Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/94sXTZ0ashhV7FZChvPegrSonnc.roa
File: 94sXTZ0ashhV7FZChvPegrSonnc.roa (raw, json)
Hash identifier: lphVUWS3xUbMj7ERkFJjR3aio8+30fGl24GHPrc92yg=
Subject key identifier: F7:8B:17:4D:9D:1A:B2:18:55:EC:56:42:86:F3:DE:82:B4:A8:9E:77
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 019DF2BCBF8EAA86F7A7EAE2F611A64C8572
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/94sXTZ0ashhV7FZChvPegrSonnc.roa
Signing time: Mon 04 May 2026 11:25:49 +0000
ROA not before: Mon 04 May 2026 11:25:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 208258
IP address blocks: 45.141.204.0/23 maxlen: 24
45.144.244.0/23 maxlen: 24
45.144.246.0/24 maxlen: 24
45.151.156.0/23 maxlen: 24
45.151.156.0/24 maxlen: 24
45.151.158.0/24 maxlen: 24
45.151.159.0/24 maxlen: 24
45.154.238.0/24 maxlen: 24
45.154.239.0/24 maxlen: 24
45.159.192.0/23 maxlen: 23
45.159.194.0/24 maxlen: 24
109.206.248.0/22 maxlen: 22
185.208.208.0/24 maxlen: 24
185.208.209.0/24 maxlen: 24
185.208.210.0/24 maxlen: 24
185.227.82.0/24 maxlen: 24
185.228.80.0/24 maxlen: 24
185.228.83.0/24 maxlen: 24
185.243.112.0/24 maxlen: 24
185.243.113.0/24 maxlen: 24
194.146.48.0/24 maxlen: 24
195.26.6.0/24 maxlen: 24
195.26.7.0/24 maxlen: 24
195.88.226.0/23 maxlen: 23
213.185.86.0/23 maxlen: 23
213.185.88.0/22 maxlen: 22
2a0b:3c40:1::/48 maxlen: 48
2a0b:3c40:7::/48 maxlen: 48
2a0b:3c40:9::/48 maxlen: 48
2a0b:3c40:11::/48 maxlen: 48
2a0b:3c40:12::/48 maxlen: 48
2a0b:3c40:15::/48 maxlen: 48
2a0b:3c40:16::/48 maxlen: 48
2a0b:3c40:17::/48 maxlen: 48
2a0b:3c40:20::/48 maxlen: 48
2a0b:3c40:21::/48 maxlen: 48
2a0b:3c40:25::/48 maxlen: 48
2a0b:3c40:f1::/48 maxlen: 48
2a0b:3c40:fca6::/48 maxlen: 48
2a0e:5540::/48 maxlen: 48
2a0e:5540:10::/48 maxlen: 48
2a0e:5540:11::/48 maxlen: 48
2a0e:5540:12::/48 maxlen: 48
2a0e:5540:100::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.mft
rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 06:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:f2:bc:bf:8e:aa:86:f7:a7:ea:e2:f6:11:a6:4c:85:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: May 4 11:25:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f78b174d9d1ab21855ec564286f3de82b4a89e77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:da:d2:b2:60:23:2f:21:cb:8f:e1:3c:38:51:
10:dd:46:f2:03:c8:1f:4a:e7:f6:eb:a7:a5:4c:2a:
7d:95:fa:11:5d:f5:f7:2f:41:5f:ac:7f:b7:a4:10:
61:61:6e:80:00:7a:d1:6d:d2:b7:4a:df:44:9e:3a:
e9:d4:96:39:9e:5f:6c:57:d4:dc:89:37:99:5b:a4:
5b:2d:88:1a:bd:82:7e:6e:ad:62:4b:7e:d9:8f:44:
4b:8e:44:5b:58:89:89:58:b8:7e:e7:c1:26:0b:46:
6b:a5:f7:55:44:dd:9f:17:77:10:c4:9e:d3:01:36:
d3:46:c3:1e:38:4b:37:5a:35:8c:54:f3:e2:db:76:
10:73:36:39:ff:23:e1:a7:1a:c6:c8:9f:55:3a:16:
5f:e8:29:3c:90:76:c6:e7:df:d3:44:e1:05:8c:59:
06:b4:58:4e:16:a1:92:b3:b4:26:60:b6:ec:f6:6b:
77:ae:fc:3a:14:77:0b:7a:b4:3f:3b:18:89:7b:6a:
e2:9d:62:bf:c8:49:ee:f9:f7:91:fb:a4:af:47:66:
88:0e:47:7f:d3:9a:8f:d2:56:fa:41:f9:e3:1e:40:
dc:cd:bb:78:ce:35:02:7a:4c:67:1c:d1:69:dd:aa:
8d:76:90:3c:ef:45:0a:bc:a0:3b:d7:44:65:2a:85:
43:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:8B:17:4D:9D:1A:B2:18:55:EC:56:42:86:F3:DE:82:B4:A8:9E:77
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/94sXTZ0ashhV7FZChvPegrSonnc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.204.0/23
45.144.244.0-45.144.246.255
45.151.156.0/22
45.154.238.0/23
45.159.192.0-45.159.194.255
109.206.248.0/22
185.208.208.0-185.208.210.255
185.227.82.0/24
185.228.80.0/24
185.228.83.0/24
185.243.112.0/23
194.146.48.0/24
195.26.6.0/23
195.88.226.0/23
213.185.86.0-213.185.91.255
IPv6:
2a0b:3c40:1::/48
2a0b:3c40:7::/48
2a0b:3c40:9::/48
2a0b:3c40:11::-2a0b:3c40:12:ffff:ffff:ffff:ffff:ffff
2a0b:3c40:15::-2a0b:3c40:17:ffff:ffff:ffff:ffff:ffff
2a0b:3c40:20::/47
2a0b:3c40:25::/48
2a0b:3c40:f1::/48
2a0b:3c40:fca6::/48
2a0e:5540::/48
2a0e:5540:10::-2a0e:5540:12:ffff:ffff:ffff:ffff:ffff
2a0e:5540:100::/48
Signature Algorithm: sha256WithRSAEncryption
45:ac:ef:3f:c7:11:f8:ce:94:f0:29:4c:15:ed:62:b0:39:c0:
a0:a0:c0:0e:d3:44:1c:83:07:61:7c:f0:1e:a1:30:41:0e:cf:
eb:87:f4:40:7b:ab:bf:6e:d6:91:57:fd:6d:c6:5b:05:cf:e3:
f7:ba:32:fb:01:87:cd:0c:53:91:43:54:2e:3e:08:36:d5:cc:
84:c2:93:7d:17:2d:77:c3:84:51:c0:02:a1:1f:dc:5d:05:51:
a7:80:c8:27:ef:5e:84:df:6a:f7:9e:89:96:05:4f:bf:3f:3b:
35:a3:3d:d7:ad:d8:b8:8b:53:9f:df:3b:cc:ab:22:7a:5d:4f:
fb:a7:ae:f9:01:98:73:5a:da:41:eb:fa:54:2c:27:3b:ed:92:
5f:56:0c:fa:da:66:fe:3a:89:e5:31:9d:0b:34:04:59:41:4a:
9d:25:48:dd:e6:4d:66:d0:ca:2c:b1:b3:41:a4:6a:1b:f5:28:
75:2a:54:fa:e0:66:31:b1:03:cf:73:4b:ff:55:08:66:e2:d0:
1b:58:73:6a:95:d2:d6:18:3b:b7:d4:13:f6:78:ee:37:ae:ed:
07:df:6d:6d:86:da:d6:79:93:97:8e:d7:d1:fd:39:fe:47:5d:
61:4a:a0:6a:fb:88:1c:cf:ca:49:ab:a7:20:27:42:1b:e6:e2:
8e:ab:c0:78
-----BEGIN CERTIFICATE-----
MIIGDzCCBPegAwIBAgISAZ3yvL+Oqob3p+ri9hGmTIVyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjYwNTA0MTEyNTQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzhiMTc0ZDlkMWFiMjE4NTVlYzU2NDI4NmYzZGU4MmI0YTg5ZTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm9rSsmAjLyHLj+E8OFEQ3UbyA8gf
Suf266elTCp9lfoRXfX3L0FfrH+3pBBhYW6AAHrRbdK3St9Enjrp1JY5nl9sV9Tc
iTeZW6RbLYgavYJ+bq1iS37Zj0RLjkRbWImJWLh+58EmC0ZrpfdVRN2fF3cQxJ7T
ATbTRsMeOEs3WjWMVPPi23YQczY5/yPhpxrGyJ9VOhZf6Ck8kHbG59/TROEFjFkG
tFhOFqGSs7QmYLbs9mt3rvw6FHcLerQ/OxiJe2rinWK/yEnu+feR+6SvR2aIDkd/
05qP0lb6QfnjHkDczbt4zjUCekxnHNFp3aqNdpA870UKvKA710RlKoVDaQIDAQAB
o4IDGzCCAxcwHQYDVR0OBBYEFPeLF02dGrIYVexWQobz3oK0qJ53MB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvOTRzWFRaMGFzaGhWN0ZaQ2h2UGVnclNvbm5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBLwYIKwYBBQUHAQcBAf8EggEeMIIBGjCBgAQCAAEwegME
AS2NzDAMAwQCLZD0AwQALZD2AwQCLZecAwQBLZruMAwDBAYtn8ADBAAtn8IDBAJt
zvgwDAMEBLnQ0AMEALnQ0gMEALnjUgMEALnkUAMEALnkUwMEAbnzcAMEAMKSMAME
AcMaBgMEAcNY4jAMAwQB1blWAwQC1blYMIGUBAIAAjCBjQMHACoLPEAAAQMHACoL
PEAABwMHACoLPEAACTASAwcAKgs8QAARAwcAKgs8QAASMBIDBwAqCzxAABUDBwMq
CzxAABADBwEqCzxAACADBwAqCzxAACUDBwAqCzxAAPEDBwAqCzxA/KYDBwAqDlVA
AAAwEgMHBCoOVUAAEAMHACoOVUAAEgMHACoOVUABADANBgkqhkiG9w0BAQsFAAOC
AQEARazvP8cR+M6U8ClMFe1isDnAoKDADtNEHIMHYXzwHqEwQQ7P64f0QHurv27W
kVf9bcZbBc/j97oy+wGHzQxTkUNULj4INtXMhMKTfRctd8OEUcACoR/cXQVRp4DI
J+9ehN9q956JlgVPvz87NaM9163YuItTn987zKsiel1P+6eu+QGYc1raQev6VCwn
O+2SX1YM+tpm/jqJ5TGdCzQEWUFKnSVI3eZNZtDKLLGzQaRqG/UodSpU+uBmMbED
z3NL/1UIZuLQG1hzapXS1hg7t9QT9njuN67tB99tbYba1nmTl47X0f05/kddYUqg
avuIHM/KSaunICdCG+bijqvAeA==
-----END CERTIFICATE-----
Generated at Wed May 13 12:25:27 2026 by rpki-client