Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/16MSTgVVK56ZRhV0IHcibrfPUxg.roa
File: 16MSTgVVK56ZRhV0IHcibrfPUxg.roa (raw, json)
Hash identifier: iL6bn6p3n17m+oJvcOVAmK9gZGYnig7NZGH3O2RQ17k=
Subject key identifier: D7:A3:12:4E:05:55:2B:9E:99:46:15:74:20:77:22:6E:B7:CF:53:18
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019CC3F7DE8F09C96A5F3955758E4765363E
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/16MSTgVVK56ZRhV0IHcibrfPUxg.roa
Signing time: Fri 06 Mar 2026 16:25:27 +0000
ROA not before: Fri 06 Mar 2026 16:25:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 207461
IP address blocks: 45.9.119.0/24 maxlen: 24
45.86.15.0/24 maxlen: 24
45.86.245.0/24 maxlen: 24
45.86.247.0/24 maxlen: 24
45.87.240.0/24 maxlen: 24
45.92.168.0/24 maxlen: 24
45.92.169.0/24 maxlen: 24
45.92.170.0/24 maxlen: 24
45.92.171.0/24 maxlen: 24
45.92.247.0/24 maxlen: 24
45.94.36.0/24 maxlen: 24
45.94.37.0/24 maxlen: 24
45.94.38.0/24 maxlen: 24
45.94.39.0/24 maxlen: 24
45.94.46.0/24 maxlen: 24
45.94.47.0/24 maxlen: 24
45.95.98.0/23 maxlen: 23
45.95.99.0/24 maxlen: 24
45.118.249.0/24 maxlen: 24
45.128.24.0/24 maxlen: 24
45.129.124.0/24 maxlen: 24
45.130.124.0/24 maxlen: 24
45.130.127.0/24 maxlen: 24
45.130.254.0/24 maxlen: 24
45.131.213.0/24 maxlen: 24
45.133.209.0/24 maxlen: 24
45.133.210.0/24 maxlen: 24
45.136.175.0/24 maxlen: 24
45.136.228.0/24 maxlen: 24
45.137.40.0/24 maxlen: 24
45.137.41.0/24 maxlen: 24
45.137.42.0/23 maxlen: 23
45.137.60.0/24 maxlen: 24
45.137.62.0/24 maxlen: 24
45.140.14.0/24 maxlen: 24
45.145.12.0/24 maxlen: 24
45.145.13.0/24 maxlen: 24
45.145.14.0/24 maxlen: 24
45.146.181.0/24 maxlen: 24
45.147.28.0/24 maxlen: 24
45.151.101.0/24 maxlen: 24
45.151.102.0/24 maxlen: 24
45.152.198.0/24 maxlen: 24
45.154.56.0/24 maxlen: 24
45.155.70.0/24 maxlen: 24
45.155.71.0/24 maxlen: 24
45.158.196.0/24 maxlen: 24
113.30.153.0/24 maxlen: 24
113.30.155.0/24 maxlen: 24
141.193.20.0/24 maxlen: 24
185.155.200.0/24 maxlen: 24
185.155.203.0/24 maxlen: 24
185.164.56.0/24 maxlen: 24
185.164.57.0/24 maxlen: 24
192.166.153.0/24 maxlen: 24
193.5.65.0/24 maxlen: 24
193.27.19.0/24 maxlen: 24
194.62.67.0/24 maxlen: 24
195.74.90.0/24 maxlen: 24
195.85.194.0/24 maxlen: 24
2a0a:2d06:10::/48 maxlen: 48
2a0f:3d86:44::/48 maxlen: 48
2a0f:3d86:100::/48 maxlen: 48
2a0f:3d86:101::/48 maxlen: 48
2a0f:e1c0:37a::/48 maxlen: 48
2a0f:e1c0:a8b9::/48 maxlen: 48
2a13:8c86:120::/48 maxlen: 48
2a13:c900:99::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Mar 2026 19:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:c3:f7:de:8f:09:c9:6a:5f:39:55:75:8e:47:65:36:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Mar 6 16:25:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d7a3124e05552b9e994615742077226eb7cf5318
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:59:ca:21:06:12:94:0b:30:57:4e:fa:8b:6d:
b4:17:bb:b0:59:0b:88:90:87:d1:9c:1d:ec:8c:ea:
49:9f:b4:6a:e7:3c:b9:76:1a:2c:84:ed:fd:bd:77:
3a:59:b9:0b:8f:54:af:92:85:c5:d9:e5:f1:e9:e1:
87:8f:11:63:73:08:18:f8:05:17:8a:e0:3d:e4:42:
17:e6:79:4b:e3:6a:9e:9c:ff:ea:bb:1d:84:c8:47:
9f:ce:e7:4d:6c:d8:2b:32:1f:e4:49:25:c2:fa:69:
45:d2:10:e3:37:55:3a:ce:78:a8:ec:7a:90:46:e3:
91:9f:51:c5:3f:7b:a5:63:fd:58:5c:7b:60:e0:5f:
00:64:6a:23:ca:29:f5:82:f4:84:e1:f4:c2:9d:cb:
0e:85:4b:8d:2d:35:19:15:c6:59:b3:61:0a:7b:c2:
23:1f:df:7c:84:83:e8:cb:a5:61:a0:23:43:ce:cf:
cc:9d:ac:31:c9:e3:9d:ed:f3:26:56:9d:5e:0b:7d:
46:ce:68:d4:6f:71:77:c7:d9:a7:62:dd:51:a7:34:
b5:64:f3:ab:3a:e9:c9:5e:6a:19:77:21:49:3a:80:
de:f3:05:02:b1:a6:94:fb:64:12:a3:6a:c1:bb:0d:
d8:5c:8a:93:a4:cb:48:a3:d1:38:d5:5a:48:a9:16:
ab:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:A3:12:4E:05:55:2B:9E:99:46:15:74:20:77:22:6E:B7:CF:53:18
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/16MSTgVVK56ZRhV0IHcibrfPUxg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.119.0/24
45.86.15.0/24
45.86.245.0/24
45.86.247.0/24
45.87.240.0/24
45.92.168.0/22
45.92.247.0/24
45.94.36.0/22
45.94.46.0/23
45.95.98.0/23
45.118.249.0/24
45.128.24.0/24
45.129.124.0/24
45.130.124.0/24
45.130.127.0/24
45.130.254.0/24
45.131.213.0/24
45.133.209.0-45.133.210.255
45.136.175.0/24
45.136.228.0/24
45.137.40.0/22
45.137.60.0/24
45.137.62.0/24
45.140.14.0/24
45.145.12.0-45.145.14.255
45.146.181.0/24
45.147.28.0/24
45.151.101.0-45.151.102.255
45.152.198.0/24
45.154.56.0/24
45.155.70.0/23
45.158.196.0/24
113.30.153.0/24
113.30.155.0/24
141.193.20.0/24
185.155.200.0/24
185.155.203.0/24
185.164.56.0/23
192.166.153.0/24
193.5.65.0/24
193.27.19.0/24
194.62.67.0/24
195.74.90.0/24
195.85.194.0/24
IPv6:
2a0a:2d06:10::/48
2a0f:3d86:44::/48
2a0f:3d86:100::/47
2a0f:e1c0:37a::/48
2a0f:e1c0:a8b9::/48
2a13:8c86:120::/48
2a13:c900:99::/48
Signature Algorithm: sha256WithRSAEncryption
2f:68:27:fb:2e:a9:85:14:bd:1d:3c:d9:a3:72:e8:66:07:90:
f6:ef:cf:ba:15:ba:f5:a0:dc:0e:a5:df:0c:a2:55:db:30:bd:
a4:28:14:5b:12:dc:b4:70:f4:9b:2f:0d:d6:32:40:4d:24:84:
0a:e1:6f:b6:71:3a:83:08:e9:ed:df:3d:3f:f4:36:b7:70:ae:
32:5b:30:37:f7:00:d4:7f:65:01:36:95:28:f6:5a:73:21:9a:
ff:1f:1a:39:30:0c:44:60:de:9f:79:b5:60:d2:31:47:37:e3:
0a:11:bb:86:79:ba:4d:6e:ea:10:77:74:7c:f7:74:0b:80:5f:
8d:8f:86:28:25:b2:a7:c7:58:35:45:df:dd:cd:50:f1:21:51:
03:fd:7e:16:77:f1:69:1c:a0:0d:f2:c6:1a:d8:76:b5:9b:42:
16:48:25:7b:28:5c:21:c7:24:26:18:86:33:85:ec:bb:de:ec:
53:b5:e4:9c:f7:ef:ff:2b:4c:80:ef:91:65:6a:32:31:8a:06:
f5:2a:c9:a3:0d:0b:f3:fc:94:ef:53:86:7c:d7:74:37:98:c7:
44:e7:7a:0e:e4:ca:94:ef:80:2d:83:3e:6d:89:8a:28:2b:1d:
9d:79:e2:73:2b:f1:f8:02:06:a2:02:53:a6:a0:8b:3d:70:38:
cc:83:0e:f3
-----BEGIN CERTIFICATE-----
MIIGaDCCBVCgAwIBAgISAZzD996PCclqXzlVdY5HZTY+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjYwMzA2MTYyNTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2EzMTI0ZTA1NTUyYjllOTk0NjE1NzQyMDc3MjI2ZWI3Y2Y1MzE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvlnKIQYSlAswV076i220F7uwWQuI
kIfRnB3sjOpJn7Rq5zy5dhoshO39vXc6WbkLj1SvkoXF2eXx6eGHjxFjcwgY+AUX
iuA95EIX5nlL42qenP/qux2EyEefzudNbNgrMh/kSSXC+mlF0hDjN1U6znio7HqQ
RuORn1HFP3ulY/1YXHtg4F8AZGojyin1gvSE4fTCncsOhUuNLTUZFcZZs2EKe8Ij
H998hIPoy6VhoCNDzs/MnawxyeOd7fMmVp1eC31GzmjUb3F3x9mnYt1RpzS1ZPOr
OunJXmoZdyFJOoDe8wUCsaaU+2QSo2rBuw3YXIqTpMtIo9E41VpIqRarWwIDAQAB
o4IDdDCCA3AwHQYDVR0OBBYEFNejEk4FVSuemUYVdCB3Im63z1MYMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvMTZNU1RnVlZLNTZaUmhWMElIY2licmZQVXhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBiAYIKwYBBQUHAQcBAf8EggF3MIIBczCCASgEAgABMIIB
IAMEAC0JdwMEAC1WDwMEAC1W9QMEAC1W9wMEAC1X8AMEAi1cqAMEAC1c9wMEAi1e
JAMEAS1eLgMEAS1fYgMEAC12+QMEAC2AGAMEAC2BfAMEAC2CfAMEAC2CfwMEAC2C
/gMEAC2D1TAMAwQALYXRAwQALYXSAwQALYivAwQALYjkAwQCLYkoAwQALYk8AwQA
LYk+AwQALYwOMAwDBAItkQwDBAAtkQ4DBAAtkrUDBAAtkxwwDAMEAC2XZQMEAC2X
ZgMEAC2YxgMEAC2aOAMEAS2bRgMEAC2exAMEAHEemQMEAHEemwMEAI3BFAMEALmb
yAMEALmbywMEAbmkOAMEAMCmmQMEAMEFQQMEAMEbEwMEAMI+QwMEAMNKWgMEAMNV
wjBFBAIAAjA/AwcAKgotBgAQAwcAKg89hgBEAwcBKg89hgEAAwcAKg/hwAN6AwcA
Kg/hwKi5AwcAKhOMhgEgAwcAKhPJAACZMA0GCSqGSIb3DQEBCwUAA4IBAQAvaCf7
LqmFFL0dPNmjcuhmB5D278+6Fbr1oNwOpd8MolXbML2kKBRbEty0cPSbLw3WMkBN
JIQK4W+2cTqDCOnt3z0/9Da3cK4yWzA39wDUf2UBNpUo9lpzIZr/Hxo5MAxEYN6f
ebVg0jFHN+MKEbuGebpNbuoQd3R893QLgF+Nj4YoJbKnx1g1Rd/dzVDxIVED/X4W
d/FpHKAN8sYa2Ha1m0IWSCV7KFwhxyQmGIYzhey73uxTteSc9+//K0yA75FlajIx
igb1KsmjDQvz/JTvU4Z813Q3mMdE53oO5MqU74Atgz5tiYooKx2deeJzK/H4Agai
AlOmoIs9cDjMgw7z
-----END CERTIFICATE-----
Generated at Sat Mar 7 03:07:36 2026 by rpki-client