Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/9911ac-4cf2-4ee5-8d63-049bdc6b8ef3/1/K1yzaA2LKv6WrPfYON-LGHn3q18.roa
File: K1yzaA2LKv6WrPfYON-LGHn3q18.roa (raw, json)
Hash identifier: e3dzwnCmJbGlroDSJANi3J5QVo/VvZgQAmatunxEAZo=
Subject key identifier: 2B:5C:B3:68:0D:8B:2A:FE:96:AC:F7:D8:38:DF:8B:18:79:F7:AB:5F
Certificate issuer: /CN=97429de8bcc3be474abbda2be2a89d0f3208c385
Certificate serial: 019B7758B591DCC1D7EF4358F7BBB6705F93
Authority key identifier: 97:42:9D:E8:BC:C3:BE:47:4A:BB:DA:2B:E2:A8:9D:0F:32:08:C3:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l0Kd6LzDvkdKu9or4qidDzIIw4U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/9911ac-4cf2-4ee5-8d63-049bdc6b8ef3/1/K1yzaA2LKv6WrPfYON-LGHn3q18.roa
Signing time: Thu 01 Jan 2026 02:17:40 +0000
ROA not before: Thu 01 Jan 2026 02:17:40 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 41833
IP address blocks: 46.227.248.0/21 maxlen: 21
46.227.248.0/24 maxlen: 24
46.227.249.0/24 maxlen: 24
46.227.250.0/24 maxlen: 24
46.227.251.0/24 maxlen: 24
46.227.252.0/24 maxlen: 24
46.227.253.0/24 maxlen: 24
46.227.254.0/24 maxlen: 24
46.227.255.0/24 maxlen: 24
89.249.208.0/20 maxlen: 20
89.249.208.0/24 maxlen: 24
89.249.208.136/29 maxlen: 29
89.249.209.0/24 maxlen: 24
89.249.210.0/24 maxlen: 24
89.249.211.0/24 maxlen: 24
89.249.212.0/24 maxlen: 24
89.249.212.0/28 maxlen: 28
89.249.213.0/24 maxlen: 24
89.249.214.0/24 maxlen: 24
89.249.215.0/24 maxlen: 24
89.249.216.0/24 maxlen: 24
89.249.217.0/24 maxlen: 24
89.249.218.0/24 maxlen: 24
89.249.219.0/24 maxlen: 24
89.249.220.0/24 maxlen: 24
89.249.220.64/28 maxlen: 28
89.249.221.0/24 maxlen: 24
89.249.221.80/29 maxlen: 29
89.249.222.0/24 maxlen: 24
89.249.223.0/24 maxlen: 24
93.185.224.0/20 maxlen: 20
93.185.224.0/24 maxlen: 24
93.185.225.0/24 maxlen: 24
93.185.226.0/24 maxlen: 24
93.185.227.0/24 maxlen: 24
93.185.228.0/24 maxlen: 24
93.185.229.0/24 maxlen: 24
93.185.229.0/30 maxlen: 30
93.185.230.0/24 maxlen: 24
93.185.230.160/29 maxlen: 29
93.185.231.0/24 maxlen: 24
93.185.231.0/29 maxlen: 29
93.185.232.0/24 maxlen: 24
93.185.233.0/24 maxlen: 24
93.185.234.0/24 maxlen: 24
93.185.235.0/24 maxlen: 24
93.185.236.0/24 maxlen: 24
93.185.236.136/29 maxlen: 29
93.185.237.0/24 maxlen: 24
93.185.238.0/24 maxlen: 24
93.185.239.0/24 maxlen: 24
95.141.48.0/20 maxlen: 20
95.141.48.0/24 maxlen: 24
95.141.49.0/24 maxlen: 24
95.141.50.0/24 maxlen: 24
95.141.51.0/24 maxlen: 24
95.141.52.0/24 maxlen: 24
95.141.53.0/24 maxlen: 24
95.141.54.0/24 maxlen: 24
95.141.55.0/24 maxlen: 24
95.141.56.0/24 maxlen: 24
95.141.57.0/24 maxlen: 24
95.141.58.0/24 maxlen: 24
95.141.59.0/24 maxlen: 24
95.141.60.0/24 maxlen: 24
95.141.61.0/24 maxlen: 24
95.141.62.0/24 maxlen: 24
95.141.63.0/24 maxlen: 24
141.138.176.0/20 maxlen: 20
141.138.176.0/24 maxlen: 24
141.138.177.0/24 maxlen: 24
141.138.178.0/24 maxlen: 24
141.138.179.0/24 maxlen: 24
141.138.180.0/24 maxlen: 24
141.138.181.0/24 maxlen: 24
141.138.182.0/24 maxlen: 24
141.138.183.0/24 maxlen: 24
141.138.184.0/24 maxlen: 24
141.138.185.0/24 maxlen: 24
141.138.186.0/24 maxlen: 24
141.138.186.96/29 maxlen: 29
141.138.186.144/29 maxlen: 29
141.138.187.0/24 maxlen: 24
141.138.188.0/24 maxlen: 24
141.138.189.0/24 maxlen: 24
141.138.190.0/24 maxlen: 24
141.138.191.0/24 maxlen: 24
141.138.191.208/29 maxlen: 29
185.58.200.0/22 maxlen: 22
185.58.200.0/24 maxlen: 24
185.58.201.0/24 maxlen: 24
185.58.202.0/24 maxlen: 24
185.58.203.0/24 maxlen: 24
2a02:f50::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/9911ac-4cf2-4ee5-8d63-049bdc6b8ef3/1/l0Kd6LzDvkdKu9or4qidDzIIw4U.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/9911ac-4cf2-4ee5-8d63-049bdc6b8ef3/1/l0Kd6LzDvkdKu9or4qidDzIIw4U.mft
rsync://rpki.ripe.net/repository/DEFAULT/l0Kd6LzDvkdKu9or4qidDzIIw4U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 15:05:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:77:58:b5:91:dc:c1:d7:ef:43:58:f7:bb:b6:70:5f:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97429de8bcc3be474abbda2be2a89d0f3208c385
Validity
Not Before: Jan 1 02:17:40 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2b5cb3680d8b2afe96acf7d838df8b1879f7ab5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:bb:e7:c9:be:9e:f1:fa:07:c1:27:1a:26:ab:
43:63:48:d4:86:14:32:d5:d5:d8:6d:9d:b4:9d:7a:
79:f9:34:31:3a:37:37:bd:ee:e4:c1:86:7e:73:7e:
85:f0:a1:d3:36:25:54:fc:6b:92:32:89:90:f5:83:
be:da:b6:2d:69:e6:51:7c:df:4f:8d:70:d9:e2:32:
3a:f0:67:4a:70:f6:f8:5c:5a:dd:69:27:00:c8:14:
4f:92:d2:0a:4a:22:60:d0:4d:59:67:49:cb:62:00:
8b:6f:77:8a:0c:89:1d:47:b2:e8:d4:f0:ab:d2:e4:
45:7c:03:79:a6:bd:95:51:1e:12:e1:38:8c:52:4c:
32:74:23:cf:82:b5:b2:3c:ad:4b:dd:96:ed:2e:54:
0e:86:34:75:f1:de:f0:9d:20:51:cc:14:aa:b3:48:
65:c8:3f:2a:00:9c:d5:49:3e:6b:4b:a2:8d:c4:a7:
49:3b:71:c6:1e:b4:ba:54:18:bc:6f:2c:9c:13:eb:
b0:10:be:66:5a:78:32:30:16:83:8b:30:20:a6:c4:
b8:e9:c4:a9:c3:76:d2:55:67:43:55:90:29:ff:24:
ee:ec:7e:32:5a:06:14:63:2d:ff:92:53:14:c5:a9:
a6:7f:f4:29:82:be:3d:71:6c:da:0b:60:62:4a:9c:
39:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:5C:B3:68:0D:8B:2A:FE:96:AC:F7:D8:38:DF:8B:18:79:F7:AB:5F
X509v3 Authority Key Identifier:
keyid:97:42:9D:E8:BC:C3:BE:47:4A:BB:DA:2B:E2:A8:9D:0F:32:08:C3:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l0Kd6LzDvkdKu9or4qidDzIIw4U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/9911ac-4cf2-4ee5-8d63-049bdc6b8ef3/1/K1yzaA2LKv6WrPfYON-LGHn3q18.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/9911ac-4cf2-4ee5-8d63-049bdc6b8ef3/1/l0Kd6LzDvkdKu9or4qidDzIIw4U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.227.248.0/21
89.249.208.0/20
93.185.224.0/20
95.141.48.0/20
141.138.176.0/20
185.58.200.0/22
IPv6:
2a02:f50::/32
Signature Algorithm: sha256WithRSAEncryption
a0:89:ce:e7:4a:20:49:22:a7:1c:66:9b:c1:ea:54:af:d1:02:
2c:48:af:68:ec:03:33:d6:e9:00:a9:f9:b1:dd:dc:f7:bc:27:
bb:68:11:c3:bd:12:b3:be:27:5b:ae:dc:17:86:44:83:ce:26:
ac:12:ee:51:71:e6:5e:ea:08:fa:8f:aa:f0:09:f7:51:0d:5f:
24:87:8c:6b:97:d0:41:4a:9d:76:24:45:fe:2b:0f:7a:69:5f:
d0:be:36:7c:1f:05:87:9f:c4:41:c9:84:ad:73:f6:1a:f6:b6:
05:ef:e0:78:62:40:da:53:76:51:95:24:13:0f:63:be:c5:93:
04:56:ca:4c:b0:8c:19:a1:79:da:77:11:f9:ba:1b:d9:af:f1:
54:0e:1f:b3:6c:76:eb:5e:dd:72:b5:1b:fe:a2:d2:d7:62:59:
36:bb:51:10:9e:84:53:7d:29:48:f2:9c:ac:dc:53:3a:04:d1:
dc:e7:c6:ca:1b:28:c6:a5:3b:a4:f4:ef:47:63:21:86:a7:cd:
28:f6:4b:0b:f5:c2:8d:aa:1b:68:f8:c0:5a:26:b4:4e:a1:60:
23:c4:7f:6e:60:c0:ea:f0:d8:ed:c0:99:77:13:96:26:f3:3b:
02:b9:a1:36:65:ff:15:48:f3:39:5a:cc:e5:cb:74:61:47:f0:
f9:26:6d:ab
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZt3WLWR3MHX70NY97u2cF+TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3NDI5ZGU4YmNjM2JlNDc0YWJiZGEyYmUyYTg5ZDBmMzIw
OGMzODUwHhcNMjYwMTAxMDIxNzQwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjVjYjM2ODBkOGIyYWZlOTZhY2Y3ZDgzOGRmOGIxODc5ZjdhYjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Lvnyb6e8foHwScaJqtDY0jUhhQy
1dXYbZ20nXp5+TQxOjc3ve7kwYZ+c36F8KHTNiVU/GuSMomQ9YO+2rYtaeZRfN9P
jXDZ4jI68GdKcPb4XFrdaScAyBRPktIKSiJg0E1ZZ0nLYgCLb3eKDIkdR7Lo1PCr
0uRFfAN5pr2VUR4S4TiMUkwydCPPgrWyPK1L3ZbtLlQOhjR18d7wnSBRzBSqs0hl
yD8qAJzVST5rS6KNxKdJO3HGHrS6VBi8byycE+uwEL5mWngyMBaDizAgpsS46cSp
w3bSVWdDVZAp/yTu7H4yWgYUYy3/klMUxammf/Qpgr49cWzaC2BiSpw5twIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFCtcs2gNiyr+lqz32Djfixh596tfMB8GA1UdIwQY
MBaAFJdCnei8w75HSrvaK+KonQ8yCMOFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDBLZDZMekR2a2RLdTlvcjRxaWREeklJdzRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC85OTExYWMtNGNmMi00ZWU1LThkNjMt
MDQ5YmRjNmI4ZWYzLzEvSzF5emFBMkxLdjZXclBmWU9OLUxHSG4zcTE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC85OTExYWMtNGNmMi00ZWU1LThkNjMtMDQ5YmRjNmI4ZWYz
LzEvbDBLZDZMekR2a2RLdTlvcjRxaWREeklJdzRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDLuP4AwQE
WfnQAwQEXbngAwQEX40wAwQEjYqwAwQCuTrIMA0EAgACMAcDBQAqAg9QMA0GCSqG
SIb3DQEBCwUAA4IBAQCgic7nSiBJIqccZpvB6lSv0QIsSK9o7AMz1ukAqfmx3dz3
vCe7aBHDvRKzvidbrtwXhkSDziasEu5RceZe6gj6j6rwCfdRDV8kh4xrl9BBSp12
JEX+Kw96aV/QvjZ8HwWHn8RByYStc/Ya9rYF7+B4YkDaU3ZRlSQTD2O+xZMEVspM
sIwZoXnadxH5uhvZr/FUDh+zbHbrXt1ytRv+otLXYlk2u1EQnoRTfSlI8pys3FM6
BNHc58bKGyjGpTuk9O9HYyGGp80o9ksL9cKNqhto+MBaJrROoWAjxH9uYMDq8Njt
wJl3E5Ym8zsCuaE2Zf8VSPM5Wszly3RhR/D5Jm2r
-----END CERTIFICATE-----
Generated at Mon Mar 2 22:45:14 2026 by rpki-client