Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/vyIN7afAm-KQzI6nVuX5AoROUGc.roa
File: vyIN7afAm-KQzI6nVuX5AoROUGc.roa (raw, json)
Hash identifier: hVsJvy2A1OHunidX/d80WoYKFTTI8TsVZtZrBoCu+C4=
Subject key identifier: BF:22:0D:ED:A7:C0:9B:E2:90:CC:8E:A7:56:E5:F9:02:84:4E:50:67
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 019C76D764AEA70214490F56493EE3F91558
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/vyIN7afAm-KQzI6nVuX5AoROUGc.roa
Signing time: Thu 19 Feb 2026 16:59:13 +0000
ROA not before: Thu 19 Feb 2026 16:59:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 41111
IP address blocks: 5.180.20.0/24 maxlen: 24
5.180.21.0/24 maxlen: 24
5.180.27.0/24 maxlen: 24
5.180.40.0/24 maxlen: 24
5.180.42.0/24 maxlen: 24
5.180.43.0/24 maxlen: 24
5.180.46.0/24 maxlen: 24
5.180.47.0/24 maxlen: 24
5.180.52.0/24 maxlen: 24
5.180.54.0/24 maxlen: 24
5.180.145.0/24 maxlen: 24
5.180.147.0/24 maxlen: 24
5.253.28.0/24 maxlen: 24
5.253.29.0/24 maxlen: 24
5.253.30.0/24 maxlen: 24
5.253.31.0/24 maxlen: 24
5.253.42.0/24 maxlen: 24
45.15.125.0/24 maxlen: 24
45.15.128.0/24 maxlen: 24
45.15.129.0/24 maxlen: 24
45.66.160.0/22 maxlen: 24
45.86.66.0/24 maxlen: 24
45.86.70.0/24 maxlen: 24
45.86.74.0/24 maxlen: 24
45.128.60.0/24 maxlen: 24
45.136.117.0/24 maxlen: 24
45.136.124.0/22 maxlen: 24
45.149.115.0/24 maxlen: 24
85.208.119.0/24 maxlen: 24
85.209.155.0/24 maxlen: 24
85.209.156.0/22 maxlen: 24
85.209.194.0/24 maxlen: 24
88.218.92.0/24 maxlen: 24
88.218.94.0/24 maxlen: 24
88.218.95.0/24 maxlen: 24
194.36.36.0/24 maxlen: 24
194.36.37.0/24 maxlen: 24
194.55.136.0/23 maxlen: 24
194.55.189.0/24 maxlen: 24
194.59.221.0/24 maxlen: 24
194.59.245.0/24 maxlen: 24
194.76.146.0/24 maxlen: 24
194.76.147.0/24 maxlen: 24
194.76.154.0/23 maxlen: 24
194.124.250.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 09:38:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:76:d7:64:ae:a7:02:14:49:0f:56:49:3e:e3:f9:15:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Feb 19 16:59:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=bf220deda7c09be290cc8ea756e5f902844e5067
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:f5:81:03:b6:6b:14:a7:cf:f4:a4:6f:6e:14:
90:66:ce:5c:da:6b:6e:10:25:46:59:51:9b:44:63:
e7:22:58:24:9f:84:a7:71:c1:3d:68:a2:d6:26:09:
51:9e:e1:0b:51:64:f6:9d:e3:49:a6:77:25:59:1a:
c0:c7:5c:2c:15:e9:97:24:1c:12:59:aa:71:79:9a:
bd:79:67:17:75:e3:41:85:d9:e5:86:3f:cd:1d:28:
5c:87:82:54:b3:43:3a:3e:26:77:a2:0c:34:42:43:
3b:a0:ac:d5:27:19:ca:41:ee:15:8c:59:70:53:4b:
a2:b4:f9:46:55:06:c8:40:73:34:0c:17:c5:bd:80:
47:5a:ca:0c:13:a9:6a:bf:e5:f4:50:04:e8:48:62:
34:a2:d5:ea:76:63:4f:9e:66:df:a5:a1:40:03:d0:
39:d0:db:fa:e0:d7:f2:58:e7:a0:10:0a:57:65:2f:
f2:3b:17:41:af:42:65:a4:70:ba:f9:21:5f:a4:b6:
2a:b0:23:f1:95:d9:b0:a1:4e:4f:80:9f:29:e6:31:
e3:32:df:d4:25:a0:ab:c3:0c:45:b0:28:e7:e7:ae:
28:78:0b:58:88:9e:66:e9:45:41:d2:36:00:5a:41:
ad:14:a9:0b:90:02:98:72:a3:63:c2:81:30:ee:38:
07:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:22:0D:ED:A7:C0:9B:E2:90:CC:8E:A7:56:E5:F9:02:84:4E:50:67
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/vyIN7afAm-KQzI6nVuX5AoROUGc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.20.0/23
5.180.27.0/24
5.180.40.0/24
5.180.42.0/23
5.180.46.0/23
5.180.52.0/24
5.180.54.0/24
5.180.145.0/24
5.180.147.0/24
5.253.28.0/22
5.253.42.0/24
45.15.125.0/24
45.15.128.0/23
45.66.160.0/22
45.86.66.0/24
45.86.70.0/24
45.86.74.0/24
45.128.60.0/24
45.136.117.0/24
45.136.124.0/22
45.149.115.0/24
85.208.119.0/24
85.209.155.0-85.209.159.255
85.209.194.0/24
88.218.92.0/24
88.218.94.0/23
194.36.36.0/23
194.55.136.0/23
194.55.189.0/24
194.59.221.0/24
194.59.245.0/24
194.76.146.0/23
194.76.154.0/23
194.124.250.0/23
Signature Algorithm: sha256WithRSAEncryption
9b:47:fe:56:82:a2:81:4d:05:37:7d:b3:e9:a2:cc:ba:c4:f9:
68:ac:3c:70:4d:e3:4e:48:f3:07:a9:35:59:8b:6b:e8:b6:e9:
44:0b:73:e4:1a:16:e7:1e:bb:1e:36:8c:57:df:3d:e4:66:3c:
44:51:25:61:a8:e9:2f:d1:25:46:86:28:6d:6b:3a:cc:15:40:
62:9b:95:04:ba:79:a2:9d:97:ac:8a:5b:45:1b:06:23:13:33:
c3:36:47:5a:36:cc:30:bb:0c:71:95:3d:d4:f8:a9:3f:1e:0e:
c6:37:da:ec:88:01:e4:3d:44:94:cd:fe:7b:f1:a9:11:05:bf:
4a:13:c2:0b:1f:a2:e0:c5:e4:76:98:0b:d0:5f:41:03:61:b9:
9d:d8:0d:4e:0b:6c:f2:8a:a4:61:e0:f9:e1:62:2b:e7:44:0d:
ce:44:e2:86:19:14:6a:93:81:46:32:59:70:39:a7:13:06:a6:
68:06:58:9e:c6:aa:58:5d:bc:7d:bd:06:59:ac:3b:6c:17:53:
43:14:a1:de:3f:6b:4e:4f:41:20:29:84:0b:c4:4d:d3:58:2d:
f6:71:fd:52:92:61:bc:18:5d:17:1a:5b:11:7f:9b:12:04:61:
34:f2:66:0a:28:71:3c:15:b9:22:08:60:cb:2c:53:81:02:4c:
79:c8:43:33
-----BEGIN CERTIFICATE-----
MIIF0DCCBLigAwIBAgISAZx212SupwIUSQ9WST7j+RVYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjYwMjE5MTY1OTEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjIyMGRlZGE3YzA5YmUyOTBjYzhlYTc1NmU1ZjkwMjg0NGU1MDY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1/WBA7ZrFKfP9KRvbhSQZs5c2mtu
ECVGWVGbRGPnIlgkn4SnccE9aKLWJglRnuELUWT2neNJpnclWRrAx1wsFemXJBwS
WapxeZq9eWcXdeNBhdnlhj/NHShch4JUs0M6PiZ3ogw0QkM7oKzVJxnKQe4VjFlw
U0uitPlGVQbIQHM0DBfFvYBHWsoME6lqv+X0UAToSGI0otXqdmNPnmbfpaFAA9A5
0Nv64NfyWOegEApXZS/yOxdBr0JlpHC6+SFfpLYqsCPxldmwoU5PgJ8p5jHjMt/U
JaCrwwxFsCjn564oeAtYiJ5m6UVB0jYAWkGtFKkLkAKYcqNjwoEw7jgHewIDAQAB
o4IC3DCCAtgwHQYDVR0OBBYEFL8iDe2nwJvikMyOp1bl+QKETlBnMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvdnlJTjdhZkFtLUtRekk2blZ1WDVBb1JPVUdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHxBggrBgEFBQcBBwEB/wSB4TCB3jCB2wQCAAEwgdQDBAEF
tBQDBAAFtBsDBAAFtCgDBAEFtCoDBAEFtC4DBAAFtDQDBAAFtDYDBAAFtJEDBAAF
tJMDBAIF/RwDBAAF/SoDBAAtD30DBAEtD4ADBAItQqADBAAtVkIDBAAtVkYDBAAt
VkoDBAAtgDwDBAAtiHUDBAItiHwDBAAtlXMDBABV0HcwDAMEAFXRmwMEBVXRgAME
AFXRwgMEAFjaXAMEAVjaXgMEAcIkJAMEAcI3iAMEAMI3vQMEAMI73QMEAMI79QME
AcJMkgMEAcJMmgMEAcJ8+jANBgkqhkiG9w0BAQsFAAOCAQEAm0f+VoKigU0FN32z
6aLMusT5aKw8cE3jTkjzB6k1WYtr6LbpRAtz5BoW5x67HjaMV9895GY8RFElYajp
L9ElRoYobWs6zBVAYpuVBLp5op2XrIpbRRsGIxMzwzZHWjbMMLsMcZU91PipPx4O
xjfa7IgB5D1ElM3+e/GpEQW/ShPCCx+i4MXkdpgL0F9BA2G5ndgNTgts8oqkYeD5
4WIr50QNzkTihhkUapOBRjJZcDmnEwamaAZYnsaqWF28fb0GWaw7bBdTQxSh3j9r
Tk9BICmEC8RN01gt9nH9UpJhvBhdFxpbEX+bEgRhNPJmCihxPBW5IghgyyxTgQJM
echDMw==
-----END CERTIFICATE-----
Generated at Sun Mar 1 20:20:10 2026 by rpki-client