Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/107266-ab51-462b-9fc2-a7c9898eecbc/1/LNyRIOVIdfmnv0KT3cEWY7LrXtw.roa
File: LNyRIOVIdfmnv0KT3cEWY7LrXtw.roa (raw, json)
Hash identifier: /wQ+VdP6JQWiEZ1exV0bWo3UXW0mDc5tG2r3uhT7BTk=
Subject key identifier: 2C:DC:91:20:E5:48:75:F9:A7:BF:42:93:DD:C1:16:63:B2:EB:5E:DC
Certificate issuer: /CN=1f46f57735a4e63dbef848ee0d9d199e215f8304
Certificate serial: 019D2E0783F45361152E4190E00D8A64B8A4
Authority key identifier: 1F:46:F5:77:35:A4:E6:3D:BE:F8:48:EE:0D:9D:19:9E:21:5F:83:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H0b1dzWk5j2--EjuDZ0ZniFfgwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/107266-ab51-462b-9fc2-a7c9898eecbc/1/LNyRIOVIdfmnv0KT3cEWY7LrXtw.roa
Signing time: Fri 27 Mar 2026 06:42:17 +0000
ROA not before: Fri 27 Mar 2026 06:42:17 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 24940
IP address blocks: 5.9.0.0/16 maxlen: 24
5.75.128.0/17 maxlen: 24
5.161.0.0/16 maxlen: 24
23.88.0.0/17 maxlen: 24
37.27.0.0/16 maxlen: 24
46.4.0.0/16 maxlen: 24
46.62.128.0/17 maxlen: 24
46.224.0.0/15 maxlen: 24
49.12.0.0/16 maxlen: 24
49.13.0.0/16 maxlen: 24
62.238.0.0/17 maxlen: 24
65.21.0.0/16 maxlen: 24
65.108.0.0/16 maxlen: 24
65.109.0.0/16 maxlen: 24
77.42.0.0/17 maxlen: 24
78.46.0.0/15 maxlen: 24
85.10.192.0/18 maxlen: 24
88.99.0.0/16 maxlen: 24
88.198.0.0/16 maxlen: 24
89.167.0.0/17 maxlen: 24
91.98.0.0/16 maxlen: 24
91.99.0.0/16 maxlen: 24
91.107.128.0/17 maxlen: 24
94.130.0.0/16 maxlen: 24
95.216.0.0/16 maxlen: 24
95.217.0.0/16 maxlen: 24
116.202.0.0/16 maxlen: 24
116.203.0.0/16 maxlen: 24
128.140.0.0/17 maxlen: 24
135.181.0.0/16 maxlen: 24
138.199.128.0/17 maxlen: 24
142.132.128.0/17 maxlen: 24
157.90.0.0/16 maxlen: 24
157.180.0.0/17 maxlen: 24
159.69.0.0/16 maxlen: 24
162.55.0.0/16 maxlen: 24
167.233.0.0/16 maxlen: 24
167.235.0.0/16 maxlen: 24
168.119.0.0/16 maxlen: 24
176.9.0.0/16 maxlen: 24
178.63.0.0/16 maxlen: 24
178.104.0.0/15 maxlen: 24
185.12.64.0/22 maxlen: 24
188.34.128.0/17 maxlen: 24
188.40.0.0/16 maxlen: 24
188.245.0.0/16 maxlen: 24
195.201.0.0/16 maxlen: 24
204.168.128.0/17 maxlen: 24
213.133.96.0/19 maxlen: 24
213.239.192.0/18 maxlen: 24
2a01:4f8::/32 maxlen: 48
2a01:4f9::/32 maxlen: 48
2a01:4ff:ff01::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/107266-ab51-462b-9fc2-a7c9898eecbc/1/H0b1dzWk5j2--EjuDZ0ZniFfgwQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/107266-ab51-462b-9fc2-a7c9898eecbc/1/H0b1dzWk5j2--EjuDZ0ZniFfgwQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/H0b1dzWk5j2--EjuDZ0ZniFfgwQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 12:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2e:07:83:f4:53:61:15:2e:41:90:e0:0d:8a:64:b8:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f46f57735a4e63dbef848ee0d9d199e215f8304
Validity
Not Before: Mar 27 06:42:17 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2cdc9120e54875f9a7bf4293ddc11663b2eb5edc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:69:ef:17:0c:07:72:7a:f1:eb:72:64:51:06:
89:4c:1f:fa:6f:27:99:00:3a:06:97:56:30:6f:71:
42:10:2f:a6:6b:83:18:a4:24:0d:a8:45:2d:f5:89:
ee:82:17:28:80:a2:1b:7a:b6:be:d8:4c:a0:f9:3f:
96:c3:09:c4:09:ce:48:ad:84:0c:b5:af:62:e3:f1:
e8:db:0a:1e:a9:b6:c4:80:6d:57:a8:a9:c3:fa:9b:
ed:e8:d8:2f:12:2e:ea:22:9e:53:e0:a4:53:8f:5d:
eb:c9:31:8f:b1:c8:f3:2b:b5:ea:b2:62:08:a5:1d:
0d:aa:42:fd:a9:92:64:ab:75:d8:e5:ff:61:19:18:
9f:af:57:69:70:4a:bf:ec:f7:89:19:f1:c9:98:bb:
47:f4:b3:e4:36:e2:2b:43:7b:89:4b:ec:d1:ed:cc:
39:1a:5a:e8:29:41:38:56:7b:b0:0c:4a:19:f5:ac:
c6:55:f4:4d:eb:6f:f9:14:df:53:48:44:05:00:49:
52:f7:9d:77:6d:2a:d5:b9:c1:24:8b:c4:9f:68:20:
4a:1c:87:7f:ef:34:0f:ed:71:c6:93:54:cd:a6:f5:
e8:b7:1b:4b:01:c9:81:b2:e8:ca:e2:44:b1:f2:83:
68:79:30:d2:57:8a:f4:ea:18:2e:ec:e9:9f:b2:10:
f1:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:DC:91:20:E5:48:75:F9:A7:BF:42:93:DD:C1:16:63:B2:EB:5E:DC
X509v3 Authority Key Identifier:
keyid:1F:46:F5:77:35:A4:E6:3D:BE:F8:48:EE:0D:9D:19:9E:21:5F:83:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H0b1dzWk5j2--EjuDZ0ZniFfgwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/107266-ab51-462b-9fc2-a7c9898eecbc/1/LNyRIOVIdfmnv0KT3cEWY7LrXtw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/107266-ab51-462b-9fc2-a7c9898eecbc/1/H0b1dzWk5j2--EjuDZ0ZniFfgwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.9.0.0/16
5.75.128.0/17
5.161.0.0/16
23.88.0.0/17
37.27.0.0/16
46.4.0.0/16
46.62.128.0/17
46.224.0.0/15
49.12.0.0/15
62.238.0.0/17
65.21.0.0/16
65.108.0.0/15
77.42.0.0/17
78.46.0.0/15
85.10.192.0/18
88.99.0.0/16
88.198.0.0/16
89.167.0.0/17
91.98.0.0/15
91.107.128.0/17
94.130.0.0/16
95.216.0.0/15
116.202.0.0/15
128.140.0.0/17
135.181.0.0/16
138.199.128.0/17
142.132.128.0/17
157.90.0.0/16
157.180.0.0/17
159.69.0.0/16
162.55.0.0/16
167.233.0.0/16
167.235.0.0/16
168.119.0.0/16
176.9.0.0/16
178.63.0.0/16
178.104.0.0/15
185.12.64.0/22
188.34.128.0/17
188.40.0.0/16
188.245.0.0/16
195.201.0.0/16
204.168.128.0/17
213.133.96.0/19
213.239.192.0/18
IPv6:
2a01:4f8::/31
2a01:4ff:ff01::/48
Signature Algorithm: sha256WithRSAEncryption
8b:99:32:32:be:26:73:cb:db:1d:5c:e5:0a:d4:01:34:40:d8:
5d:fe:60:3d:e6:72:03:28:77:c8:1a:40:da:6c:79:0f:be:ee:
2e:ed:60:bb:77:dd:71:ef:2d:7d:0d:8c:62:88:e9:3d:87:91:
37:df:6f:97:b1:9f:06:fd:43:46:67:d1:c6:f9:f8:4e:84:2d:
87:5a:89:ea:89:f4:8c:c4:87:d1:d9:54:14:1c:22:9c:07:c6:
5d:44:22:b9:ee:d6:5d:87:1a:37:dc:db:52:bf:69:9d:2b:3f:
ac:bf:67:3a:fb:c5:e7:63:c8:f0:0c:f9:e2:c7:fa:54:11:24:
0b:e7:48:b9:2a:d6:2e:af:ac:f8:d3:66:1c:8b:99:f9:8c:f8:
68:be:19:fc:62:ba:67:fe:f1:e9:c0:d7:ed:5c:9e:e9:c6:67:
e6:1a:43:e6:c0:e5:33:a1:92:6e:04:3e:4f:f6:d5:21:44:81:
38:42:87:13:1e:65:b8:ae:40:f0:c2:4c:32:af:e8:c1:d2:a6:
79:57:05:26:22:5d:e4:49:0f:4b:f4:1a:66:01:d8:21:b3:e4:
55:ce:86:9b:01:b7:17:b4:92:af:d5:25:05:26:21:84:72:8e:
6b:7e:64:90:15:0b:d4:06:29:dc:e1:8c:65:5e:d2:91:03:e9:
d6:c5:67:4b
-----BEGIN CERTIFICATE-----
MIIGCTCCBPGgAwIBAgISAZ0uB4P0U2EVLkGQ4A2KZLikMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNDZmNTc3MzVhNGU2M2RiZWY4NDhlZTBkOWQxOTllMjE1
ZjgzMDQwHhcNMjYwMzI3MDY0MjE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyY2RjOTEyMGU1NDg3NWY5YTdiZjQyOTNkZGMxMTY2M2IyZWI1ZWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlmnvFwwHcnrx63JkUQaJTB/6byeZ
ADoGl1Ywb3FCEC+ma4MYpCQNqEUt9YnughcogKIbera+2Eyg+T+WwwnECc5IrYQM
ta9i4/Ho2woeqbbEgG1XqKnD+pvt6NgvEi7qIp5T4KRTj13ryTGPscjzK7XqsmII
pR0NqkL9qZJkq3XY5f9hGRifr1dpcEq/7PeJGfHJmLtH9LPkNuIrQ3uJS+zR7cw5
GlroKUE4VnuwDEoZ9azGVfRN62/5FN9TSEQFAElS9513bSrVucEki8SfaCBKHId/
7zQP7XHGk1TNpvXotxtLAcmBsujK4kSx8oNoeTDSV4r06hgu7OmfshDxBQIDAQAB
o4IDFTCCAxEwHQYDVR0OBBYEFCzckSDlSHX5p79Ck93BFmOy617cMB8GA1UdIwQY
MBaAFB9G9Xc1pOY9vvhI7g2dGZ4hX4MEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDBiMWR6V2s1ajItLUVqdURaMFpuaUZmZ3dRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy8xMDcyNjYtYWI1MS00NjJiLTlmYzIt
YTdjOTg5OGVlY2JjLzEvTE55UklPVklkZm1udjBLVDNjRVdZN0xyWHR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy8xMDcyNjYtYWI1MS00NjJiLTlmYzItYTdjOTg5OGVlY2Jj
LzEvSDBiMWR6V2s1ajItLUVqdURaMFpuaUZmZ3dRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBKQYIKwYBBQUHAQcBAf8EggEYMIIBFDCB+QQCAAEwgfID
AwAFCQMEBwVLgAMDAAWhAwQHF1gAAwMAJRsDAwAuBAMEBy4+gAMDAS7gAwMBMQwD
BAc+7gADAwBBFQMDAUFsAwQHTSoAAwMBTi4DBAZVCsADAwBYYwMDAFjGAwQHWacA
AwMBW2IDBAdba4ADAwBeggMDAV/YAwMBdMoDBAeAjAADAwCHtQMEB4rHgAMEB46E
gAMDAJ1aAwQHnbQAAwMAn0UDAwCiNwMDAKfpAwMAp+sDAwCodwMDALAJAwMAsj8D
AwGyaAMEArkMQAMEB7wigAMDALwoAwMAvPUDAwDDyQMEB8yogAMEBdWFYAMEBtXv
wDAWBAIAAjAQAwUBKgEE+AMHACoBBP//ATANBgkqhkiG9w0BAQsFAAOCAQEAi5ky
Mr4mc8vbHVzlCtQBNEDYXf5gPeZyAyh3yBpA2mx5D77uLu1gu3fdce8tfQ2MYojp
PYeRN99vl7GfBv1DRmfRxvn4ToQth1qJ6on0jMSH0dlUFBwinAfGXUQiue7WXYca
N9zbUr9pnSs/rL9nOvvF52PI8Az54sf6VBEkC+dIuSrWLq+s+NNmHIuZ+Yz4aL4Z
/GK6Z/7x6cDX7Vye6cZn5hpD5sDlM6GSbgQ+T/bVIUSBOEKHEx5luK5A8MJMMq/o
wdKmeVcFJiJd5EkPS/QaZgHYIbPkVc6GmwG3F7SSr9UlBSYhhHKOa35kkBUL1AYp
3OGMZV7SkQPp1sVnSw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 19:58:28 2026 by rpki-client