Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/i5m5L3H8tZkypf7l6_jjUBuzCkg.roa
File: i5m5L3H8tZkypf7l6_jjUBuzCkg.roa (raw, json)
Hash identifier: zWgW7DIe1sfzt4aK8KFnRX2ASHBAlaMoD3qIDlzhxJ8=
Subject key identifier: 8B:99:B9:2F:71:FC:B5:99:32:A5:FE:E5:EB:F8:E3:50:1B:B3:0A:48
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 019D9B9EFCE45CEEDD25D1851031F5877CC7
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/i5m5L3H8tZkypf7l6_jjUBuzCkg.roa
Signing time: Fri 17 Apr 2026 13:26:20 +0000
ROA not before: Fri 17 Apr 2026 13:26:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213459
IP address blocks: 78.17.0.0/24 maxlen: 24
78.17.1.0/24 maxlen: 24
78.17.3.0/24 maxlen: 24
78.17.4.0/24 maxlen: 24
78.17.5.0/24 maxlen: 24
78.17.11.0/24 maxlen: 24
78.17.12.0/24 maxlen: 24
78.17.17.0/24 maxlen: 24
78.17.18.0/24 maxlen: 24
78.17.27.0/24 maxlen: 24
78.17.28.0/24 maxlen: 24
78.17.29.0/24 maxlen: 24
78.17.33.0/24 maxlen: 24
78.17.34.0/24 maxlen: 24
78.17.35.0/24 maxlen: 24
78.17.39.0/24 maxlen: 24
78.17.40.0/24 maxlen: 24
78.17.46.0/24 maxlen: 24
78.17.47.0/24 maxlen: 24
78.17.55.0/24 maxlen: 24
78.17.64.0/24 maxlen: 24
78.17.65.0/24 maxlen: 24
78.17.66.0/24 maxlen: 24
78.17.67.0/24 maxlen: 24
78.17.116.0/24 maxlen: 24
78.17.134.0/24 maxlen: 24
78.17.216.0/24 maxlen: 24
78.17.240.0/24 maxlen: 24
89.44.76.0/24 maxlen: 24
89.125.24.0/24 maxlen: 24
89.125.26.0/24 maxlen: 24
89.125.32.0/24 maxlen: 24
89.125.39.0/24 maxlen: 24
89.125.52.0/24 maxlen: 24
89.125.57.0/24 maxlen: 24
89.125.59.0/24 maxlen: 24
89.125.72.0/24 maxlen: 24
89.125.74.0/24 maxlen: 24
89.125.75.0/24 maxlen: 24
89.125.81.0/24 maxlen: 24
89.125.86.0/24 maxlen: 24
89.125.87.0/24 maxlen: 24
89.125.118.0/24 maxlen: 24
89.125.196.0/24 maxlen: 24
89.125.198.0/24 maxlen: 24
89.125.199.0/24 maxlen: 24
103.245.229.0/24 maxlen: 24
185.141.217.0/24 maxlen: 24
193.124.224.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.mft
rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 16:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9b:9e:fc:e4:5c:ee:dd:25:d1:85:10:31:f5:87:7c:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Apr 17 13:26:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8b99b92f71fcb59932a5fee5ebf8e3501bb30a48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:95:d3:77:ca:e5:f0:c2:f4:37:fd:bc:e0:3f:
f1:ab:0f:19:cf:fb:17:86:1a:9c:4e:8a:8f:67:dd:
c1:27:5f:fc:19:85:07:50:25:20:a1:5e:6f:6b:4c:
48:f8:72:53:b9:1b:e2:a9:72:b9:6a:ea:74:41:8b:
b6:d2:75:95:eb:50:20:6a:85:be:3c:3a:74:2b:14:
b3:f4:21:57:95:8d:c6:24:7b:ab:1b:da:6c:1f:83:
c8:19:b9:ef:01:f8:66:09:4e:82:db:50:0e:8b:a2:
b6:21:50:8c:6e:31:01:da:23:eb:b0:78:0a:dc:04:
3f:e5:4d:34:96:24:9a:37:d3:f8:14:1b:42:8b:9e:
5d:d6:cf:63:05:7d:c4:a8:f4:55:74:26:e1:9e:e2:
15:77:e6:51:f4:5b:d8:20:e7:b3:1f:63:f1:89:a9:
7c:05:01:0a:01:b0:e5:f3:70:83:aa:94:98:d8:ae:
eb:c0:9b:1b:54:38:52:be:64:24:34:2f:f8:f2:95:
49:1d:8c:3f:f6:23:be:b8:5f:7c:14:cc:5d:2c:5b:
be:d8:59:67:3e:87:da:fc:5a:7b:2d:e5:41:81:2a:
25:e7:90:56:05:fa:c5:5d:f6:39:22:f1:60:6d:10:
c5:2b:50:c7:17:7c:76:46:91:a2:c7:b0:8e:58:1a:
a1:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:99:B9:2F:71:FC:B5:99:32:A5:FE:E5:EB:F8:E3:50:1B:B3:0A:48
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/i5m5L3H8tZkypf7l6_jjUBuzCkg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.17.0.0/23
78.17.3.0-78.17.5.255
78.17.11.0-78.17.12.255
78.17.17.0-78.17.18.255
78.17.27.0-78.17.29.255
78.17.33.0-78.17.35.255
78.17.39.0-78.17.40.255
78.17.46.0/23
78.17.55.0/24
78.17.64.0/22
78.17.116.0/24
78.17.134.0/24
78.17.216.0/24
78.17.240.0/24
89.44.76.0/24
89.125.24.0/24
89.125.26.0/24
89.125.32.0/24
89.125.39.0/24
89.125.52.0/24
89.125.57.0/24
89.125.59.0/24
89.125.72.0/24
89.125.74.0/23
89.125.81.0/24
89.125.86.0/23
89.125.118.0/24
89.125.196.0/24
89.125.198.0/23
103.245.229.0/24
185.141.217.0/24
193.124.224.0/24
Signature Algorithm: sha256WithRSAEncryption
95:b4:8d:95:b7:a1:7f:62:0a:8b:3b:8f:ba:a8:16:f8:c7:07:
9b:87:fd:76:88:44:53:59:1e:cd:3a:d9:66:a8:c7:dd:51:63:
34:88:26:81:a7:16:dc:1a:57:b2:b1:27:56:97:1f:0a:9d:e0:
fe:35:b9:3c:ec:a1:82:99:b6:fb:de:a0:72:28:2d:7c:f6:a7:
6d:3b:91:68:fe:d0:ab:ae:77:c8:26:92:98:2a:8a:18:13:fd:
fc:61:b4:3d:bc:38:a3:3d:61:46:46:cf:b0:44:84:4a:cf:35:
70:bd:2d:6c:9c:46:16:5d:20:1e:2c:b7:84:53:fe:41:c7:64:
7a:55:e9:e8:7c:d4:0d:e9:7b:e0:14:b2:1d:9a:45:e5:58:0a:
7f:f5:f7:5d:d9:de:0f:0d:21:f6:7f:3a:98:72:6c:1a:e4:51:
41:35:73:07:63:81:9f:c6:56:eb:8f:f9:bd:f7:09:53:56:22:
0d:79:94:fb:d0:97:82:16:73:2d:94:84:d5:65:c7:8b:f0:46:
96:f5:1b:d4:45:67:6f:05:c6:ee:6c:b9:89:f0:83:7c:e9:82:
61:a3:7c:58:c3:8d:72:f1:eb:82:95:82:28:8e:ec:9b:37:8d:
4d:45:d4:01:bd:96:1f:b8:06:29:9a:3c:aa:35:68:04:df:b5:
36:f5:d9:f6
-----BEGIN CERTIFICATE-----
MIIF7TCCBNWgAwIBAgISAZ2bnvzkXO7dJdGFEDH1h3zHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjYwNDE3MTMyNjIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Yjk5YjkyZjcxZmNiNTk5MzJhNWZlZTVlYmY4ZTM1MDFiYjMwYTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAypXTd8rl8ML0N/284D/xqw8Zz/sX
hhqcToqPZ93BJ1/8GYUHUCUgoV5va0xI+HJTuRviqXK5aup0QYu20nWV61AgaoW+
PDp0KxSz9CFXlY3GJHurG9psH4PIGbnvAfhmCU6C21AOi6K2IVCMbjEB2iPrsHgK
3AQ/5U00liSaN9P4FBtCi55d1s9jBX3EqPRVdCbhnuIVd+ZR9FvYIOezH2Pxial8
BQEKAbDl83CDqpSY2K7rwJsbVDhSvmQkNC/48pVJHYw/9iO+uF98FMxdLFu+2Fln
Pofa/Fp7LeVBgSol55BWBfrFXfY5IvFgbRDFK1DHF3x2RpGix7COWBqhNwIDAQAB
o4IC+TCCAvUwHQYDVR0OBBYEFIuZuS9x/LWZMqX+5ev441AbswpIMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvaTVtNUwzSDh0Wmt5cGY3bDZfampVQnV6Q2tnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBDQYIKwYBBQUHAQcBAf8Egf0wgfowgfcEAgABMIHwAwQB
ThEAMAwDBABOEQMDBAFOEQQwDAMEAE4RCwMEAE4RDDAMAwQAThERAwQAThESMAwD
BABOERsDBAFOERwwDAMEAE4RIQMEAk4RIDAMAwQAThEnAwQAThEoAwQBThEuAwQA
ThE3AwQCThFAAwQAThF0AwQAThGGAwQAThHYAwQAThHwAwQAWSxMAwQAWX0YAwQA
WX0aAwQAWX0gAwQAWX0nAwQAWX00AwQAWX05AwQAWX07AwQAWX1IAwQBWX1KAwQA
WX1RAwQBWX1WAwQAWX12AwQAWX3EAwQBWX3GAwQAZ/XlAwQAuY3ZAwQAwXzgMA0G
CSqGSIb3DQEBCwUAA4IBAQCVtI2Vt6F/YgqLO4+6qBb4xwebh/12iERTWR7NOtlm
qMfdUWM0iCaBpxbcGleysSdWlx8KneD+Nbk87KGCmbb73qByKC189qdtO5Fo/tCr
rnfIJpKYKooYE/38YbQ9vDijPWFGRs+wRIRKzzVwvS1snEYWXSAeLLeEU/5Bx2R6
VenofNQN6XvgFLIdmkXlWAp/9fdd2d4PDSH2fzqYcmwa5FFBNXMHY4Gfxlbrj/m9
9wlTViINeZT70JeCFnMtlITVZceL8EaW9RvURWdvBcbubLmJ8IN86YJho3xYw41y
8euClYIojuybN41NRdQBvZYfuAYpmjyqNWgE37U29dn2
-----END CERTIFICATE-----
Generated at Sat Apr 18 02:23:59 2026 by rpki-client