Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/ujqHJfUAdOvqomsGj_pplAat7zg.roa
File: ujqHJfUAdOvqomsGj_pplAat7zg.roa (raw, json)
Hash identifier: NqaadoCJaEMw9LX3V4c//+f7nMco4AOPyd9ivjyCJ0s=
Subject key identifier: BA:3A:87:25:F5:00:74:EB:EA:A2:6B:06:8F:FA:69:94:06:AD:EF:38
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019D9C1257C98E6C274BAC874C365DEDE32C
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/ujqHJfUAdOvqomsGj_pplAat7zg.roa
Signing time: Fri 17 Apr 2026 15:32:20 +0000
ROA not before: Fri 17 Apr 2026 15:32:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 207461
IP address blocks: 45.9.119.0/24 maxlen: 24
45.86.15.0/24 maxlen: 24
45.86.247.0/24 maxlen: 24
45.87.240.0/24 maxlen: 24
45.92.168.0/24 maxlen: 24
45.92.169.0/24 maxlen: 24
45.92.170.0/24 maxlen: 24
45.92.171.0/24 maxlen: 24
45.92.247.0/24 maxlen: 24
45.94.36.0/24 maxlen: 24
45.94.37.0/24 maxlen: 24
45.94.38.0/24 maxlen: 24
45.94.39.0/24 maxlen: 24
45.94.46.0/24 maxlen: 24
45.94.47.0/24 maxlen: 24
45.95.98.0/23 maxlen: 23
45.95.99.0/24 maxlen: 24
45.118.249.0/24 maxlen: 24
45.128.24.0/24 maxlen: 24
45.129.124.0/24 maxlen: 24
45.129.125.0/24 maxlen: 24
45.131.213.0/24 maxlen: 24
45.133.209.0/24 maxlen: 24
45.133.210.0/24 maxlen: 24
45.136.175.0/24 maxlen: 24
45.136.228.0/24 maxlen: 24
45.137.42.0/23 maxlen: 23
45.137.60.0/24 maxlen: 24
45.137.62.0/24 maxlen: 24
45.140.14.0/24 maxlen: 24
45.145.12.0/24 maxlen: 24
45.146.88.0/24 maxlen: 24
45.146.181.0/24 maxlen: 24
45.147.28.0/24 maxlen: 24
45.151.101.0/24 maxlen: 24
45.151.102.0/24 maxlen: 24
45.152.198.0/24 maxlen: 24
45.154.56.0/24 maxlen: 24
45.155.70.0/24 maxlen: 24
45.155.71.0/24 maxlen: 24
45.158.196.0/24 maxlen: 24
45.158.199.0/24 maxlen: 24
103.229.28.0/24 maxlen: 24
113.30.153.0/24 maxlen: 24
113.30.155.0/24 maxlen: 24
141.193.20.0/24 maxlen: 24
185.155.200.0/24 maxlen: 24
185.155.203.0/24 maxlen: 24
185.164.56.0/24 maxlen: 24
185.164.57.0/24 maxlen: 24
193.5.65.0/24 maxlen: 24
194.62.67.0/24 maxlen: 24
195.74.90.0/24 maxlen: 24
195.85.194.0/24 maxlen: 24
2a0a:2d06:10::/48 maxlen: 48
2a0a:2d07:e5::/48 maxlen: 48
2a0f:3d86:44::/48 maxlen: 48
2a0f:3d86:100::/48 maxlen: 48
2a0f:3d86:101::/48 maxlen: 48
2a0f:e1c0:37a::/48 maxlen: 48
2a0f:e1c0:a8b9::/48 maxlen: 48
2a13:8c86:120::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 14:47:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9c:12:57:c9:8e:6c:27:4b:ac:87:4c:36:5d:ed:e3:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Apr 17 15:32:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ba3a8725f50074ebeaa26b068ffa699406adef38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:e5:ef:87:82:c4:92:4d:f3:21:96:fe:ee:79:
32:0c:a8:93:69:ab:c1:c4:a9:89:80:4e:4c:06:71:
28:00:cf:0d:74:a8:ca:3c:cc:c5:05:3a:a7:9e:8f:
16:06:e4:c4:b6:11:56:ea:25:a3:46:40:15:5c:c7:
09:77:fc:4e:d5:60:56:22:9c:b1:9b:28:05:fd:1b:
e4:1f:33:ca:da:a7:e9:c7:ea:11:c4:94:51:24:d2:
57:a2:b3:81:fe:7d:75:28:3e:90:48:df:d4:6a:c2:
d6:e7:ff:a8:75:8c:27:83:ce:79:9c:a2:00:38:11:
be:43:43:26:14:87:40:55:b9:91:31:12:c9:6e:b1:
a7:e4:82:42:7c:ac:30:8e:48:d2:13:4b:89:2e:7f:
82:b4:b8:c7:3f:32:07:e2:f4:3d:6b:0d:45:eb:91:
fe:ec:f8:1c:36:3c:8b:31:55:41:39:7b:5e:3f:ec:
1d:32:84:17:67:fe:47:63:9e:36:c5:80:e9:68:5f:
a4:1d:0d:af:86:08:a1:a8:5e:75:b1:96:53:21:10:
93:77:fd:d1:91:c5:20:c8:35:92:d1:f1:a7:22:0d:
0e:98:7d:9c:6c:00:a5:1f:57:ba:a0:01:c8:54:1f:
75:38:0b:e8:76:48:e3:bb:4f:23:ae:bd:a9:85:9b:
9e:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:3A:87:25:F5:00:74:EB:EA:A2:6B:06:8F:FA:69:94:06:AD:EF:38
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/ujqHJfUAdOvqomsGj_pplAat7zg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.119.0/24
45.86.15.0/24
45.86.247.0/24
45.87.240.0/24
45.92.168.0/22
45.92.247.0/24
45.94.36.0/22
45.94.46.0/23
45.95.98.0/23
45.118.249.0/24
45.128.24.0/24
45.129.124.0/23
45.131.213.0/24
45.133.209.0-45.133.210.255
45.136.175.0/24
45.136.228.0/24
45.137.42.0/23
45.137.60.0/24
45.137.62.0/24
45.140.14.0/24
45.145.12.0/24
45.146.88.0/24
45.146.181.0/24
45.147.28.0/24
45.151.101.0-45.151.102.255
45.152.198.0/24
45.154.56.0/24
45.155.70.0/23
45.158.196.0/24
45.158.199.0/24
103.229.28.0/24
113.30.153.0/24
113.30.155.0/24
141.193.20.0/24
185.155.200.0/24
185.155.203.0/24
185.164.56.0/23
193.5.65.0/24
194.62.67.0/24
195.74.90.0/24
195.85.194.0/24
IPv6:
2a0a:2d06:10::/48
2a0a:2d07:e5::/48
2a0f:3d86:44::/48
2a0f:3d86:100::/47
2a0f:e1c0:37a::/48
2a0f:e1c0:a8b9::/48
2a13:8c86:120::/48
Signature Algorithm: sha256WithRSAEncryption
1d:a6:c7:7b:b3:1f:41:f9:44:89:da:9c:75:6b:02:3e:33:60:
aa:94:27:3a:d5:7c:58:18:11:49:b8:41:f0:16:d6:38:f1:cc:
70:95:02:b2:aa:24:77:8f:c7:a9:b0:5b:06:17:c8:2d:d0:1d:
29:42:a8:b3:c7:2d:11:95:83:fe:a6:ad:b5:9c:83:85:a0:da:
8d:86:0c:45:88:dc:e3:08:7f:91:69:db:34:e0:55:cd:97:68:
b4:a8:e6:52:3d:bf:d7:bd:55:50:06:cf:fe:6e:45:3c:e7:bc:
38:6e:a5:b1:e3:f2:4e:f3:05:1e:aa:a9:a5:de:5a:b6:68:b0:
8b:4c:dc:c3:9e:31:1f:0c:47:a8:27:af:56:80:9c:da:5b:4a:
86:88:54:46:3e:5d:67:b3:af:86:4e:29:82:94:7c:b6:01:d0:
4b:88:c8:94:67:79:e4:49:23:48:91:9c:0c:6a:69:ac:73:40:
d2:cf:54:cd:d7:de:81:1f:3f:32:8a:9a:3f:a0:3a:0c:13:13:
54:5e:56:09:84:e4:4e:a6:d3:6b:dd:53:1a:4e:4c:59:5e:85:
b0:fb:0e:22:f1:4a:b4:31:cf:a1:88:44:fb:b9:c0:a1:c7:a5:
1a:b2:72:ed:29:47:5c:5b:08:aa:12:5e:f7:b4:de:a0:ee:66:
ec:8b:82:93
-----BEGIN CERTIFICATE-----
MIIGTjCCBTagAwIBAgISAZ2cElfJjmwnS6yHTDZd7eMsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjYwNDE3MTUzMjIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTNhODcyNWY1MDA3NGViZWFhMjZiMDY4ZmZhNjk5NDA2YWRlZjM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtOXvh4LEkk3zIZb+7nkyDKiTaavB
xKmJgE5MBnEoAM8NdKjKPMzFBTqnno8WBuTEthFW6iWjRkAVXMcJd/xO1WBWIpyx
mygF/RvkHzPK2qfpx+oRxJRRJNJXorOB/n11KD6QSN/UasLW5/+odYwng855nKIA
OBG+Q0MmFIdAVbmRMRLJbrGn5IJCfKwwjkjSE0uJLn+CtLjHPzIH4vQ9aw1F65H+
7PgcNjyLMVVBOXteP+wdMoQXZ/5HY542xYDpaF+kHQ2vhgihqF51sZZTIRCTd/3R
kcUgyDWS0fGnIg0OmH2cbAClH1e6oAHIVB91OAvodkjju08jrr2phZuejQIDAQAB
o4IDWjCCA1YwHQYDVR0OBBYEFLo6hyX1AHTr6qJrBo/6aZQGre84MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvdWpxSEpmVUFkT3Zxb21zR2pfcHBsQWF0N3pnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBbgYIKwYBBQUHAQcBAf8EggFdMIIBWTCCAQ4EAgABMIIB
BgMEAC0JdwMEAC1WDwMEAC1W9wMEAC1X8AMEAi1cqAMEAC1c9wMEAi1eJAMEAS1e
LgMEAS1fYgMEAC12+QMEAC2AGAMEAS2BfAMEAC2D1TAMAwQALYXRAwQALYXSAwQA
LYivAwQALYjkAwQBLYkqAwQALYk8AwQALYk+AwQALYwOAwQALZEMAwQALZJYAwQA
LZK1AwQALZMcMAwDBAAtl2UDBAAtl2YDBAAtmMYDBAAtmjgDBAEtm0YDBAAtnsQD
BAAtnscDBABn5RwDBABxHpkDBABxHpsDBACNwRQDBAC5m8gDBAC5m8sDBAG5pDgD
BADBBUEDBADCPkMDBADDSloDBADDVcIwRQQCAAIwPwMHACoKLQYAEAMHACoKLQcA
5QMHACoPPYYARAMHASoPPYYBAAMHACoP4cADegMHACoP4cCouQMHACoTjIYBIDAN
BgkqhkiG9w0BAQsFAAOCAQEAHabHe7MfQflEidqcdWsCPjNgqpQnOtV8WBgRSbhB
8BbWOPHMcJUCsqokd4/HqbBbBhfILdAdKUKos8ctEZWD/qattZyDhaDajYYMRYjc
4wh/kWnbNOBVzZdotKjmUj2/171VUAbP/m5FPOe8OG6lsePyTvMFHqqppd5atmiw
i0zcw54xHwxHqCevVoCc2ltKhohURj5dZ7Ovhk4pgpR8tgHQS4jIlGd55EkjSJGc
DGpprHNA0s9UzdfegR8/MoqaP6A6DBMTVF5WCYTkTqbTa91TGk5MWV6FsPsOIvFK
tDHPoYhE+7nAocelGrJy7SlHXFsIqhJe97TeoO5m7IuCkw==
-----END CERTIFICATE-----
Generated at Fri Apr 17 18:42:36 2026 by rpki-client