Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/lbAKS8HgzACi9-c3CHoIaybcuLY.roa
File: lbAKS8HgzACi9-c3CHoIaybcuLY.roa (raw, json)
Hash identifier: gT9s9zRSBwQxF0eI39t9pg5r5yxkQVHgfH2aP0EMllY=
Subject key identifier: 95:B0:0A:4B:C1:E0:CC:00:A2:F7:E7:37:08:7A:08:6B:26:DC:B8:B6
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0199851F453F454F8D7F1FB950A088410915
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/lbAKS8HgzACi9-c3CHoIaybcuLY.roa
Signing time: Fri 26 Sep 2025 08:24:03 +0000
ROA not before: Fri 26 Sep 2025 08:24:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9304
IP address blocks: 37.252.26.0/24 maxlen: 24
77.93.136.0/24 maxlen: 24
79.99.76.0/24 maxlen: 24
80.240.88.0/21 maxlen: 24
82.152.10.0/24 maxlen: 24
82.152.28.0/24 maxlen: 24
82.152.70.0/24 maxlen: 24
82.152.71.0/24 maxlen: 24
82.152.92.0/24 maxlen: 24
82.152.102.0/24 maxlen: 24
82.152.107.0/24 maxlen: 24
82.152.118.0/24 maxlen: 24
82.153.41.0/24 maxlen: 24
82.153.55.0/24 maxlen: 24
82.153.86.0/24 maxlen: 24
82.153.144.0/24 maxlen: 24
82.153.220.0/24 maxlen: 24
82.153.255.0/24 maxlen: 24
82.163.24.0/21 maxlen: 24
89.213.127.0/24 maxlen: 24
89.213.129.0/24 maxlen: 24
89.213.132.0/24 maxlen: 24
89.213.167.0/24 maxlen: 24
89.213.191.0/24 maxlen: 24
89.213.212.0/24 maxlen: 24
89.213.224.0/24 maxlen: 24
109.176.20.0/24 maxlen: 24
109.176.201.0/24 maxlen: 24
213.130.135.0/24 maxlen: 24
213.210.11.0/24 maxlen: 24
213.210.41.0/24 maxlen: 24
213.218.255.0/24 maxlen: 24
217.144.153.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 Oct 2025 16:33:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:85:1f:45:3f:45:4f:8d:7f:1f:b9:50:a0:88:41:09:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Sep 26 08:24:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=95b00a4bc1e0cc00a2f7e737087a086b26dcb8b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:83:bb:a8:d8:5c:33:27:6b:f8:06:86:9f:7f:
e4:76:a2:68:ed:3a:27:d1:be:e0:64:db:a7:18:2f:
e6:ce:d1:57:7c:91:87:bb:a8:be:82:b6:ff:27:80:
23:3b:4e:bb:77:4c:17:09:5c:d8:3a:10:bb:77:bd:
b2:09:26:62:32:03:c0:0b:7e:f8:32:65:8c:06:5b:
ba:9a:c6:f7:3f:1c:37:eb:43:1f:99:4e:1a:ce:96:
ee:fd:95:10:41:96:49:c6:29:2f:4b:02:5a:c2:b3:
99:a5:10:05:ed:38:73:92:69:c8:16:14:04:3a:b3:
ea:c1:50:24:ad:0a:2d:0d:be:9d:56:3b:a4:d0:0d:
e8:7e:55:a8:32:7e:79:26:54:4e:79:b4:ec:15:ae:
36:e2:c4:be:6e:1c:a6:5f:dd:e6:34:27:ae:31:6c:
c1:82:9d:35:d5:de:39:58:6b:fd:8f:5c:74:fc:08:
1c:e6:43:0b:59:4a:e3:0f:0b:de:46:3d:eb:98:e1:
b3:94:a2:1b:42:a3:f2:77:b3:33:80:38:bf:08:ca:
0d:d1:e0:c8:6e:a9:4b:67:b4:e8:cf:68:49:c4:3b:
a3:9b:33:24:0d:61:e8:da:22:db:f2:8d:27:be:53:
42:83:8d:31:7a:e3:49:fe:64:32:31:32:9f:7c:6f:
b6:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:B0:0A:4B:C1:E0:CC:00:A2:F7:E7:37:08:7A:08:6B:26:DC:B8:B6
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/lbAKS8HgzACi9-c3CHoIaybcuLY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.252.26.0/24
77.93.136.0/24
79.99.76.0/24
80.240.88.0/21
82.152.10.0/24
82.152.28.0/24
82.152.70.0/23
82.152.92.0/24
82.152.102.0/24
82.152.107.0/24
82.152.118.0/24
82.153.41.0/24
82.153.55.0/24
82.153.86.0/24
82.153.144.0/24
82.153.220.0/24
82.153.255.0/24
82.163.24.0/21
89.213.127.0/24
89.213.129.0/24
89.213.132.0/24
89.213.167.0/24
89.213.191.0/24
89.213.212.0/24
89.213.224.0/24
109.176.20.0/24
109.176.201.0/24
213.130.135.0/24
213.210.11.0/24
213.210.41.0/24
213.218.255.0/24
217.144.153.0/24
Signature Algorithm: sha256WithRSAEncryption
49:90:7e:0b:23:6e:ad:b8:94:f4:f0:37:ff:cd:bb:ca:91:2d:
a7:6a:76:89:01:75:dd:48:e6:92:c0:c4:12:73:3f:7c:03:85:
94:87:99:98:65:62:63:4f:18:d3:bb:ca:4b:d3:f0:f8:7c:71:
61:9f:2d:d3:d2:29:fe:2a:fa:43:1d:41:c8:9b:75:74:76:4e:
1a:88:ce:a2:38:e3:0a:d6:a1:15:73:5c:58:65:ca:bf:c6:6a:
a8:8b:12:bb:3e:c2:28:58:0c:f8:91:e3:2c:f0:29:82:87:cb:
50:2a:e3:ee:2f:81:47:01:53:61:5c:a1:f9:8b:4b:1b:64:1e:
d9:98:27:ac:7b:4b:a3:6f:0d:dc:d4:b2:96:bd:f0:5b:d7:55:
05:5a:5b:5f:30:f4:76:ba:86:04:80:0b:ea:0e:8e:8d:ec:07:
04:b2:6c:9c:ce:cc:bf:0d:85:b0:7c:84:87:4c:e0:61:54:fc:
71:f2:f9:cc:3b:90:10:8b:68:24:0a:f9:20:a6:17:ff:95:82:
e9:6f:cf:09:f9:44:92:a3:ea:0f:33:78:4d:27:e8:f2:77:e7:
f0:af:df:18:6f:e9:eb:52:e3:0e:56:07:9f:16:06:3f:ea:94:
f4:92:f7:87:35:9b:45:ad:fd:1c:a4:1c:4c:71:a1:37:8e:03:
24:20:86:5a
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgISAZmFH0U/RU+Nfx+5UKCIQQkVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwOTI2MDgyNDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWIwMGE0YmMxZTBjYzAwYTJmN2U3MzcwODdhMDg2YjI2ZGNiOGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA04O7qNhcMydr+AaGn3/kdqJo7Ton
0b7gZNunGC/mztFXfJGHu6i+grb/J4AjO067d0wXCVzYOhC7d72yCSZiMgPAC374
MmWMBlu6msb3Pxw360MfmU4azpbu/ZUQQZZJxikvSwJawrOZpRAF7ThzkmnIFhQE
OrPqwVAkrQotDb6dVjuk0A3oflWoMn55JlROebTsFa424sS+bhymX93mNCeuMWzB
gp011d45WGv9j1x0/Agc5kMLWUrjDwveRj3rmOGzlKIbQqPyd7MzgDi/CMoN0eDI
bqlLZ7Toz2hJxDujmzMkDWHo2iLb8o0nvlNCg40xeuNJ/mQyMTKffG+2twIDAQAB
o4ICyDCCAsQwHQYDVR0OBBYEFJWwCkvB4MwAovfnNwh6CGsm3Li2MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvbGJBS1M4SGd6QUNpOS1jM0NIb0lheWJjdUxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHdBggrBgEFBQcBBwEB/wSBzTCByjCBxwQCAAEwgcADBAAl
/BoDBABNXYgDBABPY0wDBANQ8FgDBABSmAoDBABSmBwDBAFSmEYDBABSmFwDBABS
mGYDBABSmGsDBABSmHYDBABSmSkDBABSmTcDBABSmVYDBABSmZADBABSmdwDBABS
mf8DBANSoxgDBABZ1X8DBABZ1YEDBABZ1YQDBABZ1acDBABZ1b8DBABZ1dQDBABZ
1eADBABtsBQDBABtsMkDBADVgocDBADV0gsDBADV0ikDBADV2v8DBADZkJkwDQYJ
KoZIhvcNAQELBQADggEBAEmQfgsjbq24lPTwN//Nu8qRLadqdokBdd1I5pLAxBJz
P3wDhZSHmZhlYmNPGNO7ykvT8Ph8cWGfLdPSKf4q+kMdQcibdXR2ThqIzqI44wrW
oRVzXFhlyr/GaqiLErs+wihYDPiR4yzwKYKHy1Aq4+4vgUcBU2FcofmLSxtkHtmY
J6x7S6NvDdzUspa98FvXVQVaW18w9Ha6hgSAC+oOjo3sBwSybJzOzL8NhbB8hIdM
4GFU/HHy+cw7kBCLaCQK+SCmF/+Vgulvzwn5RJKj6g8zeE0n6PJ35/Cv3xhv6etS
4w5WB58WBj/qlPSS94c1m0Wt/RykHExxoTeOAyQghlo=
-----END CERTIFICATE-----
Generated at Thu Oct 9 01:27:59 2025 by rpki-client