Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/c68819-2f9e-44ce-8810-51dc2b096def/1/lBVyxf0s3q8sf7OcQFTBo7kKuIc.roa
File: lBVyxf0s3q8sf7OcQFTBo7kKuIc.roa (raw, json)
Hash identifier: j3ClL93E12E64R3ZRowRY29uMNSD0xOJlmMFC94GBHU=
Subject key identifier: 94:15:72:C5:FD:2C:DE:AF:2C:7F:B3:9C:40:54:C1:A3:B9:0A:B8:87
Certificate issuer: /CN=4200982284a050d941dbebbd04b5d0c914f635b7
Certificate serial: 019E9C3E5148DB7EC20036E5C7DCD8D9EEBE
Authority key identifier: 42:00:98:22:84:A0:50:D9:41:DB:EB:BD:04:B5:D0:C9:14:F6:35:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QgCYIoSgUNlB2-u9BLXQyRT2Nbc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/c68819-2f9e-44ce-8810-51dc2b096def/1/lBVyxf0s3q8sf7OcQFTBo7kKuIc.roa
Signing time: Sat 06 Jun 2026 09:23:10 +0000
ROA not before: Sat 06 Jun 2026 09:23:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 200651
IP address blocks: 37.156.68.0/24 maxlen: 24
37.228.128.0/24 maxlen: 24
37.228.129.0/24 maxlen: 24
85.193.77.0/24 maxlen: 24
94.198.190.0/24 maxlen: 24
95.133.166.0/23 maxlen: 23
185.10.68.0/24 maxlen: 24
185.100.84.0/23 maxlen: 23
185.100.84.0/24 maxlen: 24
185.100.85.0/24 maxlen: 24
185.100.86.0/24 maxlen: 24
185.100.87.0/24 maxlen: 24
185.146.232.0/24 maxlen: 24
185.146.233.0/24 maxlen: 24
185.146.234.0/24 maxlen: 24
185.165.168.0/24 maxlen: 24
185.165.169.0/24 maxlen: 24
185.165.170.0/24 maxlen: 24
185.165.171.0/24 maxlen: 24
185.246.188.0/24 maxlen: 24
185.246.189.0/24 maxlen: 24
185.246.190.0/24 maxlen: 24
185.246.191.0/24 maxlen: 24
185.247.224.0/24 maxlen: 24
185.247.225.0/24 maxlen: 24
185.247.226.0/24 maxlen: 24
188.240.231.0/24 maxlen: 24
188.241.54.0/24 maxlen: 24
213.218.160.0/24 maxlen: 24
2a06:1700::/48 maxlen: 48
2a06:1700:1::/48 maxlen: 48
2a06:1700:2::/48 maxlen: 48
2a06:1700:3::/48 maxlen: 48
2a06:1700:4::/48 maxlen: 48
2a06:1700:100::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/c68819-2f9e-44ce-8810-51dc2b096def/1/QgCYIoSgUNlB2-u9BLXQyRT2Nbc.crl
rsync://rpki.ripe.net/repository/DEFAULT/e1/c68819-2f9e-44ce-8810-51dc2b096def/1/QgCYIoSgUNlB2-u9BLXQyRT2Nbc.mft
rsync://rpki.ripe.net/repository/DEFAULT/QgCYIoSgUNlB2-u9BLXQyRT2Nbc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 12:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:9c:3e:51:48:db:7e:c2:00:36:e5:c7:dc:d8:d9:ee:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4200982284a050d941dbebbd04b5d0c914f635b7
Validity
Not Before: Jun 6 09:23:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=941572c5fd2cdeaf2c7fb39c4054c1a3b90ab887
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:29:c8:c6:67:a7:9b:1b:bf:49:ba:c7:5c:c1:
b5:66:25:97:ee:70:5b:48:e5:25:35:fa:2b:b9:a6:
12:a1:53:e9:e9:11:5e:9d:57:d6:a8:59:8e:f2:b0:
34:2a:74:69:bd:40:d2:59:37:ad:cf:9a:6a:95:5e:
04:31:8e:0f:3c:6d:ee:29:76:5c:62:86:b5:c3:59:
64:84:ca:f3:0d:72:19:51:b8:0f:4a:5e:ca:b1:e6:
c0:36:aa:af:96:97:33:29:2e:b9:40:c6:c9:18:b4:
fc:02:f3:28:f7:4d:1c:11:e8:d0:f3:cf:8c:5e:93:
7e:74:14:e2:cd:ac:c1:21:fc:7c:35:66:de:4f:4b:
1a:72:0c:0f:11:6f:b3:26:38:c2:38:21:63:8f:f0:
c8:e1:20:b0:8b:d4:b0:2a:af:c3:d0:ea:64:25:47:
c2:72:50:80:a6:ac:e8:b2:2a:dc:0d:e3:bd:51:2a:
a3:48:6a:c6:41:01:98:73:6f:81:00:23:ff:b6:9f:
d7:9a:42:70:61:b6:31:35:87:54:9b:59:1a:5d:d1:
a1:57:51:b6:2a:1d:61:72:17:34:05:23:5b:d9:03:
06:61:fc:bc:03:7b:87:ba:d3:e5:a0:cd:30:4a:4e:
73:66:ff:a5:cd:9b:b3:5c:31:72:b1:31:8b:f4:d6:
bc:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:15:72:C5:FD:2C:DE:AF:2C:7F:B3:9C:40:54:C1:A3:B9:0A:B8:87
X509v3 Authority Key Identifier:
keyid:42:00:98:22:84:A0:50:D9:41:DB:EB:BD:04:B5:D0:C9:14:F6:35:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QgCYIoSgUNlB2-u9BLXQyRT2Nbc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/c68819-2f9e-44ce-8810-51dc2b096def/1/lBVyxf0s3q8sf7OcQFTBo7kKuIc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/c68819-2f9e-44ce-8810-51dc2b096def/1/QgCYIoSgUNlB2-u9BLXQyRT2Nbc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.156.68.0/24
37.228.128.0/23
85.193.77.0/24
94.198.190.0/24
95.133.166.0/23
185.10.68.0/24
185.100.84.0/22
185.146.232.0-185.146.234.255
185.165.168.0/22
185.246.188.0/22
185.247.224.0-185.247.226.255
188.240.231.0/24
188.241.54.0/24
213.218.160.0/24
IPv6:
2a06:1700::-2a06:1700:4:ffff:ffff:ffff:ffff:ffff
2a06:1700:100::/48
Signature Algorithm: sha256WithRSAEncryption
38:e6:11:d0:f5:b9:40:4c:0e:c8:92:96:95:0d:04:3d:28:ac:
a7:18:77:74:67:28:56:1f:74:4c:0d:13:05:73:79:c1:7b:92:
99:47:2a:e3:6d:f1:0b:4e:81:fe:2e:f9:6f:02:07:95:e0:87:
19:00:84:e8:9d:cc:05:6c:17:b8:c3:6b:f6:d6:b3:29:83:bc:
5e:a6:38:5c:76:42:3c:33:59:e7:f6:4b:a0:5b:5a:5a:03:35:
7d:e2:f7:0e:90:06:46:5c:f7:92:63:4f:6d:7b:c0:c7:99:14:
de:dd:70:66:8f:18:fe:51:c5:f3:9b:bf:a3:b9:1b:73:3c:e0:
58:94:02:3a:35:98:1a:d3:05:d9:ce:f5:51:9c:f2:10:d4:27:
d6:5a:33:65:03:ce:81:7c:67:77:ab:63:21:90:76:6b:2d:08:
56:2d:c1:85:0a:53:7e:eb:ef:9e:1d:f1:dc:c2:0a:9b:24:74:
7f:c0:0c:6c:6a:03:37:23:24:62:ee:46:5b:27:a3:92:c3:88:
0e:50:cd:4b:1b:e2:4b:d0:3a:7d:0f:08:ff:f5:54:61:c7:79:
32:e7:3d:41:c0:1c:62:10:b2:d0:a9:27:22:bd:8c:ed:e9:29:
ea:0e:77:42:55:c9:67:a8:0b:8d:90:55:4e:f7:65:f1:ac:69:
00:07:36:32
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAZ6cPlFI237CADblx9zY2e6+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyMDA5ODIyODRhMDUwZDk0MWRiZWJiZDA0YjVkMGM5MTRm
NjM1YjcwHhcNMjYwNjA2MDkyMzEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDE1NzJjNWZkMmNkZWFmMmM3ZmIzOWM0MDU0YzFhM2I5MGFiODg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvSnIxmenmxu/SbrHXMG1ZiWX7nBb
SOUlNforuaYSoVPp6RFenVfWqFmO8rA0KnRpvUDSWTetz5pqlV4EMY4PPG3uKXZc
Yoa1w1lkhMrzDXIZUbgPSl7KsebANqqvlpczKS65QMbJGLT8AvMo900cEejQ88+M
XpN+dBTizazBIfx8NWbeT0sacgwPEW+zJjjCOCFjj/DI4SCwi9SwKq/D0OpkJUfC
clCApqzosircDeO9USqjSGrGQQGYc2+BACP/tp/XmkJwYbYxNYdUm1kaXdGhV1G2
Kh1hchc0BSNb2QMGYfy8A3uHutPloM0wSk5zZv+lzZuzXDFysTGL9Na8VQIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFJQVcsX9LN6vLH+znEBUwaO5CriHMB8GA1UdIwQY
MBaAFEIAmCKEoFDZQdvrvQS10MkU9jW3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWdDWUlvU2dVTmxCMi11OUJMWFF5UlQyTmJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9jNjg4MTktMmY5ZS00NGNlLTg4MTAt
NTFkYzJiMDk2ZGVmLzEvbEJWeXhmMHMzcThzZjdPY1FGVEJvN2tLdUljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9jNjg4MTktMmY5ZS00NGNlLTg4MTAtNTFkYzJiMDk2ZGVm
LzEvUWdDWUlvU2dVTmxCMi11OUJMWFF5UlQyTmJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjBqBAIAATBkAwQAJZxE
AwQBJeSAAwQAVcFNAwQAXsa+AwQBX4WmAwQAuQpEAwQCuWRUMAwDBAO5kugDBAC5
kuoDBAK5pagDBAK59rwwDAMEBbn34AMEALn34gMEALzw5wMEALzxNgMEANXaoDAg
BAIAAjAaMA8DBAAqBhcDBwAqBhcAAAQDBwAqBhcAAQAwDQYJKoZIhvcNAQELBQAD
ggEBADjmEdD1uUBMDsiSlpUNBD0orKcYd3RnKFYfdEwNEwVzecF7kplHKuNt8QtO
gf4u+W8CB5XghxkAhOidzAVsF7jDa/bWsymDvF6mOFx2QjwzWef2S6BbWloDNX3i
9w6QBkZc95JjT217wMeZFN7dcGaPGP5RxfObv6O5G3M84FiUAjo1mBrTBdnO9VGc
8hDUJ9ZaM2UDzoF8Z3erYyGQdmstCFYtwYUKU37r754d8dzCCpskdH/ADGxqAzcj
JGLuRlsno5LDiA5QzUsb4kvQOn0PCP/1VGHHeTLnPUHAHGIQstCpJyK9jO3pKeoO
d0JVyWeoC42QVU73ZfGsaQAHNjI=
-----END CERTIFICATE-----
Generated at Sat Jun 13 21:21:03 2026 by rpki-client