Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/Ry9pTvRL6jNTtKFupG_pWqo31G0.roa
File: Ry9pTvRL6jNTtKFupG_pWqo31G0.roa (raw, json)
Hash identifier: 05nH6wYrvT+ke7vg6RDJefer4eE65p8MXxq2xKb2Br0=
Subject key identifier: 47:2F:69:4E:F4:4B:EA:33:53:B4:A1:6E:A4:6F:E9:5A:AA:37:D4:6D
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 019DBE3AA2877F4AF5B9ADCBFAF0DB3A90B1
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/Ry9pTvRL6jNTtKFupG_pWqo31G0.roa
Signing time: Fri 24 Apr 2026 06:43:26 +0000
ROA not before: Fri 24 Apr 2026 06:43:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 20632
IP address blocks: 46.47.192.0/18 maxlen: 18
46.47.202.0/24 maxlen: 24
46.151.172.0/24 maxlen: 24
62.16.101.0/24 maxlen: 24
62.16.102.0/24 maxlen: 24
62.16.103.0/24 maxlen: 24
62.16.104.0/24 maxlen: 24
62.16.105.0/24 maxlen: 24
62.16.106.0/24 maxlen: 24
62.16.107.0/24 maxlen: 24
62.16.108.0/24 maxlen: 24
62.16.109.0/24 maxlen: 24
62.16.112.0/24 maxlen: 24
62.16.117.0/24 maxlen: 24
62.16.119.0/24 maxlen: 24
62.182.128.0/21 maxlen: 21
79.171.8.0/21 maxlen: 21
80.247.176.0/20 maxlen: 20
81.3.128.0/18 maxlen: 18
81.24.128.0/20 maxlen: 20
82.140.64.0/18 maxlen: 18
82.140.93.0/24 maxlen: 24
82.196.64.0/19 maxlen: 19
84.204.0.0/17 maxlen: 17
84.204.132.0/22 maxlen: 22
84.204.136.0/24 maxlen: 24
84.204.138.0/24 maxlen: 24
84.204.139.0/24 maxlen: 24
84.204.140.0/22 maxlen: 22
84.204.144.0/20 maxlen: 20
84.204.160.0/20 maxlen: 20
84.204.176.0/21 maxlen: 21
84.204.188.0/22 maxlen: 22
84.204.192.0/18 maxlen: 18
84.204.230.0/24 maxlen: 24
91.193.212.0/22 maxlen: 22
93.153.128.0/17 maxlen: 17
93.153.144.0/21 maxlen: 21
93.153.158.0/24 maxlen: 24
93.153.161.0/24 maxlen: 24
93.153.162.0/24 maxlen: 24
94.25.248.0/21 maxlen: 21
95.137.0.0/17 maxlen: 17
109.74.112.0/20 maxlen: 20
109.124.64.0/18 maxlen: 18
109.124.108.0/22 maxlen: 22
176.192.126.0/24 maxlen: 24
176.192.127.0/24 maxlen: 24
195.5.128.0/19 maxlen: 19
195.131.14.0/24 maxlen: 24
195.131.38.0/24 maxlen: 24
195.144.224.0/19 maxlen: 19
212.14.160.0/19 maxlen: 19
212.44.64.0/19 maxlen: 19
212.119.160.0/19 maxlen: 19
213.154.160.0/21 maxlen: 21
213.154.168.0/21 maxlen: 21
213.154.176.0/21 maxlen: 21
213.154.184.0/21 maxlen: 21
213.168.32.0/19 maxlen: 19
213.172.0.0/19 maxlen: 19
213.182.160.0/19 maxlen: 19
217.195.64.0/19 maxlen: 19
2a03:d000:9008::/46 maxlen: 46
2a03:d000:9008::/48 maxlen: 48
2a03:d000:9009::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.mft
rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 06:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:be:3a:a2:87:7f:4a:f5:b9:ad:cb:fa:f0:db:3a:90:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Apr 24 06:43:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=472f694ef44bea3353b4a16ea46fe95aaa37d46d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:e9:92:1e:f0:bb:29:20:0a:39:27:54:f7:a6:
0d:f6:21:ff:b0:53:83:ab:ba:b2:ae:d7:3a:60:bb:
74:61:cb:0e:f8:2b:69:5d:99:17:21:75:98:cc:8e:
63:a9:d8:88:1d:07:67:f9:2e:9b:cc:72:8c:a7:61:
59:97:43:08:bc:31:27:9f:e9:95:11:5b:0b:e7:ee:
9c:47:72:1b:83:49:c9:9c:40:1f:d7:d1:a7:2d:11:
67:cc:1a:a5:28:fa:81:3a:7d:c8:c5:e1:1d:04:2d:
b7:18:20:25:b5:5e:47:65:2e:0b:3b:37:e3:97:3b:
c6:99:67:c0:19:90:14:d1:5a:a8:45:ea:31:e4:cf:
20:41:1c:5d:de:67:b8:69:4d:e2:df:50:e4:83:a0:
55:91:0d:2e:d2:c6:95:e3:1d:bb:23:43:41:1b:26:
6a:de:b1:ba:75:3e:d8:41:ab:04:05:cf:81:25:e6:
0f:8a:8b:ed:e5:06:46:88:c2:40:b6:02:b2:c1:a8:
fd:c3:57:84:90:49:a7:f9:d2:0f:4e:9f:ef:8f:95:
dd:d2:d4:aa:88:99:06:c6:1d:66:c0:27:cb:96:89:
f9:dc:00:7b:8c:f6:71:31:18:07:84:b2:5d:ff:eb:
64:ed:e8:20:27:89:7d:83:e2:38:5b:51:9f:98:bc:
67:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:2F:69:4E:F4:4B:EA:33:53:B4:A1:6E:A4:6F:E9:5A:AA:37:D4:6D
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/Ry9pTvRL6jNTtKFupG_pWqo31G0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.47.192.0/18
46.151.172.0/24
62.16.101.0-62.16.109.255
62.16.112.0/24
62.16.117.0/24
62.16.119.0/24
62.182.128.0/21
79.171.8.0/21
80.247.176.0/20
81.3.128.0/18
81.24.128.0/20
82.140.64.0/18
82.196.64.0/19
84.204.0.0/17
84.204.132.0-84.204.136.255
84.204.138.0-84.204.183.255
84.204.188.0-84.204.255.255
91.193.212.0/22
93.153.128.0/17
94.25.248.0/21
95.137.0.0/17
109.74.112.0/20
109.124.64.0/18
176.192.126.0/23
195.5.128.0/19
195.131.14.0/24
195.131.38.0/24
195.144.224.0/19
212.14.160.0/19
212.44.64.0/19
212.119.160.0/19
213.154.160.0/19
213.168.32.0/19
213.172.0.0/19
213.182.160.0/19
217.195.64.0/19
IPv6:
2a03:d000:9008::/46
Signature Algorithm: sha256WithRSAEncryption
75:f5:5b:16:88:45:61:be:77:b9:e7:f3:8a:ac:da:f1:c8:f3:
45:f5:19:45:ab:86:a6:cb:f5:59:7b:de:46:3b:da:b8:27:a0:
7c:84:5d:67:79:53:3f:02:bc:16:75:77:11:5d:15:5c:fb:3a:
7a:d1:3a:e4:e4:73:7a:57:ad:49:c9:fc:1c:81:e9:3a:e2:d6:
e0:bb:91:5e:73:1a:25:3d:cb:4a:b6:53:f8:15:2c:75:1e:a1:
31:5e:33:ed:67:d7:b5:4d:c4:86:85:22:20:0f:d7:ca:7e:1b:
5d:15:c5:e7:8a:f2:ed:05:08:7b:08:78:4a:85:91:62:1b:43:
04:03:6e:e0:c2:43:c5:19:87:65:2e:4d:d9:6c:2f:45:36:6e:
8f:e5:65:8e:9e:2f:a8:09:6a:24:7c:5f:58:bb:9e:5f:37:64:
14:9c:c6:57:c4:13:56:3c:d8:91:d5:62:aa:c5:9b:38:46:79:
66:7e:f3:dc:34:2b:f4:cc:2a:e8:f4:0b:96:14:b3:89:d0:ef:
31:90:f2:07:dd:a1:65:a5:65:a9:ab:36:8a:5b:3b:6f:69:3a:
e5:b4:d1:cd:33:f9:5b:ae:d8:ea:68:1c:34:36:39:10:1d:03:
53:f5:50:f7:a5:e4:a8:c7:2e:53:2c:4d:06:f5:8e:bd:6e:fb:
dd:40:3f:fc
-----BEGIN CERTIFICATE-----
MIIGBzCCBO+gAwIBAgISAZ2+OqKHf0r1ua3L+vDbOpCxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjYwNDI0MDY0MzI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzJmNjk0ZWY0NGJlYTMzNTNiNGExNmVhNDZmZTk1YWFhMzdkNDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuumSHvC7KSAKOSdU96YN9iH/sFOD
q7qyrtc6YLt0YcsO+CtpXZkXIXWYzI5jqdiIHQdn+S6bzHKMp2FZl0MIvDEnn+mV
EVsL5+6cR3Ibg0nJnEAf19GnLRFnzBqlKPqBOn3IxeEdBC23GCAltV5HZS4LOzfj
lzvGmWfAGZAU0VqoReox5M8gQRxd3me4aU3i31Dkg6BVkQ0u0saV4x27I0NBGyZq
3rG6dT7YQasEBc+BJeYPiovt5QZGiMJAtgKywaj9w1eEkEmn+dIPTp/vj5Xd0tSq
iJkGxh1mwCfLlon53AB7jPZxMRgHhLJd/+tk7eggJ4l9g+I4W1GfmLxnaQIDAQAB
o4IDEzCCAw8wHQYDVR0OBBYEFEcvaU70S+ozU7ShbqRv6VqqN9RtMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvUnk5cFR2Ukw2ak5UdEtGdXBHX3BXcW8zMUcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBJwYIKwYBBQUHAQcBAf8EggEWMIIBEjCB/gQCAAEwgfcD
BAYuL8ADBAAul6wwDAMEAD4QZQMEAT4QbAMEAD4QcAMEAD4QdQMEAD4QdwMEAz62
gAMEA0+rCAMEBFD3sAMEBlEDgAMEBFEYgAMEBlKMQAMEBVLEQAMEB1TMADAMAwQC
VMyEAwQAVMyIMAwDBAFUzIoDBANUzLAwCwMEAlTMvAMDAFTMAwQCW8HUAwQHXZmA
AwQDXhn4AwQHX4kAAwQEbUpwAwQGbXxAAwQBsMB+AwQFwwWAAwQAw4MOAwQAw4Mm
AwQFw5DgAwQF1A6gAwQF1CxAAwQF1HegAwQF1ZqgAwQF1aggAwQF1awAAwQF1bag
AwQF2cNAMA8EAgACMAkDBwIqA9AAkAgwDQYJKoZIhvcNAQELBQADggEBAHX1WxaI
RWG+d7nn84qs2vHI80X1GUWrhqbL9Vl73kY72rgnoHyEXWd5Uz8CvBZ1dxFdFVz7
OnrROuTkc3pXrUnJ/ByB6Tri1uC7kV5zGiU9y0q2U/gVLHUeoTFeM+1n17VNxIaF
IiAP18p+G10VxeeK8u0FCHsIeEqFkWIbQwQDbuDCQ8UZh2UuTdlsL0U2bo/lZY6e
L6gJaiR8X1i7nl83ZBScxlfEE1Y82JHVYqrFmzhGeWZ+89w0K/TMKuj0C5YUs4nQ
7zGQ8gfdoWWlZamrNopbO29pOuW00c0z+Vuu2OpoHDQ2ORAdA1P1UPel5KjHLlMs
TQb1jr1u+91AP/w=
-----END CERTIFICATE-----
Generated at Mon Apr 27 11:52:42 2026 by rpki-client