Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/1UmwHWV4a8GVyeMX9iVtrEY6_vY.roa
File: 1UmwHWV4a8GVyeMX9iVtrEY6_vY.roa (raw, json)
Hash identifier: lngU3VlvgjsfQNDvuc4WHw0G299WqfoiIYc9R+KVPPc=
Subject key identifier: D5:49:B0:1D:65:78:6B:C1:95:C9:E3:17:F6:25:6D:AC:46:3A:FE:F6
Certificate issuer: /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial: 019E546C31DF207F4A113EC8CD5F39A0FAA0
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/1UmwHWV4a8GVyeMX9iVtrEY6_vY.roa
Signing time: Sat 23 May 2026 10:40:37 +0000
ROA not before: Sat 23 May 2026 10:40:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 59504
IP address blocks: 45.142.208.0/24 maxlen: 24
45.142.209.0/24 maxlen: 24
45.142.211.0/24 maxlen: 24
45.151.136.0/22 maxlen: 22
45.151.136.0/24 maxlen: 24
45.151.137.0/24 maxlen: 24
80.76.40.0/24 maxlen: 24
81.22.193.0/24 maxlen: 24
83.171.240.0/24 maxlen: 24
84.54.37.0/24 maxlen: 24
84.54.39.0/24 maxlen: 24
95.215.108.0/23 maxlen: 23
95.215.110.0/23 maxlen: 23
138.16.128.0/24 maxlen: 24
185.42.24.0/24 maxlen: 24
185.42.26.0/24 maxlen: 24
185.118.64.0/22 maxlen: 22
185.118.64.0/24 maxlen: 24
185.118.65.0/24 maxlen: 24
185.118.66.0/23 maxlen: 23
185.118.66.0/24 maxlen: 24
185.118.67.0/24 maxlen: 24
185.156.176.0/22 maxlen: 22
185.156.176.0/24 maxlen: 24
185.156.177.0/24 maxlen: 24
185.156.178.0/23 maxlen: 23
185.156.178.0/24 maxlen: 24
185.156.179.0/24 maxlen: 24
185.177.113.0/24 maxlen: 24
185.177.115.0/24 maxlen: 24
185.197.72.0/24 maxlen: 24
185.197.73.0/24 maxlen: 24
185.220.32.0/24 maxlen: 24
185.220.33.0/24 maxlen: 24
185.220.34.0/24 maxlen: 24
185.220.35.0/24 maxlen: 24
185.230.140.0/23 maxlen: 23
185.230.142.0/24 maxlen: 24
185.246.116.0/24 maxlen: 24
185.246.117.0/24 maxlen: 24
185.246.119.0/24 maxlen: 24
185.254.188.0/24 maxlen: 24
185.254.189.0/24 maxlen: 24
185.254.190.0/24 maxlen: 24
193.38.232.0/23 maxlen: 23
193.38.234.0/24 maxlen: 24
193.150.70.0/24 maxlen: 24
194.26.210.0/24 maxlen: 24
194.113.104.0/24 maxlen: 24
194.113.104.114/32 maxlen: 32
194.113.107.0/24 maxlen: 24
2a05:fb41::/32 maxlen: 32
2a05:fb42::/32 maxlen: 32
2a05:fb44::/32 maxlen: 32
2a05:fb45::/32 maxlen: 32
2a07:14c0::/48 maxlen: 48
2a07:14c0:1::/48 maxlen: 48
2a07:14c0:1000::/36 maxlen: 36
2a07:14c0:3000::/36 maxlen: 36
2a07:14c0:4000::/36 maxlen: 36
2a07:14c0:5000::/36 maxlen: 36
2a07:14c0:6000::/36 maxlen: 36
2a07:14c0:d000::/36 maxlen: 36
2a07:14c1::/32 maxlen: 32
2a07:14c2::/32 maxlen: 32
2a07:14c6::/32 maxlen: 32
2a07:14c7::/32 maxlen: 32
2a0a:4780::/32 maxlen: 32
2a0a:4781::/32 maxlen: 32
2a0a:4782::/32 maxlen: 32
2a0a:4783::/32 maxlen: 32
2a0a:4784::/32 maxlen: 32
2a0a:4785::/32 maxlen: 32
2a0c:2103::/32 maxlen: 32
2a0c:5241::/32 maxlen: 32
2a0c:5245::/32 maxlen: 32
2a0c:5247:7000::/36 maxlen: 36
2a0c:5247:c000::/36 maxlen: 36
2a0c:5247:d000::/36 maxlen: 36
2a0c:5247:e000::/36 maxlen: 36
2a0c:5247:f000::/36 maxlen: 36
2a0d:60c0::/32 maxlen: 32
2a0d:60c1::/32 maxlen: 32
2a0d:60c3::/32 maxlen: 32
2a0d:7740::/32 maxlen: 32
2a0d:7747::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl
rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.mft
rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Jun 2026 04:00:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:54:6c:31:df:20:7f:4a:11:3e:c8:cd:5f:39:a0:fa:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Validity
Not Before: May 23 10:40:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d549b01d65786bc195c9e317f6256dac463afef6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:fa:2c:fe:99:fe:68:93:c8:41:bc:2c:48:59:
10:7d:06:eb:02:ec:9d:1a:c0:0c:22:3e:a3:51:de:
b8:98:8c:56:af:14:fb:db:e2:c0:b7:c3:ce:2a:7c:
4d:ac:8c:52:28:dc:c9:48:7f:f9:35:dd:2a:e4:6c:
93:cd:54:90:fc:5e:ec:d2:ea:33:2d:09:fa:9d:2a:
82:73:aa:95:9d:1f:ee:f5:06:4c:c6:89:e6:fd:e2:
95:6e:e1:a4:a7:63:37:89:e2:82:a0:19:be:23:1c:
51:4f:b7:98:29:a3:c2:69:d6:ea:ab:9d:28:aa:ec:
f3:36:d1:5f:c1:6e:b7:ab:3d:07:9e:ef:f5:ce:a3:
68:9d:d5:a2:04:8f:c0:79:e6:b0:e9:21:ee:b3:ea:
8e:61:48:8c:73:3a:4c:ad:0b:63:7a:ff:ee:4a:e4:
8d:a8:06:0b:2d:12:01:3f:5a:c2:39:60:35:b2:92:
bd:be:44:a2:eb:e7:16:4a:a4:6f:c2:4f:10:91:26:
d4:d2:98:1d:62:47:c8:bf:d9:87:2e:36:f1:bb:da:
7e:ea:3a:d8:dc:eb:b6:7c:37:0e:36:ab:51:ca:db:
b8:aa:17:aa:23:6e:3a:1f:2a:d9:c8:1d:75:13:c4:
37:3f:40:d1:3e:9e:94:dc:2d:3e:c4:86:38:69:fa:
85:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:49:B0:1D:65:78:6B:C1:95:C9:E3:17:F6:25:6D:AC:46:3A:FE:F6
X509v3 Authority Key Identifier:
keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/1UmwHWV4a8GVyeMX9iVtrEY6_vY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.208.0/23
45.142.211.0/24
45.151.136.0/22
80.76.40.0/24
81.22.193.0/24
83.171.240.0/24
84.54.37.0/24
84.54.39.0/24
95.215.108.0/22
138.16.128.0/24
185.42.24.0/24
185.42.26.0/24
185.118.64.0/22
185.156.176.0/22
185.177.113.0/24
185.177.115.0/24
185.197.72.0/23
185.220.32.0/22
185.230.140.0-185.230.142.255
185.246.116.0/23
185.246.119.0/24
185.254.188.0-185.254.190.255
193.38.232.0-193.38.234.255
193.150.70.0/24
194.26.210.0/24
194.113.104.0/24
194.113.107.0/24
IPv6:
2a05:fb41::-2a05:fb42:ffff:ffff:ffff:ffff:ffff:ffff
2a05:fb44::/31
2a07:14c0::/47
2a07:14c0:1000::/36
2a07:14c0:3000::-2a07:14c0:6fff:ffff:ffff:ffff:ffff:ffff
2a07:14c0:d000::/36
2a07:14c1::-2a07:14c2:ffff:ffff:ffff:ffff:ffff:ffff
2a07:14c6::/31
2a0a:4780::-2a0a:4785:ffff:ffff:ffff:ffff:ffff:ffff
2a0c:2103::/32
2a0c:5241::/32
2a0c:5245::/32
2a0c:5247:7000::/36
2a0c:5247:c000::/34
2a0d:60c0::/31
2a0d:60c3::/32
2a0d:7740::/32
2a0d:7747::/32
Signature Algorithm: sha256WithRSAEncryption
97:da:3a:21:30:f5:e5:e2:cf:18:ed:73:0f:d8:b0:41:b5:0a:
ba:32:88:2a:99:cc:57:22:d2:75:1d:ed:92:28:73:13:49:8f:
7c:7d:2a:c5:24:0f:21:06:cb:7d:5b:cb:52:df:3b:10:e9:8f:
f0:c1:bd:96:35:61:81:b5:6f:39:35:f7:0f:f6:e0:a7:64:93:
0f:ea:8f:b9:e9:6f:01:cc:13:be:ea:76:d3:fe:97:76:71:05:
8f:ce:96:e6:b3:32:1e:f1:e5:78:04:c2:59:81:30:e9:5c:45:
4c:4a:3a:e1:e2:ad:28:e9:69:33:7e:4a:f7:c1:52:a2:d2:8e:
85:a8:09:35:4e:f4:aa:6b:7f:69:3b:1f:78:68:43:e3:46:8c:
32:14:7d:9f:de:0a:e0:5d:d6:a3:61:54:09:31:6a:98:f2:53:
11:d9:3e:1d:84:fe:8e:6e:fb:a7:dd:ff:a7:aa:ef:0f:01:4b:
d1:23:8e:59:cc:74:4a:1c:52:00:00:0b:a5:d4:c7:c8:e2:7f:
b7:a3:05:8b:83:0f:47:cd:c6:85:e1:eb:4e:41:44:04:6f:8a:
80:60:da:c9:0e:41:48:a2:6f:57:06:02:4b:33:03:42:94:77:
f3:d5:fb:a4:8f:21:85:a2:36:bd:23:8a:0c:7d:92:51:30:bc:
32:92:32:c3
-----BEGIN CERTIFICATE-----
MIIGbTCCBVWgAwIBAgISAZ5UbDHfIH9KET7IzV85oPqgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjYwNTIzMTA0MDM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTQ5YjAxZDY1Nzg2YmMxOTVjOWUzMTdmNjI1NmRhYzQ2M2FmZWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3fos/pn+aJPIQbwsSFkQfQbrAuyd
GsAMIj6jUd64mIxWrxT72+LAt8POKnxNrIxSKNzJSH/5Nd0q5GyTzVSQ/F7s0uoz
LQn6nSqCc6qVnR/u9QZMxonm/eKVbuGkp2M3ieKCoBm+IxxRT7eYKaPCadbqq50o
quzzNtFfwW63qz0Hnu/1zqNondWiBI/Aeeaw6SHus+qOYUiMczpMrQtjev/uSuSN
qAYLLRIBP1rCOWA1spK9vkSi6+cWSqRvwk8QkSbU0pgdYkfIv9mHLjbxu9p+6jrY
3Ou2fDcONqtRytu4qheqI246HyrZyB11E8Q3P0DRPp6U3C0+xIY4afqFtQIDAQAB
o4IDeTCCA3UwHQYDVR0OBBYEFNVJsB1leGvBlcnjF/YlbaxGOv72MB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEvMVVtd0hXVjRhOEdWeWVNWDlpVnRyRVk2X3ZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBjQYIKwYBBQUHAQcBAf8EggF8MIIBeDCBwQQCAAEwgboD
BAEtjtADBAAtjtMDBAItl4gDBABQTCgDBABRFsEDBABTq/ADBABUNiUDBABUNicD
BAJf12wDBACKEIADBAC5KhgDBAC5KhoDBAK5dkADBAK5nLADBAC5sXEDBAC5sXMD
BAG5xUgDBAK53CAwDAMEArnmjAMEALnmjgMEAbn2dAMEALn2dzAMAwQCuf68AwQA
uf6+MAwDBAPBJugDBADBJuoDBADBlkYDBADCGtIDBADCcWgDBADCcWswgbEEAgAC
MIGqMA4DBQAqBftBAwUAKgX7QgMFASoF+0QDBwEqBxTAAAADBgQqBxTAEDAQAwYE
KgcUwDADBgQqBxTAYAMGBCoHFMDQMA4DBQAqBxTBAwUAKgcUwgMFASoHFMYwDgMF
ByoKR4ADBQEqCkeEAwUAKgwhAwMFACoMUkEDBQAqDFJFAwYEKgxSR3ADBgYqDFJH
wAMFASoNYMADBQAqDWDDAwUAKg13QAMFACoNd0cwDQYJKoZIhvcNAQELBQADggEB
AJfaOiEw9eXizxjtcw/YsEG1CroyiCqZzFci0nUd7ZIocxNJj3x9KsUkDyEGy31b
y1LfOxDpj/DBvZY1YYG1bzk19w/24Kdkkw/qj7npbwHME77qdtP+l3ZxBY/Oluaz
Mh7x5XgEwlmBMOlcRUxKOuHirSjpaTN+SvfBUqLSjoWoCTVO9Kprf2k7H3hoQ+NG
jDIUfZ/eCuBd1qNhVAkxapjyUxHZPh2E/o5u+6fd/6eq7w8BS9EjjlnMdEocUgAA
C6XUx8jif7ejBYuDD0fNxoXh605BRARvioBg2skOQUiib1cGAkszA0KUd/PV+6SP
IYWiNr0jigx9klEwvDKSMsM=
-----END CERTIFICATE-----
Generated at Sat Jun 6 13:33:00 2026 by rpki-client