Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/2tSMN_pYPToDr9I5ka7QuhM6K8c.roa
File: 2tSMN_pYPToDr9I5ka7QuhM6K8c.roa (raw, json)
Hash identifier: EKsO7v439UBdRALGntRf+KdOY/pezXTdYABa+aa0lNw=
Subject key identifier: DA:D4:8C:37:FA:58:3D:3A:03:AF:D2:39:91:AE:D0:BA:13:3A:2B:C7
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 019CD201240440BF8A354ECA107316586E91
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/2tSMN_pYPToDr9I5ka7QuhM6K8c.roa
Signing time: Mon 09 Mar 2026 09:50:15 +0000
ROA not before: Mon 09 Mar 2026 09:50:15 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 57169
IP address blocks: 5.180.114.0/24 maxlen: 24
5.187.33.0/24 maxlen: 24
37.235.48.0/20 maxlen: 20
37.235.48.0/24 maxlen: 24
37.235.50.0/23 maxlen: 23
37.235.50.0/24 maxlen: 24
37.235.52.0/24 maxlen: 24
37.235.56.0/24 maxlen: 24
37.235.57.0/24 maxlen: 24
37.235.58.0/24 maxlen: 24
37.235.59.0/24 maxlen: 24
37.235.60.0/24 maxlen: 24
37.235.61.0/24 maxlen: 24
37.235.62.0/24 maxlen: 24
37.235.63.0/24 maxlen: 24
45.153.125.0/24 maxlen: 24
46.183.187.0/24 maxlen: 24
83.172.134.0/24 maxlen: 24
83.172.135.0/24 maxlen: 24
83.172.150.0/24 maxlen: 24
83.172.151.0/24 maxlen: 24
83.172.153.0/24 maxlen: 24
83.172.169.0/24 maxlen: 24
83.243.120.0/24 maxlen: 24
83.243.122.0/24 maxlen: 24
83.243.123.0/24 maxlen: 24
84.247.61.0/24 maxlen: 24
86.106.119.0/24 maxlen: 24
89.31.123.0/24 maxlen: 24
89.40.105.0/24 maxlen: 24
89.46.235.0/24 maxlen: 24
89.46.238.0/24 maxlen: 24
91.132.94.0/24 maxlen: 24
91.227.204.0/23 maxlen: 23
91.227.204.0/24 maxlen: 24
91.227.205.0/24 maxlen: 24
92.243.64.0/24 maxlen: 24
92.243.66.0/24 maxlen: 24
95.156.204.0/24 maxlen: 24
95.156.205.0/24 maxlen: 24
103.57.249.0/24 maxlen: 24
103.57.250.0/24 maxlen: 24
134.255.210.0/24 maxlen: 24
149.154.152.0/24 maxlen: 24
149.154.153.0/24 maxlen: 24
149.154.154.0/24 maxlen: 24
149.154.155.0/24 maxlen: 24
149.154.156.0/24 maxlen: 24
151.236.0.0/19 maxlen: 19
151.236.0.0/24 maxlen: 24
151.236.1.0/24 maxlen: 24
151.236.2.0/24 maxlen: 24
151.236.3.0/24 maxlen: 24
151.236.4.0/24 maxlen: 24
151.236.5.0/24 maxlen: 24
151.236.6.0/24 maxlen: 24
151.236.7.0/24 maxlen: 24
151.236.8.0/24 maxlen: 24
151.236.9.0/24 maxlen: 24
151.236.10.0/24 maxlen: 24
151.236.11.0/24 maxlen: 24
151.236.12.0/24 maxlen: 24
151.236.13.0/24 maxlen: 24
151.236.14.0/24 maxlen: 24
151.236.16.0/24 maxlen: 24
151.236.20.0/24 maxlen: 24
151.236.25.0/24 maxlen: 24
151.236.26.0/23 maxlen: 23
151.236.28.0/24 maxlen: 24
151.236.30.0/24 maxlen: 24
158.255.209.0/24 maxlen: 24
158.255.210.0/24 maxlen: 24
158.255.211.0/24 maxlen: 24
158.255.212.0/24 maxlen: 24
176.126.99.0/24 maxlen: 24
185.26.236.0/24 maxlen: 24
185.26.237.0/24 maxlen: 24
185.26.238.0/24 maxlen: 24
185.76.79.0/24 maxlen: 24
185.122.184.0/24 maxlen: 24
185.193.48.0/24 maxlen: 24
185.193.51.0/24 maxlen: 24
185.195.65.0/24 maxlen: 24
188.190.1.0/24 maxlen: 24
188.190.3.0/24 maxlen: 24
188.190.6.0/24 maxlen: 24
188.190.7.0/24 maxlen: 24
188.190.8.0/24 maxlen: 24
188.190.9.0/24 maxlen: 24
188.190.10.0/24 maxlen: 24
188.190.11.0/24 maxlen: 24
188.190.14.0/24 maxlen: 24
188.190.15.0/24 maxlen: 24
188.190.16.0/24 maxlen: 24
188.190.17.0/24 maxlen: 24
188.190.19.0/24 maxlen: 24
188.190.20.0/24 maxlen: 24
188.190.21.0/24 maxlen: 24
188.190.22.0/24 maxlen: 24
188.190.26.0/24 maxlen: 24
188.190.27.0/24 maxlen: 24
188.190.28.0/24 maxlen: 24
188.190.29.0/24 maxlen: 24
188.211.166.0/24 maxlen: 24
188.214.33.0/24 maxlen: 24
188.214.34.0/24 maxlen: 24
188.214.38.0/24 maxlen: 24
188.214.39.0/24 maxlen: 24
193.3.55.0/24 maxlen: 24
213.111.177.0/24 maxlen: 24
213.111.180.0/24 maxlen: 24
213.111.182.0/24 maxlen: 24
213.111.183.0/24 maxlen: 24
213.111.184.0/24 maxlen: 24
213.111.186.0/24 maxlen: 24
213.111.187.0/24 maxlen: 24
213.111.188.0/24 maxlen: 24
213.111.191.0/24 maxlen: 24
213.183.54.0/24 maxlen: 24
213.183.55.0/24 maxlen: 24
213.183.56.0/24 maxlen: 24
213.183.57.0/24 maxlen: 24
2a03:f80:7::/48 maxlen: 48
2a03:f80:31::/48 maxlen: 48
2a03:f80:32::/48 maxlen: 48
2a03:f80:48::/48 maxlen: 48
2a03:f80:56::/48 maxlen: 48
2a03:f80:57::/48 maxlen: 48
2a03:f80:61::/48 maxlen: 48
2a03:f80:70::/48 maxlen: 48
2a03:f80:354::/48 maxlen: 48
2a03:f80:357::/48 maxlen: 48
2a03:f80:358::/48 maxlen: 48
2a03:f80:359::/48 maxlen: 48
2a03:f80:370::/48 maxlen: 48
2a03:f80:371::/48 maxlen: 48
2a03:f80:491::/48 maxlen: 48
2a03:f80:3991::/48 maxlen: 48
2a03:f80:ad15::/48 maxlen: 48
2a03:f80:ed15::/48 maxlen: 48
2a03:f80:ed16::/48 maxlen: 48
2a03:f80:ed17::/48 maxlen: 48
2a03:f80:ed31::/48 maxlen: 48
2a03:f80:ed51::/48 maxlen: 48
2a03:f80:ed91::/48 maxlen: 48
2a03:f82:abcd::/48 maxlen: 48
2a03:f82:abcd:43::/64 maxlen: 64
2a03:f87:ffff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.mft
rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 13 Mar 2026 09:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:d2:01:24:04:40:bf:8a:35:4e:ca:10:73:16:58:6e:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Mar 9 09:50:15 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=dad48c37fa583d3a03afd23991aed0ba133a2bc7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:c0:f0:66:ef:2a:c3:50:5a:d8:44:32:3f:26:
eb:ef:38:6b:01:28:43:62:bf:19:e5:71:d4:f6:bb:
ee:b3:39:58:77:92:7a:e8:e5:28:ae:6c:f0:bd:e8:
aa:cc:29:a4:a4:80:2b:ee:61:1b:9c:1a:fe:7e:c0:
d1:f6:8a:88:5d:c0:13:1f:07:09:65:08:32:3e:01:
31:53:77:4c:a4:5d:c9:be:49:d7:9c:e2:bc:c5:dc:
43:3d:01:69:cb:6d:0c:79:bc:f3:97:29:40:d3:34:
e5:a4:f6:d8:ad:2d:33:c8:9f:c0:9d:1c:55:b6:5c:
5f:f5:c8:64:07:b3:a9:e5:4a:8b:4d:85:19:42:4d:
59:83:8d:e7:46:fe:92:fa:6d:01:01:82:f8:b5:87:
4f:27:7d:4a:de:61:cd:77:16:4f:40:71:8a:38:57:
2e:a8:6d:64:58:be:cb:fa:e1:80:40:a5:f5:64:9a:
db:b9:d3:a5:5f:c9:93:eb:b5:8b:dd:52:4b:d1:36:
81:79:f8:f2:68:b8:3f:3d:86:30:d3:3f:49:35:f3:
fa:0c:cc:22:bb:fe:48:91:8f:36:47:ac:c1:30:cd:
8c:94:3d:60:85:f6:ff:08:0c:d1:f1:e2:35:83:12:
5d:47:7b:22:0c:32:66:be:a2:18:aa:42:04:70:0d:
80:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:D4:8C:37:FA:58:3D:3A:03:AF:D2:39:91:AE:D0:BA:13:3A:2B:C7
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/2tSMN_pYPToDr9I5ka7QuhM6K8c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.114.0/24
5.187.33.0/24
37.235.48.0/20
45.153.125.0/24
46.183.187.0/24
83.172.134.0/23
83.172.150.0/23
83.172.153.0/24
83.172.169.0/24
83.243.120.0/24
83.243.122.0/23
84.247.61.0/24
86.106.119.0/24
89.31.123.0/24
89.40.105.0/24
89.46.235.0/24
89.46.238.0/24
91.132.94.0/24
91.227.204.0/23
92.243.64.0/24
92.243.66.0/24
95.156.204.0/23
103.57.249.0-103.57.250.255
134.255.210.0/24
149.154.152.0-149.154.156.255
151.236.0.0/19
158.255.209.0-158.255.212.255
176.126.99.0/24
185.26.236.0-185.26.238.255
185.76.79.0/24
185.122.184.0/24
185.193.48.0/24
185.193.51.0/24
185.195.65.0/24
188.190.1.0/24
188.190.3.0/24
188.190.6.0-188.190.11.255
188.190.14.0-188.190.17.255
188.190.19.0-188.190.22.255
188.190.26.0-188.190.29.255
188.211.166.0/24
188.214.33.0-188.214.34.255
188.214.38.0/23
193.3.55.0/24
213.111.177.0/24
213.111.180.0/24
213.111.182.0-213.111.184.255
213.111.186.0-213.111.188.255
213.111.191.0/24
213.183.54.0-213.183.57.255
IPv6:
2a03:f80:7::/48
2a03:f80:31::-2a03:f80:32:ffff:ffff:ffff:ffff:ffff
2a03:f80:48::/48
2a03:f80:56::/47
2a03:f80:61::/48
2a03:f80:70::/48
2a03:f80:354::/48
2a03:f80:357::-2a03:f80:359:ffff:ffff:ffff:ffff:ffff
2a03:f80:370::/47
2a03:f80:491::/48
2a03:f80:3991::/48
2a03:f80:ad15::/48
2a03:f80:ed15::-2a03:f80:ed17:ffff:ffff:ffff:ffff:ffff
2a03:f80:ed31::/48
2a03:f80:ed51::/48
2a03:f80:ed91::/48
2a03:f82:abcd::/48
2a03:f87:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
93:99:82:32:a9:36:75:60:af:9a:49:3b:ea:4b:9d:5c:1d:ac:
b1:6f:c6:59:4b:30:7f:71:cc:68:af:21:e5:0b:ea:7d:22:10:
28:bc:8f:2e:f2:f7:5b:e5:f3:4e:4f:12:80:3d:d9:92:c0:77:
85:b1:64:d0:9c:5a:bb:c8:65:7b:3b:79:d9:f9:d3:af:96:b9:
1a:58:57:58:de:4e:0b:01:3e:bc:47:c2:b6:d0:2f:ad:ff:c6:
ee:1c:ac:f2:12:06:e5:a3:83:f6:63:fc:f8:b4:4d:17:d4:a2:
30:db:6d:7c:d2:e5:72:9b:a5:c1:42:8f:00:23:75:a3:c5:4c:
1a:54:bd:03:e9:a7:5d:cf:66:93:52:5f:15:6a:b2:3b:53:e6:
e0:68:5f:64:11:5c:26:db:18:f8:d6:2f:19:1e:06:34:4f:84:
2f:21:b2:46:fc:b1:0a:37:ba:ff:15:79:07:92:4c:1e:b8:cb:
3a:bc:11:83:39:cb:3b:f8:0f:56:f6:20:cf:c7:9c:af:cf:66:
0d:9b:71:1f:8c:23:57:5a:99:02:f1:87:a6:6d:69:0e:fa:79:
41:0d:61:b2:73:4f:c2:5f:83:21:93:2e:2f:d0:b0:d4:2e:9b:
6c:49:33:da:29:31:9a:be:fd:10:ff:5e:74:c9:1e:39:0e:7a:
a2:6d:7a:9b
-----BEGIN CERTIFICATE-----
MIIHWjCCBkKgAwIBAgISAZzSASQEQL+KNU7KEHMWWG6RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjYwMzA5MDk1MDE1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWQ0OGMzN2ZhNTgzZDNhMDNhZmQyMzk5MWFlZDBiYTEzM2EyYmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3sDwZu8qw1Ba2EQyPybr7zhrAShD
Yr8Z5XHU9rvuszlYd5J66OUormzwveiqzCmkpIAr7mEbnBr+fsDR9oqIXcATHwcJ
ZQgyPgExU3dMpF3JvknXnOK8xdxDPQFpy20MebzzlylA0zTlpPbYrS0zyJ/AnRxV
tlxf9chkB7Op5UqLTYUZQk1Zg43nRv6S+m0BAYL4tYdPJ31K3mHNdxZPQHGKOFcu
qG1kWL7L+uGAQKX1ZJrbudOlX8mT67WL3VJL0TaBefjyaLg/PYYw0z9JNfP6DMwi
u/5IkY82R6zBMM2MlD1ghfb/CAzR8eI1gxJdR3siDDJmvqIYqkIEcA2AowIDAQAB
o4IEZjCCBGIwHQYDVR0OBBYEFNrUjDf6WD06A6/SOZGu0LoTOivHMB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvMnRTTU5fcFlQVG9EcjlJNWthN1F1aE02SzhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICegYIKwYBBQUHAQcBAf8EggJpMIICZTCCAZQEAgABMIIB
jAMEAAW0cgMEAAW7IQMEBCXrMAMEAC2ZfQMEAC63uwMEAVOshgMEAVOslgMEAFOs
mQMEAFOsqQMEAFPzeAMEAVPzegMEAFT3PQMEAFZqdwMEAFkfewMEAFkoaQMEAFku
6wMEAFku7gMEAFuEXgMEAVvjzAMEAFzzQAMEAFzzQgMEAV+czDAMAwQAZzn5AwQA
Zzn6AwQAhv/SMAwDBAOVmpgDBACVmpwDBAWX7AAwDAMEAJ7/0QMEAJ7/1AMEALB+
YzAMAwQCuRrsAwQAuRruAwQAuUxPAwQAuXq4AwQAucEwAwQAucEzAwQAucNBAwQA
vL4BAwQAvL4DMAwDBAG8vgYDBAK8vggwDAMEAby+DgMEAby+EDAMAwQAvL4TAwQA
vL4WMAwDBAG8vhoDBAG8vhwDBAC806YwDAMEALzWIQMEALzWIgMEAbzWJgMEAMED
NwMEANVvsQMEANVvtDAMAwQB1W+2AwQA1W+4MAwDBAHVb7oDBADVb7wDBADVb78w
DAMEAdW3NgMEAdW3ODCBygQCAAIwgcMDBwAqAw+AAAcwEgMHACoDD4AAMQMHACoD
D4AAMgMHACoDD4AASAMHASoDD4AAVgMHACoDD4AAYQMHACoDD4AAcAMHACoDD4AD
VDASAwcAKgMPgANXAwcBKgMPgANYAwcBKgMPgANwAwcAKgMPgASRAwcAKgMPgDmR
AwcAKgMPgK0VMBIDBwAqAw+A7RUDBwMqAw+A7RADBwAqAw+A7TEDBwAqAw+A7VED
BwAqAw+A7ZEDBwAqAw+Cq80DBwAqAw+H//8wDQYJKoZIhvcNAQELBQADggEBAJOZ
gjKpNnVgr5pJO+pLnVwdrLFvxllLMH9xzGivIeUL6n0iECi8jy7y91vl805PEoA9
2ZLAd4WxZNCcWrvIZXs7edn506+WuRpYV1jeTgsBPrxHwrbQL63/xu4crPISBuWj
g/Zj/Pi0TRfUojDbbXzS5XKbpcFCjwAjdaPFTBpUvQPpp13PZpNSXxVqsjtT5uBo
X2QRXCbbGPjWLxkeBjRPhC8hskb8sQo3uv8VeQeSTB64yzq8EYM5yzv4D1b2IM/H
nK/PZg2bcR+MI1damQLxh6ZtaQ76eUENYbJzT8JfgyGTLi/QsNQum2xJM9opMZq+
/RD/XnTJHjkOeqJteps=
-----END CERTIFICATE-----
Generated at Thu Mar 12 18:36:20 2026 by rpki-client