Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/PTzfU9S4fK_nC3h6yF98aZFF3Gs.roa
File: PTzfU9S4fK_nC3h6yF98aZFF3Gs.roa (raw, json)
Hash identifier: 3h/I1N1s9l+VyOy1Jv8p62UZdZyyvfL1b16kQfwlyEM=
Subject key identifier: 3D:3C:DF:53:D4:B8:7C:AF:E7:0B:78:7A:C8:5F:7C:69:91:45:DC:6B
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 019D9771A687E67D6E00D8CBE691924A07C0
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/PTzfU9S4fK_nC3h6yF98aZFF3Gs.roa
Signing time: Thu 16 Apr 2026 17:58:20 +0000
ROA not before: Thu 16 Apr 2026 17:58:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 57043
IP address blocks: 2.57.242.0/24 maxlen: 24
2.57.243.0/24 maxlen: 24
45.88.15.0/24 maxlen: 24
45.135.182.0/24 maxlen: 24
77.81.101.0/24 maxlen: 24
78.17.2.0/24 maxlen: 24
78.17.9.0/24 maxlen: 24
78.17.10.0/24 maxlen: 24
78.17.13.0/24 maxlen: 24
78.17.14.0/24 maxlen: 24
78.17.15.0/24 maxlen: 24
78.17.16.0/24 maxlen: 24
78.17.24.0/24 maxlen: 24
78.17.37.0/24 maxlen: 24
78.17.38.0/24 maxlen: 24
78.17.41.0/24 maxlen: 24
78.17.42.0/24 maxlen: 24
78.17.56.0/24 maxlen: 24
78.17.57.0/24 maxlen: 24
78.17.59.0/24 maxlen: 24
78.17.60.0/24 maxlen: 24
78.17.63.0/24 maxlen: 24
78.17.68.0/24 maxlen: 24
78.17.150.0/24 maxlen: 24
78.17.192.0/24 maxlen: 24
78.17.198.0/24 maxlen: 24
79.110.227.0/24 maxlen: 24
85.204.18.0/24 maxlen: 24
89.35.119.0/24 maxlen: 24
89.35.129.0/24 maxlen: 24
89.37.185.0/24 maxlen: 24
89.39.120.0/24 maxlen: 24
89.40.70.0/24 maxlen: 24
89.125.0.0/24 maxlen: 24
89.125.1.0/24 maxlen: 24
89.125.2.0/24 maxlen: 24
89.125.3.0/24 maxlen: 24
89.125.17.0/24 maxlen: 24
89.125.18.0/24 maxlen: 24
89.125.19.0/24 maxlen: 24
89.125.25.0/24 maxlen: 24
89.125.51.0/24 maxlen: 24
89.125.53.0/24 maxlen: 24
89.125.54.0/24 maxlen: 24
89.125.56.0/24 maxlen: 24
89.125.60.0/24 maxlen: 24
89.125.61.0/24 maxlen: 24
89.125.63.0/24 maxlen: 24
89.125.68.0/24 maxlen: 24
89.125.73.0/24 maxlen: 24
89.125.77.0/24 maxlen: 24
89.125.85.0/24 maxlen: 24
89.125.89.0/24 maxlen: 24
89.125.90.0/24 maxlen: 24
89.125.91.0/24 maxlen: 24
89.125.92.0/24 maxlen: 24
89.125.95.0/24 maxlen: 24
89.125.98.0/24 maxlen: 24
89.125.104.0/24 maxlen: 24
89.125.122.0/24 maxlen: 24
89.125.123.0/24 maxlen: 24
89.125.130.0/24 maxlen: 24
89.125.131.0/24 maxlen: 24
89.125.152.0/24 maxlen: 24
89.125.159.0/24 maxlen: 24
89.125.181.0/24 maxlen: 24
89.125.188.0/24 maxlen: 24
89.125.197.0/24 maxlen: 24
89.125.210.0/24 maxlen: 24
89.125.253.0/24 maxlen: 24
94.177.13.0/24 maxlen: 24
94.177.106.0/24 maxlen: 24
94.177.145.0/24 maxlen: 24
103.56.84.0/24 maxlen: 24
103.73.35.0/24 maxlen: 24
167.17.40.0/24 maxlen: 24
167.17.176.0/24 maxlen: 24
167.17.177.0/24 maxlen: 24
167.17.178.0/24 maxlen: 24
167.17.180.0/24 maxlen: 24
167.17.182.0/24 maxlen: 24
185.212.119.0/24 maxlen: 24
188.208.103.0/24 maxlen: 24
188.213.0.0/24 maxlen: 24
188.214.107.0/24 maxlen: 24
193.124.36.0/24 maxlen: 24
193.124.225.0/24 maxlen: 24
194.85.249.0/24 maxlen: 24
194.85.251.0/24 maxlen: 24
202.71.12.0/24 maxlen: 24
202.71.13.0/24 maxlen: 24
202.71.15.0/24 maxlen: 24
204.77.1.0/24 maxlen: 24
206.245.129.0/24 maxlen: 24
206.245.131.0/24 maxlen: 24
206.245.133.0/24 maxlen: 24
206.245.134.0/24 maxlen: 24
206.245.135.0/24 maxlen: 24
206.245.157.0/24 maxlen: 24
206.245.159.0/24 maxlen: 24
208.123.185.0/24 maxlen: 24
208.123.190.0/24 maxlen: 24
208.123.191.0/24 maxlen: 24
212.192.0.0/24 maxlen: 24
212.192.8.0/24 maxlen: 24
212.192.11.0/24 maxlen: 24
212.192.212.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.mft
rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 19:46:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:97:71:a6:87:e6:7d:6e:00:d8:cb:e6:91:92:4a:07:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Apr 16 17:58:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3d3cdf53d4b87cafe70b787ac85f7c699145dc6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:0f:d1:2e:83:23:a9:d6:75:58:01:f3:c9:13:
75:fe:b4:36:09:b0:ef:c5:be:5b:69:dc:3f:d1:c2:
35:b4:67:f3:28:0d:6e:18:9d:36:2c:ea:51:d1:64:
73:0c:d7:68:24:88:ee:9f:ca:56:f1:c2:70:1f:4d:
c1:5e:74:40:86:b4:62:4f:41:c1:bd:11:f8:d3:21:
fb:47:23:86:30:7e:51:55:ee:55:78:3c:22:99:49:
61:c7:64:87:91:29:bf:ed:08:a6:59:62:07:30:6c:
02:25:03:1f:eb:a7:ec:51:70:e6:0f:86:ce:3d:7b:
ad:e5:52:84:94:aa:ff:c0:f5:2a:a8:67:20:0f:69:
bf:b7:20:b1:7d:a0:0d:4f:7e:80:2f:d4:1d:0e:71:
94:83:13:e7:ef:ab:37:12:eb:01:49:1c:d6:c0:e3:
e7:8f:ba:27:79:28:ef:5f:ba:ae:8e:bf:d2:52:64:
b7:2f:37:f7:80:a2:6f:de:21:23:e9:e3:bf:74:b6:
62:8f:9e:fa:40:cc:86:5a:6f:80:37:4f:23:22:c8:
e0:41:d1:3a:d2:c7:90:61:bb:e1:ba:80:fc:a7:67:
26:cc:0e:6d:41:9b:d4:35:bc:30:e2:ec:c9:67:f6:
f6:ba:0d:ac:07:79:65:54:ac:06:62:ac:4a:fa:ce:
42:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:3C:DF:53:D4:B8:7C:AF:E7:0B:78:7A:C8:5F:7C:69:91:45:DC:6B
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/PTzfU9S4fK_nC3h6yF98aZFF3Gs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.242.0/23
45.88.15.0/24
45.135.182.0/24
77.81.101.0/24
78.17.2.0/24
78.17.9.0-78.17.10.255
78.17.13.0-78.17.16.255
78.17.24.0/24
78.17.37.0-78.17.38.255
78.17.41.0-78.17.42.255
78.17.56.0/23
78.17.59.0-78.17.60.255
78.17.63.0/24
78.17.68.0/24
78.17.150.0/24
78.17.192.0/24
78.17.198.0/24
79.110.227.0/24
85.204.18.0/24
89.35.119.0/24
89.35.129.0/24
89.37.185.0/24
89.39.120.0/24
89.40.70.0/24
89.125.0.0/22
89.125.17.0-89.125.19.255
89.125.25.0/24
89.125.51.0/24
89.125.53.0-89.125.54.255
89.125.56.0/24
89.125.60.0/23
89.125.63.0/24
89.125.68.0/24
89.125.73.0/24
89.125.77.0/24
89.125.85.0/24
89.125.89.0-89.125.92.255
89.125.95.0/24
89.125.98.0/24
89.125.104.0/24
89.125.122.0/23
89.125.130.0/23
89.125.152.0/24
89.125.159.0/24
89.125.181.0/24
89.125.188.0/24
89.125.197.0/24
89.125.210.0/24
89.125.253.0/24
94.177.13.0/24
94.177.106.0/24
94.177.145.0/24
103.56.84.0/24
103.73.35.0/24
167.17.40.0/24
167.17.176.0-167.17.178.255
167.17.180.0/24
167.17.182.0/24
185.212.119.0/24
188.208.103.0/24
188.213.0.0/24
188.214.107.0/24
193.124.36.0/24
193.124.225.0/24
194.85.249.0/24
194.85.251.0/24
202.71.12.0/23
202.71.15.0/24
204.77.1.0/24
206.245.129.0/24
206.245.131.0/24
206.245.133.0-206.245.135.255
206.245.157.0/24
206.245.159.0/24
208.123.185.0/24
208.123.190.0/23
212.192.0.0/24
212.192.8.0/24
212.192.11.0/24
212.192.212.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:ba:eb:1a:56:15:80:06:ec:95:b2:3c:e7:aa:fc:f3:fa:84:
bd:5a:09:b3:51:56:2b:c2:b8:69:5d:b6:5c:f4:4b:c2:b1:9a:
e9:d7:e2:6d:b6:2e:35:19:e9:b8:3b:66:f1:b8:b3:f5:7d:0e:
5a:b0:a2:3e:14:60:81:48:a8:d1:9c:a3:65:6d:fa:c3:50:b0:
5c:2b:30:1c:fe:fd:0e:3a:31:0e:81:54:14:6e:5e:22:46:05:
be:12:5f:0b:90:dd:6f:28:b5:11:b3:bb:64:21:6d:85:9b:8f:
bc:b5:d5:3c:18:25:bd:ae:e3:d3:d1:88:ec:12:ba:3a:dc:32:
22:f1:9f:1e:61:75:cc:d6:64:37:0c:ed:33:2a:14:8d:99:3e:
9f:3b:00:09:b0:a8:20:11:e8:c9:bc:eb:9c:99:17:7f:c2:61:
79:cb:e9:c6:3d:97:64:41:8e:29:7d:20:d7:01:36:4a:01:e9:
21:f0:0b:ce:00:69:04:9e:be:51:b0:95:44:6e:82:66:17:8e:
f8:eb:2d:ab:a2:ca:82:fd:b0:a2:34:b3:b1:e9:a6:9e:42:cc:
9b:10:19:cb:f6:4a:1a:23:4b:4a:f8:ef:04:52:1e:d2:b8:dc:
08:46:5f:ac:71:49:e3:74:f6:73:85:19:ea:8a:17:47:47:a0:
e1:a9:32:df
-----BEGIN CERTIFICATE-----
MIIHMTCCBhmgAwIBAgISAZ2XcaaH5n1uANjL5pGSSgfAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjYwNDE2MTc1ODIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDNjZGY1M2Q0Yjg3Y2FmZTcwYjc4N2FjODVmN2M2OTkxNDVkYzZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxQ/RLoMjqdZ1WAHzyRN1/rQ2CbDv
xb5badw/0cI1tGfzKA1uGJ02LOpR0WRzDNdoJIjun8pW8cJwH03BXnRAhrRiT0HB
vRH40yH7RyOGMH5RVe5VeDwimUlhx2SHkSm/7QimWWIHMGwCJQMf66fsUXDmD4bO
PXut5VKElKr/wPUqqGcgD2m/tyCxfaANT36AL9QdDnGUgxPn76s3EusBSRzWwOPn
j7oneSjvX7qujr/SUmS3Lzf3gKJv3iEj6eO/dLZij576QMyGWm+AN08jIsjgQdE6
0seQYbvhuoD8p2cmzA5tQZvUNbww4uzJZ/b2ug2sB3llVKwGYqxK+s5CrQIDAQAB
o4IEPTCCBDkwHQYDVR0OBBYEFD0831PUuHyv5wt4eshffGmRRdxrMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvUFR6ZlU5UzRmS19uQzNoNnlGOThhWkZGM0dzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICUQYIKwYBBQUHAQcBAf8EggJAMIICPDCCAjgEAgABMIIC
MAMEAQI58gMEAC1YDwMEAC2HtgMEAE1RZQMEAE4RAjAMAwQAThEJAwQAThEKMAwD
BABOEQ0DBABOERADBABOERgwDAMEAE4RJQMEAE4RJjAMAwQAThEpAwQAThEqAwQB
ThE4MAwDBABOETsDBABOETwDBABOET8DBABOEUQDBABOEZYDBABOEcADBABOEcYD
BABPbuMDBABVzBIDBABZI3cDBABZI4EDBABZJbkDBABZJ3gDBABZKEYDBAJZfQAw
DAMEAFl9EQMEAll9EAMEAFl9GQMEAFl9MzAMAwQAWX01AwQAWX02AwQAWX04AwQB
WX08AwQAWX0/AwQAWX1EAwQAWX1JAwQAWX1NAwQAWX1VMAwDBABZfVkDBABZfVwD
BABZfV8DBABZfWIDBABZfWgDBAFZfXoDBAFZfYIDBABZfZgDBABZfZ8DBABZfbUD
BABZfbwDBABZfcUDBABZfdIDBABZff0DBABesQ0DBABesWoDBABesZEDBABnOFQD
BABnSSMDBACnESgwDAMEBKcRsAMEAKcRsgMEAKcRtAMEAKcRtgMEALnUdwMEALzQ
ZwMEALzVAAMEALzWawMEAMF8JAMEAMF84QMEAMJV+QMEAMJV+wMEAcpHDAMEAMpH
DwMEAMxNAQMEAM71gQMEAM71gzAMAwQAzvWFAwQDzvWAAwQAzvWdAwQAzvWfAwQA
0Hu5AwQB0Hu+AwQA1MAAAwQA1MAIAwQA1MALAwQA1MDUMA0GCSqGSIb3DQEBCwUA
A4IBAQAbuusaVhWABuyVsjznqvzz+oS9WgmzUVYrwrhpXbZc9EvCsZrp1+Jtti41
Gem4O2bxuLP1fQ5asKI+FGCBSKjRnKNlbfrDULBcKzAc/v0OOjEOgVQUbl4iRgW+
El8LkN1vKLURs7tkIW2Fm4+8tdU8GCW9ruPT0YjsEro63DIi8Z8eYXXM1mQ3DO0z
KhSNmT6fOwAJsKggEejJvOucmRd/wmF5y+nGPZdkQY4pfSDXATZKAekh8AvOAGkE
nr5RsJVEboJmF4746y2rosqC/bCiNLOx6aaeQsybEBnL9koaI0tK+O8EUh7SuNwI
Rl+scUnjdPZzhRnqihdHR6DhqTLf
-----END CERTIFICATE-----
Generated at Fri Apr 17 02:33:37 2026 by rpki-client