Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/w36MZV1_6QfhqB7hyZsvos5mxLw.roa
File: w36MZV1_6QfhqB7hyZsvos5mxLw.roa (raw, json)
Hash identifier: RXQwUyYFXIuy3P39TKEumfU0S2ZFmyKC5o+i58J7W9k=
Subject key identifier: C3:7E:8C:65:5D:7F:E9:07:E1:A8:1E:E1:C9:9B:2F:A2:CE:66:C4:BC
Certificate issuer: /CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Certificate serial: 019E68CCB7895CDB67B3B016418FAF66E964
Authority key identifier: 38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/w36MZV1_6QfhqB7hyZsvos5mxLw.roa
Signing time: Wed 27 May 2026 09:38:27 +0000
ROA not before: Wed 27 May 2026 09:38:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 49505
IP address blocks: 85.142.0.0/21 maxlen: 24
85.142.40.0/21 maxlen: 24
85.142.48.0/22 maxlen: 24
85.142.64.0/22 maxlen: 24
85.142.72.0/24 maxlen: 24
85.142.76.0/24 maxlen: 24
85.142.81.0/24 maxlen: 24
85.142.85.0/24 maxlen: 24
85.142.87.0/24 maxlen: 24
85.142.99.0/24 maxlen: 24
85.142.100.0/24 maxlen: 24
85.142.101.0/24 maxlen: 24
85.142.113.0/24 maxlen: 24
85.142.115.0/24 maxlen: 24
85.142.128.0/21 maxlen: 24
85.142.137.0/24 maxlen: 24
85.142.138.0/23 maxlen: 24
85.142.140.0/22 maxlen: 24
85.142.212.0/23 maxlen: 24
85.142.215.0/24 maxlen: 24
85.142.240.0/24 maxlen: 24
85.142.242.0/24 maxlen: 24
85.142.250.0/24 maxlen: 24
85.142.253.0/24 maxlen: 24
85.142.254.0/23 maxlen: 24
85.143.41.0/24 maxlen: 24
85.143.42.0/23 maxlen: 24
85.143.44.0/24 maxlen: 24
85.143.48.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.mft
rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 13:27:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:68:cc:b7:89:5c:db:67:b3:b0:16:41:8f:af:66:e9:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Validity
Not Before: May 27 09:38:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c37e8c655d7fe907e1a81ee1c99b2fa2ce66c4bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:d3:43:3b:e9:e6:74:2c:b0:ea:81:d0:89:cc:
54:3f:cb:d7:16:88:38:36:0b:05:48:ba:e3:76:ec:
d9:a3:03:1b:32:9b:7a:f9:df:19:a3:01:80:fd:5e:
bc:d1:b0:8d:f1:2d:09:15:41:c7:7c:d8:24:37:a4:
bb:d0:17:68:1f:0d:a3:1a:f0:e8:ea:14:29:53:bc:
1f:5e:e4:c7:5d:ee:b0:73:a8:66:b1:6f:09:63:ef:
96:7c:fe:36:a8:a7:d1:7d:de:55:8b:db:76:ea:b9:
df:c5:29:50:9c:ac:8b:b4:b1:fb:06:64:8a:d3:e7:
c9:38:de:a7:d6:8d:18:8a:66:38:1c:5f:5a:9b:c4:
3c:8f:6a:bf:d5:59:db:1c:4b:9b:94:4a:8e:57:a1:
7d:83:df:3e:2e:55:59:0c:8b:43:f9:d5:2a:f8:38:
7e:a8:2f:d2:60:3f:7f:8b:f7:0f:8f:41:f4:bd:55:
d7:2b:de:ca:63:a7:5e:33:c5:52:b3:23:64:1c:ae:
bd:3d:2b:16:c7:db:62:6e:3f:bc:45:a1:f8:8b:f7:
26:42:f9:a1:1e:00:69:8d:ce:c4:28:c9:54:1e:02:
e7:2c:ab:21:2b:fe:ba:e1:2a:f9:4b:1e:31:90:15:
08:82:58:48:41:bb:f6:ea:01:e4:07:45:11:95:0a:
d3:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:7E:8C:65:5D:7F:E9:07:E1:A8:1E:E1:C9:9B:2F:A2:CE:66:C4:BC
X509v3 Authority Key Identifier:
keyid:38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/w36MZV1_6QfhqB7hyZsvos5mxLw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.142.0.0/21
85.142.40.0-85.142.51.255
85.142.64.0/22
85.142.72.0/24
85.142.76.0/24
85.142.81.0/24
85.142.85.0/24
85.142.87.0/24
85.142.99.0-85.142.101.255
85.142.113.0/24
85.142.115.0/24
85.142.128.0/21
85.142.137.0-85.142.143.255
85.142.212.0/23
85.142.215.0/24
85.142.240.0/24
85.142.242.0/24
85.142.250.0/24
85.142.253.0-85.142.255.255
85.143.41.0-85.143.44.255
85.143.48.0/22
Signature Algorithm: sha256WithRSAEncryption
5d:05:e3:70:39:8e:ff:9c:08:36:72:52:b3:d3:59:bd:84:62:
89:b0:f2:1b:13:c3:be:4c:a9:16:ff:78:91:87:76:1b:9f:7d:
cf:ce:e8:27:2e:42:91:c5:6e:ed:47:75:d5:2d:0a:1a:ab:00:
58:b6:f6:89:98:0c:14:8a:5b:cd:13:4d:79:1b:f4:a2:45:13:
8e:fb:b1:c2:27:1f:97:71:1d:e9:f2:29:9d:70:93:7d:f5:80:
2f:a8:3b:01:db:da:5b:6f:7d:24:4a:05:09:11:0c:66:8b:c0:
a6:2b:cc:87:e5:e2:d5:e3:3a:69:1b:53:41:9c:b9:4b:7b:69:
45:8a:92:23:a1:7f:ae:40:ac:df:0e:2b:05:82:b1:7a:19:9c:
ec:b2:43:d1:78:cf:ac:56:e9:52:41:86:8c:93:61:27:ee:41:
08:ae:71:b0:4c:70:7d:87:eb:8f:69:a1:96:01:c0:a0:aa:0e:
94:d1:c0:ce:41:32:0b:7c:15:52:7e:9e:aa:eb:d1:6e:2a:17:
25:c9:e5:39:9b:5e:44:6e:e6:c6:40:e8:66:e2:08:e2:d4:c3:
e8:9b:54:7b:41:70:f1:4e:c2:ea:7c:fc:6a:b7:52:08:7c:b7:
ee:16:64:80:3f:0d:e3:33:11:d2:d9:94:92:42:a5:bf:6a:d3:
8b:20:33:bc
-----BEGIN CERTIFICATE-----
MIIFoTCCBImgAwIBAgISAZ5ozLeJXNtns7AWQY+vZulkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YjIyMDIzYjZlYWQ0YzI5NjgzYTlmZWQ0NDkzZDAzZGVl
MmM2ODUwHhcNMjYwNTI3MDkzODI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzdlOGM2NTVkN2ZlOTA3ZTFhODFlZTFjOTliMmZhMmNlNjZjNGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwdNDO+nmdCyw6oHQicxUP8vXFog4
NgsFSLrjduzZowMbMpt6+d8ZowGA/V680bCN8S0JFUHHfNgkN6S70BdoHw2jGvDo
6hQpU7wfXuTHXe6wc6hmsW8JY++WfP42qKfRfd5Vi9t26rnfxSlQnKyLtLH7BmSK
0+fJON6n1o0YimY4HF9am8Q8j2q/1VnbHEublEqOV6F9g98+LlVZDItD+dUq+Dh+
qC/SYD9/i/cPj0H0vVXXK97KY6deM8VSsyNkHK69PSsWx9tibj+8RaH4i/cmQvmh
HgBpjc7EKMlUHgLnLKshK/664Sr5Sx4xkBUIglhIQbv26gHkB0URlQrTuwIDAQAB
o4ICrTCCAqkwHQYDVR0OBBYEFMN+jGVdf+kH4age4cmbL6LOZsS8MB8GA1UdIwQY
MBaAFDiyICO26tTCloOp/tRJPQPe4saFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMt
NDBkOTViZDMzZmNiLzEvdzM2TVpWMV82UWZocUI3aHlac3ZvczVteEx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMtNDBkOTViZDMzZmNi
LzEvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHCBggrBgEFBQcBBwEB/wSBsjCBrzCBrAQCAAEwgaUDBANV
jgAwDAMEA1WOKAMEAlWOMAMEAlWOQAMEAFWOSAMEAFWOTAMEAFWOUQMEAFWOVQME
AFWOVzAMAwQAVY5jAwQBVY5kAwQAVY5xAwQAVY5zAwQDVY6AMAwDBABVjokDBARV
joADBAFVjtQDBABVjtcDBABVjvADBABVjvIDBABVjvowCwMEAFWO/QMDAFWOMAwD
BABVjykDBABVjywDBAJVjzAwDQYJKoZIhvcNAQELBQADggEBAF0F43A5jv+cCDZy
UrPTWb2EYomw8hsTw75MqRb/eJGHdhuffc/O6CcuQpHFbu1HddUtChqrAFi29omY
DBSKW80TTXkb9KJFE477scInH5dxHenyKZ1wk331gC+oOwHb2ltvfSRKBQkRDGaL
wKYrzIfl4tXjOmkbU0GcuUt7aUWKkiOhf65ArN8OKwWCsXoZnOyyQ9F4z6xW6VJB
hoyTYSfuQQiucbBMcH2H649poZYBwKCqDpTRwM5BMgt8FVJ+nqrr0W4qFyXJ5Tmb
XkRu5sZA6GbiCOLUw+ibVHtBcPFOwup8/Gq3Ugh8t+4WZIA/DeMzEdLZlJJCpb9q
04sgM7w=
-----END CERTIFICATE-----
Generated at Thu Jun 11 22:50:57 2026 by rpki-client