Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/LNZtNVsCfoW-E6NFJ9ptL7t9C0Q.roa
File: LNZtNVsCfoW-E6NFJ9ptL7t9C0Q.roa (raw, json)
Hash identifier: QJbid0yFpLi9yyVK0PrqbTBqNBfWTsEDOtqv8dKETmc=
Subject key identifier: 2C:D6:6D:35:5B:02:7E:85:BE:13:A3:45:27:DA:6D:2F:BB:7D:0B:44
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 019A541AA2450E3353401E9AE091866B990B
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/LNZtNVsCfoW-E6NFJ9ptL7t9C0Q.roa
Signing time: Wed 05 Nov 2025 13:00:22 +0000
ROA not before: Wed 05 Nov 2025 13:00:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44559
IP address blocks: 31.222.248.0/24 maxlen: 24
45.142.39.0/24 maxlen: 24
157.22.20.0/24 maxlen: 24
157.22.21.0/24 maxlen: 24
157.22.22.0/24 maxlen: 24
157.22.23.0/24 maxlen: 24
157.22.24.0/24 maxlen: 24
157.22.25.0/24 maxlen: 24
157.22.26.0/24 maxlen: 24
157.22.27.0/24 maxlen: 24
157.22.28.0/24 maxlen: 24
157.22.29.0/24 maxlen: 24
157.22.30.0/24 maxlen: 24
157.22.31.0/24 maxlen: 24
157.22.32.0/24 maxlen: 24
157.22.33.0/24 maxlen: 24
157.22.34.0/24 maxlen: 24
157.22.35.0/24 maxlen: 24
157.22.36.0/24 maxlen: 24
157.22.37.0/24 maxlen: 24
157.22.38.0/24 maxlen: 24
157.22.39.0/24 maxlen: 24
157.22.40.0/24 maxlen: 24
157.22.42.0/24 maxlen: 24
157.22.43.0/24 maxlen: 24
157.22.48.0/24 maxlen: 24
157.22.49.0/24 maxlen: 24
157.22.51.0/24 maxlen: 24
157.22.52.0/24 maxlen: 24
157.22.53.0/24 maxlen: 24
157.22.54.0/24 maxlen: 24
157.22.55.0/24 maxlen: 24
157.22.56.0/24 maxlen: 24
157.22.57.0/24 maxlen: 24
157.22.59.0/24 maxlen: 24
157.22.60.0/24 maxlen: 24
157.22.61.0/24 maxlen: 24
157.22.62.0/24 maxlen: 24
157.22.63.0/24 maxlen: 24
157.22.64.0/24 maxlen: 24
157.22.66.0/24 maxlen: 24
157.22.67.0/24 maxlen: 24
157.22.68.0/24 maxlen: 24
157.22.69.0/24 maxlen: 24
157.22.70.0/24 maxlen: 24
157.22.71.0/24 maxlen: 24
157.22.76.0/24 maxlen: 24
157.22.77.0/24 maxlen: 24
157.22.78.0/24 maxlen: 24
157.22.79.0/24 maxlen: 24
157.22.80.0/24 maxlen: 24
157.22.81.0/24 maxlen: 24
157.22.82.0/24 maxlen: 24
157.22.83.0/24 maxlen: 24
157.22.84.0/24 maxlen: 24
157.22.85.0/24 maxlen: 24
157.22.86.0/24 maxlen: 24
157.22.87.0/24 maxlen: 24
157.22.88.0/24 maxlen: 24
157.22.89.0/24 maxlen: 24
157.22.90.0/24 maxlen: 24
157.22.91.0/24 maxlen: 24
157.22.92.0/24 maxlen: 24
157.22.93.0/24 maxlen: 24
157.22.94.0/24 maxlen: 24
157.22.95.0/24 maxlen: 24
157.22.96.0/24 maxlen: 24
157.22.98.0/24 maxlen: 24
157.22.99.0/24 maxlen: 24
157.22.104.0/24 maxlen: 24
157.22.105.0/24 maxlen: 24
157.22.107.0/24 maxlen: 24
157.22.108.0/24 maxlen: 24
157.22.109.0/24 maxlen: 24
157.22.110.0/24 maxlen: 24
157.22.111.0/24 maxlen: 24
157.22.112.0/24 maxlen: 24
157.22.113.0/24 maxlen: 24
157.22.114.0/24 maxlen: 24
157.22.115.0/24 maxlen: 24
157.22.117.0/24 maxlen: 24
157.22.118.0/24 maxlen: 24
157.22.120.0/24 maxlen: 24
157.22.121.0/24 maxlen: 24
157.22.122.0/24 maxlen: 24
157.22.123.0/24 maxlen: 24
176.56.37.0/24 maxlen: 24
178.212.143.0/24 maxlen: 24
185.46.175.0/24 maxlen: 24
185.92.211.0/24 maxlen: 24
185.161.79.0/24 maxlen: 24
193.56.29.0/24 maxlen: 24
194.32.238.0/24 maxlen: 24
194.32.239.0/24 maxlen: 24
194.56.180.0/24 maxlen: 24
195.64.110.0/24 maxlen: 24
195.96.146.0/24 maxlen: 24
212.18.103.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.mft
rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 09 Nov 2025 13:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:54:1a:a2:45:0e:33:53:40:1e:9a:e0:91:86:6b:99:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Nov 5 13:00:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2cd66d355b027e85be13a34527da6d2fbb7d0b44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:21:2a:72:58:1d:51:0e:1c:1d:bb:de:54:43:
df:db:28:05:fc:fd:4b:f9:6f:e5:97:98:0e:8f:05:
da:40:92:0a:a4:77:42:61:d6:f2:c2:c3:0b:73:de:
7d:2e:1e:1e:16:6b:29:40:4c:01:7d:ec:67:48:46:
3b:3d:88:1f:ad:3e:67:f1:0e:e0:1d:6d:5c:b2:43:
a7:e6:e5:7e:63:56:57:04:90:b4:da:96:1c:88:bd:
e3:d5:28:31:2b:c2:73:d8:df:cb:5f:4b:fb:a8:ca:
65:cc:02:8b:e1:a7:11:c6:ec:b1:fc:be:e3:22:fe:
0c:34:f8:bd:d8:77:5a:78:8d:b5:aa:b1:09:5b:b2:
0b:e2:b5:0e:40:a2:4d:2a:e1:44:fa:4f:ef:8c:1a:
31:4c:c5:24:4c:40:c1:c7:e1:a7:26:7d:21:cd:1e:
1b:e6:01:60:88:45:59:07:32:13:eb:64:c5:37:bf:
ef:9a:c3:53:84:47:d6:80:ae:db:3d:a1:cc:f6:19:
34:d2:35:e1:0f:f7:6d:8b:f0:8a:fc:30:61:99:fa:
54:ce:83:2f:1f:dd:2f:47:56:89:7a:68:77:11:e1:
b4:e6:92:f5:67:bd:41:28:16:91:4a:56:e9:e7:94:
37:17:c0:09:3c:2f:43:49:27:25:a4:c7:63:05:0a:
20:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:D6:6D:35:5B:02:7E:85:BE:13:A3:45:27:DA:6D:2F:BB:7D:0B:44
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/LNZtNVsCfoW-E6NFJ9ptL7t9C0Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.222.248.0/24
45.142.39.0/24
157.22.20.0-157.22.40.255
157.22.42.0/23
157.22.48.0/23
157.22.51.0-157.22.57.255
157.22.59.0-157.22.64.255
157.22.66.0-157.22.71.255
157.22.76.0-157.22.96.255
157.22.98.0/23
157.22.104.0/23
157.22.107.0-157.22.115.255
157.22.117.0-157.22.118.255
157.22.120.0/22
176.56.37.0/24
178.212.143.0/24
185.46.175.0/24
185.92.211.0/24
185.161.79.0/24
193.56.29.0/24
194.32.238.0/23
194.56.180.0/24
195.64.110.0/24
195.96.146.0/24
212.18.103.0/24
Signature Algorithm: sha256WithRSAEncryption
44:d5:40:1c:82:68:08:84:c0:75:95:5b:0d:ff:e0:f9:48:af:
fa:94:a2:d2:7d:7f:56:84:72:95:75:c1:4c:25:66:0e:1e:44:
73:f3:6c:83:10:6b:33:64:bc:aa:a3:37:47:0d:7f:1a:d7:2e:
2a:05:30:19:3e:a4:86:b4:76:c7:ae:e9:b5:e5:34:e4:08:f6:
bb:bc:06:26:86:bd:d0:b4:30:4d:21:6e:91:42:f2:c0:e1:cc:
c2:00:c6:81:38:9e:d0:78:71:c8:a0:a9:76:49:38:33:2e:64:
fc:f4:25:e9:ad:f1:af:82:28:d8:1b:c1:31:0b:66:dd:cd:25:
ca:6c:4d:f1:cd:3d:2b:7d:43:04:f1:ff:26:2c:54:7e:13:b2:
80:76:18:5c:5c:e2:55:89:50:d4:ed:be:a2:7a:7b:03:7a:be:
4a:17:47:20:de:a0:f3:bc:80:34:c6:d1:e2:23:5a:3c:20:f6:
d2:69:f5:4e:d3:ce:cd:5f:12:ae:0a:e1:e2:28:77:47:c8:e0:
6a:02:8f:9a:7d:44:bf:bf:5f:69:17:40:ad:f3:c1:8f:64:22:
ef:6d:cc:e5:d0:c1:9d:43:f2:ce:82:77:26:87:1d:ce:dd:f9:
1a:a0:8c:47:93:c5:e6:8b:20:77:05:7a:90:5e:da:83:03:84:
40:f6:25:fb
-----BEGIN CERTIFICATE-----
MIIFyjCCBLKgAwIBAgISAZpUGqJFDjNTQB6a4JGGa5kLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjUxMTA1MTMwMDIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyY2Q2NmQzNTViMDI3ZTg1YmUxM2EzNDUyN2RhNmQyZmJiN2QwYjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtCEqclgdUQ4cHbveVEPf2ygF/P1L
+W/ll5gOjwXaQJIKpHdCYdbywsMLc959Lh4eFmspQEwBfexnSEY7PYgfrT5n8Q7g
HW1cskOn5uV+Y1ZXBJC02pYciL3j1SgxK8Jz2N/LX0v7qMplzAKL4acRxuyx/L7j
Iv4MNPi92HdaeI21qrEJW7IL4rUOQKJNKuFE+k/vjBoxTMUkTEDBx+GnJn0hzR4b
5gFgiEVZBzIT62TFN7/vmsNThEfWgK7bPaHM9hk00jXhD/dti/CK/DBhmfpUzoMv
H90vR1aJemh3EeG05pL1Z71BKBaRSlbp55Q3F8AJPC9DSSclpMdjBQogSQIDAQAB
o4IC1jCCAtIwHQYDVR0OBBYEFCzWbTVbAn6FvhOjRSfabS+7fQtEMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvTE5adE5Wc0Nmb1ctRTZORko5cHRMN3Q5QzBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHrBggrBgEFBQcBBwEB/wSB2zCB2DCB1QQCAAEwgc4DBAAf
3vgDBAAtjicwDAMEAp0WFAMEAJ0WKAMEAZ0WKgMEAZ0WMDAMAwQAnRYzAwQBnRY4
MAwDBACdFjsDBACdFkAwDAMEAZ0WQgMEA50WQDAMAwQCnRZMAwQAnRZgAwQBnRZi
AwQBnRZoMAwDBACdFmsDBAKdFnAwDAMEAJ0WdQMEAJ0WdgMEAp0WeAMEALA4JQME
ALLUjwMEALkurwMEALlc0wMEALmhTwMEAME4HQMEAcIg7gMEAMI4tAMEAMNAbgME
AMNgkgMEANQSZzANBgkqhkiG9w0BAQsFAAOCAQEARNVAHIJoCITAdZVbDf/g+Uiv
+pSi0n1/VoRylXXBTCVmDh5Ec/NsgxBrM2S8qqM3Rw1/GtcuKgUwGT6khrR2x67p
teU05Aj2u7wGJoa90LQwTSFukULywOHMwgDGgTie0HhxyKCpdkk4My5k/PQl6a3x
r4Io2BvBMQtm3c0lymxN8c09K31DBPH/JixUfhOygHYYXFziVYlQ1O2+onp7A3q+
ShdHIN6g87yANMbR4iNaPCD20mn1TtPOzV8Srgrh4ih3R8jgagKPmn1Ev79faRdA
rfPBj2Qi723M5dDBnUPyzoJ3Jocdzt35GqCMR5PF5osgdwV6kF7agwOEQPYl+w==
-----END CERTIFICATE-----
Generated at Sat Nov 8 23:10:14 2025 by rpki-client