Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/d5b1a7-466d-471c-a70c-2fb25abfdc53/1/lSlG7rI2eJuiPKf-HzKcyhBPp1g.roa
File: lSlG7rI2eJuiPKf-HzKcyhBPp1g.roa (raw, json)
Hash identifier: 53i2XoHaeuLLxKqYVRpE4lR9h2EBCgSQcRQiDH1i//M=
Subject key identifier: 95:29:46:EE:B2:36:78:9B:A2:3C:A7:FE:1F:32:9C:CA:10:4F:A7:58
Certificate issuer: /CN=8cdcf26f74860588cac6bae17f99de22dbc49ae6
Certificate serial: 019C27DE0FBF69DC3A48349D29671E291BC9
Authority key identifier: 8C:DC:F2:6F:74:86:05:88:CA:C6:BA:E1:7F:99:DE:22:DB:C4:9A:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jNzyb3SGBYjKxrrhf5neItvEmuY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/d5b1a7-466d-471c-a70c-2fb25abfdc53/1/lSlG7rI2eJuiPKf-HzKcyhBPp1g.roa
Signing time: Wed 04 Feb 2026 08:56:30 +0000
ROA not before: Wed 04 Feb 2026 08:56:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 41114
IP address blocks: 31.11.40.0/21 maxlen: 24
45.151.16.0/22 maxlen: 22
45.157.248.0/22 maxlen: 22
62.192.140.0/22 maxlen: 22
77.83.228.0/22 maxlen: 24
109.106.24.0/22 maxlen: 22
147.78.164.0/22 maxlen: 22
153.92.96.0/20 maxlen: 20
153.92.96.0/21 maxlen: 21
153.92.104.0/21 maxlen: 21
185.42.112.0/22 maxlen: 22
185.98.64.0/22 maxlen: 22
193.148.80.0/22 maxlen: 22
213.226.72.0/22 maxlen: 22
2a00:7aa0::/32 maxlen: 32
2a01:60e0::/32 maxlen: 32
2a09:26c0::/32 maxlen: 32
2a09:4380::/32 maxlen: 32
2a0a:7980::/32 maxlen: 32
2a0d:e6c0::/32 maxlen: 48
2a0f:d00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/d5b1a7-466d-471c-a70c-2fb25abfdc53/1/jNzyb3SGBYjKxrrhf5neItvEmuY.crl
rsync://rpki.ripe.net/repository/DEFAULT/07/d5b1a7-466d-471c-a70c-2fb25abfdc53/1/jNzyb3SGBYjKxrrhf5neItvEmuY.mft
rsync://rpki.ripe.net/repository/DEFAULT/jNzyb3SGBYjKxrrhf5neItvEmuY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 05:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:27:de:0f:bf:69:dc:3a:48:34:9d:29:67:1e:29:1b:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8cdcf26f74860588cac6bae17f99de22dbc49ae6
Validity
Not Before: Feb 4 08:56:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=952946eeb236789ba23ca7fe1f329cca104fa758
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:50:fa:29:f4:e8:1e:02:1c:0a:56:fd:74:20:
00:81:cb:0c:24:77:b6:b4:5b:b5:2c:e7:25:1d:14:
5f:e7:ad:3d:b5:70:a0:39:94:c2:c3:80:e9:f6:db:
f4:9d:5d:72:2c:4d:a3:ba:97:f7:0a:f8:07:45:de:
ed:36:8b:6c:e1:bd:48:17:13:49:1d:cd:c9:90:02:
13:2c:f6:d8:48:fc:a1:09:ac:34:bc:f1:c8:7c:c1:
46:02:bd:58:88:84:31:24:54:de:e5:97:c4:5f:d3:
47:d2:62:3e:cc:68:df:fe:ca:42:29:50:42:2d:d9:
84:69:c6:ca:3b:17:1d:ec:02:60:33:8b:ca:a3:19:
d7:d3:09:9f:6e:e0:b5:d7:15:e0:d4:61:56:1c:5a:
a8:d0:8c:75:ca:b7:fa:b1:f0:c5:9b:6d:b9:44:59:
d3:50:31:8a:69:b4:61:00:e1:10:57:9d:bb:0e:69:
3b:3f:d3:bf:a9:df:2f:4e:d5:0c:90:e5:24:ff:20:
72:90:78:f8:8f:1c:bc:4b:28:b1:eb:83:98:58:fc:
4c:f0:f0:82:51:18:54:1c:0a:3a:61:c4:2d:59:1a:
89:7c:5e:c5:03:c6:0c:20:b7:d7:e7:6b:29:8a:74:
90:23:ca:ed:2c:fa:60:a0:24:df:d0:5a:0e:90:33:
08:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:29:46:EE:B2:36:78:9B:A2:3C:A7:FE:1F:32:9C:CA:10:4F:A7:58
X509v3 Authority Key Identifier:
keyid:8C:DC:F2:6F:74:86:05:88:CA:C6:BA:E1:7F:99:DE:22:DB:C4:9A:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jNzyb3SGBYjKxrrhf5neItvEmuY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/d5b1a7-466d-471c-a70c-2fb25abfdc53/1/lSlG7rI2eJuiPKf-HzKcyhBPp1g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/d5b1a7-466d-471c-a70c-2fb25abfdc53/1/jNzyb3SGBYjKxrrhf5neItvEmuY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.11.40.0/21
45.151.16.0/22
45.157.248.0/22
62.192.140.0/22
77.83.228.0/22
109.106.24.0/22
147.78.164.0/22
153.92.96.0/20
185.42.112.0/22
185.98.64.0/22
193.148.80.0/22
213.226.72.0/22
IPv6:
2a00:7aa0::/32
2a01:60e0::/32
2a09:26c0::/32
2a09:4380::/32
2a0a:7980::/32
2a0d:e6c0::/32
2a0f:d00::/32
Signature Algorithm: sha256WithRSAEncryption
32:11:d3:f0:8c:e9:be:f1:3f:db:2b:01:fb:af:c1:de:9f:bd:
40:f6:a3:08:21:4f:5b:4c:60:26:d3:95:a3:7d:bf:61:29:b3:
7e:17:47:66:87:49:75:a3:3c:7b:16:c7:42:01:86:74:19:bf:
ec:47:93:b2:ca:4f:48:d8:5c:8d:a6:a4:9f:02:51:86:43:1b:
c9:68:3c:84:95:b0:af:92:db:84:c9:29:3a:82:68:43:c9:f6:
4d:10:fd:54:dd:68:50:7a:36:ee:62:9b:80:ac:60:e2:b4:fe:
0e:f9:f1:08:54:18:48:68:f5:d6:70:3e:4d:46:64:0a:d5:f6:
10:34:ae:e6:be:cc:9a:87:7a:02:d8:1b:4c:51:03:15:84:05:
c6:3a:e6:79:21:70:37:88:fa:8b:9d:a6:a0:e7:95:0d:9c:51:
4a:33:a1:77:8c:a8:44:45:8b:7a:24:d7:b1:ad:ae:79:ff:c7:
dc:ad:49:97:6d:34:83:c1:7c:9d:cb:9e:db:6d:59:a0:66:dc:
d0:14:82:45:32:e6:fe:17:d1:f9:69:7d:b5:89:4c:17:25:d1:
21:88:8d:d0:cd:15:4d:5b:26:76:cc:00:25:4f:ab:0d:59:e3:
49:e1:b7:06:c9:3c:2e:78:e5:51:44:58:64:25:d7:54:ac:0b:
83:43:9b:ea
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgISAZwn3g+/adw6SDSdKWceKRvJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjZGNmMjZmNzQ4NjA1ODhjYWM2YmFlMTdmOTlkZTIyZGJj
NDlhZTYwHhcNMjYwMjA0MDg1NjMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTI5NDZlZWIyMzY3ODliYTIzY2E3ZmUxZjMyOWNjYTEwNGZhNzU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl1D6KfToHgIcClb9dCAAgcsMJHe2
tFu1LOclHRRf5609tXCgOZTCw4Dp9tv0nV1yLE2jupf3CvgHRd7tNots4b1IFxNJ
Hc3JkAITLPbYSPyhCaw0vPHIfMFGAr1YiIQxJFTe5ZfEX9NH0mI+zGjf/spCKVBC
LdmEacbKOxcd7AJgM4vKoxnX0wmfbuC11xXg1GFWHFqo0Ix1yrf6sfDFm225RFnT
UDGKabRhAOEQV527Dmk7P9O/qd8vTtUMkOUk/yBykHj4jxy8Syix64OYWPxM8PCC
URhUHAo6YcQtWRqJfF7FA8YMILfX52spinSQI8rtLPpgoCTf0FoOkDMIEwIDAQAB
o4IChzCCAoMwHQYDVR0OBBYEFJUpRu6yNnibojyn/h8ynMoQT6dYMB8GA1UdIwQY
MBaAFIzc8m90hgWIysa64X+Z3iLbxJrmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvak56eWIzU0dCWWpLeHJyaGY1bmVJdHZFbXVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9kNWIxYTctNDY2ZC00NzFjLWE3MGMt
MmZiMjVhYmZkYzUzLzEvbFNsRzdySTJlSnVpUEtmLUh6S2N5aEJQcDFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9kNWIxYTctNDY2ZC00NzFjLWE3MGMtMmZiMjVhYmZkYzUz
LzEvak56eWIzU0dCWWpLeHJyaGY1bmVJdHZFbXVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGcBggrBgEFBQcBBwEB/wSBjDCBiTBOBAIAATBIAwQDHwso
AwQCLZcQAwQCLZ34AwQCPsCMAwQCTVPkAwQCbWoYAwQCk06kAwQEmVxgAwQCuSpw
AwQCuWJAAwQCwZRQAwQC1eJIMDcEAgACMDEDBQAqAHqgAwUAKgFg4AMFACoJJsAD
BQAqCUOAAwUAKgp5gAMFACoN5sADBQAqDw0AMA0GCSqGSIb3DQEBCwUAA4IBAQAy
EdPwjOm+8T/bKwH7r8Hen71A9qMIIU9bTGAm05Wjfb9hKbN+F0dmh0l1ozx7FsdC
AYZ0Gb/sR5Oyyk9I2FyNpqSfAlGGQxvJaDyElbCvktuEySk6gmhDyfZNEP1U3WhQ
ejbuYpuArGDitP4O+fEIVBhIaPXWcD5NRmQK1fYQNK7mvsyah3oC2BtMUQMVhAXG
OuZ5IXA3iPqLnaag55UNnFFKM6F3jKhERYt6JNexra55/8fcrUmXbTSDwXydy57b
bVmgZtzQFIJFMub+F9H5aX21iUwXJdEhiI3QzRVNWyZ2zAAlT6sNWeNJ4bcGyTwu
eOVRRFhkJddUrAuDQ5vq
-----END CERTIFICATE-----
Generated at Mon Mar 2 12:29:23 2026 by rpki-client