73:77:f0:f0:32:33:f1:c3:cf:b3:b5:d0:c2:7b:26:
60:75:cd:cd:fc:07:cf:ed:b4:cd:b2:17:af:cd:5d:
62:43:07:5e:96:ee:1c:e1:dc:d1:54:45:99:d3:e2:
89:2c:2b:3f:99:64:13:a2:8a:04:c7:97:33:6d:f2:
ef:a5:59:38:28:0c:6f:41:b1:cc:02:cf:66:f2:7f:
1f:73:21:0b:41:a1:1c:87:c3:07:43:58:96:8c:92:
64:4c:1a:25:fb:99:60:cf:df:e0:37:70:f4:1c:1b:
6c:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:3D:14:DA:28:C9:8F:4B:D7:56:25:29:2C:E0:04:CC:28:D0:D5:DA
X509v3 Authority Key Identifier:
keyid:38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/ZT0U2ijJj0vXViUpLOAEzCjQ1do.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.250.160.0/19
82.137.128.0/18
82.179.32.0/20
82.179.63.0-82.179.95.255
82.179.140.0/23
82.179.160.0/20
82.179.192.0/19
83.149.192.0/18
85.142.8.0-85.142.39.255
85.142.52.0-85.142.59.255
85.142.102.0-85.142.111.255
85.142.116.0-85.142.127.255
85.142.148.0/23
85.142.153.0/24
85.142.162.0/23
85.143.0.0/20
85.143.18.0/23
85.143.26.0/24
85.143.96.0/22
85.143.102.0/24
85.143.112.0/22
85.143.124.0/22
85.143.224.0/21
85.143.239.0/24
86.110.96.0/24
86.110.101.0-86.110.103.255
86.110.118.0/24
185.71.96.0/22
185.141.124.0/22
188.93.107.0/24
193.27.214.0/23
194.85.32.0/20
194.85.168.0/23
194.85.174.0/23
194.149.64.0/24
194.149.70.0/23
194.190.232.0-194.190.241.255
194.190.247.0/24
194.190.249.0/24
194.190.254.0/23
194.226.192.0/19
195.209.224.0/22
195.209.234.0/24
195.209.236.0/23
195.209.240.0/22
IPv6:
2001:b08:22::/48
2001:b08:25::-2001:b08:26:ffff:ffff:ffff:ffff:ffff
2a00:db8::/32
2a07:a6c0::/29
Signature Algorithm: sha256WithRSAEncryption
56:03:f4:a0:dd:6c:66:9b:b7:01:9b:d5:03:2b:1f:51:a1:6f:
47:ce:9f:52:1f:fe:35:da:1b:05:72:1b:85:da:6a:ad:e3:54:
e4:cc:c6:37:a6:92:de:24:15:b5:97:69:49:3d:d6:cd:39:fa:
b6:d6:29:ca:05:e4:41:2d:6d:20:78:b0:bd:9f:f5:0b:fb:8f:
cb:ae:63:fb:10:94:04:a3:58:14:cc:42:21:46:4f:1a:36:22:
22:54:5e:ea:f9:3b:78:e9:67:11:b2:43:49:d2:0e:29:c9:3c:
a0:40:3c:6b:0f:ca:79:8e:6d:5f:12:5c:04:e0:61:cf:0f:a8:
28:25:f3:1d:63:b6:37:6b:1d:93:15:2c:3c:a8:48:d4:39:5b:
11:ce:61:7a:f9:c1:43:95:25:92:9a:5a:bc:8c:c8:62:14:7a:
8e:22:63:1f:61:d1:a5:9a:af:35:a2:9d:ef:24:4c:c5:ed:e7:
bd:07:04:28:57:e5:32:8b:fa:15:cf:3d:42:34:2a:fb:30:b3:
d8:3e:6a:27:2f:fc:55:f2:7f:0d:e8:8a:2b:5e:31:89:89:cc:
fd:b1:73:91:7b:45:67:be:ee:34:d0:54:a0:06:e7:c8:cd:ff:
38:1a:fd:3d:af:fd:00:ed:68:62:19:a3:60:23:07:1f:66:74:
8f:e8:eb:82
-----BEGIN CERTIFICATE-----
MIIGejCCBWKgAwIBAgISAZ4gM7zVCLv1nopeEzR6xi1QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YjIyMDIzYjZlYWQ0YzI5NjgzYTlmZWQ0NDkzZDAzZGVl
MmM2ODUwHhcNMjYwNTEzMDcxODQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTNkMTRkYTI4Yzk4ZjRiZDc1NjI1MjkyY2UwMDRjYzI4ZDBkNWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAki2FxxSeWO6dg9vVAXriSfiIkAU9
rgBAHE3BeuLDmpbrEltCxUh2xXC6OKrUQKaO1a8VzuK6OG8+HP5kuuYFqxMvM6wT
ZFs5NuOhCKPQIvHT16QWFg0ezPRZ5VJZ3vJh3jQObV8AEx0IjwBDFuQqA6kdWsok
s+WZbfi6jf/0Pkspogebb9rNgQUZHRcJlAw5GTAYD75zd/DwMjPxw8+ztdDCeyZg
dc3N/AfP7bTNshevzV1iQwdelu4c4dzRVEWZ0+KJLCs/mWQToooEx5czbfLvpVk4
KAxvQbHMAs9m8n8fcyELQaEch8MHQ1iWjJJkTBol+5lgz9/gN3D0HBts8wIDAQAB
o4IDhjCCA4IwHQYDVR0OBBYEFGU9FNooyY9L11YlKSzgBMwo0NXaMB8GA1UdIwQY
MBaAFDiyICO26tTCloOp/tRJPQPe4saFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMt
NDBkOTViZDMzZmNiLzEvWlQwVTJpakpqMHZYVmlVcExPQUV6Q2pRMWRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMtNDBkOTViZDMzZmNi
LzEvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBmgYIKwYBBQUHAQcBAf8EggGJMIIBhTCCAU4EAgABMIIB
RgMEBVD6oAMEBlKJgAMEBFKzIDAMAwQAUrM/AwQFUrNAAwQBUrOMAwQEUrOgAwQF
UrPAAwQGU5XAMAwDBANVjggDBANVjiAwDAMEAlWONAMEAlWOODAMAwQBVY5mAwQE
VY5gMAwDBAJVjnQDBAdVjgADBAFVjpQDBABVjpkDBAFVjqIDBARVjwADBAFVjxID
BABVjxoDBAJVj2ADBABVj2YDBAJVj3ADBAJVj3wDBANVj+ADBABVj+8DBABWbmAw
DAMEAFZuZQMEA1ZuYAMEAFZudgMEArlHYAMEArmNfAMEALxdawMEAcEb1gMEBMJV
IAMEAcJVqAMEAcJVrgMEAMKVQAMEAcKVRjAMAwQDwr7oAwQBwr7wAwQAwr73AwQA
wr75AwQBwr7+AwQFwuLAAwQCw9HgAwQAw9HqAwQBw9HsAwQCw9HwMDEEAgACMCsD
BwAgAQsIACIwEgMHACABCwgAJQMHACABCwgAJgMFACoADbgDBQMqB6bAMA0GCSqG
SIb3DQEBCwUAA4IBAQBWA/Sg3Wxmm7cBm9UDKx9RoW9Hzp9SH/412hsFchuF2mqt
41TkzMY3ppLeJBW1l2lJPdbNOfq21inKBeRBLW0geLC9n/UL+4/LrmP7EJQEo1gU
zEIhRk8aNiIiVF7q+Tt46WcRskNJ0g4pyTygQDxrD8p5jm1fElwE4GHPD6goJfMd
Y7Y3ax2TFSw8qEjUOVsRzmF6+cFDlSWSmlq8jMhiFHqOImMfYdGlmq81op3vJEzF
7ee9BwQoV+Uyi/oVzz1CNCr7MLPYPmonL/xV8n8N6IorXjGJicz9sXORe0Vnvu40
0FSgBufIzf84Gv09r/0A7WhiGaNgIwcfZnSP6OuC
-----END CERTIFICATE-----
Generated at Thu Jun 11 23:49:23 2026 by rpki-client