Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/LE7Fo3hTwjthjtDwUDVXIefNIng.roa
File: LE7Fo3hTwjthjtDwUDVXIefNIng.roa (raw, json)
Hash identifier: QmW3BQPObdj3ZKA1fvKVq/UMld6+//+cAvtAh1LLEdI=
Subject key identifier: 2C:4E:C5:A3:78:53:C2:3B:61:8E:D0:F0:50:35:57:21:E7:CD:22:78
Certificate issuer: /CN=826605b4d27f13968e8794e6ef091223748817d8
Certificate serial: 019E7D26FC8DDC7B57454D22F80FC0D0692A
Authority key identifier: 82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/LE7Fo3hTwjthjtDwUDVXIefNIng.roa
Signing time: Sun 31 May 2026 08:29:27 +0000
ROA not before: Sun 31 May 2026 08:29:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 396356
IP address blocks: 147.136.77.0/24 maxlen: 24
147.136.85.0/24 maxlen: 24
168.199.145.0/24 maxlen: 24
168.199.166.0/24 maxlen: 24
168.199.209.0/24 maxlen: 24
168.199.218.0/24 maxlen: 24
168.199.219.0/24 maxlen: 24
168.199.222.0/24 maxlen: 24
168.199.225.0/24 maxlen: 24
168.199.226.0/24 maxlen: 24
168.199.228.0/24 maxlen: 24
168.199.230.0/24 maxlen: 24
168.199.234.0/24 maxlen: 24
168.199.235.0/24 maxlen: 24
168.199.236.0/24 maxlen: 24
168.199.237.0/24 maxlen: 24
168.199.238.0/24 maxlen: 24
168.199.239.0/24 maxlen: 24
192.95.86.0/24 maxlen: 24
192.95.91.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.mft
rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 11 Jun 2026 23:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:7d:26:fc:8d:dc:7b:57:45:4d:22:f8:0f:c0:d0:69:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=826605b4d27f13968e8794e6ef091223748817d8
Validity
Not Before: May 31 08:29:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2c4ec5a37853c23b618ed0f050355721e7cd2278
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:df:3d:62:6a:3b:c3:ef:c5:47:4d:5a:b8:dd:
4f:75:ab:66:9f:b5:4c:24:65:1b:4d:54:fd:06:be:
fd:fd:84:4d:77:8a:16:ab:4f:df:30:83:ef:9d:7b:
e2:b4:d8:07:09:ec:b0:a5:11:f4:70:5d:ac:46:e5:
4b:e8:16:3b:8b:03:06:e4:e2:4f:bf:d3:ca:a6:c3:
af:73:9f:79:59:e4:3f:f9:21:e0:1e:b9:30:14:0f:
29:aa:ca:de:30:40:0e:08:c1:66:6e:ba:56:f9:67:
fd:51:ef:c1:7e:26:38:0d:cc:7b:da:99:45:37:4c:
bd:01:fa:9f:56:31:34:46:c8:d2:5f:7b:10:9a:b5:
56:ed:f8:39:37:e3:ec:10:13:1d:cb:69:d4:44:43:
c8:cb:fc:94:f8:3e:9b:d0:cf:c2:02:00:93:36:92:
a9:90:15:bc:94:41:a1:21:b6:6a:ad:5b:6b:13:d9:
ad:ac:6d:f7:9b:9f:47:fe:16:b1:1c:bc:2f:88:22:
c6:26:18:40:f6:6c:7f:54:08:cb:5e:4e:eb:ce:db:
a9:dd:a8:ee:6b:16:41:77:2a:77:9b:e7:ad:02:d6:
25:09:36:c2:ca:17:2d:f9:9d:76:49:94:a5:7c:b5:
05:6b:df:90:0c:ca:08:9e:f1:08:96:29:d3:64:5f:
78:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:4E:C5:A3:78:53:C2:3B:61:8E:D0:F0:50:35:57:21:E7:CD:22:78
X509v3 Authority Key Identifier:
keyid:82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/LE7Fo3hTwjthjtDwUDVXIefNIng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.136.77.0/24
147.136.85.0/24
168.199.145.0/24
168.199.166.0/24
168.199.209.0/24
168.199.218.0/23
168.199.222.0/24
168.199.225.0-168.199.226.255
168.199.228.0/24
168.199.230.0/24
168.199.234.0-168.199.239.255
192.95.86.0/24
192.95.91.0/24
Signature Algorithm: sha256WithRSAEncryption
19:b8:6f:e1:49:ce:5a:08:13:c9:72:c5:a3:38:7c:80:1d:5d:
f4:08:0a:03:22:f3:6e:7e:b2:8c:1b:fb:84:4b:d8:73:b2:cb:
a6:e4:af:2c:98:25:04:01:35:ae:60:71:14:b1:4c:39:c8:f9:
bd:56:a5:a3:2d:79:c4:7e:90:32:20:ef:f6:86:85:41:5f:38:
92:af:70:53:dc:5a:64:46:99:a9:7c:6e:de:3c:c6:f9:92:75:
58:c8:a7:b2:01:88:1c:3b:51:39:7f:2b:cb:81:af:ba:1f:74:
56:83:4f:3d:f5:a3:a7:0b:9b:3b:b8:ed:24:c2:78:ae:53:0b:
aa:31:ff:e6:ca:86:35:de:36:9d:11:49:f6:f0:b4:99:34:f0:
ad:a5:23:cb:a5:4b:62:68:ee:48:87:0d:2b:e6:e7:aa:2b:24:
78:18:06:04:b2:05:cd:01:50:d7:f7:3a:35:95:08:2b:41:4d:
c1:60:24:4c:65:dd:d9:55:fe:93:29:83:2a:93:65:89:da:49:
21:d3:f7:f6:cb:09:54:c5:74:b4:d9:13:a7:03:4d:97:90:c0:
be:4b:56:1e:45:9b:cb:a7:b9:01:4d:54:4f:3f:09:d1:2b:55:
31:5e:1f:ae:39:01:a0:dd:d1:07:39:6f:a6:f5:cb:5d:c8:7d:
3e:b6:41:3c
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAZ59JvyN3HtXRU0i+A/A0GkqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNjYwNWI0ZDI3ZjEzOTY4ZTg3OTRlNmVmMDkxMjIzNzQ4
ODE3ZDgwHhcNMjYwNTMxMDgyOTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzRlYzVhMzc4NTNjMjNiNjE4ZWQwZjA1MDM1NTcyMWU3Y2QyMjc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvd89Ymo7w+/FR01auN1Pdatmn7VM
JGUbTVT9Br79/YRNd4oWq0/fMIPvnXvitNgHCeywpRH0cF2sRuVL6BY7iwMG5OJP
v9PKpsOvc595WeQ/+SHgHrkwFA8pqsreMEAOCMFmbrpW+Wf9Ue/BfiY4Dcx72plF
N0y9AfqfVjE0RsjSX3sQmrVW7fg5N+PsEBMdy2nUREPIy/yU+D6b0M/CAgCTNpKp
kBW8lEGhIbZqrVtrE9mtrG33m59H/haxHLwviCLGJhhA9mx/VAjLXk7rztup3aju
axZBdyp3m+etAtYlCTbCyhct+Z12SZSlfLUFa9+QDMoInvEIlinTZF94HwIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFCxOxaN4U8I7YY7Q8FA1VyHnzSJ4MB8GA1UdIwQY
MBaAFIJmBbTSfxOWjoeU5u8JEiN0iBfYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEt
MmQxOTE4YmExYzBlLzEvTEU3Rm8zaFR3anRoanREd1VEVlhJZWZOSW5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEtMmQxOTE4YmExYzBl
LzEvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBkBAIAATBeAwQAk4hNAwQA
k4hVAwQAqMeRAwQAqMemAwQAqMfRAwQBqMfaAwQAqMfeMAwDBACox+EDBACox+ID
BACox+QDBACox+YwDAMEAajH6gMEBKjH4AMEAMBfVgMEAMBfWzANBgkqhkiG9w0B
AQsFAAOCAQEAGbhv4UnOWggTyXLFozh8gB1d9AgKAyLzbn6yjBv7hEvYc7LLpuSv
LJglBAE1rmBxFLFMOcj5vValoy15xH6QMiDv9oaFQV84kq9wU9xaZEaZqXxu3jzG
+ZJ1WMinsgGIHDtROX8ry4Gvuh90VoNPPfWjpwubO7jtJMJ4rlMLqjH/5sqGNd42
nRFJ9vC0mTTwraUjy6VLYmjuSIcNK+bnqiskeBgGBLIFzQFQ1/c6NZUIK0FNwWAk
TGXd2VX+kymDKpNlidpJIdP39ssJVMV0tNkTpwNNl5DAvktWHkWby6e5AU1UTz8J
0StVMV4frjkBoN3RBzlvpvXLXch9PrZBPA==
-----END CERTIFICATE-----
Generated at Thu Jun 11 09:13:15 2026 by rpki-client