Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/LqvZMyaViQE8cvR-F47kJnjdaLQ.roa
File: LqvZMyaViQE8cvR-F47kJnjdaLQ.roa (raw, json)
Hash identifier: Gq/ZoEi72BnNGVU9SCunho4/vjXss/Uq7uXk6j5dM08=
Subject key identifier: 2E:AB:D9:33:26:95:89:01:3C:72:F4:7E:17:8E:E4:26:78:DD:68:B4
Certificate issuer: /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial: 019DAAD726E2B60D887AB3BD6A2B451207F6
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/LqvZMyaViQE8cvR-F47kJnjdaLQ.roa
Signing time: Mon 20 Apr 2026 12:22:00 +0000
ROA not before: Mon 20 Apr 2026 12:22:00 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 50670
IP address blocks: 62.72.161.0/24 maxlen: 24
62.72.162.0/24 maxlen: 24
62.72.170.0/24 maxlen: 24
62.72.171.0/24 maxlen: 24
62.72.174.0/24 maxlen: 24
62.72.187.0/24 maxlen: 24
62.72.191.0/24 maxlen: 24
81.21.0.0/21 maxlen: 21
81.21.0.0/24 maxlen: 24
81.21.1.0/24 maxlen: 24
81.21.2.0/24 maxlen: 24
81.21.3.0/24 maxlen: 24
81.21.4.0/24 maxlen: 24
81.21.5.0/24 maxlen: 24
81.21.6.0/24 maxlen: 24
81.21.7.0/24 maxlen: 24
81.21.8.0/22 maxlen: 22
81.21.8.0/24 maxlen: 24
81.21.9.0/24 maxlen: 24
81.21.10.0/24 maxlen: 24
81.21.11.0/24 maxlen: 24
81.21.12.0/24 maxlen: 24
81.21.13.0/24 maxlen: 24
81.21.14.0/24 maxlen: 24
81.21.15.0/24 maxlen: 24
109.237.192.0/20 maxlen: 24
109.237.192.0/24 maxlen: 24
109.237.193.0/24 maxlen: 24
109.237.194.0/24 maxlen: 24
109.237.195.0/24 maxlen: 24
109.237.196.0/24 maxlen: 24
109.237.197.0/24 maxlen: 24
109.237.198.0/24 maxlen: 24
109.237.199.0/24 maxlen: 24
109.237.200.0/24 maxlen: 24
109.237.201.0/24 maxlen: 24
109.237.202.0/24 maxlen: 24
109.237.203.0/24 maxlen: 24
109.237.204.0/24 maxlen: 24
109.237.205.0/24 maxlen: 24
109.237.206.0/24 maxlen: 24
109.237.207.0/24 maxlen: 24
176.57.56.0/24 maxlen: 24
176.57.57.0/24 maxlen: 24
176.241.64.0/21 maxlen: 24
176.241.64.0/24 maxlen: 24
176.241.65.0/24 maxlen: 24
176.241.66.0/24 maxlen: 24
176.241.67.0/24 maxlen: 24
176.241.68.0/24 maxlen: 24
176.241.69.0/24 maxlen: 24
176.241.70.0/24 maxlen: 24
176.241.71.0/24 maxlen: 24
178.20.184.0/21 maxlen: 24
178.20.184.0/24 maxlen: 24
178.20.185.0/24 maxlen: 24
178.20.186.0/24 maxlen: 24
178.20.187.0/24 maxlen: 24
178.20.188.0/24 maxlen: 24
178.20.189.0/24 maxlen: 24
178.20.190.0/24 maxlen: 24
178.20.191.0/24 maxlen: 24
185.51.212.0/22 maxlen: 22
185.51.212.0/24 maxlen: 24
185.51.213.0/24 maxlen: 24
185.51.214.0/24 maxlen: 24
185.51.215.0/24 maxlen: 24
185.193.176.0/22 maxlen: 22
185.193.176.0/24 maxlen: 24
185.193.177.0/24 maxlen: 24
185.193.178.0/24 maxlen: 24
185.193.179.0/24 maxlen: 24
2a01:1d0::/29 maxlen: 29
2a01:1d0::/32 maxlen: 32
2a0a:2740::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.mft
rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Apr 2026 12:22:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:aa:d7:26:e2:b6:0d:88:7a:b3:bd:6a:2b:45:12:07:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
Validity
Not Before: Apr 20 12:22:00 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2eabd933269589013c72f47e178ee42678dd68b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:df:f8:fe:19:59:4a:2b:6a:22:40:39:7a:5c:
bd:d2:4d:64:77:ce:70:c6:d7:62:ef:dc:3b:bf:f7:
b3:a0:96:e4:44:7f:2c:1e:0d:04:ac:b8:3f:73:d8:
c6:c4:ef:9a:ba:55:26:e5:0a:bc:57:cd:cf:ea:1a:
a7:52:34:cc:89:70:e5:f3:12:95:9d:a3:59:a8:fa:
d1:19:82:8f:d7:36:d9:1a:f2:95:87:20:af:ad:cb:
94:23:bc:78:d7:ea:85:08:87:00:e0:7d:26:0f:5d:
36:e9:f2:83:aa:5a:06:82:3b:06:b3:b4:1f:59:cb:
80:4a:a1:0b:43:bc:7f:82:ee:e8:07:15:1f:18:7a:
c1:44:47:73:e0:7c:2a:64:f5:cc:f7:53:de:6f:1d:
76:13:ec:25:c6:66:58:dd:cc:c5:61:74:f5:87:5e:
d4:9e:1d:4c:50:dd:bb:87:50:a8:31:36:eb:51:47:
cf:87:39:ff:10:d0:cf:7e:8c:ce:f0:4c:f0:f6:06:
a7:9e:95:e7:b5:58:48:13:49:b5:7c:b2:83:68:15:
fd:e6:19:44:87:bc:b7:22:3d:37:98:c7:d9:48:bb:
7e:77:41:bd:14:9b:b0:67:54:87:d9:8e:85:67:7a:
b1:e4:78:ac:92:3b:d7:0d:94:0a:69:85:66:f6:8d:
01:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:AB:D9:33:26:95:89:01:3C:72:F4:7E:17:8E:E4:26:78:DD:68:B4
X509v3 Authority Key Identifier:
keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/LqvZMyaViQE8cvR-F47kJnjdaLQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.72.161.0-62.72.162.255
62.72.170.0/23
62.72.174.0/24
62.72.187.0/24
62.72.191.0/24
81.21.0.0/20
109.237.192.0/20
176.57.56.0/23
176.241.64.0/21
178.20.184.0/21
185.51.212.0/22
185.193.176.0/22
IPv6:
2a01:1d0::/29
2a0a:2740::/29
Signature Algorithm: sha256WithRSAEncryption
95:e9:57:96:4f:f9:17:fa:29:1a:6a:78:f2:d8:91:c6:3f:fb:
1a:e1:08:dd:15:4c:3e:fa:8a:5b:0e:47:ca:94:fa:66:e1:b2:
3f:2a:5b:6e:99:0f:89:f6:49:fb:37:9e:d2:48:b8:e4:22:cc:
e4:97:07:82:40:bb:df:eb:d3:bc:c5:93:ba:24:31:33:d8:a8:
1c:93:59:d1:d7:3d:b1:37:dc:e5:92:5d:0a:4c:f5:39:a1:30:
9b:05:66:a6:0a:aa:00:49:bc:f6:29:f5:95:b3:13:fe:dd:7d:
88:0e:e4:a6:19:06:49:f9:dd:20:05:46:bb:57:64:0b:72:d4:
10:31:71:fb:40:af:c1:6c:23:f2:05:c1:48:b2:e9:48:e3:16:
f0:bc:eb:80:b4:14:d6:8a:90:57:83:d7:2d:9c:4f:38:1b:43:
77:ae:7d:8c:d0:a4:35:25:19:eb:d0:15:54:d3:d7:4c:c3:bb:
d5:0a:59:1c:4d:85:ea:51:29:f5:6c:10:00:00:4d:04:c4:dc:
67:98:8f:de:75:fd:44:3d:90:61:b5:7a:10:6d:01:84:89:35:
74:de:46:30:8d:f2:3f:0d:9d:07:16:e2:f9:ec:ff:49:a2:cf:
d0:92:ef:58:aa:ec:28:6f:09:0e:12:c0:de:98:aa:ff:0c:db:
90:94:8a:91
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAZ2q1ybitg2IerO9aitFEgf2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjYwNDIwMTIyMjAwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWFiZDkzMzI2OTU4OTAxM2M3MmY0N2UxNzhlZTQyNjc4ZGQ2OGI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtd/4/hlZSitqIkA5ely90k1kd85w
xtdi79w7v/ezoJbkRH8sHg0ErLg/c9jGxO+aulUm5Qq8V83P6hqnUjTMiXDl8xKV
naNZqPrRGYKP1zbZGvKVhyCvrcuUI7x41+qFCIcA4H0mD1026fKDqloGgjsGs7Qf
WcuASqELQ7x/gu7oBxUfGHrBREdz4HwqZPXM91Pebx12E+wlxmZY3czFYXT1h17U
nh1MUN27h1CoMTbrUUfPhzn/ENDPfozO8Ezw9gannpXntVhIE0m1fLKDaBX95hlE
h7y3Ij03mMfZSLt+d0G9FJuwZ1SH2Y6FZ3qx5HiskjvXDZQKaYVm9o0BXwIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFC6r2TMmlYkBPHL0fheO5CZ43Wi0MB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvTHF2Wk15YVZpUUU4Y3ZSLUY0N2tKbmpkYUxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBWBAIAATBQMAwDBAA+SKED
BAA+SKIDBAE+SKoDBAA+SK4DBAA+SLsDBAA+SL8DBARRFQADBARt7cADBAGwOTgD
BAOw8UADBAOyFLgDBAK5M9QDBAK5wbAwFAQCAAIwDgMFAyoBAdADBQMqCidAMA0G
CSqGSIb3DQEBCwUAA4IBAQCV6VeWT/kX+ikaanjy2JHGP/sa4QjdFUw++opbDkfK
lPpm4bI/KltumQ+J9kn7N57SSLjkIszklweCQLvf69O8xZO6JDEz2Kgck1nR1z2x
N9zlkl0KTPU5oTCbBWamCqoASbz2KfWVsxP+3X2IDuSmGQZJ+d0gBUa7V2QLctQQ
MXH7QK/BbCPyBcFIsulI4xbwvOuAtBTWipBXg9ctnE84G0N3rn2M0KQ1JRnr0BVU
09dMw7vVClkcTYXqUSn1bBAAAE0ExNxnmI/edf1EPZBhtXoQbQGEiTV03kYwjfI/
DZ0HFuL57P9Jos/Qku9YquwobwkOEsDemKr/DNuQlIqR
-----END CERTIFICATE-----
Generated at Mon Apr 20 18:42:35 2026 by rpki-client