Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/3nZKntxT7-OAys_TgCkmEVZ7zWw.roa
File: 3nZKntxT7-OAys_TgCkmEVZ7zWw.roa (raw, json)
Hash identifier: 1EEWJpkmVgjXCqXH30ctiFe03+R6ffwPaIjQ4mWBd5k=
Subject key identifier: DE:76:4A:9E:DC:53:EF:E3:80:CA:CF:D3:80:29:26:11:56:7B:CD:6C
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 019D250EC8DB1816D78E8EB19C171B8BAF45
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/3nZKntxT7-OAys_TgCkmEVZ7zWw.roa
Signing time: Wed 25 Mar 2026 12:53:39 +0000
ROA not before: Wed 25 Mar 2026 12:53:39 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 57043
IP address blocks: 2.57.242.0/24 maxlen: 24
2.57.243.0/24 maxlen: 24
45.88.15.0/24 maxlen: 24
45.135.182.0/24 maxlen: 24
77.81.101.0/24 maxlen: 24
78.17.2.0/24 maxlen: 24
78.17.9.0/24 maxlen: 24
78.17.10.0/24 maxlen: 24
78.17.13.0/24 maxlen: 24
78.17.14.0/24 maxlen: 24
78.17.15.0/24 maxlen: 24
78.17.16.0/24 maxlen: 24
79.110.227.0/24 maxlen: 24
85.204.18.0/24 maxlen: 24
89.35.119.0/24 maxlen: 24
89.35.129.0/24 maxlen: 24
89.37.185.0/24 maxlen: 24
89.39.120.0/24 maxlen: 24
89.40.70.0/24 maxlen: 24
89.125.0.0/24 maxlen: 24
89.125.1.0/24 maxlen: 24
89.125.2.0/24 maxlen: 24
89.125.3.0/24 maxlen: 24
89.125.51.0/24 maxlen: 24
89.125.53.0/24 maxlen: 24
89.125.54.0/24 maxlen: 24
89.125.56.0/24 maxlen: 24
89.125.60.0/24 maxlen: 24
89.125.61.0/24 maxlen: 24
89.125.63.0/24 maxlen: 24
89.125.68.0/24 maxlen: 24
89.125.73.0/24 maxlen: 24
89.125.77.0/24 maxlen: 24
89.125.85.0/24 maxlen: 24
89.125.89.0/24 maxlen: 24
89.125.90.0/24 maxlen: 24
89.125.91.0/24 maxlen: 24
89.125.92.0/24 maxlen: 24
89.125.95.0/24 maxlen: 24
89.125.98.0/24 maxlen: 24
89.125.122.0/24 maxlen: 24
89.125.123.0/24 maxlen: 24
89.125.130.0/24 maxlen: 24
89.125.131.0/24 maxlen: 24
89.125.152.0/24 maxlen: 24
89.125.159.0/24 maxlen: 24
89.125.181.0/24 maxlen: 24
89.125.210.0/24 maxlen: 24
89.125.253.0/24 maxlen: 24
94.177.13.0/24 maxlen: 24
94.177.106.0/24 maxlen: 24
94.177.145.0/24 maxlen: 24
103.56.84.0/24 maxlen: 24
103.73.35.0/24 maxlen: 24
167.17.40.0/24 maxlen: 24
167.17.176.0/24 maxlen: 24
167.17.177.0/24 maxlen: 24
167.17.178.0/24 maxlen: 24
167.17.180.0/24 maxlen: 24
167.17.182.0/24 maxlen: 24
185.212.119.0/24 maxlen: 24
188.208.103.0/24 maxlen: 24
188.213.0.0/24 maxlen: 24
188.214.107.0/24 maxlen: 24
193.124.36.0/24 maxlen: 24
193.124.225.0/24 maxlen: 24
194.85.249.0/24 maxlen: 24
194.85.251.0/24 maxlen: 24
202.71.12.0/24 maxlen: 24
202.71.13.0/24 maxlen: 24
202.71.15.0/24 maxlen: 24
204.77.1.0/24 maxlen: 24
206.245.129.0/24 maxlen: 24
206.245.131.0/24 maxlen: 24
206.245.133.0/24 maxlen: 24
206.245.134.0/24 maxlen: 24
206.245.135.0/24 maxlen: 24
206.245.157.0/24 maxlen: 24
206.245.159.0/24 maxlen: 24
208.123.185.0/24 maxlen: 24
208.123.190.0/24 maxlen: 24
208.123.191.0/24 maxlen: 24
212.192.0.0/24 maxlen: 24
212.192.8.0/24 maxlen: 24
212.192.11.0/24 maxlen: 24
212.192.212.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.mft
rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 22:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:25:0e:c8:db:18:16:d7:8e:8e:b1:9c:17:1b:8b:af:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Mar 25 12:53:39 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=de764a9edc53efe380cacfd380292611567bcd6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:cd:9c:b4:84:6f:54:e3:c3:97:b9:a7:f3:d9:
4d:75:53:f5:45:18:40:ef:f7:2e:6f:81:77:d9:9b:
06:28:55:85:1e:09:59:24:36:b3:c5:be:27:2d:d9:
e8:5d:24:f2:ae:e3:31:22:09:f9:fb:d2:ab:ec:de:
41:71:93:b6:00:41:77:c8:4d:51:74:0f:a5:95:6e:
19:63:86:23:96:e6:a8:eb:75:7a:65:06:67:90:60:
66:b3:06:8e:48:e3:aa:8e:bf:d4:3f:a0:eb:77:67:
48:61:a7:01:47:5c:7d:5a:d9:58:cc:f7:fa:99:b8:
be:71:12:d7:6d:3c:12:c4:ce:47:bf:f3:09:50:44:
8c:81:6b:e3:f3:15:3c:45:25:9f:3a:16:14:76:14:
f5:8e:9a:80:4d:70:7f:e4:bf:10:dd:3d:95:70:6d:
5d:10:4a:ad:97:c4:68:8c:50:14:be:e4:fd:09:be:
28:34:49:00:9f:1e:8c:e5:27:5b:7b:6d:3c:4d:fa:
09:f7:31:73:bc:3b:f0:ed:0d:d9:4e:13:9d:9c:b6:
fb:2c:9c:dc:2e:31:5d:4e:ab:df:c2:a7:a1:bb:b1:
0f:6d:21:2c:3a:a9:c4:18:35:b7:17:4c:45:91:40:
a4:8e:3c:71:06:b0:af:ad:25:b3:c4:a0:d7:5e:17:
92:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:76:4A:9E:DC:53:EF:E3:80:CA:CF:D3:80:29:26:11:56:7B:CD:6C
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/3nZKntxT7-OAys_TgCkmEVZ7zWw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.242.0/23
45.88.15.0/24
45.135.182.0/24
77.81.101.0/24
78.17.2.0/24
78.17.9.0-78.17.10.255
78.17.13.0-78.17.16.255
79.110.227.0/24
85.204.18.0/24
89.35.119.0/24
89.35.129.0/24
89.37.185.0/24
89.39.120.0/24
89.40.70.0/24
89.125.0.0/22
89.125.51.0/24
89.125.53.0-89.125.54.255
89.125.56.0/24
89.125.60.0/23
89.125.63.0/24
89.125.68.0/24
89.125.73.0/24
89.125.77.0/24
89.125.85.0/24
89.125.89.0-89.125.92.255
89.125.95.0/24
89.125.98.0/24
89.125.122.0/23
89.125.130.0/23
89.125.152.0/24
89.125.159.0/24
89.125.181.0/24
89.125.210.0/24
89.125.253.0/24
94.177.13.0/24
94.177.106.0/24
94.177.145.0/24
103.56.84.0/24
103.73.35.0/24
167.17.40.0/24
167.17.176.0-167.17.178.255
167.17.180.0/24
167.17.182.0/24
185.212.119.0/24
188.208.103.0/24
188.213.0.0/24
188.214.107.0/24
193.124.36.0/24
193.124.225.0/24
194.85.249.0/24
194.85.251.0/24
202.71.12.0/23
202.71.15.0/24
204.77.1.0/24
206.245.129.0/24
206.245.131.0/24
206.245.133.0-206.245.135.255
206.245.157.0/24
206.245.159.0/24
208.123.185.0/24
208.123.190.0/23
212.192.0.0/24
212.192.8.0/24
212.192.11.0/24
212.192.212.0/24
Signature Algorithm: sha256WithRSAEncryption
15:a7:fd:e5:90:cd:6f:d4:b2:01:1a:d7:56:45:20:27:a0:0d:
8a:b9:54:84:32:18:6a:e0:33:73:81:14:82:7d:21:b3:52:c0:
6f:33:2d:6e:e9:da:25:d3:ac:a4:f6:94:c3:96:1b:41:0d:aa:
d4:21:76:ea:19:e0:ca:fd:46:0a:90:1b:0e:2d:a7:20:20:52:
17:b0:17:db:42:d0:a0:61:c8:7e:b6:47:64:a1:29:9d:50:96:
a5:16:90:bb:2f:04:bf:b5:79:8e:fd:2a:7a:ee:23:b9:24:2e:
f3:d1:b9:ea:c9:66:64:cb:4b:9b:e7:a3:1b:37:08:65:b6:9a:
d6:3a:45:96:c0:9e:b1:69:f3:60:b9:d5:87:96:fa:f5:e5:65:
eb:28:ca:d0:9a:0d:bc:71:81:ea:28:92:9e:e4:97:05:45:6d:
d9:06:67:1d:ad:41:a0:89:c2:48:1a:b6:3b:74:40:77:a5:d8:
42:52:c8:61:16:7a:b1:6f:08:60:7c:90:f9:f3:86:81:c0:53:
2e:6f:09:b3:8a:e9:cb:f9:6a:16:f3:17:f2:27:a0:1a:ff:e0:
f3:16:de:3d:9e:79:31:94:42:02:0e:8f:ea:ee:5b:6b:f1:87:
ec:b1:97:9f:df:73:a0:22:bc:1b:6d:ab:bc:6d:67:03:f3:83:
6f:fe:52:5a
-----BEGIN CERTIFICATE-----
MIIGtzCCBZ+gAwIBAgISAZ0lDsjbGBbXjo6xnBcbi69FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjYwMzI1MTI1MzM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTc2NGE5ZWRjNTNlZmUzODBjYWNmZDM4MDI5MjYxMTU2N2JjZDZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyM2ctIRvVOPDl7mn89lNdVP1RRhA
7/cub4F32ZsGKFWFHglZJDazxb4nLdnoXSTyruMxIgn5+9Kr7N5BcZO2AEF3yE1R
dA+llW4ZY4Yjluao63V6ZQZnkGBmswaOSOOqjr/UP6Drd2dIYacBR1x9WtlYzPf6
mbi+cRLXbTwSxM5Hv/MJUESMgWvj8xU8RSWfOhYUdhT1jpqATXB/5L8Q3T2VcG1d
EEqtl8RojFAUvuT9Cb4oNEkAnx6M5Sdbe208TfoJ9zFzvDvw7Q3ZThOdnLb7LJzc
LjFdTqvfwqehu7EPbSEsOqnEGDW3F0xFkUCkjjxxBrCvrSWzxKDXXheSRQIDAQAB
o4IDwzCCA78wHQYDVR0OBBYEFN52Sp7cU+/jgMrP04ApJhFWe81sMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvM25aS250eFQ3LU9BeXNfVGdDa21FVlo3eld3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIB1wYIKwYBBQUHAQcBAf8EggHGMIIBwjCCAb4EAgABMIIB
tgMEAQI58gMEAC1YDwMEAC2HtgMEAE1RZQMEAE4RAjAMAwQAThEJAwQAThEKMAwD
BABOEQ0DBABOERADBABPbuMDBABVzBIDBABZI3cDBABZI4EDBABZJbkDBABZJ3gD
BABZKEYDBAJZfQADBABZfTMwDAMEAFl9NQMEAFl9NgMEAFl9OAMEAVl9PAMEAFl9
PwMEAFl9RAMEAFl9SQMEAFl9TQMEAFl9VTAMAwQAWX1ZAwQAWX1cAwQAWX1fAwQA
WX1iAwQBWX16AwQBWX2CAwQAWX2YAwQAWX2fAwQAWX21AwQAWX3SAwQAWX39AwQA
XrENAwQAXrFqAwQAXrGRAwQAZzhUAwQAZ0kjAwQApxEoMAwDBASnEbADBACnEbID
BACnEbQDBACnEbYDBAC51HcDBAC80GcDBAC81QADBAC81msDBADBfCQDBADBfOED
BADCVfkDBADCVfsDBAHKRwwDBADKRw8DBADMTQEDBADO9YEDBADO9YMwDAMEAM71
hQMEA871gAMEAM71nQMEAM71nwMEANB7uQMEAdB7vgMEANTAAAMEANTACAMEANTA
CwMEANTA1DANBgkqhkiG9w0BAQsFAAOCAQEAFaf95ZDNb9SyARrXVkUgJ6ANirlU
hDIYauAzc4EUgn0hs1LAbzMtbunaJdOspPaUw5YbQQ2q1CF26hngyv1GCpAbDi2n
ICBSF7AX20LQoGHIfrZHZKEpnVCWpRaQuy8Ev7V5jv0qeu4juSQu89G56slmZMtL
m+ejGzcIZbaa1jpFlsCesWnzYLnVh5b69eVl6yjK0JoNvHGB6iiSnuSXBUVt2QZn
Ha1BoInCSBq2O3RAd6XYQlLIYRZ6sW8IYHyQ+fOGgcBTLm8Js4rpy/lqFvMX8ieg
Gv/g8xbePZ55MZRCAg6P6u5ba/GH7LGXn99zoCK8G22rvG1nA/ODb/5SWg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 06:36:13 2026 by rpki-client