Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/1HlEs2YC4vP8Y6eRn4maKBlHD4w.roa
File: 1HlEs2YC4vP8Y6eRn4maKBlHD4w.roa (raw, json)
Hash identifier: 10RB13fTX0Xa1pKypHZAB1p2a6ribPQE6Kbo5wMIs/I=
Subject key identifier: D4:79:44:B3:66:02:E2:F3:FC:63:A7:91:9F:89:9A:28:19:47:0F:8C
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 019D9674F5D759A0DEC49D18A10FA98084C4
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/1HlEs2YC4vP8Y6eRn4maKBlHD4w.roa
Signing time: Thu 16 Apr 2026 13:22:20 +0000
ROA not before: Thu 16 Apr 2026 13:22:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 25211
IP address blocks: 45.141.233.0/24 maxlen: 24
45.141.234.0/24 maxlen: 24
78.159.128.0/24 maxlen: 24
78.159.129.0/24 maxlen: 24
78.159.131.0/24 maxlen: 24
78.159.136.0/24 maxlen: 24
78.159.137.0/24 maxlen: 24
78.159.138.0/24 maxlen: 24
78.159.139.0/24 maxlen: 24
78.159.149.0/24 maxlen: 24
78.159.150.0/24 maxlen: 24
78.159.152.0/22 maxlen: 22
78.159.153.0/24 maxlen: 24
78.159.154.0/24 maxlen: 24
78.159.155.0/24 maxlen: 24
78.159.157.0/24 maxlen: 24
78.159.158.0/24 maxlen: 24
78.159.159.0/24 maxlen: 24
91.92.34.0/24 maxlen: 24
91.92.40.0/24 maxlen: 24
91.92.42.0/24 maxlen: 24
91.92.44.0/24 maxlen: 24
91.92.45.0/24 maxlen: 24
91.92.46.0/24 maxlen: 24
91.92.49.0/24 maxlen: 24
91.92.50.0/24 maxlen: 24
91.92.51.0/24 maxlen: 24
91.92.52.0/24 maxlen: 24
91.92.53.0/24 maxlen: 24
93.152.207.0/24 maxlen: 24
93.152.208.0/24 maxlen: 24
93.152.210.0/24 maxlen: 24
93.152.211.0/24 maxlen: 24
93.152.214.0/24 maxlen: 24
93.152.215.0/24 maxlen: 24
93.152.216.0/24 maxlen: 24
93.152.217.0/24 maxlen: 24
93.152.218.0/24 maxlen: 24
93.152.221.0/24 maxlen: 24
93.152.222.0/24 maxlen: 24
93.152.223.0/24 maxlen: 24
93.152.226.0/24 maxlen: 24
93.152.227.0/24 maxlen: 24
94.26.28.0/24 maxlen: 24
94.26.29.0/24 maxlen: 24
94.26.76.0/22 maxlen: 22
94.26.76.0/24 maxlen: 24
94.26.77.0/24 maxlen: 24
94.26.78.0/24 maxlen: 24
94.26.79.0/24 maxlen: 24
94.26.89.0/24 maxlen: 24
94.26.90.0/24 maxlen: 24
94.190.195.0/24 maxlen: 24
185.96.252.0/24 maxlen: 24
185.96.253.0/24 maxlen: 24
185.96.254.0/24 maxlen: 24
185.96.255.0/24 maxlen: 24
212.102.105.0/24 maxlen: 24
212.102.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.mft
rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:96:74:f5:d7:59:a0:de:c4:9d:18:a1:0f:a9:80:84:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Apr 16 13:22:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d47944b36602e2f3fc63a7919f899a2819470f8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:4c:34:d5:94:46:6c:dd:a0:95:45:0d:a8:d9:
62:25:c9:6c:b2:72:1f:bf:eb:8d:5b:27:45:34:01:
36:c9:5f:4f:4c:e9:05:d4:f2:68:f0:7c:b2:1b:18:
7d:6a:ae:8e:04:73:e8:17:af:ac:5b:79:59:b7:b8:
24:2e:d3:e0:1d:4a:1b:89:bf:32:d0:8f:b1:5d:71:
03:95:3d:9a:90:fb:5a:67:f7:1a:4e:a0:15:e3:cd:
3c:21:d1:7f:9b:f4:0e:48:6e:a1:a1:03:2b:7a:21:
e7:d0:2b:46:be:5d:1d:95:69:45:90:d8:ad:99:c3:
3a:83:d9:64:a5:8f:48:d4:c0:08:6f:7d:cf:f6:02:
c8:8d:e5:60:b1:42:dc:b2:c5:27:24:05:40:2e:ba:
0c:25:66:ec:1a:17:4f:da:51:5b:2e:4f:66:48:a7:
e9:a1:c5:d5:14:3e:13:b8:5a:97:f1:c5:75:4c:bf:
e6:73:90:1d:30:0c:6e:28:ec:6c:06:43:bf:3c:69:
84:20:95:99:d7:0a:06:10:c3:bc:f4:65:d9:df:8c:
e1:f5:bf:71:40:02:39:8a:5c:1e:6e:31:1c:d3:03:
89:d4:a0:ea:02:a8:77:d4:ec:d3:c9:4c:6f:06:5b:
1a:4b:00:d5:bc:1c:5a:a3:82:d0:78:a7:a9:68:dd:
7f:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:79:44:B3:66:02:E2:F3:FC:63:A7:91:9F:89:9A:28:19:47:0F:8C
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/1HlEs2YC4vP8Y6eRn4maKBlHD4w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.233.0-45.141.234.255
78.159.128.0/23
78.159.131.0/24
78.159.136.0/22
78.159.149.0-78.159.150.255
78.159.152.0/22
78.159.157.0-78.159.159.255
91.92.34.0/24
91.92.40.0/24
91.92.42.0/24
91.92.44.0-91.92.46.255
91.92.49.0-91.92.53.255
93.152.207.0-93.152.208.255
93.152.210.0/23
93.152.214.0-93.152.218.255
93.152.221.0-93.152.223.255
93.152.226.0/23
94.26.28.0/23
94.26.76.0/22
94.26.89.0-94.26.90.255
94.190.195.0/24
185.96.252.0/22
212.102.105.0/24
212.102.107.0/24
Signature Algorithm: sha256WithRSAEncryption
34:a6:40:bc:89:62:8b:dd:2e:dd:14:d6:4c:f0:93:2e:b3:a3:
67:d8:a1:d8:a9:60:0b:db:cc:60:8c:88:0c:80:54:6f:ec:d0:
58:27:67:60:51:8f:57:0c:d4:8f:69:b2:7c:b6:47:1b:e0:89:
6c:f2:4d:f9:a7:40:97:db:ed:fc:83:0a:e3:75:af:39:d9:45:
e7:44:d7:68:41:b4:73:83:5d:e4:a6:94:cf:0a:d2:b8:df:c7:
8e:37:79:df:26:36:19:b9:76:c3:4e:6c:c3:6f:97:0a:32:14:
3d:aa:02:3f:49:a4:c0:f6:de:7c:4c:64:c6:d9:5f:d9:c0:91:
26:f4:90:d0:c3:b6:67:e6:0c:34:b2:62:0d:6f:fa:ee:7c:3e:
ca:90:2c:4b:7b:d1:ad:70:70:c0:62:ea:dc:4c:4b:62:41:cb:
c4:50:39:c3:15:e2:09:82:ce:09:d5:35:32:99:94:a4:55:2f:
89:e1:47:bc:d9:eb:63:c0:2b:f6:65:3f:9d:a1:b2:68:b0:fc:
31:8d:ff:c4:9a:4a:b5:6c:d5:8d:80:09:e0:bd:d3:e1:5c:f4:
a9:da:43:a0:26:7e:65:50:93:db:ce:de:30:dd:40:4f:bd:20:
50:ee:1e:22:04:eb:aa:38:a4:82:96:10:08:fe:ad:b2:13:3f:
5a:04:bd:0a
-----BEGIN CERTIFICATE-----
MIIF1DCCBLygAwIBAgISAZ2WdPXXWaDexJ0YoQ+pgITEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjYwNDE2MTMyMjIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDc5NDRiMzY2MDJlMmYzZmM2M2E3OTE5Zjg5OWEyODE5NDcwZjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAykw01ZRGbN2glUUNqNliJclssnIf
v+uNWydFNAE2yV9PTOkF1PJo8HyyGxh9aq6OBHPoF6+sW3lZt7gkLtPgHUobib8y
0I+xXXEDlT2akPtaZ/caTqAV4808IdF/m/QOSG6hoQMreiHn0CtGvl0dlWlFkNit
mcM6g9lkpY9I1MAIb33P9gLIjeVgsULcssUnJAVALroMJWbsGhdP2lFbLk9mSKfp
ocXVFD4TuFqX8cV1TL/mc5AdMAxuKOxsBkO/PGmEIJWZ1woGEMO89GXZ34zh9b9x
QAI5ilwebjEc0wOJ1KDqAqh31OzTyUxvBlsaSwDVvBxao4LQeKepaN1/cwIDAQAB
o4IC4DCCAtwwHQYDVR0OBBYEFNR5RLNmAuLz/GOnkZ+JmigZRw+MMB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvMUhsRXMyWUM0dlA4WTZlUm40bWFLQmxIRDR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH1BggrBgEFBQcBBwEB/wSB5TCB4jCB3wQCAAEwgdgwDAME
AC2N6QMEAC2N6gMEAU6fgAMEAE6fgwMEAk6fiDAMAwQATp+VAwQATp+WAwQCTp+Y
MAwDBABOn50DBAVOn4ADBABbXCIDBABbXCgDBABbXCowDAMEAltcLAMEAFtcLjAM
AwQAW1wxAwQBW1w0MAwDBABdmM8DBABdmNADBAFdmNIwDAMEAV2Y1gMEAF2Y2jAM
AwQAXZjdAwQFXZjAAwQBXZjiAwQBXhocAwQCXhpMMAwDBABeGlkDBABeGloDBABe
vsMDBAK5YPwDBADUZmkDBADUZmswDQYJKoZIhvcNAQELBQADggEBADSmQLyJYovd
Lt0U1kzwky6zo2fYodipYAvbzGCMiAyAVG/s0FgnZ2BRj1cM1I9psny2RxvgiWzy
TfmnQJfb7fyDCuN1rznZRedE12hBtHODXeSmlM8K0rjfx443ed8mNhm5dsNObMNv
lwoyFD2qAj9JpMD23nxMZMbZX9nAkSb0kNDDtmfmDDSyYg1v+u58PsqQLEt70a1w
cMBi6txMS2JBy8RQOcMV4gmCzgnVNTKZlKRVL4nhR7zZ62PAK/ZlP52hsmiw/DGN
/8SaSrVs1Y2ACeC90+Fc9KnaQ6AmfmVQk9vO3jDdQE+9IFDuHiIE66o4pIKWEAj+
rbITP1oEvQo=
-----END CERTIFICATE-----
Generated at Fri Apr 17 16:48:10 2026 by rpki-client