Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/2ot9lpZ3vePOXqSoFDWH4G2r4R8.roa
File: 2ot9lpZ3vePOXqSoFDWH4G2r4R8.roa (raw, json)
Hash identifier: +5dqnOWGKPYGRBF9q6l1xX2NmOQXGw6umG2zQQqSr28=
Subject key identifier: DA:8B:7D:96:96:77:BD:E3:CE:5E:A4:A8:14:35:87:E0:6D:AB:E1:1F
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 019E1712522C669C7468DBC21C0B9AC0AC89
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/2ot9lpZ3vePOXqSoFDWH4G2r4R8.roa
Signing time: Mon 11 May 2026 12:45:37 +0000
ROA not before: Mon 11 May 2026 12:45:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 26383
IP address blocks: 45.144.172.0/24 maxlen: 24
45.144.174.0/24 maxlen: 24
77.81.101.0/24 maxlen: 24
86.107.50.0/24 maxlen: 24
86.107.100.0/24 maxlen: 24
89.37.185.0/24 maxlen: 24
89.125.58.0/24 maxlen: 24
89.125.70.0/24 maxlen: 24
89.125.71.0/24 maxlen: 24
89.125.76.0/24 maxlen: 24
89.125.82.0/23 maxlen: 23
89.125.88.0/24 maxlen: 24
89.125.95.0/24 maxlen: 24
89.125.98.0/24 maxlen: 24
89.125.104.0/24 maxlen: 24
89.125.105.0/24 maxlen: 24
89.125.106.0/24 maxlen: 24
89.125.107.0/24 maxlen: 24
89.125.131.0/24 maxlen: 24
89.125.137.0/24 maxlen: 24
89.125.138.0/24 maxlen: 24
89.125.139.0/24 maxlen: 24
89.125.144.0/22 maxlen: 22
89.125.151.0/24 maxlen: 24
89.125.152.0/24 maxlen: 24
89.125.189.0/24 maxlen: 24
89.125.200.0/24 maxlen: 24
89.125.201.0/24 maxlen: 24
89.125.202.0/24 maxlen: 24
89.125.203.0/24 maxlen: 24
89.125.213.0/24 maxlen: 24
89.125.243.0/24 maxlen: 24
89.125.244.0/24 maxlen: 24
89.125.248.0/24 maxlen: 24
92.114.54.0/24 maxlen: 24
93.113.171.0/24 maxlen: 24
93.115.106.0/24 maxlen: 24
93.119.154.0/24 maxlen: 24
93.119.195.0/24 maxlen: 24
94.177.13.0/24 maxlen: 24
103.56.84.0/24 maxlen: 24
167.17.178.0/24 maxlen: 24
167.17.179.0/24 maxlen: 24
167.17.180.0/24 maxlen: 24
167.17.181.0/24 maxlen: 24
167.17.183.0/24 maxlen: 24
167.17.184.0/24 maxlen: 24
167.17.185.0/24 maxlen: 24
167.17.186.0/24 maxlen: 24
167.17.187.0/24 maxlen: 24
167.17.188.0/24 maxlen: 24
167.17.189.0/24 maxlen: 24
167.17.190.0/24 maxlen: 24
185.72.8.0/24 maxlen: 24
185.141.219.0/24 maxlen: 24
185.193.102.0/24 maxlen: 24
185.198.235.0/24 maxlen: 24
188.64.142.0/24 maxlen: 24
188.212.121.0/24 maxlen: 24
193.124.49.0/24 maxlen: 24
194.58.34.0/24 maxlen: 24
194.58.44.0/24 maxlen: 24
194.58.45.0/24 maxlen: 24
194.58.46.0/24 maxlen: 24
195.88.89.0/24 maxlen: 24
195.133.192.0/24 maxlen: 24
195.133.193.0/24 maxlen: 24
202.71.15.0/24 maxlen: 24
204.77.0.0/24 maxlen: 24
204.77.2.0/24 maxlen: 24
204.77.3.0/24 maxlen: 24
206.245.128.0/24 maxlen: 24
206.245.130.0/24 maxlen: 24
206.245.131.0/24 maxlen: 24
206.245.133.0/24 maxlen: 24
206.245.134.0/24 maxlen: 24
206.245.157.0/24 maxlen: 24
212.192.6.0/24 maxlen: 24
212.192.12.0/24 maxlen: 24
212.192.13.0/24 maxlen: 24
212.192.15.0/24 maxlen: 24
212.192.20.0/24 maxlen: 24
212.192.21.0/24 maxlen: 24
212.192.23.0/24 maxlen: 24
212.192.214.0/24 maxlen: 24
212.192.215.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.mft
rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:17:12:52:2c:66:9c:74:68:db:c2:1c:0b:9a:c0:ac:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: May 11 12:45:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=da8b7d969677bde3ce5ea4a8143587e06dabe11f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:3b:cf:de:44:33:95:46:da:09:94:87:fe:f0:
7f:ca:5e:91:3c:c2:bc:5b:40:ac:fb:5a:0a:d8:16:
87:62:28:d7:83:71:3c:3f:5a:74:fd:1d:6a:da:9d:
b2:7b:80:e3:d9:f0:7e:57:16:1f:fb:8a:b0:9f:9b:
81:2f:41:08:20:1b:ef:df:b1:d6:33:5b:cd:f4:b2:
c1:6f:95:d1:60:a6:ba:93:48:d0:78:5d:76:07:b2:
91:59:ad:2c:26:a7:00:d1:2f:12:4c:e5:0b:b7:14:
66:e3:7d:e8:e7:3d:e4:fc:24:25:49:73:f0:c5:92:
cd:03:11:44:97:b0:16:c6:98:aa:0b:0e:35:94:21:
93:ba:4e:8f:cb:5a:21:d7:f9:ef:9e:b1:68:92:1e:
6b:8f:97:17:f7:70:95:42:47:60:17:73:a3:b5:39:
42:64:e8:c9:15:48:c0:94:d3:a2:b1:e9:0a:7f:ba:
9a:42:e4:c5:63:63:1b:ef:97:22:63:a6:35:aa:2d:
4f:ae:47:e3:25:ca:20:6b:36:b2:ad:88:66:87:4d:
5d:04:09:34:bb:bf:56:9a:2d:a8:d9:01:ff:dd:e6:
24:2e:09:6b:07:3e:90:99:3e:39:29:59:fe:85:d8:
04:13:f2:16:5b:44:1a:d4:e3:5e:2f:61:e0:a1:b0:
9f:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:8B:7D:96:96:77:BD:E3:CE:5E:A4:A8:14:35:87:E0:6D:AB:E1:1F
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/2ot9lpZ3vePOXqSoFDWH4G2r4R8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.172.0/24
45.144.174.0/24
77.81.101.0/24
86.107.50.0/24
86.107.100.0/24
89.37.185.0/24
89.125.58.0/24
89.125.70.0/23
89.125.76.0/24
89.125.82.0/23
89.125.88.0/24
89.125.95.0/24
89.125.98.0/24
89.125.104.0/22
89.125.131.0/24
89.125.137.0-89.125.139.255
89.125.144.0/22
89.125.151.0-89.125.152.255
89.125.189.0/24
89.125.200.0/22
89.125.213.0/24
89.125.243.0-89.125.244.255
89.125.248.0/24
92.114.54.0/24
93.113.171.0/24
93.115.106.0/24
93.119.154.0/24
93.119.195.0/24
94.177.13.0/24
103.56.84.0/24
167.17.178.0-167.17.181.255
167.17.183.0-167.17.190.255
185.72.8.0/24
185.141.219.0/24
185.193.102.0/24
185.198.235.0/24
188.64.142.0/24
188.212.121.0/24
193.124.49.0/24
194.58.34.0/24
194.58.44.0-194.58.46.255
195.88.89.0/24
195.133.192.0/23
202.71.15.0/24
204.77.0.0/24
204.77.2.0/23
206.245.128.0/24
206.245.130.0/23
206.245.133.0-206.245.134.255
206.245.157.0/24
212.192.6.0/24
212.192.12.0/23
212.192.15.0/24
212.192.20.0/23
212.192.23.0/24
212.192.214.0/23
Signature Algorithm: sha256WithRSAEncryption
44:91:cc:dc:67:b4:10:1f:03:08:73:c0:f9:c6:10:2f:3b:08:
9f:4f:b6:02:82:ae:47:b8:26:13:ea:18:13:56:4c:9a:b1:ea:
05:a3:67:18:a4:7d:4e:8b:46:33:cd:22:d8:90:2a:a0:69:d0:
99:88:34:69:c5:97:36:dc:e7:33:7d:76:ff:4d:5c:a4:a2:c8:
21:28:76:b3:e2:f7:5c:7d:86:d7:ce:03:de:b4:7c:76:5d:dc:
14:60:d5:eb:05:ec:05:3a:c5:93:12:0c:ae:fe:f1:e6:bc:bf:
87:db:9f:20:5f:0e:41:82:c4:71:45:0c:cc:7d:cf:3e:ad:74:
d7:f9:67:81:51:63:9e:10:7c:69:90:9c:a1:4c:17:7b:6f:33:
3d:cb:7b:59:0a:c9:e3:a8:ee:24:71:23:57:a9:28:ff:87:b3:
f2:dd:ba:f2:01:0f:af:26:4f:bc:b7:0f:7e:40:b5:29:9c:6f:
2f:71:d1:ea:fe:2e:6e:4f:4a:4c:57:97:47:e8:a2:16:f3:e3:
59:b2:9f:ea:63:96:d7:d8:68:80:ce:fe:4b:34:88:01:ea:6a:
eb:42:b5:99:24:84:27:8a:4a:a9:1b:d4:a0:d3:f4:75:e2:c4:
17:92:a1:c0:0b:c1:3b:fd:25:c8:22:da:61:d7:ee:05:50:01:
7d:e9:58:8c
-----BEGIN CERTIFICATE-----
MIIGiTCCBXGgAwIBAgISAZ4XElIsZpx0aNvCHAuawKyJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjYwNTExMTI0NTM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYThiN2Q5Njk2NzdiZGUzY2U1ZWE0YTgxNDM1ODdlMDZkYWJlMTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0zvP3kQzlUbaCZSH/vB/yl6RPMK8
W0Cs+1oK2BaHYijXg3E8P1p0/R1q2p2ye4Dj2fB+VxYf+4qwn5uBL0EIIBvv37HW
M1vN9LLBb5XRYKa6k0jQeF12B7KRWa0sJqcA0S8STOULtxRm433o5z3k/CQlSXPw
xZLNAxFEl7AWxpiqCw41lCGTuk6Py1oh1/nvnrFokh5rj5cX93CVQkdgF3OjtTlC
ZOjJFUjAlNOisekKf7qaQuTFY2Mb75ciY6Y1qi1PrkfjJcogazayrYhmh01dBAk0
u79Wmi2o2QH/3eYkLglrBz6QmT45KVn+hdgEE/IWW0Qa1ONeL2HgobCfowIDAQAB
o4IDlTCCA5EwHQYDVR0OBBYEFNqLfZaWd73jzl6kqBQ1h+Btq+EfMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvMm90OWxwWjN2ZVBPWHFTb0ZEV0g0RzJyNFI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBqQYIKwYBBQUHAQcBAf8EggGYMIIBlDCCAZAEAgABMIIB
iAMEAC2QrAMEAC2QrgMEAE1RZQMEAFZrMgMEAFZrZAMEAFkluQMEAFl9OgMEAVl9
RgMEAFl9TAMEAVl9UgMEAFl9WAMEAFl9XwMEAFl9YgMEAll9aAMEAFl9gzAMAwQA
WX2JAwQCWX2IAwQCWX2QMAwDBABZfZcDBABZfZgDBABZfb0DBAJZfcgDBABZfdUw
DAMEAFl98wMEAFl99AMEAFl9+AMEAFxyNgMEAF1xqwMEAF1zagMEAF13mgMEAF13
wwMEAF6xDQMEAGc4VDAMAwQBpxGyAwQBpxG0MAwDBACnEbcDBACnEb4DBAC5SAgD
BAC5jdsDBAC5wWYDBAC5xusDBAC8QI4DBAC81HkDBADBfDEDBADCOiIwDAMEAsI6
LAMEAMI6LgMEAMNYWQMEAcOFwAMEAMpHDwMEAMxNAAMEAcxNAgMEAM71gAMEAc71
gjAMAwQAzvWFAwQAzvWGAwQAzvWdAwQA1MAGAwQB1MAMAwQA1MAPAwQB1MAUAwQA
1MAXAwQB1MDWMA0GCSqGSIb3DQEBCwUAA4IBAQBEkczcZ7QQHwMIc8D5xhAvOwif
T7YCgq5HuCYT6hgTVkyaseoFo2cYpH1Oi0YzzSLYkCqgadCZiDRpxZc23OczfXb/
TVykosghKHaz4vdcfYbXzgPetHx2XdwUYNXrBewFOsWTEgyu/vHmvL+H258gXw5B
gsRxRQzMfc8+rXTX+WeBUWOeEHxpkJyhTBd7bzM9y3tZCsnjqO4kcSNXqSj/h7Py
3bryAQ+vJk+8tw9+QLUpnG8vcdHq/i5uT0pMV5dH6KIW8+NZsp/qY5bX2GiAzv5L
NIgB6mrrQrWZJIQnikqpG9Sg0/R14sQXkqHAC8E7/SXIItph1+4FUAF96ViM
-----END CERTIFICATE-----
Generated at Tue May 12 22:05:51 2026 by rpki-client