Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/lc3C3wc32zcnHrU1F3n1Adhu2_g.roa
File: lc3C3wc32zcnHrU1F3n1Adhu2_g.roa (raw, json)
Hash identifier: 799Y5VOF1laQ/F9V5y2xMZ9oXgKkk02hVDbVY//MZDY=
Subject key identifier: 95:CD:C2:DF:07:37:DB:37:27:1E:B5:35:17:79:F5:01:D8:6E:DB:F8
Certificate issuer: /CN=f43bf90808ae7eca063f746a8f1d88865734c8a3
Certificate serial: 019EBC7E90811D25ED1F733A46EDB08DE4D1
Authority key identifier: F4:3B:F9:08:08:AE:7E:CA:06:3F:74:6A:8F:1D:88:86:57:34:C8:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9Dv5CAiufsoGP3Rqjx2Ihlc0yKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/lc3C3wc32zcnHrU1F3n1Adhu2_g.roa
Signing time: Fri 12 Jun 2026 15:41:11 +0000
ROA not before: Fri 12 Jun 2026 15:41:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 202448
IP address blocks: 2.56.212.0/24 maxlen: 24
2.56.213.0/24 maxlen: 24
2.56.214.0/24 maxlen: 24
2.56.215.0/24 maxlen: 24
31.14.238.0/24 maxlen: 24
31.222.229.0/24 maxlen: 24
45.137.148.0/24 maxlen: 32
45.137.149.0/24 maxlen: 24
45.137.150.0/24 maxlen: 24
45.137.151.0/24 maxlen: 24
45.153.184.0/24 maxlen: 24
45.153.185.0/24 maxlen: 24
45.153.186.0/24 maxlen: 24
45.153.187.0/24 maxlen: 24
62.3.32.0/24 maxlen: 24
84.238.132.0/24 maxlen: 24
85.137.20.0/22 maxlen: 24
85.137.168.0/24 maxlen: 24
85.137.169.0/24 maxlen: 24
85.137.170.0/24 maxlen: 24
85.137.171.0/24 maxlen: 24
85.137.172.0/24 maxlen: 24
85.137.173.0/24 maxlen: 24
85.137.174.0/24 maxlen: 24
85.137.175.0/24 maxlen: 24
86.105.252.0/24 maxlen: 24
86.106.181.0/24 maxlen: 24
86.107.197.0/24 maxlen: 24
89.38.128.0/24 maxlen: 24
89.38.129.0/24 maxlen: 24
89.38.130.0/24 maxlen: 24
89.38.131.0/24 maxlen: 24
89.38.135.0/24 maxlen: 32
89.43.33.0/24 maxlen: 24
91.227.40.0/24 maxlen: 24
91.227.41.0/24 maxlen: 24
91.236.195.0/24 maxlen: 24
91.250.248.0/24 maxlen: 32
91.250.249.0/24 maxlen: 32
93.114.128.0/24 maxlen: 24
93.114.133.0/24 maxlen: 24
93.115.16.0/24 maxlen: 24
93.115.17.0/24 maxlen: 24
93.115.18.0/24 maxlen: 24
93.115.19.0/24 maxlen: 24
93.115.20.0/24 maxlen: 24
93.115.21.0/24 maxlen: 24
93.115.22.0/24 maxlen: 24
93.115.23.0/24 maxlen: 24
94.176.182.0/24 maxlen: 24
94.231.205.0/24 maxlen: 24
95.169.192.0/24 maxlen: 24
95.169.201.0/24 maxlen: 24
95.169.204.0/24 maxlen: 24
95.169.205.0/24 maxlen: 24
178.157.82.0/24 maxlen: 24
178.157.90.0/24 maxlen: 24
178.157.91.0/24 maxlen: 24
178.215.237.0/24 maxlen: 24
185.96.163.0/24 maxlen: 24
185.170.212.0/24 maxlen: 24
185.170.213.0/24 maxlen: 24
185.170.214.0/24 maxlen: 24
185.170.215.0/24 maxlen: 24
185.177.73.0/24 maxlen: 24
185.234.52.0/24 maxlen: 32
185.243.214.0/24 maxlen: 32
185.243.215.0/24 maxlen: 24
188.212.124.0/24 maxlen: 24
188.212.125.0/24 maxlen: 24
193.24.232.0/24 maxlen: 24
193.24.233.0/24 maxlen: 24
193.24.234.0/24 maxlen: 24
193.24.235.0/24 maxlen: 24
193.201.15.0/24 maxlen: 24
194.26.213.0/24 maxlen: 24
194.32.76.0/24 maxlen: 24
194.32.77.0/24 maxlen: 24
194.32.78.0/24 maxlen: 24
194.32.79.0/24 maxlen: 24
194.63.145.0/24 maxlen: 24
194.99.20.0/24 maxlen: 24
194.99.21.0/24 maxlen: 24
194.99.22.0/24 maxlen: 24
194.99.23.0/24 maxlen: 24
195.14.9.0/24 maxlen: 24
2a05:8280::/32 maxlen: 32
2a09:cd40::/32 maxlen: 32
2a09:cd41::/32 maxlen: 32
2a09:cd42::/32 maxlen: 32
2a09:cd43::/32 maxlen: 32
2a09:cd44::/32 maxlen: 32
2a09:cd45::/32 maxlen: 32
2a09:cd46::/32 maxlen: 32
2a0c:b9c0::/32 maxlen: 32
2a0c:b9c1::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/9Dv5CAiufsoGP3Rqjx2Ihlc0yKM.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/9Dv5CAiufsoGP3Rqjx2Ihlc0yKM.mft
rsync://rpki.ripe.net/repository/DEFAULT/9Dv5CAiufsoGP3Rqjx2Ihlc0yKM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 18:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:bc:7e:90:81:1d:25:ed:1f:73:3a:46:ed:b0:8d:e4:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f43bf90808ae7eca063f746a8f1d88865734c8a3
Validity
Not Before: Jun 12 15:41:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=95cdc2df0737db37271eb5351779f501d86edbf8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:82:93:5c:fc:28:76:4b:4f:c5:e2:28:e6:f3:
5a:c8:1b:b6:c5:15:c8:f2:c1:10:29:ec:34:5d:87:
95:a9:9f:e5:bd:75:70:6a:f4:e5:e6:78:e2:8f:1d:
16:13:6e:f4:ac:c0:23:bf:b9:15:65:be:de:3b:e6:
f5:e9:87:fe:8d:17:5c:42:c2:ac:49:db:38:09:89:
34:16:7f:92:8e:13:57:86:73:0a:12:e6:3c:40:ad:
5f:68:75:c9:1a:86:2e:30:8c:58:fc:61:89:65:04:
ce:72:2f:46:c9:03:2a:09:df:28:cd:ae:37:c2:e9:
b6:5b:38:81:6d:14:35:27:46:54:ef:0b:5b:97:d3:
c3:7e:18:d8:2c:aa:1a:ee:0c:58:b0:f5:d9:32:b6:
cd:d4:1e:4a:b5:be:b0:40:f5:9d:c0:f5:3f:8d:0f:
fb:a5:21:4c:90:c3:ae:71:f9:3f:3e:dd:07:82:dd:
6d:d0:f5:b9:28:bf:e6:5d:ab:fe:f6:11:63:09:32:
d3:7f:ae:4b:3b:ec:67:aa:f3:9e:3b:d8:26:66:2c:
7c:95:d7:4c:86:30:ad:cc:69:29:b9:47:d7:b3:25:
05:59:b5:f3:35:e9:e1:41:44:bc:6b:ce:75:cb:4c:
16:5c:3a:d1:9a:23:38:ef:7c:91:96:84:47:e4:29:
7e:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:CD:C2:DF:07:37:DB:37:27:1E:B5:35:17:79:F5:01:D8:6E:DB:F8
X509v3 Authority Key Identifier:
keyid:F4:3B:F9:08:08:AE:7E:CA:06:3F:74:6A:8F:1D:88:86:57:34:C8:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9Dv5CAiufsoGP3Rqjx2Ihlc0yKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/lc3C3wc32zcnHrU1F3n1Adhu2_g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/9Dv5CAiufsoGP3Rqjx2Ihlc0yKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.212.0/22
31.14.238.0/24
31.222.229.0/24
45.137.148.0/22
45.153.184.0/22
62.3.32.0/24
84.238.132.0/24
85.137.20.0/22
85.137.168.0/21
86.105.252.0/24
86.106.181.0/24
86.107.197.0/24
89.38.128.0/22
89.38.135.0/24
89.43.33.0/24
91.227.40.0/23
91.236.195.0/24
91.250.248.0/23
93.114.128.0/24
93.114.133.0/24
93.115.16.0/21
94.176.182.0/24
94.231.205.0/24
95.169.192.0/24
95.169.201.0/24
95.169.204.0/23
178.157.82.0/24
178.157.90.0/23
178.215.237.0/24
185.96.163.0/24
185.170.212.0/22
185.177.73.0/24
185.234.52.0/24
185.243.214.0/23
188.212.124.0/23
193.24.232.0/22
193.201.15.0/24
194.26.213.0/24
194.32.76.0/22
194.63.145.0/24
194.99.20.0/22
195.14.9.0/24
IPv6:
2a05:8280::/32
2a09:cd40::-2a09:cd46:ffff:ffff:ffff:ffff:ffff:ffff
2a0c:b9c0::/31
Signature Algorithm: sha256WithRSAEncryption
dd:d6:19:55:73:62:df:70:8c:ce:3a:e3:b7:f4:de:15:d5:76:
03:e3:c3:17:fe:34:0d:3d:f4:b5:1f:8b:22:c7:cf:07:86:8d:
80:f9:e6:95:d6:20:58:15:02:eb:2b:f4:34:6e:44:3a:1c:cf:
7f:c5:6a:26:04:3b:64:20:98:12:98:95:94:64:0e:00:d5:e5:
41:e8:f0:de:64:78:c6:b1:09:51:2d:d6:e4:26:28:4f:5f:f0:
72:ee:4f:77:69:b5:60:60:4b:8a:6f:a0:9a:f2:25:6d:c0:7f:
37:59:96:bb:14:e7:a7:a4:35:ec:c4:56:53:e7:aa:ae:d1:f2:
ca:e7:db:8f:c4:59:66:d5:75:14:c1:d3:f5:15:be:3a:21:a0:
e6:75:67:76:60:65:1d:82:53:ac:c4:be:84:57:71:06:20:04:
b7:3e:b6:00:29:b6:1c:fb:77:40:b3:7f:87:cb:c8:b0:e9:ee:
20:bd:82:3b:82:54:43:9d:41:06:95:87:fe:82:36:2d:52:82:
64:24:33:f9:e2:95:2b:db:8c:20:41:d7:cb:bb:33:a1:5c:ac:
ce:f2:03:f5:b7:0f:8e:4b:3f:0e:2c:bc:06:7e:4b:ec:06:a4:
4e:ba:f8:e4:f3:ca:c8:ab:95:e9:bb:c0:27:b5:1b:76:46:d3:
b1:27:64:4f
-----BEGIN CERTIFICATE-----
MIIGIjCCBQqgAwIBAgISAZ68fpCBHSXtH3M6Ru2wjeTRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0M2JmOTA4MDhhZTdlY2EwNjNmNzQ2YThmMWQ4ODg2NTcz
NGM4YTMwHhcNMjYwNjEyMTU0MTExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWNkYzJkZjA3MzdkYjM3MjcxZWI1MzUxNzc5ZjUwMWQ4NmVkYmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj4KTXPwodktPxeIo5vNayBu2xRXI
8sEQKew0XYeVqZ/lvXVwavTl5njijx0WE270rMAjv7kVZb7eO+b16Yf+jRdcQsKs
Sds4CYk0Fn+SjhNXhnMKEuY8QK1faHXJGoYuMIxY/GGJZQTOci9GyQMqCd8oza43
wum2WziBbRQ1J0ZU7wtbl9PDfhjYLKoa7gxYsPXZMrbN1B5Ktb6wQPWdwPU/jQ/7
pSFMkMOucfk/Pt0Hgt1t0PW5KL/mXav+9hFjCTLTf65LO+xnqvOeO9gmZix8lddM
hjCtzGkpuUfXsyUFWbXzNenhQUS8a851y0wWXDrRmiM473yRloRH5Cl+kQIDAQAB
o4IDLjCCAyowHQYDVR0OBBYEFJXNwt8HN9s3Jx61NRd59QHYbtv4MB8GA1UdIwQY
MBaAFPQ7+QgIrn7KBj90ao8diIZXNMijMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUR2NUNBaXVmc29HUDNScWp4MklobGMweUtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9hOGQ5NDMtZjA4Mi00YjE4LWI4NDAt
Mzg5MTk1YzRmMDdiLzEvbGMzQzN3YzMyemNuSHJVMUYzbjFBZGh1Ml9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9hOGQ5NDMtZjA4Mi00YjE4LWI4NDAtMzg5MTk1YzRmMDdi
LzEvOUR2NUNBaXVmc29HUDNScWp4MklobGMweUtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBQgYIKwYBBQUHAQcBAf8EggExMIIBLTCCAQMEAgABMIH8
AwQCAjjUAwQAHw7uAwQAH97lAwQCLYmUAwQCLZm4AwQAPgMgAwQAVO6EAwQCVYkU
AwQDVYmoAwQAVmn8AwQAVmq1AwQAVmvFAwQCWSaAAwQAWSaHAwQAWSshAwQBW+Mo
AwQAW+zDAwQBW/r4AwQAXXKAAwQAXXKFAwQDXXMQAwQAXrC2AwQAXufNAwQAX6nA
AwQAX6nJAwQBX6nMAwQAsp1SAwQBsp1aAwQAstftAwQAuWCjAwQCuarUAwQAubFJ
AwQAueo0AwQBufPWAwQBvNR8AwQCwRjoAwQAwckPAwQAwhrVAwQCwiBMAwQAwj+R
AwQCwmMUAwQAww4JMCQEAgACMB4DBQAqBYKAMA4DBQYqCc1AAwUAKgnNRgMFASoM
ucAwDQYJKoZIhvcNAQELBQADggEBAN3WGVVzYt9wjM4647f03hXVdgPjwxf+NA09
9LUfiyLHzweGjYD55pXWIFgVAusr9DRuRDocz3/FaiYEO2QgmBKYlZRkDgDV5UHo
8N5keMaxCVEt1uQmKE9f8HLuT3dptWBgS4pvoJryJW3AfzdZlrsU56ekNezEVlPn
qq7R8srn24/EWWbVdRTB0/UVvjohoOZ1Z3ZgZR2CU6zEvoRXcQYgBLc+tgApthz7
d0Czf4fLyLDp7iC9gjuCVEOdQQaVh/6CNi1SgmQkM/nilSvbjCBB18u7M6FcrM7y
A/W3D45LPw4svAZ+S+wGpE66+OTzysirlem7wCe1G3ZG07EnZE8=
-----END CERTIFICATE-----
Generated at Sun Jun 14 04:47:32 2026 by rpki-client