Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/VmXaJLaif-3uLilnOIsVwESzQEg.roa
File: VmXaJLaif-3uLilnOIsVwESzQEg.roa (raw, json)
Hash identifier: dlsptZYZ8SR+jLuFtD+wpyAmXTj9IQgJyOvPBjieB3s=
Subject key identifier: 56:65:DA:24:B6:A2:7F:ED:EE:2E:29:67:38:8B:15:C0:44:B3:40:48
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019D249F174B16A3D4FD8E2AB8F82D817298
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/VmXaJLaif-3uLilnOIsVwESzQEg.roa
Signing time: Wed 25 Mar 2026 10:51:39 +0000
ROA not before: Wed 25 Mar 2026 10:51:39 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 30633
IP address blocks: 45.128.77.0/24 maxlen: 24
45.129.127.0/24 maxlen: 24
45.135.37.0/24 maxlen: 24
80.253.250.0/24 maxlen: 24
103.139.50.0/24 maxlen: 24
193.5.125.0/24 maxlen: 24
193.27.23.0/24 maxlen: 24
193.164.199.0/24 maxlen: 24
2a06:1184:33::/48 maxlen: 48
2a06:35c2::/32 maxlen: 32
2a0a:2d06:33::/48 maxlen: 48
2a0a:2d06:55::/48 maxlen: 48
2a0c:7886:33::/48 maxlen: 48
2a0e:f201::/32 maxlen: 32
2a0e:f201:1::/48 maxlen: 48
2a0f:1e00:123::/48 maxlen: 48
2a0f:1e00:456::/48 maxlen: 48
2a0f:1e00:987::/48 maxlen: 48
2a0f:1e00:abc::/48 maxlen: 48
2a0f:1e00:def9::/48 maxlen: 48
2a0f:1e01:1::/48 maxlen: 48
2a0f:1e81:2::/48 maxlen: 48
2a0f:1e81:1293::/48 maxlen: 48
2a0f:1e81:4319::/48 maxlen: 48
2a0f:1e81:92e8::/48 maxlen: 48
2a0f:1e81:a3d0::/48 maxlen: 48
2a0f:1e81:cdae::/48 maxlen: 48
2a0f:2d81::/32 maxlen: 32
2a0f:2e80::/29 maxlen: 29
2a0f:3046:320::/48 maxlen: 48
2a0f:3d84::/32 maxlen: 32
2a0f:7d02:1::/48 maxlen: 48
2a0f:e1c6::/32 maxlen: 32
2a10:32c0::/29 maxlen: 29
2a10:32c0::/32 maxlen: 32
2a10:32c1::/32 maxlen: 32
2a10:32c2::/32 maxlen: 32
2a10:32c4::/32 maxlen: 32
2a10:32c5::/32 maxlen: 32
2a10:32c6::/32 maxlen: 32
2a10:32c7::/32 maxlen: 32
2a10:35c0::/29 maxlen: 29
2a10:35c0::/32 maxlen: 32
2a10:35c1::/32 maxlen: 32
2a10:35c2::/32 maxlen: 32
2a10:35c3::/32 maxlen: 32
2a10:35c4::/32 maxlen: 32
2a10:35c5::/32 maxlen: 32
2a10:35c6::/32 maxlen: 32
2a10:35c7::/32 maxlen: 32
2a10:6d40::/29 maxlen: 29
2a11:fd80::/29 maxlen: 29
2a12:ac40::/32 maxlen: 32
2a12:ac41::/32 maxlen: 32
2a12:f540::/29 maxlen: 29
2a13:18c0:1::/48 maxlen: 48
2a13:18c6:55::/48 maxlen: 48
2a13:8c82:3::/48 maxlen: 48
2a13:e101:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 22:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:24:9f:17:4b:16:a3:d4:fd:8e:2a:b8:f8:2d:81:72:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Mar 25 10:51:39 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5665da24b6a27fedee2e2967388b15c044b34048
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:f6:a7:b3:41:5f:ce:e9:7e:68:15:ce:10:cd:
77:8b:00:86:0a:86:d4:e2:1a:b3:c7:cd:d5:d5:75:
2d:7b:78:70:01:34:6c:f3:ea:45:52:d2:d7:ae:43:
40:90:cc:3e:bb:95:89:e4:b0:fd:83:72:57:01:16:
c9:80:53:f1:06:50:07:fb:a6:aa:77:dd:e0:c2:b1:
5b:b3:6c:63:46:b2:39:19:a7:12:c5:7f:e4:cc:09:
36:de:1d:cd:e7:15:75:ba:8c:f6:48:73:ba:3e:9f:
33:34:11:a0:23:60:8a:10:1c:80:5a:5c:b5:fc:86:
87:2d:4d:36:ba:9e:c8:20:a0:a2:de:05:77:f7:38:
1c:71:f3:53:f0:e0:1e:4e:c4:b8:31:89:6c:f6:6a:
4c:cc:36:67:17:03:8f:4e:41:e1:53:15:32:68:57:
5d:17:d7:21:56:d0:05:72:ad:bc:18:9d:f1:e4:97:
4f:0e:a9:c0:6a:88:30:23:88:38:75:08:d5:49:ab:
a5:e3:da:bd:ff:67:ae:31:4c:48:72:39:86:85:3e:
f3:1b:a0:2c:5a:2f:e9:cf:43:31:f3:9c:f8:90:7d:
e6:ff:10:c4:cc:88:c0:2b:73:cd:86:f0:41:56:22:
95:ae:ac:74:6c:1b:5b:ab:00:41:fd:d1:69:e0:57:
fe:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:65:DA:24:B6:A2:7F:ED:EE:2E:29:67:38:8B:15:C0:44:B3:40:48
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/VmXaJLaif-3uLilnOIsVwESzQEg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.77.0/24
45.129.127.0/24
45.135.37.0/24
80.253.250.0/24
103.139.50.0/24
193.5.125.0/24
193.27.23.0/24
193.164.199.0/24
IPv6:
2a06:1184:33::/48
2a06:35c2::/32
2a0a:2d06:33::/48
2a0a:2d06:55::/48
2a0c:7886:33::/48
2a0e:f201::/32
2a0f:1e00:123::/48
2a0f:1e00:456::/48
2a0f:1e00:987::/48
2a0f:1e00:abc::/48
2a0f:1e00:def9::/48
2a0f:1e01:1::/48
2a0f:1e81:2::/48
2a0f:1e81:1293::/48
2a0f:1e81:4319::/48
2a0f:1e81:92e8::/48
2a0f:1e81:a3d0::/48
2a0f:1e81:cdae::/48
2a0f:2d81::/32
2a0f:2e80::/29
2a0f:3046:320::/48
2a0f:3d84::/32
2a0f:7d02:1::/48
2a0f:e1c6::/32
2a10:32c0::/29
2a10:35c0::/29
2a10:6d40::/29
2a11:fd80::/29
2a12:ac40::/31
2a12:f540::/29
2a13:18c0:1::/48
2a13:18c6:55::/48
2a13:8c82:3::/48
2a13:e101:2::/48
Signature Algorithm: sha256WithRSAEncryption
6b:43:85:e3:0e:90:34:24:3d:e5:6f:09:2b:99:3f:1a:1c:14:
a1:51:58:b1:a7:32:d3:a2:03:aa:9f:a7:25:e1:be:cd:3e:81:
52:09:c6:e7:48:c3:07:ad:b1:0e:ee:29:ef:f2:63:f9:57:8e:
c5:49:60:d7:c9:4e:50:38:ee:66:9b:e2:73:69:f2:c7:dd:fd:
b2:c0:77:a4:18:cc:8a:ba:d8:62:a7:a5:f0:98:7e:e2:c6:99:
59:2b:15:33:38:c4:7d:99:46:58:4b:2a:df:aa:6a:66:65:98:
cb:24:16:f1:0f:b2:d9:be:2d:c7:ab:fd:5d:68:cc:ae:9b:95:
4b:62:3a:84:93:67:aa:35:38:41:0c:1b:67:1e:03:aa:28:aa:
bb:1f:ca:80:04:61:74:d5:1e:1f:79:3e:a4:ea:01:88:cd:09:
bb:5a:ee:40:c2:20:07:fc:18:37:1d:c4:67:d4:b2:23:db:d6:
55:7a:80:78:9f:4f:78:38:49:85:a6:74:93:a1:11:d4:a2:5f:
84:2c:33:4f:4c:42:b3:75:16:5b:52:44:2f:90:06:fa:4b:2c:
9e:be:b4:c3:ff:7f:c4:09:93:50:83:75:16:13:83:bf:1c:7f:
68:64:ce:7a:44:06:8a:93:72:31:3e:fa:2b:86:23:a0:e2:b1:
80:86:f7:dd
-----BEGIN CERTIFICATE-----
MIIGUzCCBTugAwIBAgISAZ0knxdLFqPU/Y4quPgtgXKYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjYwMzI1MTA1MTM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjY1ZGEyNGI2YTI3ZmVkZWUyZTI5NjczODhiMTVjMDQ0YjM0MDQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4vans0Ffzul+aBXOEM13iwCGCobU
4hqzx83V1XUte3hwATRs8+pFUtLXrkNAkMw+u5WJ5LD9g3JXARbJgFPxBlAH+6aq
d93gwrFbs2xjRrI5GacSxX/kzAk23h3N5xV1uoz2SHO6Pp8zNBGgI2CKEByAWly1
/IaHLU02up7IIKCi3gV39zgccfNT8OAeTsS4MYls9mpMzDZnFwOPTkHhUxUyaFdd
F9chVtAFcq28GJ3x5JdPDqnAaogwI4g4dQjVSaul49q9/2euMUxIcjmGhT7zG6As
Wi/pz0Mx85z4kH3m/xDEzIjAK3PNhvBBViKVrqx0bBtbqwBB/dFp4Ff+/QIDAQAB
o4IDXzCCA1swHQYDVR0OBBYEFFZl2iS2on/t7i4pZziLFcBEs0BIMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvVm1YYUpMYWlmLTN1TGlsbk9Jc1Z3RVN6UUVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBcwYIKwYBBQUHAQcBAf8EggFiMIIBXjA2BAIAATAwAwQA
LYBNAwQALYF/AwQALYclAwQAUP36AwQAZ4syAwQAwQV9AwQAwRsXAwQAwaTHMIIB
IgQCAAIwggEaAwcAKgYRhAAzAwUAKgY1wgMHACoKLQYAMwMHACoKLQYAVQMHACoM
eIYAMwMFACoO8gEDBwAqDx4AASMDBwAqDx4ABFYDBwAqDx4ACYcDBwAqDx4ACrwD
BwAqDx4A3vkDBwAqDx4BAAEDBwAqDx6BAAIDBwAqDx6BEpMDBwAqDx6BQxkDBwAq
Dx6BkugDBwAqDx6Bo9ADBwAqDx6Bza4DBQAqDy2BAwUDKg8ugAMHACoPMEYDIAMF
ACoPPYQDBwAqD30CAAEDBQAqD+HGAwUDKhAywAMFAyoQNcADBQMqEG1AAwUDKhH9
gAMFASoSrEADBQMqEvVAAwcAKhMYwAABAwcAKhMYxgBVAwcAKhOMggADAwcAKhPh
AQACMA0GCSqGSIb3DQEBCwUAA4IBAQBrQ4XjDpA0JD3lbwkrmT8aHBShUVixpzLT
ogOqn6cl4b7NPoFSCcbnSMMHrbEO7inv8mP5V47FSWDXyU5QOO5mm+JzafLH3f2y
wHekGMyKuthip6XwmH7ixplZKxUzOMR9mUZYSyrfqmpmZZjLJBbxD7LZvi3Hq/1d
aMyum5VLYjqEk2eqNThBDBtnHgOqKKq7H8qABGF01R4feT6k6gGIzQm7Wu5AwiAH
/Bg3HcRn1LIj29ZVeoB4n094OEmFpnSToRHUol+ELDNPTEKzdRZbUkQvkAb6Syye
vrTD/3/ECZNQg3UWE4O/HH9oZM56RAaKk3IxPvorhiOg4rGAhvfd
-----END CERTIFICATE-----
Generated at Mon Mar 30 08:34:23 2026 by rpki-client