Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/sB4_WHf0SZ09__UhJHd87A3_flc.roa
File: sB4_WHf0SZ09__UhJHd87A3_flc.roa (raw, json)
Hash identifier: XCVtQn+UgOjmQ01+Wqu+dFAhTj3/l8D06C6ft0oULW0=
Subject key identifier: B0:1E:3F:58:77:F4:49:9D:3D:FF:F5:21:24:77:7C:EC:0D:FF:7E:57
Certificate issuer: /CN=aca66a5938af567a9e29b4f76f115607c2b8aa20
Certificate serial: 019D698BC23CA0A80EBC95414E9351895D5A
Authority key identifier: AC:A6:6A:59:38:AF:56:7A:9E:29:B4:F7:6F:11:56:07:C2:B8:AA:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rKZqWTivVnqeKbT3bxFWB8K4qiA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/sB4_WHf0SZ09__UhJHd87A3_flc.roa
Signing time: Tue 07 Apr 2026 20:04:20 +0000
ROA not before: Tue 07 Apr 2026 20:04:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 53813
IP address blocks: 137.31.17.0/24 maxlen: 24
137.31.18.0/24 maxlen: 24
137.31.19.0/24 maxlen: 24
137.31.44.0/24 maxlen: 24
147.161.192.0/23 maxlen: 24
147.161.194.0/23 maxlen: 24
147.161.196.0/23 maxlen: 24
147.161.198.0/23 maxlen: 24
147.161.200.0/23 maxlen: 24
147.161.204.0/23 maxlen: 24
147.161.208.0/23 maxlen: 24
147.161.210.0/23 maxlen: 24
147.161.212.0/23 maxlen: 24
147.161.214.0/23 maxlen: 24
147.161.216.0/23 maxlen: 24
147.161.218.0/23 maxlen: 24
147.161.220.0/23 maxlen: 24
159.254.98.0/24 maxlen: 24
159.254.103.0/24 maxlen: 24
159.254.204.0/24 maxlen: 24
164.137.56.0/24 maxlen: 24
164.137.57.0/24 maxlen: 24
164.137.58.0/24 maxlen: 24
164.137.59.0/24 maxlen: 24
164.137.60.0/24 maxlen: 24
164.137.69.0/24 maxlen: 24
164.137.109.0/24 maxlen: 24
164.137.159.0/24 maxlen: 24
164.137.160.0/24 maxlen: 24
164.137.161.0/24 maxlen: 24
164.137.162.0/24 maxlen: 24
164.137.163.0/24 maxlen: 24
164.137.164.0/24 maxlen: 24
164.137.165.0/24 maxlen: 24
164.137.166.0/24 maxlen: 24
164.137.167.0/24 maxlen: 24
164.137.168.0/24 maxlen: 24
164.137.169.0/24 maxlen: 24
164.137.170.0/24 maxlen: 24
164.137.171.0/24 maxlen: 24
164.137.172.0/24 maxlen: 24
164.137.173.0/24 maxlen: 24
164.137.174.0/24 maxlen: 24
164.137.175.0/24 maxlen: 24
164.137.176.0/24 maxlen: 24
164.137.177.0/24 maxlen: 24
164.137.178.0/24 maxlen: 24
164.137.179.0/24 maxlen: 24
164.137.180.0/24 maxlen: 24
164.137.181.0/24 maxlen: 24
164.137.182.0/24 maxlen: 24
164.137.183.0/24 maxlen: 24
164.137.184.0/24 maxlen: 24
164.137.185.0/24 maxlen: 24
164.137.186.0/24 maxlen: 24
164.137.187.0/24 maxlen: 24
164.137.188.0/24 maxlen: 24
164.137.189.0/24 maxlen: 24
164.137.190.0/24 maxlen: 24
164.137.191.0/24 maxlen: 24
164.137.192.0/24 maxlen: 24
2a03:eec0:3211::/48 maxlen: 48
2a03:eec0:3216::/48 maxlen: 48
2a03:eec0:3223::/48 maxlen: 48
2a03:eec0:3224::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/rKZqWTivVnqeKbT3bxFWB8K4qiA.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/rKZqWTivVnqeKbT3bxFWB8K4qiA.mft
rsync://rpki.ripe.net/repository/DEFAULT/rKZqWTivVnqeKbT3bxFWB8K4qiA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:69:8b:c2:3c:a0:a8:0e:bc:95:41:4e:93:51:89:5d:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aca66a5938af567a9e29b4f76f115607c2b8aa20
Validity
Not Before: Apr 7 20:04:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b01e3f5877f4499d3dfff52124777cec0dff7e57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:92:a4:9f:7a:1d:35:e2:bd:8b:b7:cd:11:7d:
e1:7c:f8:9d:55:87:f3:65:f4:4b:39:ca:59:a8:86:
c7:02:a6:15:42:47:b5:93:20:d0:f9:8c:91:72:6e:
5a:df:20:bd:69:4c:d6:75:20:c0:4c:be:0a:d4:0c:
37:4f:7e:6e:8b:27:bf:63:5f:1b:51:19:ec:dc:18:
cb:9e:12:03:a6:34:a3:53:66:33:7a:c6:a4:04:45:
48:0c:03:88:c6:96:f8:27:c8:9c:c2:f6:b2:46:1d:
fb:08:15:69:47:60:65:f7:da:58:fd:bf:b0:cb:bc:
f1:d7:b1:3f:97:73:e9:34:1a:76:e6:d4:e7:61:d2:
85:a6:c1:b0:96:26:b7:6a:19:55:0f:43:01:74:d0:
bf:d5:31:67:a5:5c:7c:3a:88:b4:e3:bf:1a:8b:78:
5b:c1:8a:da:00:f2:d6:4e:b3:a1:0f:6b:4a:71:5e:
61:e7:09:c7:7d:25:a2:0d:97:35:84:2b:02:e1:09:
76:b9:7c:82:ac:c2:6b:a7:1d:26:9c:7b:0b:ce:96:
74:e1:8c:55:7f:cd:04:f9:f5:79:63:fc:37:66:28:
fd:2e:47:ed:2a:ef:26:a3:82:93:a2:81:1d:50:b5:
20:73:96:ed:80:9c:51:48:64:8b:0d:5a:c3:52:b2:
25:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:1E:3F:58:77:F4:49:9D:3D:FF:F5:21:24:77:7C:EC:0D:FF:7E:57
X509v3 Authority Key Identifier:
keyid:AC:A6:6A:59:38:AF:56:7A:9E:29:B4:F7:6F:11:56:07:C2:B8:AA:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rKZqWTivVnqeKbT3bxFWB8K4qiA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/sB4_WHf0SZ09__UhJHd87A3_flc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/rKZqWTivVnqeKbT3bxFWB8K4qiA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
137.31.17.0-137.31.19.255
137.31.44.0/24
147.161.192.0-147.161.201.255
147.161.204.0/23
147.161.208.0-147.161.221.255
159.254.98.0/24
159.254.103.0/24
159.254.204.0/24
164.137.56.0-164.137.60.255
164.137.69.0/24
164.137.109.0/24
164.137.159.0-164.137.192.255
IPv6:
2a03:eec0:3211::/48
2a03:eec0:3216::/48
2a03:eec0:3223::-2a03:eec0:3224:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
0a:09:96:85:9c:16:34:ff:3b:c5:a0:60:0b:43:4e:61:ae:b0:
38:2e:86:d5:6f:3c:46:39:1b:4d:a6:fa:35:b8:24:83:97:29:
16:5f:1e:96:a7:e7:10:4c:c3:c2:2a:aa:30:63:54:2d:7c:6e:
b4:64:d6:f7:34:f4:28:5e:a5:0a:52:b2:bf:c2:51:0f:23:fc:
84:56:10:ac:97:1b:8b:82:db:16:bc:b8:17:20:e7:e4:c3:2a:
56:b0:fc:5d:de:74:c0:0a:52:89:62:d6:82:59:08:46:c3:8b:
37:bb:e8:a8:98:fa:ae:03:ff:ee:54:11:75:bc:64:aa:61:c8:
6c:8a:57:f6:dc:16:a1:27:bc:dd:5f:d9:06:fb:31:2f:d5:6a:
2e:73:56:e4:e6:92:d1:71:95:36:49:b2:a4:d1:c4:86:86:4b:
e7:10:36:67:ef:97:bf:36:e7:48:c4:d7:8f:4e:f2:3e:fd:23:
c1:2d:b7:16:62:5e:0a:bb:c0:34:60:38:b1:d6:a6:97:51:0f:
08:21:e2:c5:56:50:70:55:1e:74:87:d7:a9:9b:c0:c3:01:12:
4c:47:e6:cb:50:60:40:5e:2a:cf:0d:77:21:7d:f7:7a:0e:0d:
25:ae:02:0f:ca:42:55:62:61:b4:4d:fc:0e:8e:bf:e4:b4:83:
cc:94:50:58
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgISAZ1pi8I8oKgOvJVBTpNRiV1aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjYTY2YTU5MzhhZjU2N2E5ZTI5YjRmNzZmMTE1NjA3YzJi
OGFhMjAwHhcNMjYwNDA3MjAwNDIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDFlM2Y1ODc3ZjQ0OTlkM2RmZmY1MjEyNDc3N2NlYzBkZmY3ZTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5ZKkn3odNeK9i7fNEX3hfPidVYfz
ZfRLOcpZqIbHAqYVQke1kyDQ+YyRcm5a3yC9aUzWdSDATL4K1Aw3T35uiye/Y18b
URns3BjLnhIDpjSjU2YzesakBEVIDAOIxpb4J8icwvayRh37CBVpR2Bl99pY/b+w
y7zx17E/l3PpNBp25tTnYdKFpsGwlia3ahlVD0MBdNC/1TFnpVx8Ooi0478ai3hb
wYraAPLWTrOhD2tKcV5h5wnHfSWiDZc1hCsC4Ql2uXyCrMJrpx0mnHsLzpZ04YxV
f80E+fV5Y/w3Zij9LkftKu8mo4KTooEdULUgc5btgJxRSGSLDVrDUrIlRQIDAQAB
o4ICpDCCAqAwHQYDVR0OBBYEFLAeP1h39EmdPf/1ISR3fOwN/35XMB8GA1UdIwQY
MBaAFKymalk4r1Z6nim0928RVgfCuKogMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcktacVdUaXZWbnFlS2JUM2J4RldCOEs0cWlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8xNTA4OWItMThkNy00ZmYwLTlkMjgt
YjliNjU0MDJiOTI4LzEvc0I0X1dIZjBTWjA5X19VaEpIZDg3QTNfZmxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8xNTA4OWItMThkNy00ZmYwLTlkMjgtYjliNjU0MDJiOTI4
LzEvcktacVdUaXZWbnFlS2JUM2J4RldCOEs0cWlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG5BggrBgEFBQcBBwEB/wSBqTCBpjB2BAIAATBwMAwDBACJ
HxEDBAKJHxADBACJHywwDAMEBpOhwAMEAZOhyAMEAZOhzDAMAwQEk6HQAwQBk6Hc
AwQAn/5iAwQAn/5nAwQAn/7MMAwDBAOkiTgDBACkiTwDBACkiUUDBACkiW0wDAME
AKSJnwMEAKSJwDAsBAIAAjAmAwcAKgPuwDIRAwcAKgPuwDIWMBIDBwAqA+7AMiMD
BwAqA+7AMiQwDQYJKoZIhvcNAQELBQADggEBAAoJloWcFjT/O8WgYAtDTmGusDgu
htVvPEY5G02m+jW4JIOXKRZfHpan5xBMw8IqqjBjVC18brRk1vc09ChepQpSsr/C
UQ8j/IRWEKyXG4uC2xa8uBcg5+TDKlaw/F3edMAKUoli1oJZCEbDize76KiY+q4D
/+5UEXW8ZKphyGyKV/bcFqEnvN1f2Qb7MS/Vai5zVuTmktFxlTZJsqTRxIaGS+cQ
Nmfvl78250jE149O8j79I8EttxZiXgq7wDRgOLHWppdRDwgh4sVWUHBVHnSH16mb
wMMBEkxH5stQYEBeKs8NdyF993oODSWuAg/KQlViYbRN/A6Ov+S0g8yUUFg=
-----END CERTIFICATE-----
Generated at Fri Apr 17 17:26:53 2026 by rpki-client