Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/KnN2zkdHjmQaD7x5CElHPspoNW0.roa
File: KnN2zkdHjmQaD7x5CElHPspoNW0.roa (raw, json)
Hash identifier: YY9J9uTJWtnjCqaW9e187OrYzd4TCnd3w4lfuDFMcU8=
Subject key identifier: 2A:73:76:CE:47:47:8E:64:1A:0F:BC:79:08:49:47:3E:CA:68:35:6D
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 019D0B04B194AB2D3B3941A4A3922C4EC8F0
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/KnN2zkdHjmQaD7x5CElHPspoNW0.roa
Signing time: Fri 20 Mar 2026 11:32:30 +0000
ROA not before: Fri 20 Mar 2026 11:32:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 26383
IP address blocks: 45.144.172.0/24 maxlen: 24
45.144.174.0/24 maxlen: 24
77.81.101.0/24 maxlen: 24
86.107.50.0/24 maxlen: 24
86.107.100.0/24 maxlen: 24
89.37.185.0/24 maxlen: 24
89.125.58.0/24 maxlen: 24
89.125.70.0/24 maxlen: 24
89.125.71.0/24 maxlen: 24
89.125.76.0/24 maxlen: 24
89.125.82.0/23 maxlen: 23
89.125.88.0/24 maxlen: 24
89.125.95.0/24 maxlen: 24
89.125.98.0/24 maxlen: 24
89.125.131.0/24 maxlen: 24
89.125.152.0/24 maxlen: 24
89.125.189.0/24 maxlen: 24
89.125.213.0/24 maxlen: 24
89.125.243.0/24 maxlen: 24
89.125.244.0/24 maxlen: 24
89.125.248.0/24 maxlen: 24
92.114.54.0/24 maxlen: 24
93.113.171.0/24 maxlen: 24
93.115.106.0/24 maxlen: 24
93.119.154.0/24 maxlen: 24
93.119.195.0/24 maxlen: 24
94.177.13.0/24 maxlen: 24
103.56.84.0/24 maxlen: 24
167.17.178.0/24 maxlen: 24
167.17.179.0/24 maxlen: 24
167.17.180.0/24 maxlen: 24
167.17.181.0/24 maxlen: 24
167.17.183.0/24 maxlen: 24
167.17.184.0/24 maxlen: 24
167.17.185.0/24 maxlen: 24
167.17.186.0/24 maxlen: 24
167.17.187.0/24 maxlen: 24
167.17.188.0/24 maxlen: 24
167.17.189.0/24 maxlen: 24
167.17.190.0/24 maxlen: 24
185.72.8.0/24 maxlen: 24
185.141.219.0/24 maxlen: 24
185.193.102.0/24 maxlen: 24
185.198.235.0/24 maxlen: 24
188.64.142.0/24 maxlen: 24
188.212.121.0/24 maxlen: 24
193.124.49.0/24 maxlen: 24
194.58.34.0/24 maxlen: 24
194.58.44.0/24 maxlen: 24
194.58.45.0/24 maxlen: 24
194.58.46.0/24 maxlen: 24
195.88.89.0/24 maxlen: 24
195.133.192.0/24 maxlen: 24
195.133.193.0/24 maxlen: 24
202.71.15.0/24 maxlen: 24
204.77.0.0/24 maxlen: 24
204.77.2.0/24 maxlen: 24
204.77.3.0/24 maxlen: 24
206.245.128.0/24 maxlen: 24
206.245.130.0/24 maxlen: 24
206.245.131.0/24 maxlen: 24
206.245.133.0/24 maxlen: 24
206.245.134.0/24 maxlen: 24
206.245.157.0/24 maxlen: 24
212.192.6.0/24 maxlen: 24
212.192.12.0/24 maxlen: 24
212.192.13.0/24 maxlen: 24
212.192.15.0/24 maxlen: 24
212.192.20.0/24 maxlen: 24
212.192.21.0/24 maxlen: 24
212.192.23.0/24 maxlen: 24
212.192.214.0/24 maxlen: 24
212.192.215.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.mft
rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 22:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:0b:04:b1:94:ab:2d:3b:39:41:a4:a3:92:2c:4e:c8:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Mar 20 11:32:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2a7376ce47478e641a0fbc790849473eca68356d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:eb:41:2f:e1:43:50:a4:b9:2a:f4:a0:3d:68:
8a:db:c1:bd:77:9a:93:c9:86:56:6d:a9:33:d9:0e:
44:68:e8:6a:43:d1:d5:28:af:13:f1:c7:9e:25:cd:
c9:fb:7e:fb:92:05:06:cb:69:2b:16:5c:49:3d:a8:
1a:da:1c:d5:26:f1:db:98:3b:09:4d:98:66:eb:bc:
61:24:23:97:3e:ff:f7:af:4c:e0:29:f1:95:0d:24:
15:7b:23:68:27:0b:ec:13:8e:b1:d6:e2:70:31:72:
d4:0e:14:d0:92:bb:b2:16:f7:14:42:e0:60:90:d4:
57:52:70:09:82:38:4c:b6:a2:bb:03:56:42:21:ea:
aa:6e:7e:76:c4:89:de:2e:ea:b8:3b:91:8b:6a:aa:
b7:01:8b:a3:41:70:5d:11:17:0e:74:ae:e1:8e:53:
1c:ae:10:31:7e:36:a9:6c:82:8e:92:4f:ba:53:54:
30:68:c6:b3:da:5b:0a:00:31:70:c1:d7:b0:7d:28:
b2:d4:84:a7:c4:cb:39:2b:e5:6c:bd:76:f6:f0:cc:
7d:57:7e:e5:7a:44:b7:a6:ae:fb:0b:4d:b6:d5:8b:
55:47:c3:43:47:c4:ec:91:02:fb:0a:7a:d1:85:2d:
f2:b6:c1:a7:c8:84:5e:f4:48:57:37:61:bf:08:d3:
bb:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:73:76:CE:47:47:8E:64:1A:0F:BC:79:08:49:47:3E:CA:68:35:6D
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/KnN2zkdHjmQaD7x5CElHPspoNW0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.172.0/24
45.144.174.0/24
77.81.101.0/24
86.107.50.0/24
86.107.100.0/24
89.37.185.0/24
89.125.58.0/24
89.125.70.0/23
89.125.76.0/24
89.125.82.0/23
89.125.88.0/24
89.125.95.0/24
89.125.98.0/24
89.125.131.0/24
89.125.152.0/24
89.125.189.0/24
89.125.213.0/24
89.125.243.0-89.125.244.255
89.125.248.0/24
92.114.54.0/24
93.113.171.0/24
93.115.106.0/24
93.119.154.0/24
93.119.195.0/24
94.177.13.0/24
103.56.84.0/24
167.17.178.0-167.17.181.255
167.17.183.0-167.17.190.255
185.72.8.0/24
185.141.219.0/24
185.193.102.0/24
185.198.235.0/24
188.64.142.0/24
188.212.121.0/24
193.124.49.0/24
194.58.34.0/24
194.58.44.0-194.58.46.255
195.88.89.0/24
195.133.192.0/23
202.71.15.0/24
204.77.0.0/24
204.77.2.0/23
206.245.128.0/24
206.245.130.0/23
206.245.133.0-206.245.134.255
206.245.157.0/24
212.192.6.0/24
212.192.12.0/23
212.192.15.0/24
212.192.20.0/23
212.192.23.0/24
212.192.214.0/23
Signature Algorithm: sha256WithRSAEncryption
5f:b0:dc:21:bc:b0:ba:7e:6f:77:41:2a:f8:1c:11:ca:52:88:
ef:2b:04:f5:6b:07:05:09:74:12:b3:2e:8e:d9:43:64:68:c3:
ee:e3:9e:69:90:f4:f1:52:53:11:cb:6e:cf:f7:e2:de:e7:14:
8e:db:ee:f3:43:c2:88:8a:0e:1a:a6:cb:43:4b:cd:70:76:c2:
19:20:50:b6:ae:10:60:4a:c1:1e:04:b3:85:89:e7:9b:a2:51:
e8:04:66:c4:76:97:02:19:70:28:1e:69:a6:c8:bc:c6:18:12:
d3:62:e8:36:ae:0c:df:ed:4e:61:01:04:8e:6a:67:cd:0d:c9:
95:f6:c3:a7:ef:ab:56:29:e8:2e:19:3e:63:c1:5a:11:2b:6a:
51:34:aa:0b:6e:a1:67:0c:9f:74:5f:cd:22:f7:c9:bc:9b:fc:
0b:4e:9d:87:f0:0d:00:a3:5a:da:bd:42:d5:c6:37:47:a9:6f:
d2:db:f6:85:13:db:00:63:41:4b:85:dc:e1:6e:ef:a9:ed:bc:
1b:ce:a6:eb:65:a2:46:f0:dd:2d:46:15:81:b9:13:cb:b1:af:
d6:75:fe:42:7d:94:5c:8c:f5:9d:35:d8:d4:1b:7b:af:a4:1a:
76:38:a8:f0:dc:ea:87:4d:41:ee:8c:e6:c7:34:05:26:35:9d:
ff:73:80:1f
-----BEGIN CERTIFICATE-----
MIIGYTCCBUmgAwIBAgISAZ0LBLGUqy07OUGko5IsTsjwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjYwMzIwMTEzMjMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTczNzZjZTQ3NDc4ZTY0MWEwZmJjNzkwODQ5NDczZWNhNjgzNTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhOtBL+FDUKS5KvSgPWiK28G9d5qT
yYZWbakz2Q5EaOhqQ9HVKK8T8ceeJc3J+377kgUGy2krFlxJPaga2hzVJvHbmDsJ
TZhm67xhJCOXPv/3r0zgKfGVDSQVeyNoJwvsE46x1uJwMXLUDhTQkruyFvcUQuBg
kNRXUnAJgjhMtqK7A1ZCIeqqbn52xIneLuq4O5GLaqq3AYujQXBdERcOdK7hjlMc
rhAxfjapbIKOkk+6U1QwaMaz2lsKADFwwdewfSiy1ISnxMs5K+VsvXb28Mx9V37l
ekS3pq77C0221YtVR8NDR8TskQL7CnrRhS3ytsGnyIRe9EhXN2G/CNO7/QIDAQAB
o4IDbTCCA2kwHQYDVR0OBBYEFCpzds5HR45kGg+8eQhJRz7KaDVtMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvS25OMnprZEhqbVFhRDd4NUNFbEhQc3BvTlcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBgQYIKwYBBQUHAQcBAf8EggFwMIIBbDCCAWgEAgABMIIB
YAMEAC2QrAMEAC2QrgMEAE1RZQMEAFZrMgMEAFZrZAMEAFkluQMEAFl9OgMEAVl9
RgMEAFl9TAMEAVl9UgMEAFl9WAMEAFl9XwMEAFl9YgMEAFl9gwMEAFl9mAMEAFl9
vQMEAFl91TAMAwQAWX3zAwQAWX30AwQAWX34AwQAXHI2AwQAXXGrAwQAXXNqAwQA
XXeaAwQAXXfDAwQAXrENAwQAZzhUMAwDBAGnEbIDBAGnEbQwDAMEAKcRtwMEAKcR
vgMEALlICAMEALmN2wMEALnBZgMEALnG6wMEALxAjgMEALzUeQMEAMF8MQMEAMI6
IjAMAwQCwjosAwQAwjouAwQAw1hZAwQBw4XAAwQAykcPAwQAzE0AAwQBzE0CAwQA
zvWAAwQBzvWCMAwDBADO9YUDBADO9YYDBADO9Z0DBADUwAYDBAHUwAwDBADUwA8D
BAHUwBQDBADUwBcDBAHUwNYwDQYJKoZIhvcNAQELBQADggEBAF+w3CG8sLp+b3dB
KvgcEcpSiO8rBPVrBwUJdBKzLo7ZQ2Row+7jnmmQ9PFSUxHLbs/34t7nFI7b7vND
woiKDhqmy0NLzXB2whkgULauEGBKwR4Es4WJ55uiUegEZsR2lwIZcCgeaabIvMYY
EtNi6DauDN/tTmEBBI5qZ80NyZX2w6fvq1Yp6C4ZPmPBWhEralE0qgtuoWcMn3Rf
zSL3ybyb/AtOnYfwDQCjWtq9QtXGN0epb9Lb9oUT2wBjQUuF3OFu76ntvBvOputl
okbw3S1GFYG5E8uxr9Z1/kJ9lFyM9Z012NQbe6+kGnY4qPDc6odNQe6M5sc0BSY1
nf9zgB8=
-----END CERTIFICATE-----
Generated at Thu Mar 26 06:36:50 2026 by rpki-client