Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/LNpiBbWibUIXRHUij238g8--SFg.roa
File: LNpiBbWibUIXRHUij238g8--SFg.roa (raw, json)
Hash identifier: dCCnNI3HGdlM791Dc2kPoEWgdQOKz2ktuP11gbg+8M4=
Subject key identifier: 2C:DA:62:05:B5:A2:6D:42:17:44:75:22:8F:6D:FC:83:CF:BE:48:58
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 01990E9A4F0FC4730362E0C4B3689C083BD8
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/LNpiBbWibUIXRHUij238g8--SFg.roa
Signing time: Wed 03 Sep 2025 08:03:37 +0000
ROA not before: Wed 03 Sep 2025 08:03:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20473
IP address blocks: 37.202.223.0/24 maxlen: 24
151.240.4.0/24 maxlen: 24
151.240.5.0/24 maxlen: 24
151.240.6.0/24 maxlen: 24
151.240.7.0/24 maxlen: 24
151.240.11.0/24 maxlen: 24
151.240.12.0/24 maxlen: 24
151.240.13.0/24 maxlen: 24
151.240.14.0/24 maxlen: 24
151.240.15.0/24 maxlen: 24
151.240.16.0/24 maxlen: 24
151.240.17.0/24 maxlen: 24
151.240.18.0/24 maxlen: 24
151.240.19.0/24 maxlen: 24
151.240.20.0/24 maxlen: 24
151.240.21.0/24 maxlen: 24
151.240.22.0/24 maxlen: 24
151.240.23.0/24 maxlen: 24
151.240.25.0/24 maxlen: 24
151.240.31.0/24 maxlen: 24
151.240.32.0/24 maxlen: 24
151.240.33.0/24 maxlen: 24
151.240.34.0/24 maxlen: 24
151.240.35.0/24 maxlen: 24
151.240.36.0/24 maxlen: 24
151.240.37.0/24 maxlen: 24
151.240.38.0/24 maxlen: 24
151.240.39.0/24 maxlen: 24
151.240.40.0/24 maxlen: 24
151.240.41.0/24 maxlen: 24
151.240.42.0/24 maxlen: 24
151.240.60.0/24 maxlen: 24
151.240.61.0/24 maxlen: 24
151.240.68.0/24 maxlen: 24
151.240.69.0/24 maxlen: 24
151.240.70.0/24 maxlen: 24
151.240.71.0/24 maxlen: 24
151.240.72.0/24 maxlen: 24
151.240.73.0/24 maxlen: 24
151.240.74.0/24 maxlen: 24
151.240.76.0/24 maxlen: 24
151.240.78.0/24 maxlen: 24
151.240.79.0/24 maxlen: 24
151.240.80.0/24 maxlen: 24
151.240.81.0/24 maxlen: 24
151.240.83.0/24 maxlen: 24
151.240.84.0/24 maxlen: 24
151.240.85.0/24 maxlen: 24
151.240.86.0/24 maxlen: 24
151.240.87.0/24 maxlen: 24
151.240.88.0/24 maxlen: 24
151.240.89.0/24 maxlen: 24
151.240.90.0/24 maxlen: 24
151.240.126.0/24 maxlen: 24
151.240.127.0/24 maxlen: 24
151.240.128.0/24 maxlen: 24
151.240.129.0/24 maxlen: 24
151.240.130.0/24 maxlen: 24
151.240.131.0/24 maxlen: 24
151.240.132.0/24 maxlen: 24
151.240.133.0/24 maxlen: 24
151.240.134.0/24 maxlen: 24
151.240.135.0/24 maxlen: 24
151.240.136.0/24 maxlen: 24
151.240.137.0/24 maxlen: 24
151.240.138.0/24 maxlen: 24
151.240.139.0/24 maxlen: 24
151.240.140.0/24 maxlen: 24
151.240.141.0/24 maxlen: 24
151.240.142.0/24 maxlen: 24
151.240.143.0/24 maxlen: 24
151.240.144.0/24 maxlen: 24
151.240.145.0/24 maxlen: 24
151.240.146.0/24 maxlen: 24
151.240.147.0/24 maxlen: 24
151.240.148.0/24 maxlen: 24
151.240.149.0/24 maxlen: 24
151.240.150.0/24 maxlen: 24
151.240.151.0/24 maxlen: 24
151.240.152.0/24 maxlen: 24
151.240.153.0/24 maxlen: 24
151.240.154.0/24 maxlen: 24
151.240.156.0/24 maxlen: 24
151.240.157.0/24 maxlen: 24
151.240.159.0/24 maxlen: 24
151.240.160.0/24 maxlen: 24
151.240.162.0/24 maxlen: 24
151.240.163.0/24 maxlen: 24
151.240.164.0/24 maxlen: 24
151.240.165.0/24 maxlen: 24
151.240.166.0/24 maxlen: 24
151.240.167.0/24 maxlen: 24
151.240.168.0/24 maxlen: 24
151.240.169.0/24 maxlen: 24
151.240.170.0/24 maxlen: 24
151.240.171.0/24 maxlen: 24
151.240.172.0/24 maxlen: 24
151.240.173.0/24 maxlen: 24
151.240.174.0/24 maxlen: 24
151.240.175.0/24 maxlen: 24
151.240.176.0/24 maxlen: 24
151.240.177.0/24 maxlen: 24
151.240.178.0/24 maxlen: 24
151.240.180.0/24 maxlen: 24
151.240.181.0/24 maxlen: 24
151.240.182.0/24 maxlen: 24
151.240.183.0/24 maxlen: 24
151.240.184.0/24 maxlen: 24
151.240.185.0/24 maxlen: 24
151.240.186.0/24 maxlen: 24
151.240.187.0/24 maxlen: 24
151.240.188.0/24 maxlen: 24
151.240.189.0/24 maxlen: 24
151.240.190.0/24 maxlen: 24
151.240.191.0/24 maxlen: 24
151.240.192.0/24 maxlen: 24
151.240.193.0/24 maxlen: 24
151.240.194.0/24 maxlen: 24
151.240.195.0/24 maxlen: 24
151.240.196.0/24 maxlen: 24
151.240.197.0/24 maxlen: 24
151.240.198.0/24 maxlen: 24
151.240.199.0/24 maxlen: 24
151.240.200.0/24 maxlen: 24
151.240.201.0/24 maxlen: 24
151.240.202.0/24 maxlen: 24
151.240.203.0/24 maxlen: 24
151.240.204.0/24 maxlen: 24
151.240.206.0/24 maxlen: 24
151.240.207.0/24 maxlen: 24
151.240.208.0/24 maxlen: 24
151.240.209.0/24 maxlen: 24
151.240.210.0/24 maxlen: 24
151.240.211.0/24 maxlen: 24
151.240.212.0/24 maxlen: 24
151.240.213.0/24 maxlen: 24
151.240.214.0/24 maxlen: 24
151.240.215.0/24 maxlen: 24
151.240.216.0/24 maxlen: 24
151.240.217.0/24 maxlen: 24
151.240.218.0/24 maxlen: 24
151.240.219.0/24 maxlen: 24
151.240.220.0/24 maxlen: 24
151.240.221.0/24 maxlen: 24
151.240.222.0/24 maxlen: 24
151.240.223.0/24 maxlen: 24
151.240.224.0/24 maxlen: 24
151.240.225.0/24 maxlen: 24
151.240.229.0/24 maxlen: 24
151.240.233.0/24 maxlen: 24
151.240.234.0/24 maxlen: 24
151.240.235.0/24 maxlen: 24
151.240.236.0/24 maxlen: 24
151.240.237.0/24 maxlen: 24
151.240.238.0/24 maxlen: 24
151.240.240.0/24 maxlen: 24
151.240.248.0/24 maxlen: 24
151.240.254.0/24 maxlen: 24
151.242.78.0/24 maxlen: 24
151.242.145.0/24 maxlen: 24
151.243.45.0/24 maxlen: 24
151.243.88.0/24 maxlen: 24
151.243.89.0/24 maxlen: 24
151.244.4.0/24 maxlen: 24
151.244.187.0/24 maxlen: 24
151.244.238.0/24 maxlen: 24
151.244.239.0/24 maxlen: 24
151.245.89.0/24 maxlen: 24
151.245.90.0/24 maxlen: 24
151.246.218.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Sep 2025 13:03:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:0e:9a:4f:0f:c4:73:03:62:e0:c4:b3:68:9c:08:3b:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Sep 3 08:03:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2cda6205b5a26d42174475228f6dfc83cfbe4858
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:9f:f1:b1:37:c3:03:e2:bf:19:6b:61:39:4d:
ae:83:78:a0:2a:c6:5c:82:4d:1f:ef:12:67:94:8e:
8c:5e:77:a5:66:2b:26:8e:2f:17:86:97:08:59:67:
9b:ee:e7:2e:01:5b:82:c4:0a:56:88:94:2b:cb:fe:
ac:4c:a7:f1:7f:68:36:8e:b8:a8:30:98:7f:0f:e3:
5d:f1:be:32:d4:1f:fe:1a:a5:9b:d2:03:5e:46:e3:
be:e8:3a:6e:6b:11:7f:26:22:de:89:89:37:d8:c2:
de:c1:8e:c9:73:e3:23:1d:f4:a2:b1:6a:86:b0:d1:
f3:2a:87:dd:54:18:05:bc:40:2e:8e:f8:ef:96:4f:
32:39:52:52:42:f6:e1:a9:c0:c5:04:9f:6f:57:38:
01:9d:b9:1a:a2:a6:2b:30:92:67:3d:3e:62:2e:ca:
41:07:78:6a:16:b6:99:83:b1:3e:52:10:e2:a1:88:
a3:48:c1:74:e4:d2:29:c0:88:5e:97:d4:58:1c:c7:
8d:26:cf:e2:31:70:d5:c0:02:c6:18:fb:b2:2f:c9:
f0:d0:32:75:c7:e5:88:90:e8:fb:fa:07:e6:30:38:
ce:99:32:14:82:88:34:75:eb:b1:d3:2d:8b:13:7c:
4d:12:71:67:08:98:71:64:28:d4:94:cc:50:b6:c9:
c5:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:DA:62:05:B5:A2:6D:42:17:44:75:22:8F:6D:FC:83:CF:BE:48:58
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/LNpiBbWibUIXRHUij238g8--SFg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.223.0/24
151.240.4.0/22
151.240.11.0-151.240.23.255
151.240.25.0/24
151.240.31.0-151.240.42.255
151.240.60.0/23
151.240.68.0-151.240.74.255
151.240.76.0/24
151.240.78.0-151.240.81.255
151.240.83.0-151.240.90.255
151.240.126.0-151.240.154.255
151.240.156.0/23
151.240.159.0-151.240.160.255
151.240.162.0-151.240.178.255
151.240.180.0-151.240.204.255
151.240.206.0-151.240.225.255
151.240.229.0/24
151.240.233.0-151.240.238.255
151.240.240.0/24
151.240.248.0/24
151.240.254.0/24
151.242.78.0/24
151.242.145.0/24
151.243.45.0/24
151.243.88.0/23
151.244.4.0/24
151.244.187.0/24
151.244.238.0/23
151.245.89.0-151.245.90.255
151.246.218.0/24
Signature Algorithm: sha256WithRSAEncryption
58:fa:42:7b:d6:29:b1:ef:77:f9:b3:17:cf:95:bf:e4:f1:9f:
61:a7:97:be:ac:21:2e:8c:30:20:03:77:e9:87:dd:b6:db:8f:
a4:97:01:bf:53:5d:d7:ac:9c:61:52:7b:9c:73:1b:da:b8:99:
6e:a4:03:fe:62:1f:ed:2a:80:cb:a3:3f:78:d2:e8:74:1c:1c:
f4:21:dc:a6:8a:ab:25:8b:6a:a6:f6:e2:ed:3c:81:cc:9a:43:
fb:e9:76:b3:ff:71:34:dc:ec:42:46:83:f9:8c:e7:d5:58:6f:
9f:b6:bc:df:c1:82:78:04:b9:9d:14:66:07:13:3f:bf:9e:3d:
48:a1:5e:d7:b5:19:c0:51:17:22:bc:dc:31:08:a4:99:40:61:
a1:03:ac:ee:3e:f4:1e:5c:60:73:0c:7e:ee:cc:6b:5e:42:62:
4b:65:df:66:86:14:0a:e0:41:ab:70:c5:ea:73:02:4b:56:1e:
bb:60:f6:d4:d3:08:51:cd:76:0b:70:6a:d0:3e:bd:08:a1:1b:
41:3a:60:33:22:d5:b9:6e:f1:65:c5:11:7c:c5:22:4e:b6:40:
cc:91:dd:bc:68:03:71:6a:4b:47:ad:f3:5a:fa:15:87:4c:c6:
07:8d:3a:be:0d:d4:fc:e8:78:55:e2:13:b4:c1:3c:ad:05:5d:
2d:ae:a8:bb
-----BEGIN CERTIFICATE-----
MIIGFTCCBP2gAwIBAgISAZkOmk8PxHMDYuDEs2icCDvYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwOTAzMDgwMzM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyY2RhNjIwNWI1YTI2ZDQyMTc0NDc1MjI4ZjZkZmM4M2NmYmU0ODU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzJ/xsTfDA+K/GWthOU2ug3igKsZc
gk0f7xJnlI6MXnelZismji8XhpcIWWeb7ucuAVuCxApWiJQry/6sTKfxf2g2jrio
MJh/D+Nd8b4y1B/+GqWb0gNeRuO+6DpuaxF/JiLeiYk32MLewY7Jc+MjHfSisWqG
sNHzKofdVBgFvEAujvjvlk8yOVJSQvbhqcDFBJ9vVzgBnbkaoqYrMJJnPT5iLspB
B3hqFraZg7E+UhDioYijSMF05NIpwIhel9RYHMeNJs/iMXDVwALGGPuyL8nw0DJ1
x+WIkOj7+gfmMDjOmTIUgog0deux0y2LE3xNEnFnCJhxZCjUlMxQtsnFaQIDAQAB
o4IDITCCAx0wHQYDVR0OBBYEFCzaYgW1om1CF0R1Io9t/IPPvkhYMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvTE5waUJiV2liVUlYUkhVaWoyMzhnOC0tU0ZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBNQYIKwYBBQUHAQcBAf8EggEkMIIBIDCCARwEAgABMIIB
FAMEACXK3wMEApfwBDAMAwQAl/ALAwQDl/AQAwQAl/AZMAwDBACX8B8DBACX8CoD
BAGX8DwwDAMEApfwRAMEAJfwSgMEAJfwTDAMAwQBl/BOAwQBl/BQMAwDBACX8FMD
BACX8FowDAMEAZfwfgMEAJfwmgMEAZfwnDAMAwQAl/CfAwQAl/CgMAwDBAGX8KID
BACX8LIwDAMEApfwtAMEAJfwzDAMAwQBl/DOAwQBl/DgAwQAl/DlMAwDBACX8OkD
BACX8O4DBACX8PADBACX8PgDBACX8P4DBACX8k4DBACX8pEDBACX8y0DBAGX81gD
BACX9AQDBACX9LsDBAGX9O4wDAMEAJf1WQMEAJf1WgMEAJf22jANBgkqhkiG9w0B
AQsFAAOCAQEAWPpCe9Ypse93+bMXz5W/5PGfYaeXvqwhLowwIAN36YfdttuPpJcB
v1Nd16ycYVJ7nHMb2riZbqQD/mIf7SqAy6M/eNLodBwc9CHcpoqrJYtqpvbi7TyB
zJpD++l2s/9xNNzsQkaD+Yzn1Vhvn7a838GCeAS5nRRmBxM/v549SKFe17UZwFEX
IrzcMQikmUBhoQOs7j70Hlxgcwx+7sxrXkJiS2XfZoYUCuBBq3DF6nMCS1Yeu2D2
1NMIUc12C3Bq0D69CKEbQTpgMyLVuW7xZcURfMUiTrZAzJHdvGgDcWpLR63zWvoV
h0zGB406vg3U/Oh4VeITtME8rQVdLa6ouw==
-----END CERTIFICATE-----
Generated at Wed Sep 3 18:36:48 2025 by rpki-client