
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/iObLyaoepwlriwG9BHN6SZoFbOg.roa
File: iObLyaoepwlriwG9BHN6SZoFbOg.roa (raw, json)
Hash identifier: 9mp9s8yXA7IlhCWF6skW9KjFWTn+mqYaQbkscR9LFPE=
Subject key identifier: 88:E6:CB:C9:AA:1E:A7:09:6B:8B:01:BD:04:73:7A:49:9A:05:6C:E8
Certificate issuer: /CN=be5b8a2b106d334b0c6c61e177aa62f44fe0e3b6
Certificate serial: 019F2368B147E97A2551BF759B65FBFC5259
Authority key identifier: BE:5B:8A:2B:10:6D:33:4B:0C:6C:61:E1:77:AA:62:F4:4F:E0:E3:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/iObLyaoepwlriwG9BHN6SZoFbOg.roa
Signing time: Thu 02 Jul 2026 15:18:11 +0000
ROA not before: Thu 02 Jul 2026 15:18:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 19905
IP address blocks: 37.98.144.0/21 maxlen: 24
37.98.144.0/22 maxlen: 24
37.252.24.0/21 maxlen: 24
77.93.128.0/19 maxlen: 24
77.107.64.0/18 maxlen: 24
79.99.72.0/21 maxlen: 24
79.99.144.0/21 maxlen: 24
80.240.80.0/20 maxlen: 24
81.5.128.0/18 maxlen: 24
81.168.0.0/17 maxlen: 24
82.152.0.0/15 maxlen: 24
82.152.0.0/16 maxlen: 24
82.163.0.0/19 maxlen: 24
85.159.128.0/21 maxlen: 24
89.28.232.0/21 maxlen: 24
89.31.232.0/21 maxlen: 24
89.213.48.0/20 maxlen: 24
89.213.64.0/18 maxlen: 24
89.213.192.0/18 maxlen: 24
95.130.96.0/21 maxlen: 24
109.176.0.0/16 maxlen: 24
158.255.8.0/21 maxlen: 24
185.20.32.0/22 maxlen: 24
185.20.34.0/24 maxlen: 24
185.20.35.0/24 maxlen: 24
185.24.84.0/24 maxlen: 24
185.24.86.0/23 maxlen: 24
185.101.44.0/22 maxlen: 24
193.27.212.0/23 maxlen: 24
194.105.64.0/19 maxlen: 24
195.128.138.0/24 maxlen: 24
212.38.64.0/19 maxlen: 24
213.130.128.0/19 maxlen: 24
213.152.32.0/19 maxlen: 24
213.210.0.0/18 maxlen: 24
213.218.208.0/20 maxlen: 24
213.218.224.0/19 maxlen: 24
217.144.144.0/20 maxlen: 24
217.145.64.0/20 maxlen: 24
2001:1a90::/32 maxlen: 48
2a00:c60::/32 maxlen: 48
2a00:1c40::/29 maxlen: 48
2a02:21f8::/32 maxlen: 48
2a02:6f80::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 Jul 2026 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9f:23:68:b1:47:e9:7a:25:51:bf:75:9b:65:fb:fc:52:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be5b8a2b106d334b0c6c61e177aa62f44fe0e3b6
Validity
Not Before: Jul 2 15:18:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=88e6cbc9aa1ea7096b8b01bd04737a499a056ce8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:bc:af:cd:34:9a:2a:a0:a3:2f:81:63:ad:66:
49:b2:dc:8e:01:8d:4e:b1:d0:a8:86:2b:b9:bc:de:
57:df:b9:d7:d4:4a:83:67:11:8e:29:d5:ce:4a:2b:
0d:16:7b:2c:25:9f:42:db:d6:a1:08:b2:e3:10:a4:
6a:10:a9:b2:2d:7f:0f:5d:d3:e1:ee:b6:3b:7a:04:
26:67:d0:7a:9a:ce:66:8d:fe:2e:62:74:fd:87:49:
a3:6e:d4:92:9d:f2:95:37:e1:8d:90:0b:a4:4c:a8:
91:b6:40:34:ef:88:e5:58:19:65:66:70:94:96:1f:
0e:45:76:d7:3d:40:46:68:0b:aa:5c:9d:41:8a:d0:
c0:9a:dc:35:68:89:e9:9f:5d:e7:46:5d:a2:38:6f:
c3:95:f1:f7:6b:9a:78:d9:c0:16:e6:0e:dc:63:91:
d1:0d:99:b6:8e:4b:31:20:a4:a0:cb:7f:60:00:a4:
71:12:1a:3a:11:0e:2d:2d:be:0a:87:bf:86:f0:76:
fb:44:d5:f2:30:ea:d0:ce:4f:aa:bc:93:33:ef:13:
8e:6d:7c:58:ef:dd:ed:20:06:00:6c:8f:0d:2f:d7:
ba:32:ea:50:55:53:7d:f4:68:38:3f:de:fd:8d:62:
06:44:e8:80:05:3c:e2:df:54:06:b3:8f:0b:f5:ab:
45:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:E6:CB:C9:AA:1E:A7:09:6B:8B:01:BD:04:73:7A:49:9A:05:6C:E8
X509v3 Authority Key Identifier:
keyid:BE:5B:8A:2B:10:6D:33:4B:0C:6C:61:E1:77:AA:62:F4:4F:E0:E3:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/iObLyaoepwlriwG9BHN6SZoFbOg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.98.144.0/21
37.252.24.0/21
77.93.128.0/19
77.107.64.0/18
79.99.72.0/21
79.99.144.0/21
80.240.80.0/20
81.5.128.0/18
81.168.0.0/17
82.152.0.0/15
82.163.0.0/19
85.159.128.0/21
89.28.232.0/21
89.31.232.0/21
89.213.48.0-89.213.127.255
89.213.192.0/18
95.130.96.0/21
109.176.0.0/16
158.255.8.0/21
185.20.32.0/22
185.24.84.0/24
185.24.86.0/23
185.101.44.0/22
193.27.212.0/23
194.105.64.0/19
195.128.138.0/24
212.38.64.0/19
213.130.128.0/19
213.152.32.0/19
213.210.0.0/18
213.218.208.0-213.218.255.255
217.144.144.0/20
217.145.64.0/20
IPv6:
2001:1a90::/32
2a00:c60::/32
2a00:1c40::/29
2a02:21f8::/32
2a02:6f80::/29
Signature Algorithm: sha256WithRSAEncryption
1e:37:fb:05:3c:6f:d1:20:42:ad:ab:a3:7b:34:f5:ba:fb:30:
c8:44:60:02:36:17:f2:10:92:dd:7f:e0:90:e6:77:d9:c8:a0:
51:5d:c3:82:a2:d1:20:9d:61:88:c2:bf:82:dd:76:cf:1f:d0:
0f:23:40:dc:65:11:a7:77:13:1e:94:6f:24:6b:cc:af:24:60:
59:4e:7d:c7:e9:69:e3:9e:4a:65:8d:d3:83:fa:2b:5f:6a:ef:
32:df:1a:93:df:1d:77:2a:92:e1:d8:11:b4:48:4a:9a:d9:73:
b7:5f:d2:f4:30:d5:14:f0:54:4d:b5:a1:7e:22:0a:33:23:46:
3f:88:25:7b:52:22:72:4e:66:11:49:7f:5e:e8:81:f4:57:01:
ce:09:c4:57:56:10:1b:b1:f8:8a:36:2e:34:3f:36:4a:01:cc:
73:7c:0e:e1:04:09:1e:e2:35:4e:c8:52:e4:29:3a:ca:13:06:
09:99:02:3a:4d:d8:88:26:87:c5:32:cb:0e:fc:ae:4a:da:93:
18:6e:bb:6a:f9:f5:d4:99:f4:30:f1:1a:9b:21:23:7a:04:28:
85:f5:42:a7:e2:4c:92:4c:52:80:7b:2f:7d:43:f2:9d:7a:a5:
e5:d7:6b:2c:f1:39:1e:e4:bf:43:c2:70:77:65:ef:7c:3b:76:
f9:82:90:f7
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgISAZ8jaLFH6XolUb91m2X7/FJZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNWI4YTJiMTA2ZDMzNGIwYzZjNjFlMTc3YWE2MmY0NGZl
MGUzYjYwHhcNMjYwNzAyMTUxODExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGU2Y2JjOWFhMWVhNzA5NmI4YjAxYmQwNDczN2E0OTlhMDU2Y2U4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAobyvzTSaKqCjL4FjrWZJstyOAY1O
sdCohiu5vN5X37nX1EqDZxGOKdXOSisNFnssJZ9C29ahCLLjEKRqEKmyLX8PXdPh
7rY7egQmZ9B6ms5mjf4uYnT9h0mjbtSSnfKVN+GNkAukTKiRtkA074jlWBllZnCU
lh8ORXbXPUBGaAuqXJ1BitDAmtw1aInpn13nRl2iOG/DlfH3a5p42cAW5g7cY5HR
DZm2jksxIKSgy39gAKRxEho6EQ4tLb4Kh7+G8Hb7RNXyMOrQzk+qvJMz7xOObXxY
793tIAYAbI8NL9e6MupQVVN99Gg4P979jWIGROiABTzi31QGs48L9atFyQIDAQAB
o4IDCTCCAwUwHQYDVR0OBBYEFIjmy8mqHqcJa4sBvQRzekmaBWzoMB8GA1UdIwQY
MBaAFL5biisQbTNLDGxh4XeqYvRP4OO2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmx1S0t4QnRNMHNNYkdIaGQ2cGk5RV9nNDdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvaU9iTHlhb2Vwd2xyaXdHOUJITjZTWm9GYk9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvdmx1S0t4QnRNMHNNYkdIaGQ2cGk5RV9nNDdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBHQYIKwYBBQUHAQcBAf8EggEMMIIBCDCB2gQCAAEwgdMD
BAMlYpADBAMl/BgDBAVNXYADBAZNa0ADBANPY0gDBANPY5ADBARQ8FADBAZRBYAD
BAdRqAADAwFSmAMEBVKjAAMEA1WfgAMEA1kc6AMEA1kf6DAMAwQEWdUwAwQHWdUA
AwQGWdXAAwQDX4JgAwMAbbADBAOe/wgDBAK5FCADBAC5GFQDBAG5GFYDBAK5ZSwD
BAHBG9QDBAXCaUADBADDgIoDBAXUJkADBAXVgoADBAXVmCADBAbV0gAwCwMEBNXa
0AMDANXaAwQE2ZCQAwQE2ZFAMCkEAgACMCMDBQAgARqQAwUAKgAMYAMFAyoAHEAD
BQAqAiH4AwUDKgJvgDANBgkqhkiG9w0BAQsFAAOCAQEAHjf7BTxv0SBCraujezT1
uvswyERgAjYX8hCS3X/gkOZ32cigUV3DgqLRIJ1hiMK/gt12zx/QDyNA3GURp3cT
HpRvJGvMryRgWU59x+lp455KZY3Tg/orX2rvMt8ak98ddyqS4dgRtEhKmtlzt1/S
9DDVFPBUTbWhfiIKMyNGP4gle1Iick5mEUl/XuiB9FcBzgnEV1YQG7H4ijYuND82
SgHMc3wO4QQJHuI1TshS5Ck6yhMGCZkCOk3YiCaHxTLLDvyuStqTGG67avn11Jn0
MPEamyEjegQohfVCp+JMkkxSgHsvfUPynXql5ddrLPE5HuS/Q8Jwd2XvfDt2+YKQ
9w==
-----END CERTIFICATE-----
Generated at Fri Jul 3 18:17:11 2026 by rpki-client