Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/1nhxPQG32vcSIjQSneD3Rx0UPrY.roa
File: 1nhxPQG32vcSIjQSneD3Rx0UPrY.roa (raw, json)
Hash identifier: 7bTW2ORci72OzWYoeWMSPEDiNsHnos2acJbGJlZR0To=
Subject key identifier: D6:78:71:3D:01:B7:DA:F7:12:22:34:12:9D:E0:F7:47:1D:14:3E:B6
Certificate issuer: /CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Certificate serial: 019C21765A5EB36C42AA8D7EF06D4CBF5130
Authority key identifier: 67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/1nhxPQG32vcSIjQSneD3Rx0UPrY.roa
Signing time: Tue 03 Feb 2026 03:05:30 +0000
ROA not before: Tue 03 Feb 2026 03:05:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 54994
IP address blocks: 91.194.204.0/24 maxlen: 24
91.194.205.0/24 maxlen: 24
91.202.200.0/24 maxlen: 24
93.188.131.0/24 maxlen: 24
93.188.132.0/24 maxlen: 24
93.188.135.0/24 maxlen: 24
148.253.34.0/24 maxlen: 24
148.253.36.0/24 maxlen: 24
148.253.41.0/24 maxlen: 24
148.253.42.0/24 maxlen: 24
148.253.44.0/24 maxlen: 24
148.253.47.0/24 maxlen: 24
148.253.50.0/24 maxlen: 24
148.253.60.0/24 maxlen: 24
148.253.61.0/24 maxlen: 24
148.253.62.0/24 maxlen: 24
148.253.63.0/24 maxlen: 24
148.253.228.0/24 maxlen: 24
148.253.229.0/24 maxlen: 24
148.253.231.0/24 maxlen: 24
148.253.232.0/24 maxlen: 24
148.253.233.0/24 maxlen: 24
148.253.234.0/24 maxlen: 24
148.253.235.0/24 maxlen: 24
148.253.237.0/24 maxlen: 24
148.253.239.0/24 maxlen: 24
148.253.241.0/24 maxlen: 24
148.253.244.0/24 maxlen: 24
148.253.245.0/24 maxlen: 24
148.253.246.0/24 maxlen: 24
148.253.248.0/24 maxlen: 24
151.249.92.0/24 maxlen: 24
151.249.93.0/24 maxlen: 24
151.249.94.0/24 maxlen: 24
163.171.64.0/24 maxlen: 24
163.171.67.0/24 maxlen: 24
163.171.70.0/24 maxlen: 24
163.171.71.0/24 maxlen: 24
163.171.77.0/24 maxlen: 24
163.171.84.0/24 maxlen: 24
163.171.85.0/24 maxlen: 24
163.171.87.0/24 maxlen: 24
163.171.93.0/24 maxlen: 24
163.171.94.0/24 maxlen: 24
163.171.96.0/24 maxlen: 24
163.171.97.0/24 maxlen: 24
163.171.98.0/24 maxlen: 24
163.171.101.0/24 maxlen: 24
163.171.102.0/24 maxlen: 24
163.171.103.0/24 maxlen: 24
163.171.104.0/24 maxlen: 24
163.171.110.0/24 maxlen: 24
163.171.119.0/24 maxlen: 24
163.171.126.0/24 maxlen: 24
163.171.143.0/24 maxlen: 24
163.171.149.0/24 maxlen: 24
163.171.153.0/24 maxlen: 24
163.171.164.0/24 maxlen: 24
163.171.166.0/24 maxlen: 24
163.171.176.0/24 maxlen: 24
163.171.177.0/24 maxlen: 24
163.171.182.0/24 maxlen: 24
163.171.188.0/24 maxlen: 24
163.171.198.0/24 maxlen: 24
163.171.207.0/24 maxlen: 24
163.171.215.0/24 maxlen: 24
163.171.216.0/24 maxlen: 24
163.171.217.0/24 maxlen: 24
163.171.218.0/24 maxlen: 24
163.171.222.0/24 maxlen: 24
163.171.224.0/24 maxlen: 24
163.171.225.0/24 maxlen: 24
163.171.227.0/24 maxlen: 24
163.171.228.0/24 maxlen: 24
163.171.230.0/24 maxlen: 24
163.171.231.0/24 maxlen: 24
163.171.234.0/24 maxlen: 24
163.171.235.0/24 maxlen: 24
163.171.237.0/24 maxlen: 24
163.171.244.0/24 maxlen: 24
163.171.245.0/24 maxlen: 24
163.171.249.0/24 maxlen: 24
163.171.252.0/24 maxlen: 24
185.27.230.0/24 maxlen: 24
194.107.19.0/24 maxlen: 24
2a01:53c0:ff19::/48 maxlen: 48
2a01:53c0:ffc6::/48 maxlen: 48
2a01:53c0:ffe7::/48 maxlen: 48
2a01:53c0:fff2::/48 maxlen: 48
2a01:53c0:fff4::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.mft
rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:21:76:5a:5e:b3:6c:42:aa:8d:7e:f0:6d:4c:bf:51:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Validity
Not Before: Feb 3 03:05:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d678713d01b7daf7122234129de0f7471d143eb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:b3:15:20:f6:ab:34:4d:62:1b:35:d0:76:b6:
b3:6f:bb:ca:49:25:7f:6a:71:5f:af:e6:8a:4e:57:
1a:5f:fd:85:d4:da:b6:2a:41:0f:4e:33:48:d0:7a:
66:2b:8c:6d:48:c7:41:95:6d:ee:3c:6f:ae:41:8c:
66:a1:34:dd:b2:f4:5c:83:f9:4b:a5:d3:0a:8f:b1:
99:0b:27:22:1b:f9:29:cc:b9:63:29:d6:03:b4:24:
9b:0e:b5:04:10:62:b5:4e:4f:7d:9b:81:79:42:7f:
c9:12:ad:92:d3:2b:85:c2:ed:69:86:ab:54:e1:c1:
ed:20:3b:b7:17:79:ed:c6:eb:84:bb:ab:ab:5f:ff:
cc:1f:2a:93:33:b4:25:2a:0c:f3:77:11:cf:0d:49:
3c:a5:23:e1:2f:43:3d:47:0b:77:54:9a:32:7f:55:
2f:d5:a2:18:df:68:1b:ea:47:84:8a:ff:67:52:d8:
b3:d1:06:a0:18:de:d3:01:bd:1b:f9:82:a0:23:8e:
6f:89:c4:bb:fd:be:af:15:bd:6b:dc:b1:69:ec:8a:
5d:5f:28:ac:cd:2e:f5:ec:4a:d4:c7:16:a6:0b:c9:
66:6d:75:fc:ac:0c:e8:0f:36:4b:1e:00:d5:68:a9:
a2:b5:93:b2:c9:fb:11:67:c7:73:b7:d4:5f:d1:63:
a7:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:78:71:3D:01:B7:DA:F7:12:22:34:12:9D:E0:F7:47:1D:14:3E:B6
X509v3 Authority Key Identifier:
keyid:67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/1nhxPQG32vcSIjQSneD3Rx0UPrY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.204.0/23
91.202.200.0/24
93.188.131.0-93.188.132.255
93.188.135.0/24
148.253.34.0/24
148.253.36.0/24
148.253.41.0-148.253.42.255
148.253.44.0/24
148.253.47.0/24
148.253.50.0/24
148.253.60.0/22
148.253.228.0/23
148.253.231.0-148.253.235.255
148.253.237.0/24
148.253.239.0/24
148.253.241.0/24
148.253.244.0-148.253.246.255
148.253.248.0/24
151.249.92.0-151.249.94.255
163.171.64.0/24
163.171.67.0/24
163.171.70.0/23
163.171.77.0/24
163.171.84.0/23
163.171.87.0/24
163.171.93.0-163.171.94.255
163.171.96.0-163.171.98.255
163.171.101.0-163.171.104.255
163.171.110.0/24
163.171.119.0/24
163.171.126.0/24
163.171.143.0/24
163.171.149.0/24
163.171.153.0/24
163.171.164.0/24
163.171.166.0/24
163.171.176.0/23
163.171.182.0/24
163.171.188.0/24
163.171.198.0/24
163.171.207.0/24
163.171.215.0-163.171.218.255
163.171.222.0/24
163.171.224.0/23
163.171.227.0-163.171.228.255
163.171.230.0/23
163.171.234.0/23
163.171.237.0/24
163.171.244.0/23
163.171.249.0/24
163.171.252.0/24
185.27.230.0/24
194.107.19.0/24
IPv6:
2a01:53c0:ff19::/48
2a01:53c0:ffc6::/48
2a01:53c0:ffe7::/48
2a01:53c0:fff2::/48
2a01:53c0:fff4::/48
Signature Algorithm: sha256WithRSAEncryption
96:7e:5b:9f:07:19:ec:e2:09:4a:5d:5a:81:64:77:47:aa:91:
63:88:48:6f:da:8a:29:a3:b4:c4:81:b9:8b:32:98:8a:ea:cb:
ca:63:c1:b0:fb:77:5b:f1:ce:10:4d:f3:1e:87:87:e1:f0:dc:
14:cf:ad:71:75:d0:ba:18:fe:2a:e2:d8:d8:49:a7:4d:49:46:
7f:b3:f7:06:5c:85:cc:3b:d5:ec:52:26:1e:b6:b0:f4:ac:9a:
e6:8e:74:b6:bd:a9:1a:ee:65:62:d3:5a:eb:8b:5a:fd:71:a3:
1c:96:03:4b:65:b3:45:fb:8f:77:46:34:1b:05:9e:b1:72:11:
fa:e3:9a:c9:de:d3:e3:e6:c7:9d:11:82:8d:55:48:2f:a3:5b:
e4:c7:70:af:78:33:7b:6d:47:42:1c:e7:ad:e6:1f:17:2d:fe:
15:e8:41:43:1f:cc:2a:c2:5e:2a:ff:ee:1f:d1:eb:48:51:e6:
6d:02:05:97:bc:df:dd:31:75:ee:4f:4c:0d:a0:cf:5b:c9:27:
e2:8f:97:2c:9b:3b:40:95:1f:48:4a:d7:6d:3c:ef:29:fc:cd:
6d:1f:a7:ac:4a:f5:7a:7d:37:08:54:fc:62:4f:ba:a6:be:c8:
00:e7:43:61:8e:0c:0a:f8:c0:7f:8b:85:04:3b:6f:1b:4f:58:
dc:3a:1f:c7
-----BEGIN CERTIFICATE-----
MIIGxDCCBaygAwIBAgISAZwhdlpes2xCqo1+8G1Mv1EwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YjViMDJkYzQwMTY2NmVlMDQ1YWI5MGNjODg4MTdmZTA5
ZDcwNmEwHhcNMjYwMjAzMDMwNTMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjc4NzEzZDAxYjdkYWY3MTIyMjM0MTI5ZGUwZjc0NzFkMTQzZWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkrMVIParNE1iGzXQdrazb7vKSSV/
anFfr+aKTlcaX/2F1Nq2KkEPTjNI0HpmK4xtSMdBlW3uPG+uQYxmoTTdsvRcg/lL
pdMKj7GZCyciG/kpzLljKdYDtCSbDrUEEGK1Tk99m4F5Qn/JEq2S0yuFwu1phqtU
4cHtIDu3F3ntxuuEu6urX//MHyqTM7QlKgzzdxHPDUk8pSPhL0M9Rwt3VJoyf1Uv
1aIY32gb6keEiv9nUtiz0QagGN7TAb0b+YKgI45vicS7/b6vFb1r3LFp7IpdXyis
zS717ErUxxamC8lmbXX8rAzoDzZLHgDVaKmitZOyyfsRZ8dzt9Rf0WOnpQIDAQAB
o4ID0DCCA8wwHQYDVR0OBBYEFNZ4cT0Bt9r3EiI0Ep3g90cdFD62MB8GA1UdIwQY
MBaAFGe1sC3EAWZu4EWrkMyIgX/gnXBqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQt
YjVkODg4YWRmZDM3LzEvMW5oeFBRRzMydmNTSWpRU25lRDNSeDBVUHJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQtYjVkODg4YWRmZDM3
LzEvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIB5AYIKwYBBQUHAQcBAf8EggHTMIIBzzCCAZYEAgABMIIB
jgMEAVvCzAMEAFvKyDAMAwQAXbyDAwQAXbyEAwQAXbyHAwQAlP0iAwQAlP0kMAwD
BACU/SkDBACU/SoDBACU/SwDBACU/S8DBACU/TIDBAKU/TwDBAGU/eQwDAMEAJT9
5wMEApT96AMEAJT97QMEAJT97wMEAJT98TAMAwQClP30AwQAlP32AwQAlP34MAwD
BAKX+VwDBACX+V4DBACjq0ADBACjq0MDBAGjq0YDBACjq00DBAGjq1QDBACjq1cw
DAMEAKOrXQMEAKOrXjAMAwQFo6tgAwQAo6tiMAwDBACjq2UDBACjq2gDBACjq24D
BACjq3cDBACjq34DBACjq48DBACjq5UDBACjq5kDBACjq6QDBACjq6YDBAGjq7AD
BACjq7YDBACjq7wDBACjq8YDBACjq88wDAMEAKOr1wMEAKOr2gMEAKOr3gMEAaOr
4DAMAwQAo6vjAwQAo6vkAwQBo6vmAwQBo6vqAwQAo6vtAwQBo6v0AwQAo6v5AwQA
o6v8AwQAuRvmAwQAwmsTMDMEAgACMC0DBwAqAVPA/xkDBwAqAVPA/8YDBwAqAVPA
/+cDBwAqAVPA//IDBwAqAVPA//QwDQYJKoZIhvcNAQELBQADggEBAJZ+W58HGezi
CUpdWoFkd0eqkWOISG/aiimjtMSBuYsymIrqy8pjwbD7d1vxzhBN8x6Hh+Hw3BTP
rXF10LoY/iri2NhJp01JRn+z9wZchcw71exSJh62sPSsmuaOdLa9qRruZWLTWuuL
Wv1xoxyWA0tls0X7j3dGNBsFnrFyEfrjmsne0+Pmx50Rgo1VSC+jW+THcK94M3tt
R0Ic563mHxct/hXoQUMfzCrCXir/7h/R60hR5m0CBZe8390xde5PTA2gz1vJJ+KP
lyybO0CVH0hK12087yn8zW0fp6xK9Xp9NwhU/GJPuqa+yADnQ2GODAr4wH+LhQQ7
bxtPWNw6H8c=
-----END CERTIFICATE-----
Generated at Mon Mar 2 11:31:21 2026 by rpki-client