Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/Ht84TRVPCzYrWYogtUSHiXGOtDE.roa
File: Ht84TRVPCzYrWYogtUSHiXGOtDE.roa (raw, json)
Hash identifier: Z8Xc1M5CZuORv/sz4ti5h/a2NTTUZbKzRmcyegUZ9Y8=
Subject key identifier: 1E:DF:38:4D:15:4F:0B:36:2B:59:8A:20:B5:44:87:89:71:8E:B4:31
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 019CD864374575301C3D003D2C06D1B3E78C
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/Ht84TRVPCzYrWYogtUSHiXGOtDE.roa
Signing time: Tue 10 Mar 2026 15:36:12 +0000
ROA not before: Tue 10 Mar 2026 15:36:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 201216
IP address blocks: 192.36.107.0/24 maxlen: 24
192.36.108.0/24 maxlen: 24
192.36.195.0/24 maxlen: 24
192.36.235.0/24 maxlen: 24
192.36.252.0/24 maxlen: 24
192.71.39.0/24 maxlen: 24
192.71.91.0/24 maxlen: 24
192.71.183.0/24 maxlen: 24
192.71.226.0/24 maxlen: 24
192.121.57.0/24 maxlen: 24
192.121.59.0/24 maxlen: 24
192.121.90.0/24 maxlen: 24
192.121.248.0/24 maxlen: 24
192.176.45.0/24 maxlen: 24
192.176.228.0/24 maxlen: 24
193.180.76.0/22 maxlen: 24
193.181.192.0/24 maxlen: 24
193.181.193.0/24 maxlen: 24
193.183.145.0/24 maxlen: 24
193.183.146.0/24 maxlen: 24
193.234.18.0/24 maxlen: 24
193.234.98.0/24 maxlen: 24
193.235.1.0/24 maxlen: 24
193.235.3.0/24 maxlen: 24
193.235.32.0/24 maxlen: 24
193.235.47.0/24 maxlen: 24
193.235.97.0/24 maxlen: 24
193.235.98.0/24 maxlen: 24
194.14.35.0/24 maxlen: 24
194.14.39.0/24 maxlen: 24
194.14.177.0/24 maxlen: 24
194.68.37.0/24 maxlen: 24
194.68.38.0/24 maxlen: 24
194.68.118.0/24 maxlen: 24
194.68.161.0/24 maxlen: 24
194.71.92.0/24 maxlen: 24
194.71.111.0/24 maxlen: 24
194.71.182.0/24 maxlen: 24
194.71.223.0/24 maxlen: 24
194.71.242.0/24 maxlen: 24
194.103.52.0/24 maxlen: 24
194.132.10.0/24 maxlen: 24
194.132.29.0/24 maxlen: 24
194.132.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 13 Mar 2026 13:53:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:d8:64:37:45:75:30:1c:3d:00:3d:2c:06:d1:b3:e7:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Mar 10 15:36:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1edf384d154f0b362b598a20b5448789718eb431
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:d7:0b:c8:34:42:9d:11:d5:81:30:3c:53:9f:
6f:14:93:7f:ce:ed:f6:ad:19:79:49:56:ac:10:60:
de:5f:80:47:ae:2f:97:95:51:a0:06:4e:69:0f:cb:
0c:f9:44:04:4e:7b:9b:4f:36:83:bf:f4:de:a6:80:
e4:35:09:dc:eb:3a:36:63:e2:80:72:47:31:d0:da:
cc:fb:2d:07:55:0a:e3:f1:b9:01:f8:10:1b:0d:6b:
9f:83:72:60:df:aa:f2:c5:08:50:48:87:b1:6c:1f:
7a:47:ae:78:be:9e:a1:e5:ab:f0:91:cf:65:44:41:
ed:65:f8:32:0c:a4:e8:46:61:81:ea:2a:1a:41:fe:
96:e1:a6:3c:c6:d9:bb:a0:9b:c1:d0:af:bb:c6:26:
0f:55:26:63:f1:bd:2f:68:c4:e6:f8:40:da:fa:00:
3b:d6:68:ca:e4:65:ce:ef:aa:38:98:09:2d:db:99:
16:94:e4:e5:03:58:b2:e6:3c:91:e0:04:39:5d:2e:
96:15:7a:0c:1d:63:3d:e6:df:ff:1f:83:74:c5:e5:
e0:09:66:24:14:3a:c0:6c:f7:15:1e:c1:71:01:15:
8e:9e:9b:d4:a5:ae:5d:00:3e:cc:9c:71:04:a9:c4:
d0:da:b6:1e:38:7b:cf:7e:2a:ec:d3:d2:5a:a2:06:
0b:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:DF:38:4D:15:4F:0B:36:2B:59:8A:20:B5:44:87:89:71:8E:B4:31
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/Ht84TRVPCzYrWYogtUSHiXGOtDE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.107.0-192.36.108.255
192.36.195.0/24
192.36.235.0/24
192.36.252.0/24
192.71.39.0/24
192.71.91.0/24
192.71.183.0/24
192.71.226.0/24
192.121.57.0/24
192.121.59.0/24
192.121.90.0/24
192.121.248.0/24
192.176.45.0/24
192.176.228.0/24
193.180.76.0/22
193.181.192.0/23
193.183.145.0-193.183.146.255
193.234.18.0/24
193.234.98.0/24
193.235.1.0/24
193.235.3.0/24
193.235.32.0/24
193.235.47.0/24
193.235.97.0-193.235.98.255
194.14.35.0/24
194.14.39.0/24
194.14.177.0/24
194.68.37.0-194.68.38.255
194.68.118.0/24
194.68.161.0/24
194.71.92.0/24
194.71.111.0/24
194.71.182.0/24
194.71.223.0/24
194.71.242.0/24
194.103.52.0/24
194.132.10.0/24
194.132.29.0/24
194.132.59.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:4f:c7:78:d7:2f:5d:dd:48:44:36:46:1a:33:80:19:cc:25:
a8:b6:98:a2:9b:b2:7d:d4:8a:df:b9:52:ab:20:89:e8:e2:c6:
ca:a6:d6:96:f0:be:f7:72:5a:12:16:41:e2:a8:5f:12:5c:24:
2f:53:a6:24:23:bf:61:7b:2e:15:d4:0e:bb:31:e7:39:17:57:
fe:b4:e6:ec:d9:ff:e9:3b:48:9e:21:69:19:66:21:d5:a9:28:
22:d9:62:79:35:d8:91:4a:cb:91:40:28:73:71:7e:25:40:00:
be:ac:ba:2b:12:84:6c:5c:75:df:1e:68:f4:bc:3a:42:9f:28:
90:51:f1:f5:15:a5:61:8f:9d:10:9c:02:a2:86:6c:3d:a0:31:
68:32:53:59:bf:16:24:52:48:64:02:78:b2:6d:d1:ac:b8:06:
c7:e8:e6:aa:3c:47:bd:a7:d4:9a:a0:bf:e4:e6:4f:95:c7:a6:
16:21:02:f2:04:7b:42:c7:ba:3f:0c:53:16:da:60:ae:f1:0b:
bd:43:2b:3a:b0:b1:12:94:0e:29:86:60:25:52:88:15:b4:7d:
f4:e4:a2:c9:7e:92:8d:cb:c2:65:c0:1b:99:51:1f:bf:e1:38:
65:7c:68:95:c6:fa:96:b1:11:cd:cc:4b:18:fe:89:76:f3:f4:
09:dc:ae:09
-----BEGIN CERTIFICATE-----
MIIGCzCCBPOgAwIBAgISAZzYZDdFdTAcPQA9LAbRs+eMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjYwMzEwMTUzNjEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWRmMzg0ZDE1NGYwYjM2MmI1OThhMjBiNTQ0ODc4OTcxOGViNDMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAttcLyDRCnRHVgTA8U59vFJN/zu32
rRl5SVasEGDeX4BHri+XlVGgBk5pD8sM+UQETnubTzaDv/TepoDkNQnc6zo2Y+KA
ckcx0NrM+y0HVQrj8bkB+BAbDWufg3Jg36ryxQhQSIexbB96R654vp6h5avwkc9l
REHtZfgyDKToRmGB6ioaQf6W4aY8xtm7oJvB0K+7xiYPVSZj8b0vaMTm+EDa+gA7
1mjK5GXO76o4mAkt25kWlOTlA1iy5jyR4AQ5XS6WFXoMHWM95t//H4N0xeXgCWYk
FDrAbPcVHsFxARWOnpvUpa5dAD7MnHEEqcTQ2rYeOHvPfirs09JaogYLqQIDAQAB
o4IDFzCCAxMwHQYDVR0OBBYEFB7fOE0VTws2K1mKILVEh4lxjrQxMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvSHQ4NFRSVlBDellyV1lvZ3RVU0hpWEdPdERFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBKwYIKwYBBQUHAQcBAf8EggEaMIIBFjCCARIEAgABMIIB
CjAMAwQAwCRrAwQAwCRsAwQAwCTDAwQAwCTrAwQAwCT8AwQAwEcnAwQAwEdbAwQA
wEe3AwQAwEfiAwQAwHk5AwQAwHk7AwQAwHlaAwQAwHn4AwQAwLAtAwQAwLDkAwQC
wbRMAwQBwbXAMAwDBADBt5EDBADBt5IDBADB6hIDBADB6mIDBADB6wEDBADB6wMD
BADB6yADBADB6y8wDAMEAMHrYQMEAMHrYgMEAMIOIwMEAMIOJwMEAMIOsTAMAwQA
wkQlAwQAwkQmAwQAwkR2AwQAwkShAwQAwkdcAwQAwkdvAwQAwke2AwQAwkffAwQA
wkfyAwQAwmc0AwQAwoQKAwQAwoQdAwQAwoQ7MA0GCSqGSIb3DQEBCwUAA4IBAQAu
T8d41y9d3UhENkYaM4AZzCWotpiim7J91IrfuVKrIIno4sbKptaW8L73cloSFkHi
qF8SXCQvU6YkI79hey4V1A67Mec5F1f+tObs2f/pO0ieIWkZZiHVqSgi2WJ5NdiR
SsuRQChzcX4lQAC+rLorEoRsXHXfHmj0vDpCnyiQUfH1FaVhj50QnAKihmw9oDFo
MlNZvxYkUkhkAniybdGsuAbH6OaqPEe9p9SaoL/k5k+Vx6YWIQLyBHtCx7o/DFMW
2mCu8Qu9Qys6sLESlA4phmAlUogVtH305KLJfpKNy8JlwBuZUR+/4ThlfGiVxvqW
sRHNzEsY/ol28/QJ3K4J
-----END CERTIFICATE-----
Generated at Thu Mar 12 21:36:40 2026 by rpki-client