Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/blAedQ-s1yCHdItXdhoBsreRVSw.roa
File: blAedQ-s1yCHdItXdhoBsreRVSw.roa (raw, json)
Hash identifier: p51kjj0MVotailPPMUCk2lO2eE4mRZwhnoU71x2vKIw=
Subject key identifier: 6E:50:1E:75:0F:AC:D7:20:87:74:8B:57:76:1A:01:B2:B7:91:55:2C
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 019DD41B427768117AD40BF055EA14D551F8
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/blAedQ-s1yCHdItXdhoBsreRVSw.roa
Signing time: Tue 28 Apr 2026 12:40:49 +0000
ROA not before: Tue 28 Apr 2026 12:40:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 44559
IP address blocks: 45.91.239.0/24 maxlen: 24
80.242.53.0/24 maxlen: 24
84.252.71.0/24 maxlen: 24
130.193.26.0/24 maxlen: 24
146.19.87.0/24 maxlen: 24
146.19.129.0/24 maxlen: 24
186.243.134.0/24 maxlen: 24
186.243.135.0/24 maxlen: 24
186.243.136.0/24 maxlen: 24
186.243.137.0/24 maxlen: 24
186.243.138.0/24 maxlen: 24
186.243.139.0/24 maxlen: 24
186.243.140.0/24 maxlen: 24
186.243.146.0/24 maxlen: 24
186.243.148.0/24 maxlen: 24
186.243.152.0/24 maxlen: 24
186.243.153.0/24 maxlen: 24
186.243.154.0/24 maxlen: 24
186.243.156.0/24 maxlen: 24
186.243.157.0/24 maxlen: 24
186.243.158.0/24 maxlen: 24
186.243.159.0/24 maxlen: 24
186.243.160.0/24 maxlen: 24
186.243.161.0/24 maxlen: 24
186.243.162.0/24 maxlen: 24
186.243.163.0/24 maxlen: 24
186.243.164.0/24 maxlen: 24
186.243.165.0/24 maxlen: 24
186.243.166.0/24 maxlen: 24
186.243.167.0/24 maxlen: 24
186.243.168.0/24 maxlen: 24
186.243.169.0/24 maxlen: 24
186.243.171.0/24 maxlen: 24
186.243.172.0/24 maxlen: 24
186.243.173.0/24 maxlen: 24
186.243.174.0/24 maxlen: 24
186.243.183.0/24 maxlen: 24
186.243.184.0/24 maxlen: 24
186.243.187.0/24 maxlen: 24
186.243.188.0/24 maxlen: 24
186.243.190.0/24 maxlen: 24
186.243.193.0/24 maxlen: 24
186.243.195.0/24 maxlen: 24
186.243.196.0/24 maxlen: 24
186.243.197.0/24 maxlen: 24
186.243.199.0/24 maxlen: 24
186.243.200.0/24 maxlen: 24
186.243.210.0/24 maxlen: 24
186.243.211.0/24 maxlen: 24
186.243.212.0/24 maxlen: 24
186.243.213.0/24 maxlen: 24
186.243.215.0/24 maxlen: 24
186.243.216.0/24 maxlen: 24
186.243.217.0/24 maxlen: 24
186.243.218.0/24 maxlen: 24
186.243.219.0/24 maxlen: 24
186.243.220.0/24 maxlen: 24
186.243.221.0/24 maxlen: 24
186.243.222.0/24 maxlen: 24
186.243.223.0/24 maxlen: 24
186.243.224.0/24 maxlen: 24
186.243.225.0/24 maxlen: 24
186.243.226.0/24 maxlen: 24
186.243.227.0/24 maxlen: 24
186.243.229.0/24 maxlen: 24
186.243.230.0/24 maxlen: 24
186.243.231.0/24 maxlen: 24
186.243.232.0/24 maxlen: 24
186.243.236.0/24 maxlen: 24
186.243.238.0/24 maxlen: 24
186.243.243.0/24 maxlen: 24
186.243.244.0/24 maxlen: 24
186.243.245.0/24 maxlen: 24
186.243.246.0/24 maxlen: 24
186.243.247.0/24 maxlen: 24
186.243.248.0/24 maxlen: 24
186.246.59.0/24 maxlen: 24
186.246.61.0/24 maxlen: 24
186.246.62.0/24 maxlen: 24
186.246.63.0/24 maxlen: 24
186.246.64.0/24 maxlen: 24
186.246.65.0/24 maxlen: 24
186.246.66.0/24 maxlen: 24
186.246.67.0/24 maxlen: 24
186.246.68.0/24 maxlen: 24
186.246.69.0/24 maxlen: 24
186.246.70.0/24 maxlen: 24
186.246.71.0/24 maxlen: 24
186.246.73.0/24 maxlen: 24
186.246.78.0/24 maxlen: 24
186.246.79.0/24 maxlen: 24
186.246.81.0/24 maxlen: 24
186.246.82.0/24 maxlen: 24
186.246.83.0/24 maxlen: 24
186.246.84.0/24 maxlen: 24
186.246.85.0/24 maxlen: 24
186.246.86.0/24 maxlen: 24
186.246.87.0/24 maxlen: 24
186.246.88.0/24 maxlen: 24
186.246.89.0/24 maxlen: 24
186.246.90.0/24 maxlen: 24
186.246.91.0/24 maxlen: 24
186.246.92.0/24 maxlen: 24
186.246.93.0/24 maxlen: 24
186.246.94.0/24 maxlen: 24
186.246.95.0/24 maxlen: 24
186.246.96.0/24 maxlen: 24
186.246.97.0/24 maxlen: 24
186.246.98.0/24 maxlen: 24
186.246.99.0/24 maxlen: 24
186.246.101.0/24 maxlen: 24
186.246.102.0/24 maxlen: 24
186.246.105.0/24 maxlen: 24
186.246.106.0/24 maxlen: 24
186.246.112.0/24 maxlen: 24
186.246.113.0/24 maxlen: 24
186.246.114.0/24 maxlen: 24
186.246.115.0/24 maxlen: 24
186.246.116.0/24 maxlen: 24
186.246.117.0/24 maxlen: 24
186.246.118.0/24 maxlen: 24
186.246.119.0/24 maxlen: 24
186.246.120.0/24 maxlen: 24
186.246.121.0/24 maxlen: 24
186.246.122.0/24 maxlen: 24
193.176.20.0/24 maxlen: 24
193.176.22.0/24 maxlen: 24
193.201.9.0/24 maxlen: 24
194.105.158.0/24 maxlen: 24
194.105.159.0/24 maxlen: 24
194.156.126.0/24 maxlen: 24
2a12:641::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:d4:1b:42:77:68:11:7a:d4:0b:f0:55:ea:14:d5:51:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Apr 28 12:40:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6e501e750facd72087748b57761a01b2b791552c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:62:8b:1d:2d:b6:33:26:39:cc:39:b5:fd:e8:
a4:49:aa:7c:4c:9c:01:f1:76:d9:ec:2d:41:21:f5:
b4:8a:e8:7b:00:b5:0d:04:87:95:45:6c:85:a5:b6:
c7:a8:49:c0:31:e7:d9:5f:8a:33:92:b7:f5:15:ac:
eb:41:1c:f6:26:70:a7:9e:0d:a7:f8:65:5b:f8:b2:
ed:04:47:3c:fc:b9:66:a5:b9:33:90:0b:f9:67:74:
c8:4b:f2:6b:10:dc:d3:e0:d1:0f:27:04:5c:40:76:
e9:26:f9:94:70:7b:5d:1c:2e:df:39:d2:6c:29:46:
07:4e:69:61:84:05:9b:fd:55:9a:ac:a5:92:0e:98:
59:78:e1:f3:b2:01:67:1e:08:23:1e:38:dc:b3:0f:
3b:7b:90:6d:3e:31:47:18:c8:0b:61:e6:90:11:3b:
93:06:38:70:90:68:06:f9:e3:84:94:70:0f:d4:bd:
83:73:8f:b9:67:3e:16:2b:3f:04:41:21:7f:a0:bd:
d3:ea:2e:2f:42:f9:22:ee:68:21:b6:38:60:0d:85:
a0:1e:52:b2:05:1f:9e:b3:02:db:2c:43:f1:ec:79:
54:7e:28:db:4f:c5:f4:05:2e:43:07:89:ff:19:e3:
00:49:19:63:3a:2c:3d:e6:ed:c1:95:47:37:3d:85:
92:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:50:1E:75:0F:AC:D7:20:87:74:8B:57:76:1A:01:B2:B7:91:55:2C
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/blAedQ-s1yCHdItXdhoBsreRVSw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.239.0/24
80.242.53.0/24
84.252.71.0/24
130.193.26.0/24
146.19.87.0/24
146.19.129.0/24
186.243.134.0-186.243.140.255
186.243.146.0/24
186.243.148.0/24
186.243.152.0-186.243.154.255
186.243.156.0-186.243.169.255
186.243.171.0-186.243.174.255
186.243.183.0-186.243.184.255
186.243.187.0-186.243.188.255
186.243.190.0/24
186.243.193.0/24
186.243.195.0-186.243.197.255
186.243.199.0-186.243.200.255
186.243.210.0-186.243.213.255
186.243.215.0-186.243.227.255
186.243.229.0-186.243.232.255
186.243.236.0/24
186.243.238.0/24
186.243.243.0-186.243.248.255
186.246.59.0/24
186.246.61.0-186.246.71.255
186.246.73.0/24
186.246.78.0/23
186.246.81.0-186.246.99.255
186.246.101.0-186.246.102.255
186.246.105.0-186.246.106.255
186.246.112.0-186.246.122.255
193.176.20.0/24
193.176.22.0/24
193.201.9.0/24
194.105.158.0/23
194.156.126.0/24
IPv6:
2a12:641::/32
Signature Algorithm: sha256WithRSAEncryption
86:06:dd:45:73:80:02:fb:15:b5:f1:6c:a9:c5:15:87:c8:41:
ce:b9:89:cf:6f:3a:03:ed:47:08:bf:28:79:a4:51:66:93:ef:
83:e0:1d:11:2c:bd:d2:47:50:03:d9:2b:f1:33:dd:01:c3:ed:
88:14:52:33:75:78:e7:c5:b7:f5:6e:36:b1:a2:56:ae:b7:d4:
da:9d:55:45:96:8c:b3:1a:45:e8:65:10:81:fe:fb:d0:4b:6d:
5d:c3:3b:a8:d4:f7:f4:1a:f6:41:6b:21:00:b7:29:23:62:12:
8b:c5:f1:b0:08:62:31:47:d6:46:2b:e0:a6:d2:34:46:a3:c0:
ea:24:1a:d2:f1:4b:3b:15:9a:07:f1:c2:17:40:df:96:ef:8d:
f4:cf:fa:19:73:47:98:ff:e2:c4:0f:82:2e:76:f1:bc:9b:f9:
b9:04:cf:ec:19:ec:e7:b3:44:cd:27:39:c9:e8:2a:3b:51:7a:
f3:1f:4c:e3:16:42:70:a2:0a:e5:09:60:27:55:2d:bb:26:b3:
31:c4:bd:69:d2:7b:31:09:1a:9b:47:aa:7a:27:3e:ed:37:7a:
de:89:e6:f0:3f:31:5b:56:8b:ca:0a:f2:ce:15:e8:e4:25:23:
fc:74:46:af:79:b6:49:38:a3:c4:63:c2:4a:77:48:14:14:83:
b0:26:3d:64
-----BEGIN CERTIFICATE-----
MIIGdjCCBV6gAwIBAgISAZ3UG0J3aBF61AvwVeoU1VH4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjYwNDI4MTI0MDQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTUwMWU3NTBmYWNkNzIwODc3NDhiNTc3NjFhMDFiMmI3OTE1NTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3mKLHS22MyY5zDm1/eikSap8TJwB
8XbZ7C1BIfW0iuh7ALUNBIeVRWyFpbbHqEnAMefZX4ozkrf1FazrQRz2JnCnng2n
+GVb+LLtBEc8/LlmpbkzkAv5Z3TIS/JrENzT4NEPJwRcQHbpJvmUcHtdHC7fOdJs
KUYHTmlhhAWb/VWarKWSDphZeOHzsgFnHggjHjjcsw87e5BtPjFHGMgLYeaQETuT
BjhwkGgG+eOElHAP1L2Dc4+5Zz4WKz8EQSF/oL3T6i4vQvki7mghtjhgDYWgHlKy
BR+eswLbLEPx7HlUfijbT8X0BS5DB4n/GeMASRljOiw95u3BlUc3PYWSvQIDAQAB
o4IDgjCCA34wHQYDVR0OBBYEFG5QHnUPrNcgh3SLV3YaAbK3kVUsMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvYmxBZWRRLXMxeUNIZEl0WGRob0JzcmVSVlN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBlgYIKwYBBQUHAQcBAf8EggGFMIIBgTCCAW4EAgABMIIB
ZgMEAC1b7wMEAFDyNQMEAFT8RwMEAILBGgMEAJITVwMEAJITgTAMAwQBuvOGAwQA
uvOMAwQAuvOSAwQAuvOUMAwDBAO685gDBAC685owDAMEArrznAMEAbrzqDAMAwQA
uvOrAwQAuvOuMAwDBAC687cDBAC687gwDAMEALrzuwMEALrzvAMEALrzvgMEALrz
wTAMAwQAuvPDAwQBuvPEMAwDBAC688cDBAC688gwDAMEAbrz0gMEAbrz1DAMAwQA
uvPXAwQCuvPgMAwDBAC68+UDBAC68+gDBAC68+wDBAC68+4wDAMEALrz8wMEALrz
+AMEALr2OzAMAwQAuvY9AwQDuvZAAwQAuvZJAwQBuvZOMAwDBAC69lEDBAK69mAw
DAMEALr2ZQMEALr2ZjAMAwQAuvZpAwQAuvZqMAwDBAS69nADBAC69noDBADBsBQD
BADBsBYDBADByQkDBAHCaZ4DBADCnH4wDQQCAAIwBwMFACoSBkEwDQYJKoZIhvcN
AQELBQADggEBAIYG3UVzgAL7FbXxbKnFFYfIQc65ic9vOgPtRwi/KHmkUWaT74Pg
HREsvdJHUAPZK/Ez3QHD7YgUUjN1eOfFt/VuNrGiVq631NqdVUWWjLMaRehlEIH+
+9BLbV3DO6jU9/Qa9kFrIQC3KSNiEovF8bAIYjFH1kYr4KbSNEajwOokGtLxSzsV
mgfxwhdA35bvjfTP+hlzR5j/4sQPgi528byb+bkEz+wZ7OezRM0nOcnoKjtRevMf
TOMWQnCiCuUJYCdVLbsmszHEvWnSezEJGptHqnonPu03et6J5vA/MVtWi8oK8s4V
6OQlI/x0Rq95tkk4o8Rjwkp3SBQUg7AmPWQ=
-----END CERTIFICATE-----
Generated at Tue May 12 22:17:04 2026 by rpki-client