Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/b084bf-a454-43cf-ac92-47d98e58545a/1/LYrAh5-r5zfHa2U4I2LQcfLsXLM.roa
File: LYrAh5-r5zfHa2U4I2LQcfLsXLM.roa (raw, json)
Hash identifier: jNJpzhfWFexwPEvm3W+RsLKQ3L2mSc+llJoqxO6bOhI=
Subject key identifier: 2D:8A:C0:87:9F:AB:E7:37:C7:6B:65:38:23:62:D0:71:F2:EC:5C:B3
Certificate issuer: /CN=80a9fff63a3477957ff75ccdc003dab68cf9d155
Certificate serial: 019D77F6402C5AE27D5D634D2670C1E76C29
Authority key identifier: 80:A9:FF:F6:3A:34:77:95:7F:F7:5C:CD:C0:03:DA:B6:8C:F9:D1:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gKn_9jo0d5V_91zNwAPatoz50VU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/b084bf-a454-43cf-ac92-47d98e58545a/1/LYrAh5-r5zfHa2U4I2LQcfLsXLM.roa
Signing time: Fri 10 Apr 2026 15:15:19 +0000
ROA not before: Fri 10 Apr 2026 15:15:19 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 16276
IP address blocks: 5.39.0.0/17 maxlen: 17
5.135.0.0/16 maxlen: 16
5.196.0.0/16 maxlen: 16
37.59.0.0/16 maxlen: 16
37.187.0.0/16 maxlen: 16
46.105.0.0/16 maxlen: 16
46.105.198.0/24 maxlen: 24
46.105.199.0/24 maxlen: 24
46.105.200.0/24 maxlen: 24
46.105.201.0/24 maxlen: 24
46.105.202.0/24 maxlen: 24
46.105.203.0/24 maxlen: 24
46.105.204.0/24 maxlen: 24
46.105.206.0/24 maxlen: 24
46.105.207.0/24 maxlen: 24
51.38.0.0/16 maxlen: 16
51.68.0.0/16 maxlen: 16
51.75.0.0/16 maxlen: 16
51.77.0.0/16 maxlen: 16
51.83.0.0/16 maxlen: 16
51.89.0.0/16 maxlen: 16
51.91.0.0/16 maxlen: 16
51.178.0.0/16 maxlen: 16
51.195.0.0/16 maxlen: 16
51.210.0.0/16 maxlen: 16
51.254.0.0/15 maxlen: 15
54.36.0.0/16 maxlen: 16
54.37.0.0/16 maxlen: 16
54.38.0.0/16 maxlen: 16
57.128.0.0/17 maxlen: 17
57.128.128.0/18 maxlen: 18
57.128.192.0/18 maxlen: 18
57.129.0.0/17 maxlen: 17
57.129.128.0/17 maxlen: 17
57.130.0.0/16 maxlen: 16
57.131.0.0/17 maxlen: 17
57.131.128.0/18 maxlen: 18
57.131.192.0/18 maxlen: 18
79.137.0.0/17 maxlen: 17
87.98.128.0/17 maxlen: 17
91.121.0.0/16 maxlen: 16
91.134.0.0/16 maxlen: 16
92.222.0.0/16 maxlen: 16
94.23.0.0/16 maxlen: 16
135.125.0.0/17 maxlen: 17
135.125.128.0/17 maxlen: 17
137.74.0.0/16 maxlen: 16
141.94.0.0/16 maxlen: 16
141.95.0.0/17 maxlen: 17
141.95.128.0/17 maxlen: 17
141.227.128.0/20 maxlen: 24
141.227.148.0/22 maxlen: 24
141.227.152.0/21 maxlen: 24
141.227.160.0/19 maxlen: 24
145.239.0.0/16 maxlen: 16
146.59.0.0/16 maxlen: 16
146.59.0.0/17 maxlen: 17
147.135.128.0/17 maxlen: 17
149.202.0.0/16 maxlen: 16
151.80.0.0/16 maxlen: 16
152.228.128.0/17 maxlen: 17
159.173.0.0/18 maxlen: 18
162.19.0.0/17 maxlen: 17
162.19.128.0/17 maxlen: 17
164.132.0.0/16 maxlen: 16
176.31.0.0/16 maxlen: 16
178.32.0.0/15 maxlen: 15
188.165.0.0/16 maxlen: 16
193.70.0.0/17 maxlen: 17
198.244.128.0/17 maxlen: 17
213.32.0.0/17 maxlen: 17
213.186.32.0/19 maxlen: 19
213.251.128.0/18 maxlen: 18
217.182.0.0/16 maxlen: 16
2001:41d0::/32 maxlen: 32
2001:41d0:ab00::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/b084bf-a454-43cf-ac92-47d98e58545a/1/gKn_9jo0d5V_91zNwAPatoz50VU.crl
rsync://rpki.ripe.net/repository/DEFAULT/99/b084bf-a454-43cf-ac92-47d98e58545a/1/gKn_9jo0d5V_91zNwAPatoz50VU.mft
rsync://rpki.ripe.net/repository/DEFAULT/gKn_9jo0d5V_91zNwAPatoz50VU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:77:f6:40:2c:5a:e2:7d:5d:63:4d:26:70:c1:e7:6c:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=80a9fff63a3477957ff75ccdc003dab68cf9d155
Validity
Not Before: Apr 10 15:15:19 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2d8ac0879fabe737c76b65382362d071f2ec5cb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:36:18:16:54:75:40:d4:cb:77:64:16:1d:a4:
12:9d:2d:45:12:c4:70:ba:0f:57:6b:62:27:5a:10:
07:44:8f:b4:fd:22:cd:6a:57:11:86:86:1b:38:fe:
02:e8:82:d9:d8:4b:26:a4:f9:ea:4e:57:ae:d7:1e:
38:24:36:c9:30:29:0a:78:d3:03:d3:9e:00:b7:b6:
f5:61:18:9a:69:41:9d:2d:8a:ca:02:33:e8:13:c7:
2d:b3:d9:4d:bb:1e:65:f2:84:bc:f0:f1:17:73:03:
df:5d:41:f4:61:9f:69:b3:ea:2c:01:b9:c5:00:90:
56:0a:56:98:24:a3:cc:83:26:82:ca:1a:1d:cf:d8:
fc:0d:f6:c0:3d:56:81:5b:c1:da:d6:90:db:16:f0:
c6:a4:5e:25:68:c8:fe:14:15:c6:55:19:bc:35:d9:
5f:aa:e5:a6:49:b2:d3:fd:30:fc:b0:17:e6:da:44:
f3:92:6f:06:64:b3:b4:89:88:fb:76:9d:6b:56:74:
bc:c9:0c:37:08:a4:36:b8:62:4a:8e:39:a6:6f:a3:
a3:15:fc:3d:ef:66:68:5d:7b:20:7a:1f:a1:a3:5d:
a5:d6:04:63:c2:ec:ce:70:92:5a:03:b9:66:c6:ee:
27:a3:94:0f:d7:68:e6:55:40:a5:16:2f:3e:cb:74:
bc:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:8A:C0:87:9F:AB:E7:37:C7:6B:65:38:23:62:D0:71:F2:EC:5C:B3
X509v3 Authority Key Identifier:
keyid:80:A9:FF:F6:3A:34:77:95:7F:F7:5C:CD:C0:03:DA:B6:8C:F9:D1:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gKn_9jo0d5V_91zNwAPatoz50VU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/b084bf-a454-43cf-ac92-47d98e58545a/1/LYrAh5-r5zfHa2U4I2LQcfLsXLM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/b084bf-a454-43cf-ac92-47d98e58545a/1/gKn_9jo0d5V_91zNwAPatoz50VU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.39.0.0/17
5.135.0.0/16
5.196.0.0/16
37.59.0.0/16
37.187.0.0/16
46.105.0.0/16
51.38.0.0/16
51.68.0.0/16
51.75.0.0/16
51.77.0.0/16
51.83.0.0/16
51.89.0.0/16
51.91.0.0/16
51.178.0.0/16
51.195.0.0/16
51.210.0.0/16
51.254.0.0/15
54.36.0.0-54.38.255.255
57.128.0.0/14
79.137.0.0/17
87.98.128.0/17
91.121.0.0/16
91.134.0.0/16
92.222.0.0/16
94.23.0.0/16
135.125.0.0/16
137.74.0.0/16
141.94.0.0/15
141.227.128.0/20
141.227.148.0-141.227.191.255
145.239.0.0/16
146.59.0.0/16
147.135.128.0/17
149.202.0.0/16
151.80.0.0/16
152.228.128.0/17
159.173.0.0/18
162.19.0.0/16
164.132.0.0/16
176.31.0.0/16
178.32.0.0/15
188.165.0.0/16
193.70.0.0/17
198.244.128.0/17
213.32.0.0/17
213.186.32.0/19
213.251.128.0/18
217.182.0.0/16
IPv6:
2001:41d0::/32
Signature Algorithm: sha256WithRSAEncryption
61:f4:f9:ae:38:fa:1a:92:40:45:b7:44:85:68:72:98:91:29:
c5:80:2a:95:b6:ad:23:04:ce:13:30:46:ce:d3:a1:f7:5d:dd:
98:ae:4f:25:a6:b2:4f:9b:65:00:82:40:97:1f:1d:81:40:7d:
60:6e:e3:fb:79:26:36:76:36:14:53:a5:da:55:45:a1:50:e1:
8f:b2:e0:ec:6a:e2:e6:a6:ed:61:4a:93:bc:c4:2f:45:13:62:
c8:8e:ae:04:16:13:17:2c:7b:f0:97:fd:ef:cc:e0:58:95:01:
13:8d:99:dc:ae:66:e9:0f:ab:76:d0:d1:28:fc:71:97:69:73:
77:48:d0:2f:04:06:32:00:4d:c3:29:b8:f1:e0:eb:c0:3c:31:
35:5d:a4:3a:a6:c0:ec:a6:28:57:66:48:98:f5:78:de:8f:2b:
75:d5:49:4a:02:9c:c6:ce:15:6a:4b:d1:3d:03:4c:c6:9c:d7:
7f:60:3d:2e:66:b6:fe:ab:d8:28:7a:68:f4:49:58:5e:41:51:
28:97:1a:17:99:48:f2:84:2e:6f:06:4c:36:00:e7:57:3c:86:
e6:1f:77:1f:68:02:ad:1a:1a:df:1a:71:5f:e1:e4:d3:9b:40:
49:65:90:68:c0:6d:c7:17:d5:cb:51:22:03:48:be:06:fd:0e:
14:d4:55:dd
-----BEGIN CERTIFICATE-----
MIIGHDCCBQSgAwIBAgISAZ139kAsWuJ9XWNNJnDB52wpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwYTlmZmY2M2EzNDc3OTU3ZmY3NWNjZGMwMDNkYWI2OGNm
OWQxNTUwHhcNMjYwNDEwMTUxNTE5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDhhYzA4NzlmYWJlNzM3Yzc2YjY1MzgyMzYyZDA3MWYyZWM1Y2IzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzzYYFlR1QNTLd2QWHaQSnS1FEsRw
ug9Xa2InWhAHRI+0/SLNalcRhoYbOP4C6ILZ2EsmpPnqTleu1x44JDbJMCkKeNMD
054At7b1YRiaaUGdLYrKAjPoE8cts9lNux5l8oS88PEXcwPfXUH0YZ9ps+osAbnF
AJBWClaYJKPMgyaCyhodz9j8DfbAPVaBW8Ha1pDbFvDGpF4laMj+FBXGVRm8Ndlf
quWmSbLT/TD8sBfm2kTzkm8GZLO0iYj7dp1rVnS8yQw3CKQ2uGJKjjmmb6OjFfw9
72ZoXXsgeh+ho12l1gRjwuzOcJJaA7lmxu4no5QP12jmVUClFi8+y3S8VQIDAQAB
o4IDKDCCAyQwHQYDVR0OBBYEFC2KwIefq+c3x2tlOCNi0HHy7FyzMB8GA1UdIwQY
MBaAFICp//Y6NHeVf/dczcAD2raM+dFVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0tuXzlqbzBkNVZfOTF6TndBUGF0b3o1MFZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9iMDg0YmYtYTQ1NC00M2NmLWFjOTIt
NDdkOThlNTg1NDVhLzEvTFlyQWg1LXI1emZIYTJVNEkyTFFjZkxzWExNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9iMDg0YmYtYTQ1NC00M2NmLWFjOTItNDdkOThlNTg1NDVh
LzEvZ0tuXzlqbzBkNVZfOTF6TndBUGF0b3o1MFZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBPAYIKwYBBQUHAQcBAf8EggErMIIBJzCCARQEAgABMIIB
DAMEBwUnAAMDAAWHAwMABcQDAwAlOwMDACW7AwMALmkDAwAzJgMDADNEAwMAM0sD
AwAzTQMDADNTAwMAM1kDAwAzWwMDADOyAwMAM8MDAwAz0gMDATP+MAoDAwI2JAMD
ADYmAwMCOYADBAdPiQADBAdXYoADAwBbeQMDAFuGAwMAXN4DAwBeFwMDAId9AwMA
iUoDAwGNXgMEBI3jgDAMAwQCjeOUAwQGjeOAAwMAke8DAwCSOwMEB5OHgAMDAJXK
AwMAl1ADBAeY5IADBAafrQADAwCiEwMDAKSEAwMAsB8DAwGyIAMDALylAwQHwUYA
AwQHxvSAAwQH1SAAAwQF1bogAwQG1fuAAwMA2bYwDQQCAAIwBwMFACABQdAwDQYJ
KoZIhvcNAQELBQADggEBAGH0+a44+hqSQEW3RIVocpiRKcWAKpW2rSMEzhMwRs7T
ofdd3ZiuTyWmsk+bZQCCQJcfHYFAfWBu4/t5JjZ2NhRTpdpVRaFQ4Y+y4Oxq4uam
7WFKk7zEL0UTYsiOrgQWExcse/CX/e/M4FiVARONmdyuZukPq3bQ0Sj8cZdpc3dI
0C8EBjIATcMpuPHg68A8MTVdpDqmwOymKFdmSJj1eN6PK3XVSUoCnMbOFWpL0T0D
TMac139gPS5mtv6r2Ch6aPRJWF5BUSiXGheZSPKELm8GTDYA51c8huYfdx9oAq0a
Gt8acV/h5NObQEllkGjAbccX1ctRIgNIvgb9DhTUVd0=
-----END CERTIFICATE-----
Generated at Fri Apr 17 06:51:26 2026 by rpki-client