Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/66cbc2-bc7b-4759-8726-ed75c6fb1694/1/LbCi_KsYmyO6E2-uQ716HAH-5w4.roa
File: LbCi_KsYmyO6E2-uQ716HAH-5w4.roa (raw, json)
Hash identifier: a6rDpMDbXgXlq+kjKeEf0WeU/+kUP8GdRzZOi1ik3SY=
Subject key identifier: 2D:B0:A2:FC:AB:18:9B:23:BA:13:6F:AE:43:BD:7A:1C:01:FE:E7:0E
Certificate issuer: /CN=b2b5df65052ce94a37a8507947c527f0ccffa522
Certificate serial: 019B7AC7C3B77FC7F08A65C3B3360054834A
Authority key identifier: B2:B5:DF:65:05:2C:E9:4A:37:A8:50:79:47:C5:27:F0:CC:FF:A5:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/srXfZQUs6Uo3qFB5R8Un8Mz_pSI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/66cbc2-bc7b-4759-8726-ed75c6fb1694/1/LbCi_KsYmyO6E2-uQ716HAH-5w4.roa
Signing time: Thu 01 Jan 2026 18:17:50 +0000
ROA not before: Thu 01 Jan 2026 18:17:50 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 42498
IP address blocks: 91.192.168.0/22 maxlen: 22
91.192.168.0/24 maxlen: 24
91.192.169.0/24 maxlen: 24
91.192.170.0/24 maxlen: 24
91.192.171.0/24 maxlen: 24
178.213.200.0/21 maxlen: 21
178.213.200.0/24 maxlen: 24
178.213.201.0/24 maxlen: 24
178.213.202.0/24 maxlen: 24
178.213.203.0/24 maxlen: 24
178.213.204.0/24 maxlen: 24
178.213.205.0/24 maxlen: 24
178.213.206.0/24 maxlen: 24
178.213.207.0/24 maxlen: 24
185.232.136.0/22 maxlen: 22
185.232.136.0/24 maxlen: 24
185.232.137.0/24 maxlen: 24
185.232.138.0/24 maxlen: 24
185.232.139.0/24 maxlen: 24
185.251.220.0/22 maxlen: 22
185.251.220.0/24 maxlen: 24
185.251.221.0/24 maxlen: 24
185.251.222.0/24 maxlen: 24
185.251.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/26/66cbc2-bc7b-4759-8726-ed75c6fb1694/1/srXfZQUs6Uo3qFB5R8Un8Mz_pSI.crl
rsync://rpki.ripe.net/repository/DEFAULT/26/66cbc2-bc7b-4759-8726-ed75c6fb1694/1/srXfZQUs6Uo3qFB5R8Un8Mz_pSI.mft
rsync://rpki.ripe.net/repository/DEFAULT/srXfZQUs6Uo3qFB5R8Un8Mz_pSI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7a:c7:c3:b7:7f:c7:f0:8a:65:c3:b3:36:00:54:83:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2b5df65052ce94a37a8507947c527f0ccffa522
Validity
Not Before: Jan 1 18:17:50 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2db0a2fcab189b23ba136fae43bd7a1c01fee70e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:58:a2:30:a3:c2:43:d6:b6:1a:7e:45:a0:c4:
39:e8:21:63:fd:e5:f5:8a:48:54:8a:86:e7:bd:36:
38:d1:f2:83:18:83:a7:d2:da:06:2c:15:60:3d:47:
6c:04:86:31:e5:06:78:a6:2e:a8:ac:f8:c2:ca:be:
0c:86:f6:65:26:67:ed:97:3e:2c:dd:c5:f6:20:99:
91:b2:ae:92:d4:15:9d:27:75:27:d0:24:8f:35:67:
ef:e0:c0:92:21:b3:e2:84:01:5a:bd:af:78:60:69:
02:72:3c:8e:de:87:1c:c4:b3:18:56:66:f4:1b:6e:
28:5c:23:a5:76:35:e0:74:8f:b6:62:21:fa:26:71:
2f:0e:11:35:93:23:a6:cf:0d:bb:36:46:37:6e:a5:
fb:a1:6f:6c:54:67:dd:01:fa:f9:81:53:28:23:1a:
a7:9c:c4:5d:38:15:2f:64:34:bd:0c:65:2d:5c:34:
4f:ee:4f:a3:93:b0:b1:bb:e1:76:f3:ed:35:de:64:
d6:7d:fd:67:12:b4:e9:ff:b0:fb:d4:07:d8:c8:32:
c4:03:98:70:84:cd:36:85:73:35:43:ca:30:71:50:
1b:21:2e:4d:a1:44:e6:f2:c7:ad:68:70:38:ba:49:
3b:66:3d:6f:3c:1c:8a:e5:5e:3e:96:a4:04:99:b2:
85:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:B0:A2:FC:AB:18:9B:23:BA:13:6F:AE:43:BD:7A:1C:01:FE:E7:0E
X509v3 Authority Key Identifier:
keyid:B2:B5:DF:65:05:2C:E9:4A:37:A8:50:79:47:C5:27:F0:CC:FF:A5:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/srXfZQUs6Uo3qFB5R8Un8Mz_pSI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/66cbc2-bc7b-4759-8726-ed75c6fb1694/1/LbCi_KsYmyO6E2-uQ716HAH-5w4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/66cbc2-bc7b-4759-8726-ed75c6fb1694/1/srXfZQUs6Uo3qFB5R8Un8Mz_pSI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.192.168.0/22
178.213.200.0/21
185.232.136.0/22
185.251.220.0/22
Signature Algorithm: sha256WithRSAEncryption
16:52:a7:5a:01:55:a3:cc:e7:4b:83:a5:2b:db:b7:15:11:d3:
37:f8:5d:12:b2:71:35:6d:9d:1d:d4:14:41:90:3a:a3:be:35:
d9:d9:fd:b3:41:cf:9a:72:a3:ae:23:15:e8:9b:84:08:90:7d:
18:21:9b:ca:57:6f:51:3c:1c:98:cb:96:b8:37:56:de:e9:03:
fe:a5:a6:b8:52:86:3b:9b:66:ae:1f:d1:bc:cd:cd:d4:d5:83:
f6:14:4d:de:7b:b7:05:fc:18:9d:c4:10:0a:b6:75:f2:db:04:
ee:b9:f4:c7:4b:9a:a5:55:dc:e0:7e:6a:c1:60:8d:6a:2c:e6:
e2:64:fb:3a:49:85:3a:b0:4b:9c:ed:67:48:cb:d4:2b:e8:56:
e3:92:bd:ab:98:aa:e8:aa:03:dd:89:20:fc:b4:11:4a:28:a3:
e9:42:90:3b:d6:1d:c9:b6:d0:db:d6:b4:20:65:78:34:98:42:
cd:ae:4d:36:8c:77:fa:07:dd:c1:bc:96:60:13:43:52:57:3f:
83:b4:66:2c:c3:0e:6e:cf:eb:f8:b8:52:ee:90:11:a2:58:89:
9f:78:46:8c:cd:20:b1:d3:18:3c:62:35:cf:fb:e6:ff:7e:f7:
ff:1c:ab:3e:a9:bc:0c:38:cc:47:e2:60:04:1f:92:9d:a3:e9:
e8:c9:73:31
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZt6x8O3f8fwimXDszYAVINKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYjVkZjY1MDUyY2U5NGEzN2E4NTA3OTQ3YzUyN2YwY2Nm
ZmE1MjIwHhcNMjYwMTAxMTgxNzUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGIwYTJmY2FiMTg5YjIzYmExMzZmYWU0M2JkN2ExYzAxZmVlNzBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmViiMKPCQ9a2Gn5FoMQ56CFj/eX1
ikhUiobnvTY40fKDGIOn0toGLBVgPUdsBIYx5QZ4pi6orPjCyr4MhvZlJmftlz4s
3cX2IJmRsq6S1BWdJ3Un0CSPNWfv4MCSIbPihAFava94YGkCcjyO3occxLMYVmb0
G24oXCOldjXgdI+2YiH6JnEvDhE1kyOmzw27NkY3bqX7oW9sVGfdAfr5gVMoIxqn
nMRdOBUvZDS9DGUtXDRP7k+jk7Cxu+F28+013mTWff1nErTp/7D71AfYyDLEA5hw
hM02hXM1Q8owcVAbIS5NoUTm8setaHA4ukk7Zj1vPByK5V4+lqQEmbKFtwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFC2wovyrGJsjuhNvrkO9ehwB/ucOMB8GA1UdIwQY
MBaAFLK132UFLOlKN6hQeUfFJ/DM/6UiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3JYZlpRVXM2VW8zcUZCNVI4VW44TXpfcFNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82NmNiYzItYmM3Yi00NzU5LTg3MjYt
ZWQ3NWM2ZmIxNjk0LzEvTGJDaV9Lc1lteU82RTItdVE3MTZIQUgtNXc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82NmNiYzItYmM3Yi00NzU5LTg3MjYtZWQ3NWM2ZmIxNjk0
LzEvc3JYZlpRVXM2VW8zcUZCNVI4VW44TXpfcFNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCW8CoAwQD
stXIAwQCueiIAwQCufvcMA0GCSqGSIb3DQEBCwUAA4IBAQAWUqdaAVWjzOdLg6Ur
27cVEdM3+F0SsnE1bZ0d1BRBkDqjvjXZ2f2zQc+acqOuIxXom4QIkH0YIZvKV29R
PByYy5a4N1be6QP+paa4UoY7m2auH9G8zc3U1YP2FE3ee7cF/BidxBAKtnXy2wTu
ufTHS5qlVdzgfmrBYI1qLObiZPs6SYU6sEuc7WdIy9Qr6Fbjkr2rmKroqgPdiSD8
tBFKKKPpQpA71h3JttDb1rQgZXg0mELNrk02jHf6B93BvJZgE0NSVz+DtGYsww5u
z+v4uFLukBGiWImfeEaMzSCx0xg8YjXP++b/fvf/HKs+qbwMOMxH4mAEH5Kdo+no
yXMx
-----END CERTIFICATE-----
Generated at Thu Mar 26 11:27:09 2026 by rpki-client