Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/67tNPfiNihZFK-10QXs4lPLvRl0.roa
File: 67tNPfiNihZFK-10QXs4lPLvRl0.roa (raw, json)
Hash identifier: fpgV+T+NMEpo7d2APH79/KnLj9pwcMins0XX8cthWDQ=
Subject key identifier: EB:BB:4D:3D:F8:8D:8A:16:45:2B:ED:74:41:7B:38:94:F2:EF:46:5D
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019CA0E7AC838A1D209C672E290CC37FD14A
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/67tNPfiNihZFK-10QXs4lPLvRl0.roa
Signing time: Fri 27 Feb 2026 21:01:03 +0000
ROA not before: Fri 27 Feb 2026 21:01:03 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 207461
IP address blocks: 45.9.119.0/24 maxlen: 24
45.86.15.0/24 maxlen: 24
45.86.245.0/24 maxlen: 24
45.86.247.0/24 maxlen: 24
45.87.240.0/24 maxlen: 24
45.92.168.0/24 maxlen: 24
45.92.169.0/24 maxlen: 24
45.92.170.0/24 maxlen: 24
45.92.171.0/24 maxlen: 24
45.92.247.0/24 maxlen: 24
45.94.36.0/24 maxlen: 24
45.94.37.0/24 maxlen: 24
45.94.38.0/24 maxlen: 24
45.94.39.0/24 maxlen: 24
45.94.46.0/24 maxlen: 24
45.94.47.0/24 maxlen: 24
45.95.98.0/23 maxlen: 23
45.95.99.0/24 maxlen: 24
45.118.249.0/24 maxlen: 24
45.128.24.0/24 maxlen: 24
45.129.124.0/24 maxlen: 24
45.130.124.0/24 maxlen: 24
45.130.127.0/24 maxlen: 24
45.130.254.0/24 maxlen: 24
45.131.213.0/24 maxlen: 24
45.133.209.0/24 maxlen: 24
45.133.210.0/24 maxlen: 24
45.136.175.0/24 maxlen: 24
45.136.228.0/24 maxlen: 24
45.137.40.0/24 maxlen: 24
45.137.41.0/24 maxlen: 24
45.137.42.0/23 maxlen: 23
45.137.60.0/24 maxlen: 24
45.140.14.0/24 maxlen: 24
45.145.12.0/24 maxlen: 24
45.145.13.0/24 maxlen: 24
45.145.14.0/24 maxlen: 24
45.146.181.0/24 maxlen: 24
45.147.28.0/24 maxlen: 24
45.151.101.0/24 maxlen: 24
45.151.102.0/24 maxlen: 24
45.152.198.0/24 maxlen: 24
45.154.56.0/24 maxlen: 24
45.155.70.0/24 maxlen: 24
45.155.71.0/24 maxlen: 24
113.30.153.0/24 maxlen: 24
113.30.155.0/24 maxlen: 24
185.155.200.0/24 maxlen: 24
185.155.203.0/24 maxlen: 24
185.164.56.0/24 maxlen: 24
185.164.57.0/24 maxlen: 24
192.166.153.0/24 maxlen: 24
193.5.65.0/24 maxlen: 24
193.27.19.0/24 maxlen: 24
194.62.67.0/24 maxlen: 24
195.74.90.0/24 maxlen: 24
195.85.194.0/24 maxlen: 24
2a0a:2d06:10::/48 maxlen: 48
2a0f:3d86:44::/48 maxlen: 48
2a0f:3d86:100::/48 maxlen: 48
2a0f:3d86:101::/48 maxlen: 48
2a0f:e1c0:37a::/48 maxlen: 48
2a0f:e1c0:a8b9::/48 maxlen: 48
2a13:8c86:120::/48 maxlen: 48
2a13:c900:99::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 17:01:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:a0:e7:ac:83:8a:1d:20:9c:67:2e:29:0c:c3:7f:d1:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Feb 27 21:01:03 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ebbb4d3df88d8a16452bed74417b3894f2ef465d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:59:a5:49:71:84:38:d3:cf:7d:c4:0d:30:8b:
a3:0b:0e:43:a0:4e:99:26:dc:76:3c:92:81:bf:85:
a4:29:6e:39:5b:af:79:d8:4e:93:b3:88:b6:1c:1c:
9e:4c:04:12:b1:76:d8:8e:a7:d3:32:79:60:0f:f5:
89:23:69:2e:24:6d:40:be:a8:75:6f:df:0d:03:26:
e3:88:57:46:ff:43:9f:22:da:77:6e:68:a4:62:1d:
b4:98:f7:4e:41:bc:75:6c:1c:db:9f:69:7f:45:d0:
74:31:d7:f0:d0:0c:2c:f5:60:a0:e7:83:de:4c:64:
0e:f3:9b:b9:79:49:9e:85:74:29:ae:6a:31:dc:f4:
d6:74:22:42:e2:a9:6e:b1:92:15:f0:99:73:26:2e:
7e:5f:23:32:e6:9a:91:2d:13:19:48:9e:41:b2:04:
1a:8e:48:49:15:69:44:bf:f6:8e:b9:a3:85:82:5f:
fb:cd:9e:23:d1:5d:3b:69:b9:28:0b:c6:ee:89:1b:
57:18:0c:cf:5f:6d:e9:c2:a1:56:65:b3:c0:33:c9:
5f:5b:de:14:da:01:39:8a:3f:a4:c0:91:69:e4:7d:
92:c9:10:d1:61:d2:a5:ce:74:bc:b9:ac:a5:e2:5e:
10:b2:e7:ba:1f:d6:9d:6f:4c:d9:ef:1d:a8:c5:b5:
43:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:BB:4D:3D:F8:8D:8A:16:45:2B:ED:74:41:7B:38:94:F2:EF:46:5D
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/67tNPfiNihZFK-10QXs4lPLvRl0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.119.0/24
45.86.15.0/24
45.86.245.0/24
45.86.247.0/24
45.87.240.0/24
45.92.168.0/22
45.92.247.0/24
45.94.36.0/22
45.94.46.0/23
45.95.98.0/23
45.118.249.0/24
45.128.24.0/24
45.129.124.0/24
45.130.124.0/24
45.130.127.0/24
45.130.254.0/24
45.131.213.0/24
45.133.209.0-45.133.210.255
45.136.175.0/24
45.136.228.0/24
45.137.40.0/22
45.137.60.0/24
45.140.14.0/24
45.145.12.0-45.145.14.255
45.146.181.0/24
45.147.28.0/24
45.151.101.0-45.151.102.255
45.152.198.0/24
45.154.56.0/24
45.155.70.0/23
113.30.153.0/24
113.30.155.0/24
185.155.200.0/24
185.155.203.0/24
185.164.56.0/23
192.166.153.0/24
193.5.65.0/24
193.27.19.0/24
194.62.67.0/24
195.74.90.0/24
195.85.194.0/24
IPv6:
2a0a:2d06:10::/48
2a0f:3d86:44::/48
2a0f:3d86:100::/47
2a0f:e1c0:37a::/48
2a0f:e1c0:a8b9::/48
2a13:8c86:120::/48
2a13:c900:99::/48
Signature Algorithm: sha256WithRSAEncryption
ba:44:81:ee:26:7a:6b:9d:82:b2:27:57:a8:cc:50:62:b7:01:
0a:51:ef:3a:2e:55:ac:96:b4:66:5f:23:92:ee:92:3e:6f:a5:
4b:e5:ff:64:e6:bc:59:20:45:20:6f:35:a5:b0:26:cf:42:47:
3a:e4:2e:7d:ed:b9:66:80:d6:84:a6:93:bf:d2:fb:84:76:2b:
fa:7f:a6:c9:8f:32:df:d3:9e:ef:0d:e2:00:e2:82:ba:65:18:
64:01:1a:09:a6:9b:db:f2:24:dc:a5:6a:e4:be:d1:1e:62:cd:
45:84:e2:35:12:c0:b7:33:f0:7a:18:d2:2e:2e:77:e3:90:0d:
ba:73:21:37:93:c3:89:87:10:29:c0:ad:2b:00:56:e0:6b:d2:
70:fe:41:e4:24:54:ad:c3:db:83:be:28:0d:fb:f7:53:24:93:
7a:0d:d1:e8:bd:34:79:df:8c:c4:6e:34:2c:b4:dc:2f:46:88:
28:d8:9e:ac:0a:eb:34:1f:e4:d0:df:42:c9:94:14:61:0c:63:
e9:10:27:d6:34:cf:ac:64:00:72:db:79:14:95:58:4d:5e:63:
8a:5e:5b:18:d9:00:94:28:82:40:4e:6e:83:d3:cf:91:b7:fa:
c7:5f:b5:79:60:45:d0:64:6d:ae:0b:83:bd:8b:2a:01:84:e8:
75:05:51:4a
-----BEGIN CERTIFICATE-----
MIIGVjCCBT6gAwIBAgISAZyg56yDih0gnGcuKQzDf9FKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjYwMjI3MjEwMTAzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmJiNGQzZGY4OGQ4YTE2NDUyYmVkNzQ0MTdiMzg5NGYyZWY0NjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxVmlSXGEONPPfcQNMIujCw5DoE6Z
Jtx2PJKBv4WkKW45W6952E6Ts4i2HByeTAQSsXbYjqfTMnlgD/WJI2kuJG1Avqh1
b98NAybjiFdG/0OfItp3bmikYh20mPdOQbx1bBzbn2l/RdB0Mdfw0Aws9WCg54Pe
TGQO85u5eUmehXQprmox3PTWdCJC4qlusZIV8JlzJi5+XyMy5pqRLRMZSJ5BsgQa
jkhJFWlEv/aOuaOFgl/7zZ4j0V07abkoC8buiRtXGAzPX23pwqFWZbPAM8lfW94U
2gE5ij+kwJFp5H2SyRDRYdKlznS8uayl4l4Qsue6H9adb0zZ7x2oxbVDfQIDAQAB
o4IDYjCCA14wHQYDVR0OBBYEFOu7TT34jYoWRSvtdEF7OJTy70ZdMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvNjd0TlBmaU5paFpGSy0xMFFYczRsUEx2UmwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBdgYIKwYBBQUHAQcBAf8EggFlMIIBYTCCARYEAgABMIIB
DgMEAC0JdwMEAC1WDwMEAC1W9QMEAC1W9wMEAC1X8AMEAi1cqAMEAC1c9wMEAi1e
JAMEAS1eLgMEAS1fYgMEAC12+QMEAC2AGAMEAC2BfAMEAC2CfAMEAC2CfwMEAC2C
/gMEAC2D1TAMAwQALYXRAwQALYXSAwQALYivAwQALYjkAwQCLYkoAwQALYk8AwQA
LYwOMAwDBAItkQwDBAAtkQ4DBAAtkrUDBAAtkxwwDAMEAC2XZQMEAC2XZgMEAC2Y
xgMEAC2aOAMEAS2bRgMEAHEemQMEAHEemwMEALmbyAMEALmbywMEAbmkOAMEAMCm
mQMEAMEFQQMEAMEbEwMEAMI+QwMEAMNKWgMEAMNVwjBFBAIAAjA/AwcAKgotBgAQ
AwcAKg89hgBEAwcBKg89hgEAAwcAKg/hwAN6AwcAKg/hwKi5AwcAKhOMhgEgAwcA
KhPJAACZMA0GCSqGSIb3DQEBCwUAA4IBAQC6RIHuJnprnYKyJ1eozFBitwEKUe86
LlWslrRmXyOS7pI+b6VL5f9k5rxZIEUgbzWlsCbPQkc65C597blmgNaEppO/0vuE
div6f6bJjzLf057vDeIA4oK6ZRhkARoJppvb8iTcpWrkvtEeYs1FhOI1EsC3M/B6
GNIuLnfjkA26cyE3k8OJhxApwK0rAFbga9Jw/kHkJFStw9uDvigN+/dTJJN6DdHo
vTR534zEbjQstNwvRogo2J6sCus0H+TQ30LJlBRhDGPpECfWNM+sZABy23kUlVhN
XmOKXlsY2QCUKIJATm6D08+Rt/rHX7V5YEXQZG2uC4O9iyoBhOh1BVFK
-----END CERTIFICATE-----
Generated at Mon Mar 2 03:57:10 2026 by rpki-client