Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/ddb424-7eb2-495e-8bb6-72fb97d59ce4/1/I_lv8f4Zd87SDL3QiO0bVVg2MT0.roa
File: I_lv8f4Zd87SDL3QiO0bVVg2MT0.roa (raw, json)
Hash identifier: LnGuklmE++SRFqSxhtkYU2out4UNjwQParJVowwKeL0=
Subject key identifier: 23:F9:6F:F1:FE:19:77:CE:D2:0C:BD:D0:88:ED:1B:55:58:36:31:3D
Certificate issuer: /CN=95d108f0e85868c2bbe7db6d7377034c131eb224
Certificate serial: 019E6FA41E1C94EB54236CAF43DB4D7E4985
Authority key identifier: 95:D1:08:F0:E8:58:68:C2:BB:E7:DB:6D:73:77:03:4C:13:1E:B2:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ldEI8OhYaMK759ttc3cDTBMesiQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/ddb424-7eb2-495e-8bb6-72fb97d59ce4/1/I_lv8f4Zd87SDL3QiO0bVVg2MT0.roa
Signing time: Thu 28 May 2026 17:31:27 +0000
ROA not before: Thu 28 May 2026 17:31:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 44559
IP address blocks: 152.234.170.0/24 maxlen: 24
177.1.54.0/24 maxlen: 24
177.1.60.0/24 maxlen: 24
177.202.204.0/24 maxlen: 24
186.240.183.0/24 maxlen: 24
187.52.194.0/24 maxlen: 24
187.52.198.0/24 maxlen: 24
187.52.204.0/24 maxlen: 24
187.126.38.0/24 maxlen: 24
187.126.44.0/24 maxlen: 24
187.126.46.0/24 maxlen: 24
200.225.166.0/24 maxlen: 24
200.225.171.0/24 maxlen: 24
200.225.172.0/24 maxlen: 24
200.225.180.0/24 maxlen: 24
201.4.102.0/24 maxlen: 24
201.4.107.0/24 maxlen: 24
201.4.108.0/24 maxlen: 24
201.4.116.0/24 maxlen: 24
201.4.124.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/ddb424-7eb2-495e-8bb6-72fb97d59ce4/1/ldEI8OhYaMK759ttc3cDTBMesiQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/98/ddb424-7eb2-495e-8bb6-72fb97d59ce4/1/ldEI8OhYaMK759ttc3cDTBMesiQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/ldEI8OhYaMK759ttc3cDTBMesiQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:6f:a4:1e:1c:94:eb:54:23:6c:af:43:db:4d:7e:49:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95d108f0e85868c2bbe7db6d7377034c131eb224
Validity
Not Before: May 28 17:31:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=23f96ff1fe1977ced20cbdd088ed1b555836313d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:00:13:ff:ac:62:cc:90:6c:ca:40:17:dd:93:
ac:f9:a7:e4:31:7d:98:ea:35:42:03:35:9c:9d:e0:
aa:33:76:65:52:4b:af:ad:04:d3:bf:5c:70:3e:12:
5b:9c:97:59:96:98:74:54:9c:1c:6e:e7:f8:a5:c7:
c7:38:61:c7:f9:f5:49:bb:14:97:51:27:4e:1b:79:
30:aa:dc:7d:9c:78:f2:1f:29:5d:15:62:3a:f1:f8:
45:a4:9f:53:60:3b:ff:c8:b9:01:f5:4d:24:ca:f3:
9b:11:d9:a6:63:2f:5d:f4:03:30:03:7e:15:9d:ec:
a5:50:c3:c2:a8:dd:29:12:c1:15:98:3f:9e:1a:b5:
15:f3:ab:6a:ff:8d:8a:8d:e4:39:de:f2:46:40:4c:
0f:b0:78:1b:a4:00:05:cd:20:78:6f:42:22:1e:a0:
8a:eb:b7:39:b4:7c:da:7d:73:ef:37:8b:20:fc:8d:
b5:62:b7:18:db:65:f7:8a:60:2b:3c:45:65:d0:72:
c4:ec:ca:b7:12:19:0c:8c:b0:77:5f:ba:bd:48:45:
6d:33:89:a2:7a:0c:18:1d:bd:df:37:d5:b8:34:43:
7d:ef:e2:a1:ad:a7:8c:ff:7f:af:7a:b1:9a:c1:5b:
26:97:77:6c:9f:e0:fc:0c:ee:2b:c7:07:5b:a1:c6:
0f:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:F9:6F:F1:FE:19:77:CE:D2:0C:BD:D0:88:ED:1B:55:58:36:31:3D
X509v3 Authority Key Identifier:
keyid:95:D1:08:F0:E8:58:68:C2:BB:E7:DB:6D:73:77:03:4C:13:1E:B2:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ldEI8OhYaMK759ttc3cDTBMesiQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/ddb424-7eb2-495e-8bb6-72fb97d59ce4/1/I_lv8f4Zd87SDL3QiO0bVVg2MT0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/ddb424-7eb2-495e-8bb6-72fb97d59ce4/1/ldEI8OhYaMK759ttc3cDTBMesiQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.234.170.0/24
177.1.54.0/24
177.1.60.0/24
177.202.204.0/24
186.240.183.0/24
187.52.194.0/24
187.52.198.0/24
187.52.204.0/24
187.126.38.0/24
187.126.44.0/24
187.126.46.0/24
200.225.166.0/24
200.225.171.0-200.225.172.255
200.225.180.0/24
201.4.102.0/24
201.4.107.0-201.4.108.255
201.4.116.0/24
201.4.124.0/24
Signature Algorithm: sha256WithRSAEncryption
50:11:ae:82:fa:d8:43:41:80:db:85:ff:92:a7:9f:85:e3:35:
cf:0e:bd:34:54:1b:05:29:d0:38:b1:87:f8:b4:a5:bf:7c:ac:
6d:13:1c:bb:f0:48:25:7d:93:32:5d:42:91:af:3e:59:8f:30:
df:57:97:7d:f2:04:3c:e2:89:8a:ce:6d:91:59:66:a8:69:f5:
d6:d0:6b:b3:cb:70:32:0b:ee:34:77:0c:73:61:2f:1a:5b:af:
a4:5e:db:58:b8:52:40:c3:ca:ad:b2:a6:ea:00:e9:5f:61:a9:
ca:cd:93:84:e7:85:81:64:b6:17:d5:59:1e:03:18:69:dc:1c:
12:54:ee:98:e9:df:4b:66:f3:cb:e9:ae:6d:71:1a:50:c0:20:
74:91:17:5c:b1:da:3d:3a:59:12:27:d6:ed:aa:c9:11:89:e7:
69:5b:41:b9:b6:3f:93:72:31:9d:e0:d2:9a:32:0f:c3:15:df:
0f:3a:a0:94:bc:de:01:2a:eb:b0:d0:10:d0:5f:49:76:ac:9c:
aa:c4:d1:35:8d:89:74:78:c5:7c:61:c1:b4:ee:04:13:f4:01:
9b:b8:b5:f8:73:ae:05:1b:91:fb:96:e0:0a:24:5f:c6:b0:cb:
c1:f5:95:f2:30:a6:13:d9:ff:b7:8e:1b:f8:35:2d:55:ab:b0:
19:54:ca:6e
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAZ5vpB4clOtUI2yvQ9tNfkmFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1ZDEwOGYwZTg1ODY4YzJiYmU3ZGI2ZDczNzcwMzRjMTMx
ZWIyMjQwHhcNMjYwNTI4MTczMTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2Y5NmZmMWZlMTk3N2NlZDIwY2JkZDA4OGVkMWI1NTU4MzYzMTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjgAT/6xizJBsykAX3ZOs+afkMX2Y
6jVCAzWcneCqM3ZlUkuvrQTTv1xwPhJbnJdZlph0VJwcbuf4pcfHOGHH+fVJuxSX
USdOG3kwqtx9nHjyHyldFWI68fhFpJ9TYDv/yLkB9U0kyvObEdmmYy9d9AMwA34V
neylUMPCqN0pEsEVmD+eGrUV86tq/42KjeQ53vJGQEwPsHgbpAAFzSB4b0IiHqCK
67c5tHzafXPvN4sg/I21YrcY22X3imArPEVl0HLE7Mq3EhkMjLB3X7q9SEVtM4mi
egwYHb3fN9W4NEN97+KhraeM/3+verGawVsml3dsn+D8DO4rxwdbocYPKQIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFCP5b/H+GXfO0gy90IjtG1VYNjE9MB8GA1UdIwQY
MBaAFJXRCPDoWGjCu+fbbXN3A0wTHrIkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGRFSThPaFlhTUs3NTl0dGMzY0RUQk1lc2lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC9kZGI0MjQtN2ViMi00OTVlLThiYjYt
NzJmYjk3ZDU5Y2U0LzEvSV9sdjhmNFpkODdTREwzUWlPMGJWVmcyTVQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC9kZGI0MjQtN2ViMi00OTVlLThiYjYtNzJmYjk3ZDU5Y2U0
LzEvbGRFSThPaFlhTUs3NTl0dGMzY0RUQk1lc2lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTCBggQCAAEwfAMEAJjq
qgMEALEBNgMEALEBPAMEALHKzAMEALrwtwMEALs0wgMEALs0xgMEALs0zAMEALt+
JgMEALt+LAMEALt+LgMEAMjhpjAMAwQAyOGrAwQAyOGsAwQAyOG0AwQAyQRmMAwD
BADJBGsDBADJBGwDBADJBHQDBADJBHwwDQYJKoZIhvcNAQELBQADggEBAFARroL6
2ENBgNuF/5Knn4XjNc8OvTRUGwUp0Dixh/i0pb98rG0THLvwSCV9kzJdQpGvPlmP
MN9Xl33yBDziiYrObZFZZqhp9dbQa7PLcDIL7jR3DHNhLxpbr6Re21i4UkDDyq2y
puoA6V9hqcrNk4TnhYFkthfVWR4DGGncHBJU7pjp30tm88vprm1xGlDAIHSRF1yx
2j06WRIn1u2qyRGJ52lbQbm2P5NyMZ3g0poyD8MV3w86oJS83gEq67DQENBfSXas
nKrE0TWNiXR4xXxhwbTuBBP0AZu4tfhzrgUbkfuW4AokX8awy8H1lfIwphPZ/7eO
G/g1LVWrsBlUym4=
-----END CERTIFICATE-----
Generated at Thu Jun 4 08:55:29 2026 by rpki-client