Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/KtSsGqDyiNXljcfko-Qdh3twXnM.roa
File: KtSsGqDyiNXljcfko-Qdh3twXnM.roa (raw, json)
Hash identifier: oFkcSedtqafrbiUwiq/pr8QZEJ5u3BCwLx7q5bfVTp4=
Subject key identifier: 2A:D4:AC:1A:A0:F2:88:D5:E5:8D:C7:E4:A3:E4:1D:87:7B:70:5E:73
Certificate issuer: /CN=5b698c4b612afee2cbb1cdd509e4f0246fbb80e1
Certificate serial: 019DC9DDC2271ACA34401B74F432803F3379
Authority key identifier: 5B:69:8C:4B:61:2A:FE:E2:CB:B1:CD:D5:09:E4:F0:24:6F:BB:80:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/KtSsGqDyiNXljcfko-Qdh3twXnM.roa
Signing time: Sun 26 Apr 2026 12:57:26 +0000
ROA not before: Sun 26 Apr 2026 12:57:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 206065
IP address blocks: 31.25.104.0/21 maxlen: 24
31.217.208.0/21 maxlen: 24
37.19.80.0/20 maxlen: 24
37.114.192.0/18 maxlen: 24
37.114.204.0/23 maxlen: 23
37.114.225.0/24 maxlen: 24
37.114.246.0/23 maxlen: 23
37.114.252.0/24 maxlen: 24
37.191.75.0/24 maxlen: 24
37.191.80.0/21 maxlen: 24
37.191.88.0/22 maxlen: 24
37.221.0.0/18 maxlen: 24
37.221.0.0/20 maxlen: 20
37.235.16.0/20 maxlen: 24
37.235.17.0/24 maxlen: 24
45.128.140.0/22 maxlen: 24
45.144.124.0/22 maxlen: 24
46.32.5.0/24 maxlen: 24
46.32.9.0/24 maxlen: 24
46.32.14.0/24 maxlen: 24
46.34.164.0/22 maxlen: 24
46.34.168.0/21 maxlen: 24
46.34.178.0/23 maxlen: 24
46.34.180.0/22 maxlen: 24
46.34.184.0/21 maxlen: 24
46.34.184.0/22 maxlen: 22
46.34.188.0/22 maxlen: 22
78.154.32.0/19 maxlen: 24
78.158.182.0/23 maxlen: 24
79.132.200.0/22 maxlen: 24
79.132.213.0/24 maxlen: 24
79.132.217.0/24 maxlen: 24
79.132.218.0/23 maxlen: 24
79.132.220.0/23 maxlen: 24
80.71.113.0/24 maxlen: 24
80.71.122.0/23 maxlen: 24
80.71.124.0/23 maxlen: 24
80.71.127.0/24 maxlen: 24
81.29.243.0/24 maxlen: 24
81.29.248.0/21 maxlen: 24
81.29.248.0/23 maxlen: 23
81.29.250.0/23 maxlen: 24
81.29.250.0/24 maxlen: 24
81.29.251.0/24 maxlen: 24
81.29.254.0/24 maxlen: 24
81.29.255.0/24 maxlen: 24
81.91.144.0/20 maxlen: 24
81.91.144.0/22 maxlen: 24
81.91.148.0/23 maxlen: 24
81.91.150.0/23 maxlen: 24
81.91.152.0/21 maxlen: 24
86.109.32.0/23 maxlen: 24
86.109.36.0/22 maxlen: 24
86.109.41.0/24 maxlen: 24
86.109.46.0/23 maxlen: 24
86.109.53.0/24 maxlen: 24
86.109.56.0/22 maxlen: 24
86.109.58.0/23 maxlen: 24
86.109.62.0/23 maxlen: 24
87.247.180.0/23 maxlen: 24
91.184.64.0/20 maxlen: 24
92.61.184.0/21 maxlen: 24
92.119.68.0/22 maxlen: 24
94.139.160.0/20 maxlen: 24
109.230.64.0/21 maxlen: 24
109.230.80.0/20 maxlen: 24
109.230.80.0/22 maxlen: 24
109.230.81.0/24 maxlen: 24
109.230.82.0/24 maxlen: 24
109.230.88.0/21 maxlen: 24
109.230.88.0/23 maxlen: 24
109.230.90.0/24 maxlen: 24
109.230.93.0/24 maxlen: 24
176.221.65.0/24 maxlen: 24
185.12.62.0/24 maxlen: 24
185.21.76.0/22 maxlen: 24
185.30.76.0/22 maxlen: 24
185.40.240.0/22 maxlen: 24
185.45.188.0/22 maxlen: 24
185.70.60.0/22 maxlen: 24
185.82.164.0/23 maxlen: 24
185.85.68.0/22 maxlen: 24
185.104.228.0/24 maxlen: 24
185.133.152.0/22 maxlen: 24
185.142.233.0/24 maxlen: 24
185.142.234.0/23 maxlen: 24
185.172.0.0/22 maxlen: 24
185.190.20.0/22 maxlen: 24
185.197.68.0/22 maxlen: 24
185.208.150.0/23 maxlen: 24
188.75.92.0/24 maxlen: 24
188.75.94.0/24 maxlen: 24
188.75.102.0/23 maxlen: 24
188.75.107.0/24 maxlen: 24
188.75.110.0/23 maxlen: 24
188.75.113.0/24 maxlen: 24
188.75.114.0/23 maxlen: 24
188.75.116.0/23 maxlen: 24
188.75.122.0/23 maxlen: 24
188.121.128.0/19 maxlen: 24
188.121.128.0/23 maxlen: 24
188.121.128.0/24 maxlen: 24
188.121.129.0/24 maxlen: 24
188.121.136.0/21 maxlen: 24
188.121.144.0/20 maxlen: 24
188.121.144.0/22 maxlen: 24
188.121.146.0/24 maxlen: 24
188.121.148.0/23 maxlen: 24
188.121.152.0/22 maxlen: 24
188.121.156.0/24 maxlen: 24
188.121.157.0/24 maxlen: 24
188.121.158.0/23 maxlen: 24
188.136.134.0/24 maxlen: 24
188.136.141.0/24 maxlen: 24
188.136.145.0/24 maxlen: 24
188.136.148.0/24 maxlen: 24
188.136.151.0/24 maxlen: 24
188.136.157.0/24 maxlen: 24
188.136.158.0/23 maxlen: 24
188.136.174.0/24 maxlen: 24
188.136.175.0/24 maxlen: 24
188.136.176.0/21 maxlen: 24
188.136.184.0/24 maxlen: 24
188.136.185.0/24 maxlen: 24
188.136.186.0/23 maxlen: 24
188.136.188.0/23 maxlen: 24
188.136.192.0/22 maxlen: 24
188.136.192.0/23 maxlen: 24
188.136.194.0/24 maxlen: 24
188.136.195.0/24 maxlen: 24
188.136.197.0/24 maxlen: 24
188.136.198.0/23 maxlen: 24
188.136.200.0/24 maxlen: 24
188.136.201.0/24 maxlen: 24
188.136.202.0/23 maxlen: 24
188.136.204.0/22 maxlen: 24
188.136.208.0/24 maxlen: 24
188.136.209.0/24 maxlen: 24
188.136.212.0/22 maxlen: 24
188.136.216.0/22 maxlen: 24
188.136.218.0/23 maxlen: 24
188.136.220.0/23 maxlen: 24
188.136.222.0/23 maxlen: 24
213.195.16.0/22 maxlen: 24
213.207.192.0/20 maxlen: 24
217.66.196.0/23 maxlen: 24
217.66.208.0/24 maxlen: 24
217.66.211.0/24 maxlen: 24
2a0c:100::/29 maxlen: 48
2a0c:104::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.mft
rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 15:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:c9:dd:c2:27:1a:ca:34:40:1b:74:f4:32:80:3f:33:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b698c4b612afee2cbb1cdd509e4f0246fbb80e1
Validity
Not Before: Apr 26 12:57:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2ad4ac1aa0f288d5e58dc7e4a3e41d877b705e73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:25:92:a0:91:ef:e9:a1:f4:e4:63:b7:6e:93:
42:0b:d0:5d:ee:df:01:f7:88:89:52:8f:b4:02:f8:
88:83:6b:86:08:b4:64:dd:15:1c:d2:cb:06:93:9a:
7e:97:c2:64:a0:d2:eb:7e:46:ce:3e:89:cc:47:1b:
a7:a6:ff:8f:f7:97:ad:58:d9:67:69:76:45:0d:32:
75:2b:78:56:4d:b3:4c:93:85:94:d9:9a:e8:6d:0d:
15:63:be:d0:c8:28:24:e6:b4:82:ca:38:75:f4:98:
36:cf:af:40:20:56:0c:99:86:c1:71:3d:dd:f9:1b:
27:d7:2f:13:4f:12:dc:bd:68:84:0c:d7:f1:c0:32:
ca:39:7a:de:04:d4:bb:1d:a0:17:e0:2d:7b:64:18:
36:0d:e2:02:f9:ff:94:65:a5:eb:3a:2d:c9:a4:39:
ea:c9:49:40:ed:f8:a5:18:57:6c:7f:99:8d:17:c5:
92:49:d8:2d:8a:c1:85:ae:6c:d7:10:70:f7:74:70:
bc:32:2f:c2:28:ef:c2:b0:e1:24:8b:3d:15:49:ff:
03:a7:16:e4:86:eb:91:ac:dc:a9:4c:f6:fb:fd:27:
9b:9b:68:4f:bf:fb:4b:b7:e8:3a:15:da:3b:d7:9d:
aa:c2:b4:33:3f:40:8d:39:1a:6b:49:2b:05:66:f0:
ad:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:D4:AC:1A:A0:F2:88:D5:E5:8D:C7:E4:A3:E4:1D:87:7B:70:5E:73
X509v3 Authority Key Identifier:
keyid:5B:69:8C:4B:61:2A:FE:E2:CB:B1:CD:D5:09:E4:F0:24:6F:BB:80:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/KtSsGqDyiNXljcfko-Qdh3twXnM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.104.0/21
31.217.208.0/21
37.19.80.0/20
37.114.192.0/18
37.191.75.0/24
37.191.80.0-37.191.91.255
37.221.0.0/18
37.235.16.0/20
45.128.140.0/22
45.144.124.0/22
46.32.5.0/24
46.32.9.0/24
46.32.14.0/24
46.34.164.0-46.34.175.255
46.34.178.0-46.34.191.255
78.154.32.0/19
78.158.182.0/23
79.132.200.0/22
79.132.213.0/24
79.132.217.0-79.132.221.255
80.71.113.0/24
80.71.122.0-80.71.125.255
80.71.127.0/24
81.29.243.0/24
81.29.248.0/21
81.91.144.0/20
86.109.32.0/23
86.109.36.0/22
86.109.41.0/24
86.109.46.0/23
86.109.53.0/24
86.109.56.0/22
86.109.62.0/23
87.247.180.0/23
91.184.64.0/20
92.61.184.0/21
92.119.68.0/22
94.139.160.0/20
109.230.64.0/21
109.230.80.0/20
176.221.65.0/24
185.12.62.0/24
185.21.76.0/22
185.30.76.0/22
185.40.240.0/22
185.45.188.0/22
185.70.60.0/22
185.82.164.0/23
185.85.68.0/22
185.104.228.0/24
185.133.152.0/22
185.142.233.0-185.142.235.255
185.172.0.0/22
185.190.20.0/22
185.197.68.0/22
185.208.150.0/23
188.75.92.0/24
188.75.94.0/24
188.75.102.0/23
188.75.107.0/24
188.75.110.0/23
188.75.113.0-188.75.117.255
188.75.122.0/23
188.121.128.0/19
188.136.134.0/24
188.136.141.0/24
188.136.145.0/24
188.136.148.0/24
188.136.151.0/24
188.136.157.0-188.136.159.255
188.136.174.0-188.136.189.255
188.136.192.0/22
188.136.197.0-188.136.209.255
188.136.212.0-188.136.223.255
213.195.16.0/22
213.207.192.0/20
217.66.196.0/23
217.66.208.0/24
217.66.211.0/24
IPv6:
2a0c:100::/29
Signature Algorithm: sha256WithRSAEncryption
2f:dd:4b:39:d4:42:38:2a:80:c4:0d:32:6c:79:7c:d4:0a:d0:
d0:fb:61:01:ae:3c:1d:ef:5c:c1:af:1a:f8:7b:58:8a:be:37:
00:f0:19:ce:18:55:1f:bb:8f:63:f0:f1:ce:00:31:90:cd:d7:
02:3d:56:ae:d2:50:1f:14:10:2f:07:ec:fc:1a:2f:da:40:36:
e6:c7:ab:32:f4:77:06:dc:d7:89:9c:5b:95:24:f7:4f:4e:70:
23:33:d6:9b:5f:9e:59:18:cb:5b:c2:b4:15:b9:d2:96:88:89:
f5:a3:21:03:4e:ec:36:41:5c:ff:72:7b:87:bd:86:73:b3:f1:
f2:53:64:81:04:39:50:0f:49:10:ee:a4:b3:b9:d6:cb:e9:89:
ff:44:8d:a3:2f:9a:96:02:2c:b1:b6:cb:c4:d3:b0:10:d7:88:
3e:82:7b:e2:35:38:d5:08:84:6d:b3:a6:4a:9b:68:c4:c9:02:
08:c3:86:d6:81:72:cc:0a:58:da:cc:2e:2d:9d:6e:35:23:6f:
d4:4f:f9:26:b1:5b:d3:e2:33:73:b0:84:78:24:71:25:0e:c7:
e1:91:a8:cd:2e:5a:c9:85:01:fd:11:34:f9:92:e2:9c:5e:10:
d5:28:fb:7c:dd:3e:a8:df:21:a4:ee:63:dd:df:9e:bd:5e:f2:
8a:a4:8a:23
-----BEGIN CERTIFICATE-----
MIIHQjCCBiqgAwIBAgISAZ3J3cInGso0QBt09DKAPzN5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViNjk4YzRiNjEyYWZlZTJjYmIxY2RkNTA5ZTRmMDI0NmZi
YjgwZTEwHhcNMjYwNDI2MTI1NzI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWQ0YWMxYWEwZjI4OGQ1ZTU4ZGM3ZTRhM2U0MWQ4NzdiNzA1ZTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtCWSoJHv6aH05GO3bpNCC9Bd7t8B
94iJUo+0AviIg2uGCLRk3RUc0ssGk5p+l8JkoNLrfkbOPonMRxunpv+P95etWNln
aXZFDTJ1K3hWTbNMk4WU2ZrobQ0VY77QyCgk5rSCyjh19Jg2z69AIFYMmYbBcT3d
+Rsn1y8TTxLcvWiEDNfxwDLKOXreBNS7HaAX4C17ZBg2DeIC+f+UZaXrOi3JpDnq
yUlA7filGFdsf5mNF8WSSdgtisGFrmzXEHD3dHC8Mi/CKO/CsOEkiz0VSf8Dpxbk
huuRrNypTPb7/Sebm2hPv/tLt+g6Fdo7152qwrQzP0CNORprSSsFZvCttwIDAQAB
o4IETjCCBEowHQYDVR0OBBYEFCrUrBqg8ojV5Y3H5KPkHYd7cF5zMB8GA1UdIwQY
MBaAFFtpjEthKv7iy7HN1Qnk8CRvu4DhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzJtTVMyRXFfdUxMc2MzVkNlVHdKRy03Z09FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9jMTZmNTUtYjQ0ZC00MGMzLTlkYWMt
Y2MyZmFmZTNhOGI0LzEvS3RTc0dxRHlpTlhsamNma28tUWRoM3R3WG5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9jMTZmNTUtYjQ0ZC00MGMzLTlkYWMtY2MyZmFmZTNhOGI0
LzEvVzJtTVMyRXFfdUxMc2MzVkNlVHdKRy03Z09FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICYgYIKwYBBQUHAQcBAf8EggJRMIICTTCCAjoEAgABMIIC
MgMEAx8ZaAMEAx/Z0AMEBCUTUAMEBiVywAMEACW/SzAMAwQEJb9QAwQCJb9YAwQG
Jd0AAwQEJesQAwQCLYCMAwQCLZB8AwQALiAFAwQALiAJAwQALiAOMAwDBAIuIqQD
BAQuIqAwDAMEAS4isgMEBi4igAMEBU6aIAMEAU6etgMEAk+EyAMEAE+E1TAMAwQA
T4TZAwQBT4TcAwQAUEdxMAwDBAFQR3oDBAFQR3wDBABQR38DBABRHfMDBANRHfgD
BARRW5ADBAFWbSADBAJWbSQDBABWbSkDBAFWbS4DBABWbTUDBAJWbTgDBAFWbT4D
BAFX97QDBARbuEADBANcPbgDBAJcd0QDBARei6ADBANt5kADBARt5lADBACw3UED
BAC5DD4DBAK5FUwDBAK5HkwDBAK5KPADBAK5LbwDBAK5RjwDBAG5UqQDBAK5VUQD
BAC5aOQDBAK5hZgwDAMEALmO6QMEArmO6AMEArmsAAMEArm+FAMEArnFRAMEAbnQ
lgMEALxLXAMEALxLXgMEAbxLZgMEALxLawMEAbxLbjAMAwQAvEtxAwQBvEt0AwQB
vEt6AwQFvHmAAwQAvIiGAwQAvIiNAwQAvIiRAwQAvIiUAwQAvIiXMAwDBAC8iJ0D
BAW8iIAwDAMEAbyIrgMEAbyIvAMEAryIwDAMAwQAvIjFAwQBvIjQMAwDBAK8iNQD
BAW8iMADBALVwxADBATVz8ADBAHZQsQDBADZQtADBADZQtMwDQQCAAIwBwMFAyoM
AQAwDQYJKoZIhvcNAQELBQADggEBAC/dSznUQjgqgMQNMmx5fNQK0ND7YQGuPB3v
XMGvGvh7WIq+NwDwGc4YVR+7j2Pw8c4AMZDN1wI9Vq7SUB8UEC8H7PwaL9pANubH
qzL0dwbc14mcW5Uk909OcCMz1ptfnlkYy1vCtBW50paIifWjIQNO7DZBXP9ye4e9
hnOz8fJTZIEEOVAPSRDupLO51svpif9EjaMvmpYCLLG2y8TTsBDXiD6Ce+I1ONUI
hG2zpkqbaMTJAgjDhtaBcswKWNrMLi2dbjUjb9RP+SaxW9PiM3OwhHgkcSUOx+GR
qM0uWsmFAf0RNPmS4pxeENUo+3zdPqjfIaTuY93fnr1e8oqkiiM=
-----END CERTIFICATE-----
Generated at Mon Apr 27 23:56:39 2026 by rpki-client