Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/1LK6q103xKr7zFHTqfU4dHStwII.roa
File: 1LK6q103xKr7zFHTqfU4dHStwII.roa (raw, json)
Hash identifier: u2a/y3EzQctfyAgJiu2mqrq73OttQ/DadVLtNi/pOXQ=
Subject key identifier: D4:B2:BA:AB:5D:37:C4:AA:FB:CC:51:D3:A9:F5:38:74:74:AD:C0:82
Certificate issuer: /CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Certificate serial: 019D730D3B863C866BD0B6952F32DA103A0A
Authority key identifier: 93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/1LK6q103xKr7zFHTqfU4dHStwII.roa
Signing time: Thu 09 Apr 2026 16:22:20 +0000
ROA not before: Thu 09 Apr 2026 16:22:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212238
IP address blocks: 193.37.199.0/24 maxlen: 24
2a06:fe40::/32 maxlen: 32
2a06:fe41::/32 maxlen: 32
2a06:fe42::/32 maxlen: 32
2a06:fe43::/32 maxlen: 32
2a06:fe44::/32 maxlen: 32
2a06:fe45::/32 maxlen: 32
2a06:fe46::/32 maxlen: 32
2a06:fe47::/32 maxlen: 32
2a09:1d80::/29 maxlen: 29
2a09:1d80::/32 maxlen: 32
2a09:1d81::/32 maxlen: 32
2a09:1d82::/32 maxlen: 32
2a09:1d83::/32 maxlen: 32
2a09:1d84::/32 maxlen: 32
2a09:1d85::/32 maxlen: 32
2a09:1d86::/32 maxlen: 32
2a09:1d87::/32 maxlen: 32
2a0e:2c00::/29 maxlen: 29
2a0e:2c00::/32 maxlen: 32
2a0e:2c01::/32 maxlen: 32
2a0e:2c02::/32 maxlen: 32
2a0e:2c03::/32 maxlen: 32
2a0e:2c04::/32 maxlen: 32
2a0e:2c05::/32 maxlen: 32
2a0e:2c06::/32 maxlen: 32
2a0e:2c07::/32 maxlen: 32
2a0e:6c00::/29 maxlen: 29
2a0e:6c00::/32 maxlen: 32
2a0e:6c01::/32 maxlen: 32
2a0e:6c02::/32 maxlen: 32
2a0e:6c03::/32 maxlen: 32
2a0e:6c04::/32 maxlen: 32
2a0e:6c05::/32 maxlen: 32
2a0e:6c06::/32 maxlen: 32
2a0e:6c07::/32 maxlen: 32
2a0e:8400::/29 maxlen: 29
2a11:ed80::/29 maxlen: 29
2a12:f80::/29 maxlen: 29
2a12:f80::/32 maxlen: 32
2a12:f81::/32 maxlen: 32
2a12:f82::/32 maxlen: 32
2a12:f83::/32 maxlen: 32
2a12:f84::/32 maxlen: 32
2a12:f85::/32 maxlen: 32
2a12:f86::/32 maxlen: 32
2a12:f87::/32 maxlen: 32
2a12:2f00::/29 maxlen: 32
2a12:3a80::/32 maxlen: 32
2a12:3a81::/32 maxlen: 32
2a12:3a82::/32 maxlen: 32
2a12:3a83::/32 maxlen: 32
2a12:3a84::/32 maxlen: 32
2a12:3a85::/32 maxlen: 32
2a12:3a86::/32 maxlen: 32
2a12:3a87::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.mft
rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 19:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:73:0d:3b:86:3c:86:6b:d0:b6:95:2f:32:da:10:3a:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Validity
Not Before: Apr 9 16:22:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d4b2baab5d37c4aafbcc51d3a9f5387474adc082
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:7a:52:b5:e9:93:46:4d:d8:1f:d8:9e:ec:54:
e7:be:94:1d:86:e5:30:c3:ea:73:d3:82:45:de:80:
ad:90:ee:30:61:4d:07:6a:83:68:8e:94:99:13:38:
aa:9d:f8:ed:fe:a7:1d:a1:23:a7:d4:6a:73:62:3e:
3f:85:b9:e4:a0:07:a9:b1:0d:7a:90:16:a6:66:76:
a3:bb:98:82:e6:56:2c:7f:be:4d:cd:b9:72:dd:ae:
8f:7c:e5:2a:31:14:89:8f:58:bf:ab:76:1c:c1:96:
dd:56:c1:22:0a:6e:ad:ba:65:a3:b5:73:ec:9e:56:
1a:37:04:08:3e:c6:a0:a6:3b:7b:6b:8b:a6:d7:36:
40:43:37:7e:58:46:f0:60:f3:37:3e:70:c4:18:16:
6c:61:bb:67:ca:84:31:6f:2a:71:7d:84:6c:cd:fc:
24:a3:19:85:0b:19:d8:06:eb:fe:ec:24:cb:03:80:
6f:1b:a1:10:c3:e8:3c:85:02:94:d1:e2:88:85:66:
ee:0e:1d:1e:87:fd:9e:62:e3:d7:c2:04:87:25:8a:
b7:72:f7:2d:44:15:20:57:86:b8:2c:b3:1b:de:6f:
a5:28:39:45:31:9d:f2:b0:9f:99:4b:e5:bb:76:fb:
64:bb:1e:61:af:51:67:81:21:73:7a:3e:c6:1d:fa:
f7:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:B2:BA:AB:5D:37:C4:AA:FB:CC:51:D3:A9:F5:38:74:74:AD:C0:82
X509v3 Authority Key Identifier:
keyid:93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/1LK6q103xKr7zFHTqfU4dHStwII.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.37.199.0/24
IPv6:
2a06:fe40::/29
2a09:1d80::/29
2a0e:2c00::/29
2a0e:6c00::/29
2a0e:8400::/29
2a11:ed80::/29
2a12:f80::/29
2a12:2f00::/29
2a12:3a80::/29
Signature Algorithm: sha256WithRSAEncryption
74:fe:68:fa:a1:93:02:22:04:5b:28:e4:8c:fe:70:ba:9c:a5:
28:4e:a6:66:df:2e:68:00:65:f5:fb:e6:1b:e9:ea:20:cf:7e:
0e:49:f7:28:47:8e:6c:cb:30:6d:9b:ff:de:3d:1f:8a:90:bf:
e7:74:b8:b6:a1:5a:aa:90:0c:3d:3b:51:1f:df:b5:ab:5a:fd:
42:a6:56:91:f8:06:b4:a1:a8:82:7d:f2:e8:b2:71:a9:fd:11:
f2:8c:9f:27:19:47:27:92:cc:1e:5a:19:c9:59:f9:0f:e0:a5:
a6:4b:a9:34:8e:14:91:5d:32:26:f7:8f:7d:45:df:65:61:af:
35:3d:57:93:7b:ca:6b:b3:2a:c8:4c:06:a7:78:1e:c3:2d:b7:
52:1c:ad:ca:fc:a3:ee:2b:5a:78:99:79:8c:f0:3f:75:74:bb:
8c:26:c3:84:14:2e:58:98:58:07:6f:18:41:10:c6:d2:ab:62:
b5:b1:56:28:eb:af:0a:15:a1:fe:4e:d2:cb:7f:c1:35:b1:fd:
80:7a:e9:37:0a:99:7f:94:30:f3:93:13:6c:4a:a8:2d:f4:b7:
6e:16:30:d4:f8:8e:7f:5b:7b:c4:86:6a:d3:7b:58:9c:e8:9b:
5c:31:90:43:b6:54:4b:e4:0e:95:2f:4a:e9:97:2e:2e:83:71:
d2:c4:0f:b1
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAZ1zDTuGPIZr0LaVLzLaEDoKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjc3ZDdjYjkyNzFjZTM2MTI1NmU5ODMzY2M3YjE0ZmQw
MjNlYmUwHhcNMjYwNDA5MTYyMjIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGIyYmFhYjVkMzdjNGFhZmJjYzUxZDNhOWY1Mzg3NDc0YWRjMDgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv3pStemTRk3YH9ie7FTnvpQdhuUw
w+pz04JF3oCtkO4wYU0HaoNojpSZEziqnfjt/qcdoSOn1GpzYj4/hbnkoAepsQ16
kBamZnaju5iC5lYsf75Nzbly3a6PfOUqMRSJj1i/q3YcwZbdVsEiCm6tumWjtXPs
nlYaNwQIPsagpjt7a4um1zZAQzd+WEbwYPM3PnDEGBZsYbtnyoQxbypxfYRszfwk
oxmFCxnYBuv+7CTLA4BvG6EQw+g8hQKU0eKIhWbuDh0eh/2eYuPXwgSHJYq3cvct
RBUgV4a4LLMb3m+lKDlFMZ3ysJ+ZS+W7dvtkux5hr1FngSFzej7GHfr36QIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFNSyuqtdN8Sq+8xR06n1OHR0rcCCMB8GA1UdIwQY
MBaAFJNnfXy5JxzjYSVumDPMexT9Aj6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYt
OTlhY2I5OWNlNzU0LzEvMUxLNnExMDN4S3I3ekZIVHFmVTRkSFN0d0lJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYtOTlhY2I5OWNlNzU0
LzEvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTAMBAIAATAGAwQAwSXHMEUE
AgACMD8DBQMqBv5AAwUDKgkdgAMFAyoOLAADBQMqDmwAAwUDKg6EAAMFAyoR7YAD
BQMqEg+AAwUDKhIvAAMFAyoSOoAwDQYJKoZIhvcNAQELBQADggEBAHT+aPqhkwIi
BFso5Iz+cLqcpShOpmbfLmgAZfX75hvp6iDPfg5J9yhHjmzLMG2b/949H4qQv+d0
uLahWqqQDD07UR/ftata/UKmVpH4BrShqIJ98uiycan9EfKMnycZRyeSzB5aGclZ
+Q/gpaZLqTSOFJFdMib3j31F32VhrzU9V5N7ymuzKshMBqd4HsMtt1Icrcr8o+4r
WniZeYzwP3V0u4wmw4QULliYWAdvGEEQxtKrYrWxVijrrwoVof5O0st/wTWx/YB6
6TcKmX+UMPOTE2xKqC30t24WMNT4jn9be8SGatN7WJzom1wxkEO2VEvkDpUvSumX
Li6DcdLED7E=
-----END CERTIFICATE-----
Generated at Fri Apr 17 01:13:28 2026 by rpki-client