Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/lBQWlz1nQtTpPQlCnOtpInT_o34.roa
File: lBQWlz1nQtTpPQlCnOtpInT_o34.roa (raw, json)
Hash identifier: 2tkhdCwicZUVZ2xUM4Q+k9pav6/L+sHpRFRKbKWSZuw=
Subject key identifier: 94:14:16:97:3D:67:42:D4:E9:3D:09:42:9C:EB:69:22:74:FF:A3:7E
Certificate issuer: /CN=e92c415d1775ae9993e900a7536b46ab144a9aa2
Certificate serial: 019E1B6C838E52B493FF577B3DF059C85194
Authority key identifier: E9:2C:41:5D:17:75:AE:99:93:E9:00:A7:53:6B:46:AB:14:4A:9A:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6SxBXRd1rpmT6QCnU2tGqxRKmqI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/lBQWlz1nQtTpPQlCnOtpInT_o34.roa
Signing time: Tue 12 May 2026 09:02:36 +0000
ROA not before: Tue 12 May 2026 09:02:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 41343
IP address blocks: 89.29.192.0/24 maxlen: 24
89.29.193.0/24 maxlen: 24
89.29.194.0/24 maxlen: 24
89.29.195.0/24 maxlen: 24
89.29.196.0/24 maxlen: 24
89.29.197.0/24 maxlen: 24
89.29.198.0/24 maxlen: 24
89.29.199.0/24 maxlen: 24
89.29.200.0/23 maxlen: 23
89.29.202.0/24 maxlen: 24
89.29.204.0/24 maxlen: 24
89.29.205.0/24 maxlen: 24
89.29.226.0/24 maxlen: 24
89.29.227.0/24 maxlen: 24
89.29.228.0/24 maxlen: 24
185.40.36.0/24 maxlen: 24
213.181.70.0/23 maxlen: 23
213.181.70.0/24 maxlen: 24
213.181.71.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/6SxBXRd1rpmT6QCnU2tGqxRKmqI.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/6SxBXRd1rpmT6QCnU2tGqxRKmqI.mft
rsync://rpki.ripe.net/repository/DEFAULT/6SxBXRd1rpmT6QCnU2tGqxRKmqI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 12:01:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:1b:6c:83:8e:52:b4:93:ff:57:7b:3d:f0:59:c8:51:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e92c415d1775ae9993e900a7536b46ab144a9aa2
Validity
Not Before: May 12 09:02:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=941416973d6742d4e93d09429ceb692274ffa37e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:bc:14:76:4a:df:a1:93:27:ef:16:c5:80:af:
2f:aa:ec:30:a5:d1:b5:1d:4e:76:8c:68:cd:cc:fb:
45:20:5d:2e:ac:7f:7e:98:b0:b3:39:7b:17:34:d6:
a4:88:04:13:e1:cc:c0:fd:dd:a6:0c:d8:4f:9d:b8:
f2:d4:0e:ef:5f:5b:60:bc:ed:af:ef:3d:ee:e7:cd:
81:a8:6a:24:cd:50:d1:44:72:91:54:4e:67:a9:75:
d8:4d:47:18:ad:bf:3a:3b:65:67:81:be:eb:8f:d1:
e7:56:39:10:2f:3f:c0:ad:06:90:e3:d0:44:02:69:
4d:55:91:26:31:31:f3:8d:21:80:e5:81:b7:60:22:
b7:a7:fe:b6:01:27:fd:a2:f7:f3:d0:56:5c:ef:8f:
d7:f6:3b:74:72:b3:1d:7a:c2:f2:b6:39:a5:0b:eb:
30:d6:ea:03:b2:df:9d:42:c0:db:c1:f7:c2:be:c7:
e9:b5:99:5b:18:be:2c:0f:98:fa:5a:e2:0d:ff:8a:
fe:b0:a7:29:5d:b2:dd:a6:ec:1f:02:dd:e3:e6:7d:
ce:d4:e3:b7:23:43:01:6f:7c:24:31:e5:1b:10:e2:
70:3c:ae:31:5d:19:f5:ed:db:5e:e9:21:18:36:81:
45:4a:39:94:9a:b9:33:0d:f3:61:4a:2a:8d:81:fa:
b3:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:14:16:97:3D:67:42:D4:E9:3D:09:42:9C:EB:69:22:74:FF:A3:7E
X509v3 Authority Key Identifier:
keyid:E9:2C:41:5D:17:75:AE:99:93:E9:00:A7:53:6B:46:AB:14:4A:9A:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6SxBXRd1rpmT6QCnU2tGqxRKmqI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/lBQWlz1nQtTpPQlCnOtpInT_o34.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/6SxBXRd1rpmT6QCnU2tGqxRKmqI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.29.192.0-89.29.202.255
89.29.204.0/23
89.29.226.0-89.29.228.255
185.40.36.0/24
213.181.70.0/23
Signature Algorithm: sha256WithRSAEncryption
94:ad:5f:b9:18:f0:a4:45:2c:e6:95:43:18:10:56:82:89:2d:
7e:8f:66:34:16:a2:a8:5a:f4:ca:c8:71:a4:79:7b:a4:9a:d6:
a9:6e:cf:67:85:29:71:73:72:fb:55:00:94:dc:7b:4f:31:04:
43:10:55:3f:f6:02:62:58:1a:3a:aa:d3:a0:f8:d2:18:0b:c3:
93:66:3d:8f:10:d2:0e:61:7f:4d:d5:34:b8:ee:b8:e9:fa:9e:
27:6f:6a:e2:ff:c0:01:85:d0:39:63:9f:53:8c:bf:f7:5b:e7:
5c:4e:a4:14:ce:0b:54:70:88:ef:ad:dc:20:a2:93:19:47:d1:
c4:23:2a:37:3e:02:dd:62:6c:39:7d:c1:95:08:e0:ec:ce:60:
63:31:54:04:98:54:87:8b:f1:55:c9:7d:84:4a:02:2c:f3:de:
aa:72:13:04:51:ba:ef:21:30:4a:3a:5c:0f:78:08:ca:cb:00:
87:fc:8e:70:cf:9f:03:a4:78:1e:0b:31:65:bd:50:8c:bb:87:
0b:ed:0d:eb:bd:2e:ba:80:28:d3:37:97:e6:b3:15:7d:c6:12:
f8:d2:38:25:ee:53:c1:47:62:fd:3a:77:0c:45:70:63:2a:22:
67:16:af:ad:7d:46:6e:e2:ec:39:f3:6b:11:3b:e1:ed:58:3f:
88:2e:d1:9c
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZ4bbIOOUrST/1d7PfBZyFGUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5MmM0MTVkMTc3NWFlOTk5M2U5MDBhNzUzNmI0NmFiMTQ0
YTlhYTIwHhcNMjYwNTEyMDkwMjM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDE0MTY5NzNkNjc0MmQ0ZTkzZDA5NDI5Y2ViNjkyMjc0ZmZhMzdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7wUdkrfoZMn7xbFgK8vquwwpdG1
HU52jGjNzPtFIF0urH9+mLCzOXsXNNakiAQT4czA/d2mDNhPnbjy1A7vX1tgvO2v
7z3u582BqGokzVDRRHKRVE5nqXXYTUcYrb86O2Vngb7rj9HnVjkQLz/ArQaQ49BE
AmlNVZEmMTHzjSGA5YG3YCK3p/62ASf9ovfz0FZc74/X9jt0crMdesLytjmlC+sw
1uoDst+dQsDbwffCvsfptZlbGL4sD5j6WuIN/4r+sKcpXbLdpuwfAt3j5n3O1OO3
I0MBb3wkMeUbEOJwPK4xXRn17dte6SEYNoFFSjmUmrkzDfNhSiqNgfqz+wIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFJQUFpc9Z0LU6T0JQpzraSJ0/6N+MB8GA1UdIwQY
MBaAFOksQV0Xda6Zk+kAp1NrRqsUSpqiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlN4QlhSZDFycG1UNlFDblUydEdxeFJLbXFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wODk4YmUtYjAzNy00MjlmLWI1MDQt
MWQ5MzRhMDQ4NDc0LzEvbEJRV2x6MW5RdFRwUFFsQ25PdHBJblRfbzM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8wODk4YmUtYjAzNy00MjlmLWI1MDQtMWQ5MzRhMDQ4NDc0
LzEvNlN4QlhSZDFycG1UNlFDblUydEdxeFJLbXFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuMAwDBAZZHcAD
BABZHcoDBAFZHcwwDAMEAVkd4gMEAFkd5AMEALkoJAMEAdW1RjANBgkqhkiG9w0B
AQsFAAOCAQEAlK1fuRjwpEUs5pVDGBBWgoktfo9mNBaiqFr0yshxpHl7pJrWqW7P
Z4UpcXNy+1UAlNx7TzEEQxBVP/YCYlgaOqrToPjSGAvDk2Y9jxDSDmF/TdU0uO64
6fqeJ29q4v/AAYXQOWOfU4y/91vnXE6kFM4LVHCI763cIKKTGUfRxCMqNz4C3WJs
OX3BlQjg7M5gYzFUBJhUh4vxVcl9hEoCLPPeqnITBFG67yEwSjpcD3gIyssAh/yO
cM+fA6R4HgsxZb1QjLuHC+0N670uuoAo0zeX5rMVfcYS+NI4Je5TwUdi/Tp3DEVw
YyoiZxavrX1GbuLsOfNrETvh7Vg/iC7RnA==
-----END CERTIFICATE-----
Generated at Wed May 13 16:52:15 2026 by rpki-client