Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/1-72KeTnirQ7ntd6ncGIIlsxxKP4.roa
File: 1-72KeTnirQ7ntd6ncGIIlsxxKP4.roa (raw, json)
Hash identifier: ah+6/qxruc89HoF8atMXZH1DC/vovXB5w9o9sTOm0H4=
Subject key identifier: FB:BD:8A:79:39:E2:AD:0E:E7:B5:DE:A7:70:62:08:96:CC:71:28:FE
Certificate issuer: /CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Certificate serial: 019EB608346B56B90A6A5B4412B4704B87EB
Authority key identifier: 67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/1-72KeTnirQ7ntd6ncGIIlsxxKP4.roa
Signing time: Thu 11 Jun 2026 09:34:11 +0000
ROA not before: Thu 11 Jun 2026 09:34:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 54994
IP address blocks: 91.194.204.0/24 maxlen: 24
91.194.205.0/24 maxlen: 24
91.202.200.0/24 maxlen: 24
93.188.131.0/24 maxlen: 24
93.188.132.0/24 maxlen: 24
93.188.135.0/24 maxlen: 24
148.253.34.0/24 maxlen: 24
148.253.36.0/24 maxlen: 24
148.253.41.0/24 maxlen: 24
148.253.42.0/24 maxlen: 24
148.253.44.0/24 maxlen: 24
148.253.47.0/24 maxlen: 24
148.253.50.0/24 maxlen: 24
148.253.60.0/24 maxlen: 24
148.253.61.0/24 maxlen: 24
148.253.62.0/24 maxlen: 24
148.253.63.0/24 maxlen: 24
148.253.228.0/24 maxlen: 24
148.253.229.0/24 maxlen: 24
148.253.231.0/24 maxlen: 24
148.253.232.0/24 maxlen: 24
148.253.233.0/24 maxlen: 24
148.253.234.0/24 maxlen: 24
148.253.235.0/24 maxlen: 24
148.253.237.0/24 maxlen: 24
148.253.239.0/24 maxlen: 24
148.253.241.0/24 maxlen: 24
148.253.244.0/24 maxlen: 24
148.253.245.0/24 maxlen: 24
148.253.246.0/24 maxlen: 24
148.253.248.0/24 maxlen: 24
151.249.92.0/24 maxlen: 24
151.249.93.0/24 maxlen: 24
151.249.94.0/24 maxlen: 24
163.171.64.0/24 maxlen: 24
163.171.67.0/24 maxlen: 24
163.171.70.0/24 maxlen: 24
163.171.71.0/24 maxlen: 24
163.171.77.0/24 maxlen: 24
163.171.84.0/24 maxlen: 24
163.171.85.0/24 maxlen: 24
163.171.87.0/24 maxlen: 24
163.171.93.0/24 maxlen: 24
163.171.94.0/24 maxlen: 24
163.171.96.0/24 maxlen: 24
163.171.97.0/24 maxlen: 24
163.171.98.0/24 maxlen: 24
163.171.101.0/24 maxlen: 24
163.171.102.0/24 maxlen: 24
163.171.103.0/24 maxlen: 24
163.171.104.0/24 maxlen: 24
163.171.110.0/24 maxlen: 24
163.171.119.0/24 maxlen: 24
163.171.126.0/24 maxlen: 24
163.171.143.0/24 maxlen: 24
163.171.149.0/24 maxlen: 24
163.171.151.0/24 maxlen: 24
163.171.153.0/24 maxlen: 24
163.171.164.0/24 maxlen: 24
163.171.166.0/24 maxlen: 24
163.171.176.0/24 maxlen: 24
163.171.177.0/24 maxlen: 24
163.171.182.0/24 maxlen: 24
163.171.188.0/24 maxlen: 24
163.171.198.0/24 maxlen: 24
163.171.207.0/24 maxlen: 24
163.171.215.0/24 maxlen: 24
163.171.216.0/24 maxlen: 24
163.171.217.0/24 maxlen: 24
163.171.218.0/24 maxlen: 24
163.171.222.0/24 maxlen: 24
163.171.224.0/24 maxlen: 24
163.171.225.0/24 maxlen: 24
163.171.227.0/24 maxlen: 24
163.171.228.0/24 maxlen: 24
163.171.230.0/24 maxlen: 24
163.171.231.0/24 maxlen: 24
163.171.234.0/24 maxlen: 24
163.171.235.0/24 maxlen: 24
163.171.237.0/24 maxlen: 24
163.171.239.0/24 maxlen: 24
163.171.244.0/24 maxlen: 24
163.171.245.0/24 maxlen: 24
163.171.249.0/24 maxlen: 24
163.171.252.0/24 maxlen: 24
185.27.228.0/24 maxlen: 24
185.27.230.0/24 maxlen: 24
194.107.19.0/24 maxlen: 24
2a01:53c0:ff19::/48 maxlen: 48
2a01:53c0:ffc6::/48 maxlen: 48
2a01:53c0:ffe7::/48 maxlen: 48
2a01:53c0:fff2::/48 maxlen: 48
2a01:53c0:fff4::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.mft
rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 06:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:b6:08:34:6b:56:b9:0a:6a:5b:44:12:b4:70:4b:87:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Validity
Not Before: Jun 11 09:34:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=fbbd8a7939e2ad0ee7b5dea770620896cc7128fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:21:50:4b:8a:e0:c3:c5:24:42:28:b4:49:c7:
cb:60:52:64:38:eb:15:2b:11:cf:b4:c6:9d:28:95:
b2:7f:c9:14:20:8d:bb:ee:94:09:b3:3e:ac:6a:ef:
95:9a:d5:f0:ae:0b:c6:66:d5:b7:9e:80:5d:a1:8e:
0e:d0:10:12:47:53:7b:47:3e:52:ed:bc:e2:91:4e:
14:e0:57:6f:3e:52:09:3f:dd:64:93:72:d7:c5:b0:
81:6c:dc:58:b0:86:9f:40:7c:58:6d:43:c3:ae:be:
4b:c1:ea:03:d7:3e:8e:49:d3:16:75:6d:e5:e3:64:
b1:18:d0:b7:a1:82:54:6b:8f:9f:0c:ac:b9:da:86:
94:24:82:91:76:71:b5:ea:f9:55:38:77:ee:a6:0e:
0b:f8:31:2b:73:b9:fb:9f:cb:4b:ec:19:e5:9f:5c:
be:15:39:cd:20:fe:ed:2b:8b:6f:6e:1b:19:5d:8e:
03:98:89:51:6e:a2:cf:21:4b:28:e7:03:1d:bb:5a:
3d:e9:e4:62:7f:0e:8d:29:cd:8b:00:2b:f0:cd:c5:
30:72:1e:d0:48:12:71:1f:01:1f:61:76:74:b2:2a:
77:f5:34:34:f7:00:71:22:81:25:80:09:27:55:08:
4e:15:9c:60:98:18:57:a6:88:0e:b2:3e:b8:45:14:
b6:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:BD:8A:79:39:E2:AD:0E:E7:B5:DE:A7:70:62:08:96:CC:71:28:FE
X509v3 Authority Key Identifier:
keyid:67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/1-72KeTnirQ7ntd6ncGIIlsxxKP4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.204.0/23
91.202.200.0/24
93.188.131.0-93.188.132.255
93.188.135.0/24
148.253.34.0/24
148.253.36.0/24
148.253.41.0-148.253.42.255
148.253.44.0/24
148.253.47.0/24
148.253.50.0/24
148.253.60.0/22
148.253.228.0/23
148.253.231.0-148.253.235.255
148.253.237.0/24
148.253.239.0/24
148.253.241.0/24
148.253.244.0-148.253.246.255
148.253.248.0/24
151.249.92.0-151.249.94.255
163.171.64.0/24
163.171.67.0/24
163.171.70.0/23
163.171.77.0/24
163.171.84.0/23
163.171.87.0/24
163.171.93.0-163.171.94.255
163.171.96.0-163.171.98.255
163.171.101.0-163.171.104.255
163.171.110.0/24
163.171.119.0/24
163.171.126.0/24
163.171.143.0/24
163.171.149.0/24
163.171.151.0/24
163.171.153.0/24
163.171.164.0/24
163.171.166.0/24
163.171.176.0/23
163.171.182.0/24
163.171.188.0/24
163.171.198.0/24
163.171.207.0/24
163.171.215.0-163.171.218.255
163.171.222.0/24
163.171.224.0/23
163.171.227.0-163.171.228.255
163.171.230.0/23
163.171.234.0/23
163.171.237.0/24
163.171.239.0/24
163.171.244.0/23
163.171.249.0/24
163.171.252.0/24
185.27.228.0/24
185.27.230.0/24
194.107.19.0/24
IPv6:
2a01:53c0:ff19::/48
2a01:53c0:ffc6::/48
2a01:53c0:ffe7::/48
2a01:53c0:fff2::/48
2a01:53c0:fff4::/48
Signature Algorithm: sha256WithRSAEncryption
c6:65:85:bf:5b:ba:55:22:aa:39:d0:93:6e:76:42:90:f0:74:
8f:13:c5:2c:b6:ad:1f:ff:d4:c6:c3:93:0b:8a:9f:0e:2f:49:
db:7e:54:0d:fe:28:ad:ea:4c:dc:a5:b7:61:11:39:ce:30:02:
9c:62:cb:c9:41:5a:03:a7:6a:23:b1:0c:55:a9:e1:c7:7a:da:
43:b4:17:e1:de:1a:43:48:bc:61:f2:59:a6:f2:13:66:e7:90:
c2:04:be:6f:c8:bd:ac:83:a1:19:d1:58:8b:31:71:43:1d:ac:
74:7f:50:2f:9a:90:6b:5d:64:a2:2d:f1:c3:69:28:64:50:d9:
72:29:1a:ad:17:6c:ac:c2:df:a6:3a:ed:11:80:94:20:18:23:
ac:d1:44:34:b5:3d:52:23:1c:6d:c0:aa:43:d6:5b:c6:23:4b:
7e:44:88:ba:80:65:19:6d:85:23:26:b8:de:8f:2d:22:1d:2e:
01:29:66:21:48:60:e2:70:9e:e6:6c:14:4b:81:a7:a3:d7:fd:
52:9b:8c:0e:76:c8:37:6b:ee:fa:61:3b:5b:5e:c3:dd:5a:0b:
22:25:6f:d6:7d:fd:7b:94:c8:a5:76:b5:bd:c2:5c:d6:1f:15:
d1:19:fc:d4:e2:da:c4:36:fc:00:3d:6c:ec:f3:1e:d4:9c:49:
68:29:42:14
-----BEGIN CERTIFICATE-----
MIIG1zCCBb+gAwIBAgISAZ62CDRrVrkKaltEErRwS4frMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YjViMDJkYzQwMTY2NmVlMDQ1YWI5MGNjODg4MTdmZTA5
ZDcwNmEwHhcNMjYwNjExMDkzNDExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmJkOGE3OTM5ZTJhZDBlZTdiNWRlYTc3MDYyMDg5NmNjNzEyOGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAryFQS4rgw8UkQii0ScfLYFJkOOsV
KxHPtMadKJWyf8kUII277pQJsz6sau+VmtXwrgvGZtW3noBdoY4O0BASR1N7Rz5S
7bzikU4U4FdvPlIJP91kk3LXxbCBbNxYsIafQHxYbUPDrr5LweoD1z6OSdMWdW3l
42SxGNC3oYJUa4+fDKy52oaUJIKRdnG16vlVOHfupg4L+DErc7n7n8tL7Bnln1y+
FTnNIP7tK4tvbhsZXY4DmIlRbqLPIUso5wMdu1o96eRifw6NKc2LACvwzcUwch7Q
SBJxHwEfYXZ0sip39TQ09wBxIoElgAknVQhOFZxgmBhXpogOsj64RRS2NwIDAQAB
o4ID4zCCA98wHQYDVR0OBBYEFPu9ink54q0O57Xep3BiCJbMcSj+MB8GA1UdIwQY
MBaAFGe1sC3EAWZu4EWrkMyIgX/gnXBqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQt
YjVkODg4YWRmZDM3LzEvMS03MktlVG5pclE3bnRkNm5jR0lJbHN4eEtQNC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvODAvNjRhM2RlLTgxMmEtNGFjZS04MTRkLWI1ZDg4OGFkZmQz
Ny8xL1o3V3dMY1FCWm03Z1JhdVF6SWlCZi1DZGNHby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCAfYGCCsGAQUFBwEHAQH/BIIB5TCCAeEwggGoBAIAATCC
AaADBAFbwswDBABbysgwDAMEAF28gwMEAF28hAMEAF28hwMEAJT9IgMEAJT9JDAM
AwQAlP0pAwQAlP0qAwQAlP0sAwQAlP0vAwQAlP0yAwQClP08AwQBlP3kMAwDBACU
/ecDBAKU/egDBACU/e0DBACU/e8DBACU/fEwDAMEApT99AMEAJT99gMEAJT9+DAM
AwQCl/lcAwQAl/leAwQAo6tAAwQAo6tDAwQBo6tGAwQAo6tNAwQBo6tUAwQAo6tX
MAwDBACjq10DBACjq14wDAMEBaOrYAMEAKOrYjAMAwQAo6tlAwQAo6toAwQAo6tu
AwQAo6t3AwQAo6t+AwQAo6uPAwQAo6uVAwQAo6uXAwQAo6uZAwQAo6ukAwQAo6um
AwQBo6uwAwQAo6u2AwQAo6u8AwQAo6vGAwQAo6vPMAwDBACjq9cDBACjq9oDBACj
q94DBAGjq+AwDAMEAKOr4wMEAKOr5AMEAaOr5gMEAaOr6gMEAKOr7QMEAKOr7wME
AaOr9AMEAKOr+QMEAKOr/AMEALkb5AMEALkb5gMEAMJrEzAzBAIAAjAtAwcAKgFT
wP8ZAwcAKgFTwP/GAwcAKgFTwP/nAwcAKgFTwP/yAwcAKgFTwP/0MA0GCSqGSIb3
DQEBCwUAA4IBAQDGZYW/W7pVIqo50JNudkKQ8HSPE8Ustq0f/9TGw5MLip8OL0nb
flQN/iit6kzcpbdhETnOMAKcYsvJQVoDp2ojsQxVqeHHetpDtBfh3hpDSLxh8lmm
8hNm55DCBL5vyL2sg6EZ0ViLMXFDHax0f1AvmpBrXWSiLfHDaShkUNlyKRqtF2ys
wt+mOu0RgJQgGCOs0UQ0tT1SIxxtwKpD1lvGI0t+RIi6gGUZbYUjJrjejy0iHS4B
KWYhSGDicJ7mbBRLgaej1/1Sm4wOdsg3a+76YTtbXsPdWgsiJW/Wff17lMildrW9
wlzWHxXRGfzU4trENvwAPWzs8x7UnEloKUIU
-----END CERTIFICATE-----
Generated at Sat Jun 13 13:38:48 2026 by rpki-client