Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/557414-d993-4cbf-8181-48671fb7d380/1/pho2SHykR7lwlzkVsrkUAgDx6tY.roa
File: pho2SHykR7lwlzkVsrkUAgDx6tY.roa (raw, json)
Hash identifier: R7eqxqaoaYuZmK49GO/8FFTislHdo8WBuVWn/1Nu++w=
Subject key identifier: A6:1A:36:48:7C:A4:47:B9:70:97:39:15:B2:B9:14:02:00:F1:EA:D6
Certificate issuer: /CN=1ddc53d1de7a2ef7eb2b90c80915544140042488
Certificate serial: 019D975458F3004406433254A0CD394207AA
Authority key identifier: 1D:DC:53:D1:DE:7A:2E:F7:EB:2B:90:C8:09:15:54:41:40:04:24:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HdxT0d56LvfrK5DICRVUQUAEJIg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/557414-d993-4cbf-8181-48671fb7d380/1/pho2SHykR7lwlzkVsrkUAgDx6tY.roa
Signing time: Thu 16 Apr 2026 17:26:20 +0000
ROA not before: Thu 16 Apr 2026 17:26:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 49063
IP address blocks: 85.193.72.0/24 maxlen: 24
85.193.73.0/24 maxlen: 24
85.193.74.0/24 maxlen: 24
85.193.75.0/24 maxlen: 24
87.251.90.0/23 maxlen: 23
87.251.90.0/24 maxlen: 24
87.251.91.0/24 maxlen: 24
91.107.64.0/21 maxlen: 21
91.107.64.0/24 maxlen: 24
91.107.65.0/24 maxlen: 24
91.107.66.0/24 maxlen: 24
91.107.67.0/24 maxlen: 24
91.107.68.0/24 maxlen: 24
91.107.69.0/24 maxlen: 24
91.107.70.0/24 maxlen: 24
91.107.71.0/24 maxlen: 24
92.242.32.0/21 maxlen: 21
92.242.32.0/24 maxlen: 24
92.242.33.0/24 maxlen: 24
92.242.34.0/24 maxlen: 24
92.242.35.0/24 maxlen: 24
92.242.36.0/24 maxlen: 24
92.242.37.0/24 maxlen: 24
92.242.38.0/24 maxlen: 24
92.242.39.0/24 maxlen: 24
92.242.41.0/24 maxlen: 24
92.242.42.0/24 maxlen: 24
92.242.43.0/24 maxlen: 24
92.242.46.0/24 maxlen: 24
92.242.47.0/24 maxlen: 24
95.131.24.0/21 maxlen: 24
95.131.24.0/24 maxlen: 24
95.131.25.0/24 maxlen: 24
95.131.26.0/24 maxlen: 24
95.131.29.0/24 maxlen: 24
95.131.30.0/24 maxlen: 24
95.131.31.0/24 maxlen: 24
95.181.192.0/22 maxlen: 24
95.181.193.0/24 maxlen: 24
95.181.194.0/24 maxlen: 24
95.181.195.0/24 maxlen: 24
95.181.196.0/23 maxlen: 23
95.181.196.0/24 maxlen: 24
95.181.197.0/24 maxlen: 24
95.181.199.0/24 maxlen: 24
95.181.200.0/21 maxlen: 24
95.181.200.0/24 maxlen: 24
95.181.201.0/24 maxlen: 24
95.181.203.0/24 maxlen: 24
95.181.204.0/24 maxlen: 24
95.181.205.0/24 maxlen: 24
130.193.64.0/21 maxlen: 24
130.193.64.0/24 maxlen: 24
130.193.65.0/24 maxlen: 24
130.193.66.0/24 maxlen: 24
130.193.67.0/24 maxlen: 24
130.193.68.0/24 maxlen: 24
130.193.70.0/24 maxlen: 24
130.193.71.0/24 maxlen: 24
176.107.160.0/24 maxlen: 24
176.107.161.0/24 maxlen: 24
176.107.162.0/24 maxlen: 24
176.107.163.0/24 maxlen: 24
176.107.164.0/24 maxlen: 24
176.107.165.0/24 maxlen: 24
176.107.166.0/24 maxlen: 24
176.107.167.0/24 maxlen: 24
178.20.232.0/21 maxlen: 21
178.20.232.0/24 maxlen: 24
178.20.233.0/24 maxlen: 24
178.20.234.0/24 maxlen: 24
178.20.235.0/24 maxlen: 24
178.20.236.0/24 maxlen: 24
178.20.237.0/24 maxlen: 24
178.20.238.0/24 maxlen: 24
178.20.239.0/24 maxlen: 24
178.57.72.0/21 maxlen: 21
178.57.72.0/24 maxlen: 24
178.57.73.0/24 maxlen: 24
178.57.74.0/24 maxlen: 24
178.57.75.0/24 maxlen: 24
178.57.76.0/24 maxlen: 24
178.57.77.0/24 maxlen: 24
178.57.78.0/24 maxlen: 24
178.57.79.0/24 maxlen: 24
185.3.140.0/22 maxlen: 22
185.3.140.0/24 maxlen: 24
185.3.141.0/24 maxlen: 24
185.3.142.0/24 maxlen: 24
185.3.143.0/24 maxlen: 24
185.98.80.0/22 maxlen: 22
185.98.80.0/24 maxlen: 24
185.98.81.0/24 maxlen: 24
185.98.82.0/24 maxlen: 24
185.98.83.0/24 maxlen: 24
185.98.84.0/23 maxlen: 23
185.98.84.0/24 maxlen: 24
185.98.85.0/24 maxlen: 24
185.99.8.0/21 maxlen: 21
185.99.8.0/22 maxlen: 22
185.99.8.0/24 maxlen: 24
185.99.9.0/24 maxlen: 24
185.99.10.0/24 maxlen: 24
185.99.11.0/24 maxlen: 24
185.99.13.0/24 maxlen: 24
185.99.14.0/24 maxlen: 24
185.99.15.0/24 maxlen: 24
185.99.140.0/23 maxlen: 23
185.99.140.0/24 maxlen: 24
185.127.148.0/22 maxlen: 22
185.127.148.0/24 maxlen: 24
185.127.149.0/24 maxlen: 24
185.127.150.0/24 maxlen: 24
185.127.151.0/24 maxlen: 24
185.148.80.0/24 maxlen: 24
185.148.81.0/24 maxlen: 24
185.148.82.0/24 maxlen: 24
185.148.83.0/24 maxlen: 24
185.195.169.0/24 maxlen: 24
185.232.104.0/22 maxlen: 22
185.232.104.0/24 maxlen: 24
185.232.105.0/24 maxlen: 24
185.232.106.0/24 maxlen: 24
185.232.107.0/24 maxlen: 24
185.242.120.0/24 maxlen: 24
185.247.186.0/24 maxlen: 24
193.23.144.0/22 maxlen: 24
193.23.144.0/24 maxlen: 24
193.23.145.0/24 maxlen: 24
193.23.146.0/24 maxlen: 24
193.23.147.0/24 maxlen: 24
193.243.174.0/23 maxlen: 24
195.14.100.0/24 maxlen: 24
195.14.101.0/24 maxlen: 24
2a01:ba80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/557414-d993-4cbf-8181-48671fb7d380/1/HdxT0d56LvfrK5DICRVUQUAEJIg.crl
rsync://rpki.ripe.net/repository/DEFAULT/b7/557414-d993-4cbf-8181-48671fb7d380/1/HdxT0d56LvfrK5DICRVUQUAEJIg.mft
rsync://rpki.ripe.net/repository/DEFAULT/HdxT0d56LvfrK5DICRVUQUAEJIg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 16:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:97:54:58:f3:00:44:06:43:32:54:a0:cd:39:42:07:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ddc53d1de7a2ef7eb2b90c80915544140042488
Validity
Not Before: Apr 16 17:26:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a61a36487ca447b970973915b2b9140200f1ead6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:29:43:14:8f:20:e0:b7:0c:07:f2:1c:cf:0e:
9f:f2:8f:5c:62:19:da:f5:2b:0a:7e:83:c1:23:85:
77:83:0a:27:16:67:d9:68:14:2f:a5:24:76:1e:74:
62:72:f2:d5:02:a9:00:e1:f7:23:d4:cd:7f:df:7c:
46:e9:0e:c0:f1:6e:ec:58:83:fd:a6:fe:c6:72:6d:
2d:09:d8:63:d6:c1:29:f7:77:72:be:1a:5a:d9:5f:
ba:ca:ef:75:99:72:f4:70:4b:56:4e:a6:4f:0d:76:
d1:dd:71:91:54:d8:0d:45:2e:18:30:9d:6f:66:f1:
24:1f:c7:50:85:a6:d3:5c:10:3c:d5:39:10:8c:e7:
43:45:a2:2f:92:01:cb:71:92:c2:7a:b6:ad:b3:47:
57:ac:89:f5:9b:aa:12:1b:16:0d:0d:21:9c:b0:63:
4a:c7:17:c6:06:f1:dc:35:44:db:7a:4d:e6:e5:64:
a0:25:5f:0a:07:15:e7:b8:df:a3:2a:6a:c8:72:c8:
61:54:63:a9:17:48:e8:00:66:d3:70:da:17:19:7b:
28:9c:93:18:6f:38:02:4e:83:6e:20:b4:bb:16:43:
0d:11:18:88:b4:60:05:83:1d:e9:ee:b6:5a:2a:f1:
05:4e:6d:a7:62:89:ad:89:00:58:5c:d0:52:93:16:
c7:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:1A:36:48:7C:A4:47:B9:70:97:39:15:B2:B9:14:02:00:F1:EA:D6
X509v3 Authority Key Identifier:
keyid:1D:DC:53:D1:DE:7A:2E:F7:EB:2B:90:C8:09:15:54:41:40:04:24:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HdxT0d56LvfrK5DICRVUQUAEJIg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/557414-d993-4cbf-8181-48671fb7d380/1/pho2SHykR7lwlzkVsrkUAgDx6tY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/557414-d993-4cbf-8181-48671fb7d380/1/HdxT0d56LvfrK5DICRVUQUAEJIg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.193.72.0/22
87.251.90.0/23
91.107.64.0/21
92.242.32.0/21
92.242.41.0-92.242.43.255
92.242.46.0/23
95.131.24.0/21
95.181.192.0-95.181.197.255
95.181.199.0-95.181.207.255
130.193.64.0/21
176.107.160.0/21
178.20.232.0/21
178.57.72.0/21
185.3.140.0/22
185.98.80.0-185.98.85.255
185.99.8.0/21
185.99.140.0/23
185.127.148.0/22
185.148.80.0/22
185.195.169.0/24
185.232.104.0/22
185.242.120.0/24
185.247.186.0/24
193.23.144.0/22
193.243.174.0/23
195.14.100.0/23
IPv6:
2a01:ba80::/32
Signature Algorithm: sha256WithRSAEncryption
db:d1:9c:97:3e:75:2c:dc:08:0b:86:44:2d:1e:ef:fe:d6:c3:
2d:1b:cd:29:88:fe:80:20:02:dc:6a:08:69:9b:93:61:cf:b3:
8a:d6:25:12:6d:83:e6:62:c5:0c:23:db:d5:5f:29:fd:6f:fe:
bb:b7:bc:52:16:d8:7d:6c:d9:68:66:6f:74:cc:7a:0b:e6:50:
cc:12:47:c0:cd:b6:c6:32:a1:c3:31:b8:99:32:57:e4:27:5d:
51:c5:fc:d2:5d:80:d1:0e:14:6a:df:60:3b:15:2c:93:b6:4b:
ac:e6:bd:3a:5e:a2:83:f1:c9:61:54:71:66:27:58:6d:b5:2f:
d8:e1:d4:be:05:bd:d1:e6:73:fc:28:dc:2a:73:19:b1:13:5b:
e0:1b:eb:42:6d:af:8e:1c:c1:48:95:47:be:e7:52:09:b3:24:
9a:9e:7d:36:2a:72:4a:b6:22:ad:ff:f7:5e:3b:2b:97:87:b1:
01:47:6d:ff:b5:17:01:76:45:6f:1d:41:58:bb:4a:72:7e:50:
92:27:97:3b:c0:d9:36:66:c4:22:ce:5d:28:54:e3:80:b9:c7:
65:72:43:e9:4a:8a:23:80:8a:c8:54:55:b2:1c:07:76:f1:51:
ec:dc:99:23:2c:30:04:89:a4:16:76:fe:76:78:00:cf:05:39:
f0:1a:66:53
-----BEGIN CERTIFICATE-----
MIIFxzCCBK+gAwIBAgISAZ2XVFjzAEQGQzJUoM05QgeqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkZGM1M2QxZGU3YTJlZjdlYjJiOTBjODA5MTU1NDQxNDAw
NDI0ODgwHhcNMjYwNDE2MTcyNjIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjFhMzY0ODdjYTQ0N2I5NzA5NzM5MTViMmI5MTQwMjAwZjFlYWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzilDFI8g4LcMB/Iczw6f8o9cYhna
9SsKfoPBI4V3gwonFmfZaBQvpSR2HnRicvLVAqkA4fcj1M1/33xG6Q7A8W7sWIP9
pv7Gcm0tCdhj1sEp93dyvhpa2V+6yu91mXL0cEtWTqZPDXbR3XGRVNgNRS4YMJ1v
ZvEkH8dQhabTXBA81TkQjOdDRaIvkgHLcZLCerats0dXrIn1m6oSGxYNDSGcsGNK
xxfGBvHcNUTbek3m5WSgJV8KBxXnuN+jKmrIcshhVGOpF0joAGbTcNoXGXsonJMY
bzgCToNuILS7FkMNERiItGAFgx3p7rZaKvEFTm2nYomtiQBYXNBSkxbHLwIDAQAB
o4IC0zCCAs8wHQYDVR0OBBYEFKYaNkh8pEe5cJc5FbK5FAIA8erWMB8GA1UdIwQY
MBaAFB3cU9Heei736yuQyAkVVEFABCSIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGR4VDBkNTZMdmZySzVESUNSVlVRVUFFSklnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy81NTc0MTQtZDk5My00Y2JmLTgxODEt
NDg2NzFmYjdkMzgwLzEvcGhvMlNIeWtSN2x3bHprVnNya1VBZ0R4NnRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy81NTc0MTQtZDk5My00Y2JmLTgxODEtNDg2NzFmYjdkMzgw
LzEvSGR4VDBkNTZMdmZySzVESUNSVlVRVUFFSklnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHoBggrBgEFBQcBBwEB/wSB2DCB1TCBwwQCAAEwgbwDBAJV
wUgDBAFX+1oDBANba0ADBANc8iAwDAMEAFzyKQMEAlzyKAMEAVzyLgMEA1+DGDAM
AwQGX7XAAwQBX7XEMAwDBABftccDBARftcADBAOCwUADBAOwa6ADBAOyFOgDBAOy
OUgDBAK5A4wwDAMEBLliUAMEAbliVAMEA7ljCAMEAbljjAMEArl/lAMEArmUUAME
ALnDqQMEArnoaAMEALnyeAMEALn3ugMEAsEXkAMEAcHzrgMEAcMOZDANBAIAAjAH
AwUAKgG6gDANBgkqhkiG9w0BAQsFAAOCAQEA29Gclz51LNwIC4ZELR7v/tbDLRvN
KYj+gCAC3GoIaZuTYc+zitYlEm2D5mLFDCPb1V8p/W/+u7e8UhbYfWzZaGZvdMx6
C+ZQzBJHwM22xjKhwzG4mTJX5CddUcX80l2A0Q4Uat9gOxUsk7ZLrOa9Ol6ig/HJ
YVRxZidYbbUv2OHUvgW90eZz/CjcKnMZsRNb4BvrQm2vjhzBSJVHvudSCbMkmp59
NipySrYirf/3Xjsrl4exAUdt/7UXAXZFbx1BWLtKcn5QkieXO8DZNmbEIs5dKFTj
gLnHZXJD6UqKI4CKyFRVshwHdvFR7NyZIywwBImkFnb+dngAzwU58BpmUw==
-----END CERTIFICATE-----
Generated at Sat Apr 18 00:59:14 2026 by rpki-client