Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/lanlJ5rB6wQWgXV5n1fZP5V_cXM.roa
File: lanlJ5rB6wQWgXV5n1fZP5V_cXM.roa (raw, json)
Hash identifier: QU6CLjYyTDXN/FecbtZxvasP7u+aD+28/uME0Ulum5Y=
Subject key identifier: 95:A9:E5:27:9A:C1:EB:04:16:81:75:79:9F:57:D9:3F:95:7F:71:73
Certificate issuer: /CN=aca66a5938af567a9e29b4f76f115607c2b8aa20
Certificate serial: 019D9C0DC249F0220B88F6BF78BA97E48E2E
Authority key identifier: AC:A6:6A:59:38:AF:56:7A:9E:29:B4:F7:6F:11:56:07:C2:B8:AA:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rKZqWTivVnqeKbT3bxFWB8K4qiA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/lanlJ5rB6wQWgXV5n1fZP5V_cXM.roa
Signing time: Fri 17 Apr 2026 15:27:20 +0000
ROA not before: Fri 17 Apr 2026 15:27:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 22616
IP address blocks: 137.31.15.0/24 maxlen: 24
137.31.49.0/24 maxlen: 24
147.161.128.0/23 maxlen: 24
159.254.58.0/23 maxlen: 24
159.254.60.0/23 maxlen: 24
159.254.64.0/23 maxlen: 24
159.254.66.0/23 maxlen: 24
159.254.69.0/24 maxlen: 24
159.254.84.0/24 maxlen: 24
159.254.85.0/24 maxlen: 24
159.254.86.0/24 maxlen: 24
159.254.92.0/24 maxlen: 24
159.254.93.0/24 maxlen: 24
159.254.94.0/24 maxlen: 24
159.254.95.0/24 maxlen: 24
159.254.96.0/24 maxlen: 24
159.254.97.0/24 maxlen: 24
159.254.99.0/24 maxlen: 24
159.254.100.0/24 maxlen: 24
159.254.182.0/23 maxlen: 24
159.254.184.0/23 maxlen: 24
159.254.202.0/24 maxlen: 24
159.254.209.0/24 maxlen: 24
159.254.217.0/24 maxlen: 24
159.254.220.0/24 maxlen: 24
159.254.221.0/24 maxlen: 24
159.254.240.0/24 maxlen: 24
159.254.241.0/24 maxlen: 24
164.137.4.0/24 maxlen: 24
164.137.5.0/24 maxlen: 24
164.137.6.0/24 maxlen: 24
164.137.7.0/24 maxlen: 24
164.137.8.0/24 maxlen: 24
164.137.9.0/24 maxlen: 24
164.137.10.0/24 maxlen: 24
164.137.11.0/24 maxlen: 24
164.137.12.0/24 maxlen: 24
164.137.13.0/24 maxlen: 24
164.137.14.0/24 maxlen: 24
164.137.15.0/24 maxlen: 24
164.137.16.0/24 maxlen: 24
164.137.17.0/24 maxlen: 24
164.137.18.0/24 maxlen: 24
164.137.19.0/24 maxlen: 24
164.137.20.0/24 maxlen: 24
164.137.21.0/24 maxlen: 24
164.137.22.0/24 maxlen: 24
164.137.23.0/24 maxlen: 24
164.137.24.0/24 maxlen: 24
164.137.25.0/24 maxlen: 24
164.137.26.0/24 maxlen: 24
164.137.27.0/24 maxlen: 24
164.137.28.0/24 maxlen: 24
164.137.29.0/24 maxlen: 24
164.137.30.0/24 maxlen: 24
164.137.31.0/24 maxlen: 24
164.137.32.0/24 maxlen: 24
164.137.33.0/24 maxlen: 24
164.137.34.0/24 maxlen: 24
164.137.35.0/24 maxlen: 24
164.137.36.0/24 maxlen: 24
164.137.37.0/24 maxlen: 24
164.137.38.0/24 maxlen: 24
164.137.39.0/24 maxlen: 24
164.137.40.0/24 maxlen: 24
164.137.41.0/24 maxlen: 24
164.137.42.0/24 maxlen: 24
164.137.43.0/24 maxlen: 24
164.137.44.0/24 maxlen: 24
164.137.45.0/24 maxlen: 24
164.137.46.0/24 maxlen: 24
164.137.47.0/24 maxlen: 24
164.137.48.0/24 maxlen: 24
164.137.49.0/24 maxlen: 24
164.137.50.0/24 maxlen: 24
164.137.51.0/24 maxlen: 24
164.137.52.0/24 maxlen: 24
164.137.53.0/24 maxlen: 24
220.42.0.0/16 maxlen: 24
220.43.0.0/16 maxlen: 24
2a03:eec0:3212::/48 maxlen: 48
2a03:eec0:321b::/48 maxlen: 48
2a03:eec0:322b::/48 maxlen: 48
2a03:eec0:322c::/48 maxlen: 48
2a03:eec0:322d::/48 maxlen: 48
2a03:eec0:322e::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/rKZqWTivVnqeKbT3bxFWB8K4qiA.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/rKZqWTivVnqeKbT3bxFWB8K4qiA.mft
rsync://rpki.ripe.net/repository/DEFAULT/rKZqWTivVnqeKbT3bxFWB8K4qiA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 03 May 2026 17:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9c:0d:c2:49:f0:22:0b:88:f6:bf:78:ba:97:e4:8e:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aca66a5938af567a9e29b4f76f115607c2b8aa20
Validity
Not Before: Apr 17 15:27:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=95a9e5279ac1eb04168175799f57d93f957f7173
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:be:73:8a:a2:c1:37:bc:55:1e:4a:94:7b:89:
c7:20:64:df:3c:25:89:dd:ce:cc:0f:67:62:75:d5:
a6:71:a0:1e:47:c4:39:0b:30:b0:d3:e5:a5:12:24:
02:34:0a:f6:6a:e4:17:c5:34:32:15:a8:bb:00:26:
af:7f:81:ec:9b:49:f6:79:c2:4d:12:1e:53:ff:bf:
80:8c:99:03:3c:6c:89:d8:ae:68:70:9e:97:16:9c:
ca:e2:88:af:40:b0:9e:e0:c7:7d:0e:4f:a7:ca:2c:
9d:1a:f1:81:8e:b8:6c:9f:1c:c2:0c:58:34:e6:f4:
41:da:22:6e:74:e5:a3:ec:f7:a1:7c:e6:78:4d:81:
84:90:bb:fc:17:8d:6b:c7:2f:2d:de:9f:9e:c2:48:
c8:0d:39:e0:1f:01:70:f0:5e:bf:12:cf:d2:a8:bb:
04:dd:e3:f1:b9:8c:6f:40:69:23:47:f7:1b:7c:40:
fe:27:56:58:70:c7:34:79:b1:cb:54:2f:eb:68:9a:
dd:2b:e3:c4:11:75:d8:82:c7:77:66:41:a9:c4:9e:
e5:0e:f5:54:fe:8e:e9:15:c4:95:49:07:48:92:61:
0e:92:21:0f:9b:7b:37:ad:46:38:4f:41:24:0c:41:
5d:9b:27:d4:3a:ca:a0:fd:82:f7:11:3d:c7:b7:34:
58:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:A9:E5:27:9A:C1:EB:04:16:81:75:79:9F:57:D9:3F:95:7F:71:73
X509v3 Authority Key Identifier:
keyid:AC:A6:6A:59:38:AF:56:7A:9E:29:B4:F7:6F:11:56:07:C2:B8:AA:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rKZqWTivVnqeKbT3bxFWB8K4qiA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/lanlJ5rB6wQWgXV5n1fZP5V_cXM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/rKZqWTivVnqeKbT3bxFWB8K4qiA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
137.31.15.0/24
137.31.49.0/24
147.161.128.0/23
159.254.58.0-159.254.61.255
159.254.64.0/22
159.254.69.0/24
159.254.84.0-159.254.86.255
159.254.92.0-159.254.97.255
159.254.99.0-159.254.100.255
159.254.182.0-159.254.185.255
159.254.202.0/24
159.254.209.0/24
159.254.217.0/24
159.254.220.0/23
159.254.240.0/23
164.137.4.0-164.137.53.255
220.42.0.0/15
IPv6:
2a03:eec0:3212::/48
2a03:eec0:321b::/48
2a03:eec0:322b::-2a03:eec0:322e:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
76:c9:d1:7a:7a:5e:91:af:65:9d:93:ce:f3:30:ce:65:17:ac:
3a:3f:c4:b2:83:ef:f6:04:7a:ee:e8:d8:ce:1b:c0:28:a7:f0:
84:56:95:ca:01:f7:4a:6c:44:3d:2b:9e:21:8f:e2:ec:4d:b5:
b7:16:b5:df:e5:43:b2:c1:d3:30:9e:e1:7d:a5:a5:1b:af:da:
db:37:2d:12:34:a8:f0:9f:02:14:00:50:bd:7f:cb:f3:46:4a:
90:be:c3:23:e7:3e:b3:60:be:7a:14:15:91:c8:38:7e:81:21:
f4:6d:6c:dc:d3:0d:54:1e:09:3f:02:10:5a:1e:dd:0c:da:7a:
cb:4a:46:63:0e:74:32:fc:0b:66:41:e4:93:e6:cc:39:52:59:
e1:e4:8d:0c:c0:41:91:fe:75:6d:2c:d6:57:39:67:15:c7:53:
14:5f:bb:75:f6:65:c6:20:99:e2:84:eb:92:cd:48:7d:c6:1e:
36:bd:cd:73:63:a7:dd:26:0c:b1:e7:b4:39:01:f3:be:67:3e:
cf:2b:cb:bf:86:4b:00:3e:bf:43:c4:5f:e0:4f:7f:74:32:f9:
39:14:72:c8:7b:72:3b:f3:14:35:4a:85:3b:06:23:65:f0:52:
f2:23:48:86:29:47:f5:bd:ea:0b:c9:28:b7:ee:da:cf:06:80:
fd:58:5c:cc
-----BEGIN CERTIFICATE-----
MIIFvzCCBKegAwIBAgISAZ2cDcJJ8CILiPa/eLqX5I4uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjYTY2YTU5MzhhZjU2N2E5ZTI5YjRmNzZmMTE1NjA3YzJi
OGFhMjAwHhcNMjYwNDE3MTUyNzIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWE5ZTUyNzlhYzFlYjA0MTY4MTc1Nzk5ZjU3ZDkzZjk1N2Y3MTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs75ziqLBN7xVHkqUe4nHIGTfPCWJ
3c7MD2diddWmcaAeR8Q5CzCw0+WlEiQCNAr2auQXxTQyFai7ACavf4Hsm0n2ecJN
Eh5T/7+AjJkDPGyJ2K5ocJ6XFpzK4oivQLCe4Md9Dk+nyiydGvGBjrhsnxzCDFg0
5vRB2iJudOWj7PehfOZ4TYGEkLv8F41rxy8t3p+ewkjIDTngHwFw8F6/Es/SqLsE
3ePxuYxvQGkjR/cbfED+J1ZYcMc0ebHLVC/raJrdK+PEEXXYgsd3ZkGpxJ7lDvVU
/o7pFcSVSQdIkmEOkiEPm3s3rUY4T0EkDEFdmyfUOsqg/YL3ET3HtzRY/QIDAQAB
o4ICyzCCAscwHQYDVR0OBBYEFJWp5SeawesEFoF1eZ9X2T+Vf3FzMB8GA1UdIwQY
MBaAFKymalk4r1Z6nim0928RVgfCuKogMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcktacVdUaXZWbnFlS2JUM2J4RldCOEs0cWlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8xNTA4OWItMThkNy00ZmYwLTlkMjgt
YjliNjU0MDJiOTI4LzEvbGFubEo1ckI2d1FXZ1hWNW4xZlpQNVZfY1hNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8xNTA4OWItMThkNy00ZmYwLTlkMjgtYjliNjU0MDJiOTI4
LzEvcktacVdUaXZWbnFlS2JUM2J4RldCOEs0cWlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHgBggrBgEFBQcBBwEB/wSB0DCBzTCBnAQCAAEwgZUDBACJ
Hw8DBACJHzEDBAGToYAwDAMEAZ/+OgMEAZ/+PAMEAp/+QAMEAJ/+RTAMAwQCn/5U
AwQAn/5WMAwDBAKf/lwDBAGf/mAwDAMEAJ/+YwMEAJ/+ZDAMAwQBn/62AwQBn/64
AwQAn/7KAwQAn/7RAwQAn/7ZAwQBn/7cAwQBn/7wMAwDBAKkiQQDBAGkiTQDAwHc
KjAsBAIAAjAmAwcAKgPuwDISAwcAKgPuwDIbMBIDBwAqA+7AMisDBwAqA+7AMi4w
DQYJKoZIhvcNAQELBQADggEBAHbJ0Xp6XpGvZZ2TzvMwzmUXrDo/xLKD7/YEeu7o
2M4bwCin8IRWlcoB90psRD0rniGP4uxNtbcWtd/lQ7LB0zCe4X2lpRuv2ts3LRI0
qPCfAhQAUL1/y/NGSpC+wyPnPrNgvnoUFZHIOH6BIfRtbNzTDVQeCT8CEFoe3Qza
estKRmMOdDL8C2ZB5JPmzDlSWeHkjQzAQZH+dW0s1lc5ZxXHUxRfu3X2ZcYgmeKE
65LNSH3GHja9zXNjp90mDLHntDkB875nPs8ry7+GSwA+v0PEX+BPf3Qy+TkUcsh7
cjvzFDVKhTsGI2XwUvIjSIYpR/W96gvJKLfu2s8GgP1YXMw=
-----END CERTIFICATE-----
Generated at Sun May 3 03:26:51 2026 by rpki-client