Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/931f81-c409-4d3a-95df-49098897ee4a/1/lVoRzP7F8WZTOZ0grphnLvRi06c.roa
File: lVoRzP7F8WZTOZ0grphnLvRi06c.roa (raw, json)
Hash identifier: +HaisbuP4PIocMHsJ40Sfm8z0WX66HaPkcbHSBoy/oQ=
Subject key identifier: 95:5A:11:CC:FE:C5:F1:66:53:39:9D:20:AE:98:67:2E:F4:62:D3:A7
Certificate issuer: /CN=ebf760c05773c15d73676450344668fefb723447
Certificate serial: 019CB51CC2845E64BC3B8773BA6F67C20B17
Authority key identifier: EB:F7:60:C0:57:73:C1:5D:73:67:64:50:34:46:68:FE:FB:72:34:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6_dgwFdzwV1zZ2RQNEZo_vtyNEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/931f81-c409-4d3a-95df-49098897ee4a/1/lVoRzP7F8WZTOZ0grphnLvRi06c.roa
Signing time: Tue 03 Mar 2026 19:11:26 +0000
ROA not before: Tue 03 Mar 2026 19:11:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 50597
IP address blocks: 37.98.224.0/21 maxlen: 21
37.98.224.0/24 maxlen: 24
37.98.225.0/24 maxlen: 24
37.98.226.0/24 maxlen: 24
37.98.227.0/24 maxlen: 24
37.98.228.0/24 maxlen: 24
37.98.229.0/24 maxlen: 24
37.98.230.0/24 maxlen: 24
37.98.231.0/24 maxlen: 24
85.113.90.0/23 maxlen: 23
85.113.90.0/24 maxlen: 24
85.113.91.0/24 maxlen: 24
85.194.196.0/22 maxlen: 22
85.194.196.0/24 maxlen: 24
85.194.197.0/24 maxlen: 24
85.194.198.0/24 maxlen: 24
85.194.199.0/24 maxlen: 24
109.205.112.0/21 maxlen: 24
167.160.5.0/24 maxlen: 24
185.76.32.0/22 maxlen: 22
185.76.32.0/24 maxlen: 24
185.76.33.0/24 maxlen: 24
185.76.34.0/24 maxlen: 24
185.76.35.0/24 maxlen: 24
185.181.52.0/22 maxlen: 24
192.161.6.0/23 maxlen: 24
2a05:55c0::/29 maxlen: 29
2a05:55c1:1::/48 maxlen: 48
2a05:55c1:2::/48 maxlen: 48
2a05:55c1:3::/48 maxlen: 48
2a05:55c1:4::/48 maxlen: 48
2a05:55c1:5::/48 maxlen: 48
2a05:55c1:6::/48 maxlen: 48
2a05:55c1:7::/48 maxlen: 48
2a05:55c1:e::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/931f81-c409-4d3a-95df-49098897ee4a/1/6_dgwFdzwV1zZ2RQNEZo_vtyNEc.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/931f81-c409-4d3a-95df-49098897ee4a/1/6_dgwFdzwV1zZ2RQNEZo_vtyNEc.mft
rsync://rpki.ripe.net/repository/DEFAULT/6_dgwFdzwV1zZ2RQNEZo_vtyNEc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 17 Mar 2026 00:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:b5:1c:c2:84:5e:64:bc:3b:87:73:ba:6f:67:c2:0b:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebf760c05773c15d73676450344668fefb723447
Validity
Not Before: Mar 3 19:11:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=955a11ccfec5f16653399d20ae98672ef462d3a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:b8:08:14:1b:9b:b8:c3:e9:7e:c3:18:c2:92:
b3:5c:01:45:98:98:20:52:0e:9d:0f:c8:8d:76:fe:
76:98:1e:af:38:ae:ff:8c:0b:02:d2:94:62:da:23:
fe:87:99:06:52:6c:7b:f7:d0:24:7f:a0:f3:dd:99:
66:df:7f:35:ee:d0:50:2b:ec:03:1b:1a:a5:2b:cb:
c7:b8:8f:35:34:44:b8:49:e2:9b:35:f3:9e:c5:ba:
04:b3:0f:f4:52:67:ee:4a:c9:20:e3:96:79:7e:ef:
08:2a:d2:6a:2a:53:3d:72:e9:8a:66:d6:43:09:4f:
87:df:a8:f1:f0:3e:16:4d:13:ca:e7:d2:ab:33:91:
37:14:90:a3:35:df:d4:58:d2:4b:e5:60:19:5a:8d:
fc:fb:5c:2a:07:67:49:5a:3d:ae:b5:2e:29:09:46:
cf:59:5f:50:64:49:ef:c8:36:a1:e4:26:7c:ed:6d:
55:25:4f:8e:32:85:31:f6:30:9f:98:26:a3:fc:c3:
53:aa:b4:1f:ef:6f:e3:ce:d1:3c:fc:2a:8b:e0:97:
ee:c1:32:4b:f7:50:62:45:eb:a0:ff:9e:b8:c7:af:
70:55:97:68:4c:04:0c:85:b6:7c:cd:49:97:29:b5:
10:38:b5:10:f0:4b:0e:dd:5a:4c:f8:f3:c9:d8:29:
f6:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:5A:11:CC:FE:C5:F1:66:53:39:9D:20:AE:98:67:2E:F4:62:D3:A7
X509v3 Authority Key Identifier:
keyid:EB:F7:60:C0:57:73:C1:5D:73:67:64:50:34:46:68:FE:FB:72:34:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6_dgwFdzwV1zZ2RQNEZo_vtyNEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/931f81-c409-4d3a-95df-49098897ee4a/1/lVoRzP7F8WZTOZ0grphnLvRi06c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/931f81-c409-4d3a-95df-49098897ee4a/1/6_dgwFdzwV1zZ2RQNEZo_vtyNEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.98.224.0/21
85.113.90.0/23
85.194.196.0/22
109.205.112.0/21
167.160.5.0/24
185.76.32.0/22
185.181.52.0/22
192.161.6.0/23
IPv6:
2a05:55c0::/29
Signature Algorithm: sha256WithRSAEncryption
96:ea:f8:69:e0:b2:ac:24:2a:27:78:73:87:b8:37:d8:05:64:
7f:83:a1:da:14:56:77:eb:0d:45:12:ad:bd:56:e4:38:d8:3a:
3c:51:26:16:9f:87:3c:32:2e:94:bb:8a:57:e4:ef:8b:72:2f:
80:90:29:5b:5f:33:0c:f7:bd:9c:bb:5b:cb:d8:56:89:da:4f:
f2:7e:e8:ab:f3:f1:c4:bd:e6:e6:29:07:7f:c6:d9:1b:f4:ce:
44:7d:6e:ca:72:7b:ee:1d:de:96:ba:c5:a6:81:e0:e9:b5:2d:
b9:07:00:b4:90:f1:4d:1f:58:37:4f:a6:98:d8:6e:72:61:3e:
8a:4c:77:a1:3b:b2:13:86:07:2e:5e:be:2f:93:9b:80:50:29:
bc:6a:95:a8:42:39:fb:fc:43:e4:fd:d8:03:22:1f:2b:94:ec:
91:f8:b5:61:de:1e:47:26:75:43:56:80:af:82:ae:26:f5:77:
88:09:44:4e:d2:42:0c:e3:3a:84:2e:d4:c3:6d:05:07:1b:14:
27:91:8b:9b:68:54:8d:a9:e5:33:aa:d4:be:a3:47:ce:9c:ce:
88:d0:01:2b:84:b5:ee:a7:42:2c:76:f3:df:24:3d:6c:4a:d6:
f2:b9:08:dc:d4:73:96:ed:2b:64:0a:ce:1c:54:6d:01:80:6e:
cd:8f:ef:0c
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZy1HMKEXmS8O4dzum9nwgsXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViZjc2MGMwNTc3M2MxNWQ3MzY3NjQ1MDM0NDY2OGZlZmI3
MjM0NDcwHhcNMjYwMzAzMTkxMTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTVhMTFjY2ZlYzVmMTY2NTMzOTlkMjBhZTk4NjcyZWY0NjJkM2E3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2bgIFBubuMPpfsMYwpKzXAFFmJgg
Ug6dD8iNdv52mB6vOK7/jAsC0pRi2iP+h5kGUmx799Akf6Dz3Zlm33817tBQK+wD
GxqlK8vHuI81NES4SeKbNfOexboEsw/0UmfuSskg45Z5fu8IKtJqKlM9cumKZtZD
CU+H36jx8D4WTRPK59KrM5E3FJCjNd/UWNJL5WAZWo38+1wqB2dJWj2utS4pCUbP
WV9QZEnvyDah5CZ87W1VJU+OMoUx9jCfmCaj/MNTqrQf72/jztE8/CqL4JfuwTJL
91BiReug/564x69wVZdoTAQMhbZ8zUmXKbUQOLUQ8EsO3VpM+PPJ2Cn2RQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFJVaEcz+xfFmUzmdIK6YZy70YtOnMB8GA1UdIwQY
MBaAFOv3YMBXc8Fdc2dkUDRGaP77cjRHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNl9kZ3dGZHp3VjF6WjJSUU5FWm9fdnR5TkVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy85MzFmODEtYzQwOS00ZDNhLTk1ZGYt
NDkwOTg4OTdlZTRhLzEvbFZvUnpQN0Y4V1pUT1owZ3JwaG5MdlJpMDZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy85MzFmODEtYzQwOS00ZDNhLTk1ZGYtNDkwOTg4OTdlZTRh
LzEvNl9kZ3dGZHp3VjF6WjJSUU5FWm9fdnR5TkVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQDJWLgAwQB
VXFaAwQCVcLEAwQDbc1wAwQAp6AFAwQCuUwgAwQCubU0AwQBwKEGMA0EAgACMAcD
BQMqBVXAMA0GCSqGSIb3DQEBCwUAA4IBAQCW6vhp4LKsJConeHOHuDfYBWR/g6Ha
FFZ36w1FEq29VuQ42Do8USYWn4c8Mi6Uu4pX5O+Lci+AkClbXzMM972cu1vL2FaJ
2k/yfuir8/HEvebmKQd/xtkb9M5EfW7KcnvuHd6WusWmgeDptS25BwC0kPFNH1g3
T6aY2G5yYT6KTHehO7IThgcuXr4vk5uAUCm8apWoQjn7/EPk/dgDIh8rlOyR+LVh
3h5HJnVDVoCvgq4m9XeICURO0kIM4zqELtTDbQUHGxQnkYubaFSNqeUzqtS+o0fO
nM6I0AErhLXup0IsdvPfJD1sStbyuQjc1HOW7StkCs4cVG0BgG7Nj+8M
-----END CERTIFICATE-----
Generated at Mon Mar 16 09:30:25 2026 by rpki-client