Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/tiyxMdIZRSeYSa6Hp7vKxu3O3No.roa
File: tiyxMdIZRSeYSa6Hp7vKxu3O3No.roa (raw, json)
Hash identifier: R1ZI8z5hT/g4mTQX4WykNVIwijHyEXfQcOiNiF5IQes=
Subject key identifier: B6:2C:B1:31:D2:19:45:27:98:49:AE:87:A7:BB:CA:C6:ED:CE:DC:DA
Certificate issuer: /CN=a87090c275c34c05c306f3b36063893a0d72782a
Certificate serial: 019CA5BB15E51E0DAFA133E201BEB867CA35
Authority key identifier: A8:70:90:C2:75:C3:4C:05:C3:06:F3:B3:60:63:89:3A:0D:72:78:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/tiyxMdIZRSeYSa6Hp7vKxu3O3No.roa
Signing time: Sat 28 Feb 2026 19:30:27 +0000
ROA not before: Sat 28 Feb 2026 19:30:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 205090
IP address blocks: 45.9.73.0/24 maxlen: 24
45.9.75.0/24 maxlen: 24
45.89.65.0/24 maxlen: 24
45.90.216.0/24 maxlen: 24
45.90.217.0/24 maxlen: 24
45.90.218.0/24 maxlen: 24
45.90.219.0/24 maxlen: 24
45.95.202.0/24 maxlen: 24
45.95.203.0/24 maxlen: 24
45.132.255.0/24 maxlen: 24
45.142.122.0/24 maxlen: 24
84.252.73.0/24 maxlen: 24
84.252.74.0/24 maxlen: 24
84.252.75.0/24 maxlen: 24
85.209.2.0/24 maxlen: 24
185.40.4.0/24 maxlen: 24
185.102.139.0/24 maxlen: 24
185.103.109.0/24 maxlen: 24
185.104.251.0/24 maxlen: 24
185.112.101.0/24 maxlen: 24
185.112.102.0/24 maxlen: 24
185.112.103.0/24 maxlen: 24
185.217.198.0/24 maxlen: 24
185.217.199.0/24 maxlen: 24
185.221.160.0/24 maxlen: 24
185.221.162.0/24 maxlen: 24
185.232.169.0/24 maxlen: 24
185.233.83.0/24 maxlen: 24
185.233.200.0/24 maxlen: 24
193.162.143.0/24 maxlen: 24
193.168.227.0/24 maxlen: 24
2a09:5302::/32 maxlen: 32
2a09:5302:ffff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.mft
rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:a5:bb:15:e5:1e:0d:af:a1:33:e2:01:be:b8:67:ca:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a87090c275c34c05c306f3b36063893a0d72782a
Validity
Not Before: Feb 28 19:30:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b62cb131d21945279849ae87a7bbcac6edcedcda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:3f:01:cc:9d:b6:5c:e7:97:c2:21:78:ac:1b:
8a:47:70:da:af:90:de:74:e9:c8:2f:1d:76:b8:63:
25:31:f3:40:1d:8d:11:8b:ef:73:ff:fe:fc:8d:6d:
50:bf:7d:84:2d:e9:4a:1c:a8:a7:50:5a:a5:8e:b0:
03:0f:4a:bf:43:03:33:50:a5:3e:67:79:80:85:a2:
f0:b7:2e:8b:b7:d4:01:1f:ab:e4:4f:b6:36:01:c8:
1c:d3:41:7d:1b:98:f2:b8:d6:4f:55:68:56:df:f3:
09:8f:73:ef:d3:dc:7d:56:39:16:bf:c6:07:ff:53:
fb:63:91:64:a2:2e:65:13:be:b0:f5:c5:96:87:50:
d9:d0:30:c9:75:70:9a:eb:0b:52:f0:52:22:10:77:
71:8d:4b:82:8f:33:3f:c5:14:da:e2:f6:7d:c8:b5:
5a:49:82:3f:07:c5:ee:e8:dd:ee:0a:82:15:8d:3d:
a3:94:0e:ff:dd:7d:28:8c:24:8f:73:28:4f:7e:17:
40:52:a6:40:86:3b:43:e9:a4:d0:df:d8:37:9b:61:
fd:34:c0:30:9c:9e:9b:8c:ce:bd:b7:b5:2b:d4:af:
cd:6b:12:48:21:8f:97:a0:d1:42:bf:65:d5:e4:49:
a7:59:23:b7:18:2b:af:b8:03:42:1f:15:dd:d4:8f:
68:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:2C:B1:31:D2:19:45:27:98:49:AE:87:A7:BB:CA:C6:ED:CE:DC:DA
X509v3 Authority Key Identifier:
keyid:A8:70:90:C2:75:C3:4C:05:C3:06:F3:B3:60:63:89:3A:0D:72:78:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/tiyxMdIZRSeYSa6Hp7vKxu3O3No.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.73.0/24
45.9.75.0/24
45.89.65.0/24
45.90.216.0/22
45.95.202.0/23
45.132.255.0/24
45.142.122.0/24
84.252.73.0-84.252.75.255
85.209.2.0/24
185.40.4.0/24
185.102.139.0/24
185.103.109.0/24
185.104.251.0/24
185.112.101.0-185.112.103.255
185.217.198.0/23
185.221.160.0/24
185.221.162.0/24
185.232.169.0/24
185.233.83.0/24
185.233.200.0/24
193.162.143.0/24
193.168.227.0/24
IPv6:
2a09:5302::/32
Signature Algorithm: sha256WithRSAEncryption
50:ec:d2:6c:a0:90:db:e9:34:38:41:83:59:b5:c7:72:46:46:
67:7d:c9:1c:02:cf:33:4b:41:b5:54:08:de:8c:fc:8f:97:8d:
af:94:16:5a:c4:1e:ca:95:9d:38:b3:d7:66:2e:d6:bd:c8:f0:
9d:37:18:ce:9f:76:38:97:c8:a0:8c:71:04:4b:97:db:1d:17:
46:05:9c:d1:ae:f4:13:43:63:23:f5:9a:16:40:4c:23:da:b8:
ba:3f:8d:51:64:e3:c1:8e:d2:e6:81:98:63:f7:aa:8a:72:73:
75:e7:0c:b3:d8:f1:f9:f7:41:f1:d5:5e:17:2f:5d:f4:e0:e8:
0b:56:2e:fd:16:e0:10:01:8c:d8:90:d2:e0:07:58:c6:c6:66:
4b:49:06:5b:90:88:b4:6d:97:bb:96:ed:93:bf:39:43:12:ba:
4e:42:0e:1d:56:01:8f:45:05:c7:c4:cb:a4:c5:95:7e:9e:43:
f0:84:a9:c0:7e:c0:80:9c:2e:b1:df:f6:92:81:af:24:67:5b:
c8:45:07:20:4b:18:25:d4:bc:6c:32:25:ba:cd:84:6e:e3:41:
3e:d4:9d:20:47:02:ff:c3:8e:d8:7c:3a:22:e7:56:62:10:58:
8a:5e:94:3b:b3:6a:87:8f:c7:7b:0b:b2:3e:76:81:a2:7f:1b:
6f:8d:c1:6b
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgISAZyluxXlHg2voTPiAb64Z8o1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NzA5MGMyNzVjMzRjMDVjMzA2ZjNiMzYwNjM4OTNhMGQ3
Mjc4MmEwHhcNMjYwMjI4MTkzMDI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjJjYjEzMWQyMTk0NTI3OTg0OWFlODdhN2JiY2FjNmVkY2VkY2RhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnj8BzJ22XOeXwiF4rBuKR3Dar5De
dOnILx12uGMlMfNAHY0Ri+9z//78jW1Qv32ELelKHKinUFqljrADD0q/QwMzUKU+
Z3mAhaLwty6Lt9QBH6vkT7Y2Acgc00F9G5jyuNZPVWhW3/MJj3Pv09x9VjkWv8YH
/1P7Y5Fkoi5lE76w9cWWh1DZ0DDJdXCa6wtS8FIiEHdxjUuCjzM/xRTa4vZ9yLVa
SYI/B8Xu6N3uCoIVjT2jlA7/3X0ojCSPcyhPfhdAUqZAhjtD6aTQ39g3m2H9NMAw
nJ6bjM69t7Ur1K/NaxJIIY+XoNFCv2XV5EmnWSO3GCuvuANCHxXd1I9oUQIDAQAB
o4ICqzCCAqcwHQYDVR0OBBYEFLYssTHSGUUnmEmuh6e7ysbtztzaMB8GA1UdIwQY
MBaAFKhwkMJ1w0wFwwbzs2BjiToNcngqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUhDUXduWERUQVhEQnZPellHT0pPZzF5ZUNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83YjIxMjktY2M2Yy00NzEwLWJhNDEt
YjU3YTM2ZjJhZmNkLzEvdGl5eE1kSVpSU2VZU2E2SHA3dkt4dTNPM05vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83YjIxMjktY2M2Yy00NzEwLWJhNDEtYjU3YTM2ZjJhZmNk
LzEvcUhDUXduWERUQVhEQnZPellHT0pPZzF5ZUNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHABggrBgEFBQcBBwEB/wSBsDCBrTCBmwQCAAEwgZQDBAAt
CUkDBAAtCUsDBAAtWUEDBAItWtgDBAEtX8oDBAAthP8DBAAtjnowDAMEAFT8SQME
AlT8SAMEAFXRAgMEALkoBAMEALlmiwMEALlnbQMEALlo+zAMAwQAuXBlAwQDuXBg
AwQBudnGAwQAud2gAwQAud2iAwQAueipAwQAuelTAwQAuenIAwQAwaKPAwQAwajj
MA0EAgACMAcDBQAqCVMCMA0GCSqGSIb3DQEBCwUAA4IBAQBQ7NJsoJDb6TQ4QYNZ
tcdyRkZnfckcAs8zS0G1VAjejPyPl42vlBZaxB7KlZ04s9dmLta9yPCdNxjOn3Y4
l8igjHEES5fbHRdGBZzRrvQTQ2Mj9ZoWQEwj2ri6P41RZOPBjtLmgZhj96qKcnN1
5wyz2PH590Hx1V4XL1304OgLVi79FuAQAYzYkNLgB1jGxmZLSQZbkIi0bZe7lu2T
vzlDErpOQg4dVgGPRQXHxMukxZV+nkPwhKnAfsCAnC6x3/aSga8kZ1vIRQcgSxgl
1LxsMiW6zYRu40E+1J0gRwL/w47YfDoi51ZiEFiKXpQ7s2qHj8d7C7I+doGifxtv
jcFr
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:27:37 2026 by rpki-client