Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/1-k7RX-PPk5SqtGroDWgJIItQQjA.roa
File: 1-k7RX-PPk5SqtGroDWgJIItQQjA.roa (raw, json)
Hash identifier: IwcWGc1l7lyiPBzDcUcfrL8EZTOOhF+n046/Yhtv/0I=
Subject key identifier: FA:4E:D1:5F:E3:CF:93:94:AA:B4:6A:E8:0D:68:09:20:8B:50:42:30
Certificate issuer: /CN=505127723ea0cfd0724713b291734caa353e20ea
Certificate serial: 019D87A301CF7E3260E36E7DF3DF74C2AFD0
Authority key identifier: 50:51:27:72:3E:A0:CF:D0:72:47:13:B2:91:73:4C:AA:35:3E:20:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UFEncj6gz9ByRxOykXNMqjU-IOo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/1-k7RX-PPk5SqtGroDWgJIItQQjA.roa
Signing time: Mon 13 Apr 2026 16:18:20 +0000
ROA not before: Mon 13 Apr 2026 16:18:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 46261
IP address blocks: 5.44.255.0/24 maxlen: 24
46.253.130.0/24 maxlen: 24
59.152.124.0/22 maxlen: 24
61.14.224.0/22 maxlen: 24
62.106.64.0/24 maxlen: 24
79.110.176.0/21 maxlen: 24
79.110.181.0/24 maxlen: 24
85.8.148.0/22 maxlen: 24
85.202.172.0/22 maxlen: 24
85.202.173.0/24 maxlen: 24
91.132.84.0/22 maxlen: 24
103.203.40.0/22 maxlen: 24
103.205.84.0/22 maxlen: 24
103.207.160.0/22 maxlen: 24
103.207.163.0/24 maxlen: 24
121.46.124.0/22 maxlen: 24
146.19.82.0/24 maxlen: 24
160.238.96.0/22 maxlen: 24
185.93.4.0/24 maxlen: 24
185.105.10.0/24 maxlen: 24
185.118.132.0/22 maxlen: 24
185.118.135.0/24 maxlen: 24
185.145.44.0/22 maxlen: 24
185.147.156.0/22 maxlen: 24
185.147.158.0/24 maxlen: 24
185.157.232.0/22 maxlen: 24
185.176.88.0/22 maxlen: 24
185.176.90.0/24 maxlen: 24
185.190.56.0/22 maxlen: 24
185.196.24.0/24 maxlen: 24
185.196.26.0/23 maxlen: 24
185.202.44.0/23 maxlen: 24
185.202.46.0/23 maxlen: 24
185.206.20.0/23 maxlen: 24
185.206.20.0/24 maxlen: 24
185.206.22.0/23 maxlen: 24
185.209.128.0/23 maxlen: 24
185.209.128.0/24 maxlen: 24
185.209.130.0/23 maxlen: 24
185.213.16.0/23 maxlen: 24
185.213.18.0/23 maxlen: 24
185.214.140.0/22 maxlen: 24
185.214.142.0/23 maxlen: 24
185.214.240.0/23 maxlen: 24
185.214.240.0/24 maxlen: 24
185.214.242.0/23 maxlen: 24
185.218.185.0/24 maxlen: 24
185.219.20.0/22 maxlen: 24
185.219.23.0/24 maxlen: 24
185.225.12.0/23 maxlen: 24
185.225.14.0/23 maxlen: 24
185.227.252.0/23 maxlen: 24
185.227.252.0/24 maxlen: 24
185.227.254.0/23 maxlen: 24
185.227.254.0/24 maxlen: 24
185.228.44.0/22 maxlen: 24
185.232.42.0/24 maxlen: 24
185.235.120.0/22 maxlen: 24
185.235.122.0/24 maxlen: 24
185.235.123.0/24 maxlen: 24
185.242.185.0/24 maxlen: 24
193.3.16.0/24 maxlen: 24
193.31.112.0/22 maxlen: 24
193.31.114.0/24 maxlen: 24
193.163.35.0/24 maxlen: 24
193.176.116.0/22 maxlen: 24
193.187.180.0/22 maxlen: 24
194.8.134.0/24 maxlen: 24
194.50.192.0/22 maxlen: 24
194.69.161.0/24 maxlen: 24
195.216.148.0/22 maxlen: 24
195.245.74.0/23 maxlen: 24
213.109.157.0/24 maxlen: 24
217.18.56.0/22 maxlen: 24
2a07:4580::/29 maxlen: 29
2a07:4580::/32 maxlen: 48
2a07:4580:b0d::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/UFEncj6gz9ByRxOykXNMqjU-IOo.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/UFEncj6gz9ByRxOykXNMqjU-IOo.mft
rsync://rpki.ripe.net/repository/DEFAULT/UFEncj6gz9ByRxOykXNMqjU-IOo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:87:a3:01:cf:7e:32:60:e3:6e:7d:f3:df:74:c2:af:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=505127723ea0cfd0724713b291734caa353e20ea
Validity
Not Before: Apr 13 16:18:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=fa4ed15fe3cf9394aab46ae80d6809208b504230
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:0a:70:99:d5:36:25:b9:bd:81:ef:ed:e8:ef:
e2:9d:4d:96:41:3b:f9:e9:e8:75:85:77:4c:01:65:
21:58:ee:5f:3b:4c:f1:48:e2:06:eb:b7:d4:51:b4:
23:05:2b:c1:d3:03:ff:e1:51:ee:6c:6c:b7:ae:6b:
00:2d:8a:df:8f:0d:d8:e8:b8:80:73:2d:3f:27:fb:
3b:86:4e:e2:f5:18:b3:73:be:53:e3:03:8a:90:0c:
62:60:81:b2:38:bc:54:58:26:4b:2d:18:e1:b6:a7:
7b:3a:bd:57:c2:e0:6b:62:c5:db:8c:46:d5:d1:1d:
17:52:9d:a6:3a:2f:45:7c:14:3d:c7:64:69:fb:3c:
10:eb:44:32:1a:1f:d7:3c:ba:ea:39:94:8f:0a:a3:
0b:24:8d:c3:2d:e6:49:23:41:de:a4:c6:6e:fe:af:
b2:4c:39:6d:78:1e:b5:54:87:ce:94:51:a3:7e:72:
54:6c:5e:92:2f:c2:b7:74:d2:84:ee:e5:30:54:97:
e7:2e:80:25:93:28:68:d6:37:c9:80:1a:88:1a:15:
5d:17:bc:6f:40:e0:bf:64:e2:cb:5e:21:c6:77:bb:
88:c7:7d:1a:eb:d7:6f:52:0a:80:30:28:f4:c5:67:
be:a6:b4:31:db:79:a4:a5:ef:b6:a5:f1:e1:33:32:
6d:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:4E:D1:5F:E3:CF:93:94:AA:B4:6A:E8:0D:68:09:20:8B:50:42:30
X509v3 Authority Key Identifier:
keyid:50:51:27:72:3E:A0:CF:D0:72:47:13:B2:91:73:4C:AA:35:3E:20:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UFEncj6gz9ByRxOykXNMqjU-IOo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/1-k7RX-PPk5SqtGroDWgJIItQQjA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/UFEncj6gz9ByRxOykXNMqjU-IOo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.255.0/24
46.253.130.0/24
59.152.124.0/22
61.14.224.0/22
62.106.64.0/24
79.110.176.0/21
85.8.148.0/22
85.202.172.0/22
91.132.84.0/22
103.203.40.0/22
103.205.84.0/22
103.207.160.0/22
121.46.124.0/22
146.19.82.0/24
160.238.96.0/22
185.93.4.0/24
185.105.10.0/24
185.118.132.0/22
185.145.44.0/22
185.147.156.0/22
185.157.232.0/22
185.176.88.0/22
185.190.56.0/22
185.196.24.0/24
185.196.26.0/23
185.202.44.0/22
185.206.20.0/22
185.209.128.0/22
185.213.16.0/22
185.214.140.0/22
185.214.240.0/22
185.218.185.0/24
185.219.20.0/22
185.225.12.0/22
185.227.252.0/22
185.228.44.0/22
185.232.42.0/24
185.235.120.0/22
185.242.185.0/24
193.3.16.0/24
193.31.112.0/22
193.163.35.0/24
193.176.116.0/22
193.187.180.0/22
194.8.134.0/24
194.50.192.0/22
194.69.161.0/24
195.216.148.0/22
195.245.74.0/23
213.109.157.0/24
217.18.56.0/22
IPv6:
2a07:4580::/29
Signature Algorithm: sha256WithRSAEncryption
97:e6:bd:5c:d9:de:76:76:10:66:ee:47:a8:2b:4a:5e:8b:b9:
73:42:af:38:cc:0b:4d:47:1b:a7:1b:e8:02:1b:c8:9a:d9:46:
94:d1:b4:4a:c5:46:e8:7c:85:1c:40:b0:fb:93:f6:9f:71:49:
c4:6b:4c:e8:4c:f7:8e:71:75:af:3e:15:d1:da:a8:4f:3a:56:
cd:e5:4b:04:e9:52:9d:9b:1a:7a:a5:95:d4:0d:b6:b6:4a:fb:
70:04:79:5b:f5:67:f4:af:c2:28:2f:a7:5b:cb:3c:27:5e:7b:
44:ec:29:39:dc:e4:ea:df:14:05:86:d0:3c:29:c3:18:ec:fa:
04:2f:80:b0:37:1f:75:ac:9c:40:77:a7:cb:fb:fe:ff:23:27:
b2:f4:89:6c:4b:37:23:32:03:ff:73:35:77:b5:f4:46:06:4b:
6e:bd:9e:16:50:f4:79:e8:f5:1a:ff:7a:34:86:c2:cb:7e:6a:
91:fa:2a:59:26:17:df:68:1a:3d:cc:9e:da:d7:ac:6d:46:67:
77:ce:42:5b:9e:65:e5:66:f3:ff:31:b4:15:dd:e9:85:54:ee:
eb:35:90:c1:5c:1f:59:e1:83:0a:65:4f:19:6b:a6:48:02:35:
b6:63:d1:a2:f0:52:15:f0:38:5f:99:24:9a:8a:f8:43:c6:ff:
bf:da:7b:8b
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgISAZ2HowHPfjJg42598990wq/QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNTEyNzcyM2VhMGNmZDA3MjQ3MTNiMjkxNzM0Y2FhMzUz
ZTIwZWEwHhcNMjYwNDEzMTYxODIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTRlZDE1ZmUzY2Y5Mzk0YWFiNDZhZTgwZDY4MDkyMDhiNTA0MjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3wpwmdU2Jbm9ge/t6O/inU2WQTv5
6eh1hXdMAWUhWO5fO0zxSOIG67fUUbQjBSvB0wP/4VHubGy3rmsALYrfjw3Y6LiA
cy0/J/s7hk7i9Rizc75T4wOKkAxiYIGyOLxUWCZLLRjhtqd7Or1XwuBrYsXbjEbV
0R0XUp2mOi9FfBQ9x2Rp+zwQ60QyGh/XPLrqOZSPCqMLJI3DLeZJI0HepMZu/q+y
TDlteB61VIfOlFGjfnJUbF6SL8K3dNKE7uUwVJfnLoAlkyho1jfJgBqIGhVdF7xv
QOC/ZOLLXiHGd7uIx30a69dvUgqAMCj0xWe+prQx23mkpe+2pfHhMzJtxQIDAQAB
o4IDTzCCA0swHQYDVR0OBBYEFPpO0V/jz5OUqrRq6A1oCSCLUEIwMB8GA1UdIwQY
MBaAFFBRJ3I+oM/QckcTspFzTKo1PiDqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUZFbmNqNmd6OUJ5UnhPeWtYTk1xalUtSU9vLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC9hOTA0MjMtMGI0Yi00OTlmLWJlNjYt
NTU2MDhiNjk0NDU2LzEvMS1rN1JYLVBQazVTcXRHcm9EV2dKSUl0UVFqQS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMzgvYTkwNDIzLTBiNGItNDk5Zi1iZTY2LTU1NjA4YjY5NDQ1
Ni8xL1VGRW5jajZnejlCeVJ4T3lrWE5NcWpVLUlPby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCAWIGCCsGAQUFBwEHAQH/BIIBUTCCAU0wggE6BAIAATCC
ATIDBAAFLP8DBAAu/YIDBAI7mHwDBAI9DuADBAA+akADBANPbrADBAJVCJQDBAJV
yqwDBAJbhFQDBAJnyygDBAJnzVQDBAJnz6ADBAJ5LnwDBACSE1IDBAKg7mADBAC5
XQQDBAC5aQoDBAK5doQDBAK5kSwDBAK5k5wDBAK5negDBAK5sFgDBAK5vjgDBAC5
xBgDBAG5xBoDBAK5yiwDBAK5zhQDBAK50YADBAK51RADBAK51owDBAK51vADBAC5
2rkDBAK52xQDBAK54QwDBAK54/wDBAK55CwDBAC56CoDBAK563gDBAC58rkDBADB
AxADBALBH3ADBADBoyMDBALBsHQDBALBu7QDBADCCIYDBALCMsADBADCRaEDBALD
2JQDBAHD9UoDBADVbZ0DBALZEjgwDQQCAAIwBwMFAyoHRYAwDQYJKoZIhvcNAQEL
BQADggEBAJfmvVzZ3nZ2EGbuR6grSl6LuXNCrzjMC01HG6cb6AIbyJrZRpTRtErF
Ruh8hRxAsPuT9p9xScRrTOhM945xda8+FdHaqE86Vs3lSwTpUp2bGnqlldQNtrZK
+3AEeVv1Z/Svwigvp1vLPCdee0TsKTnc5OrfFAWG0Dwpwxjs+gQvgLA3H3WsnEB3
p8v7/v8jJ7L0iWxLNyMyA/9zNXe19EYGS269nhZQ9Hno9Rr/ejSGwst+apH6Klkm
F99oGj3MntrXrG1GZ3fOQlueZeVm8/8xtBXd6YVU7us1kMFcH1nhgwplTxlrpkgC
NbZj0aLwUhXwOF+ZJJqK+EPG/7/ae4s=
-----END CERTIFICATE-----
Generated at Fri Apr 17 14:19:37 2026 by rpki-client