Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/1a1dLCgn1kJY0FXKea_N3JxQipI.roa
File: 1a1dLCgn1kJY0FXKea_N3JxQipI.roa (raw, json)
Hash identifier: PVTdjGDov9zyucujxAXYNAaylN8nwdjnCxU7ESyASlo=
Subject key identifier: D5:AD:5D:2C:28:27:D6:42:58:D0:55:CA:79:AF:CD:DC:9C:50:8A:92
Certificate issuer: /CN=94d98e8fec680775a157266e0c6b78b141a34f5e
Certificate serial: 019D035F49C58EEEA330F41AEEBE876BD932
Authority key identifier: 94:D9:8E:8F:EC:68:07:75:A1:57:26:6E:0C:6B:78:B1:41:A3:4F:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lNmOj-xoB3WhVyZuDGt4sUGjT14.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/1a1dLCgn1kJY0FXKea_N3JxQipI.roa
Signing time: Wed 18 Mar 2026 23:54:29 +0000
ROA not before: Wed 18 Mar 2026 23:54:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 15626
IP address blocks: 5.34.182.0/23 maxlen: 23
5.34.182.0/24 maxlen: 24
5.34.183.0/24 maxlen: 24
82.118.17.0/24 maxlen: 24
82.118.18.0/24 maxlen: 24
193.238.152.0/23 maxlen: 23
217.12.192.0/21 maxlen: 21
217.12.192.0/23 maxlen: 23
217.12.195.0/24 maxlen: 24
217.12.196.0/23 maxlen: 23
217.12.198.0/24 maxlen: 24
217.12.199.0/24 maxlen: 24
217.12.205.0/24 maxlen: 24
217.12.210.0/23 maxlen: 23
217.12.210.0/24 maxlen: 24
217.12.211.0/24 maxlen: 24
217.12.212.0/23 maxlen: 23
217.12.214.0/24 maxlen: 24
217.12.216.0/23 maxlen: 23
217.12.220.0/22 maxlen: 22
217.12.221.0/24 maxlen: 24
217.12.222.0/24 maxlen: 24
217.12.223.0/24 maxlen: 24
2a02:27a8::/32 maxlen: 32
2a02:27a8:feed::/48 maxlen: 48
2a02:27ad::/32 maxlen: 32
2a05:9407::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/lNmOj-xoB3WhVyZuDGt4sUGjT14.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/lNmOj-xoB3WhVyZuDGt4sUGjT14.mft
rsync://rpki.ripe.net/repository/DEFAULT/lNmOj-xoB3WhVyZuDGt4sUGjT14.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:03:5f:49:c5:8e:ee:a3:30:f4:1a:ee:be:87:6b:d9:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94d98e8fec680775a157266e0c6b78b141a34f5e
Validity
Not Before: Mar 18 23:54:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d5ad5d2c2827d64258d055ca79afcddc9c508a92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:d1:45:a7:7f:0d:6e:53:aa:a2:a7:96:93:01:
31:3e:78:cd:bf:45:7c:f7:82:da:77:04:88:b6:f8:
18:9d:27:58:1e:e8:58:d0:fe:6d:be:ae:9e:24:55:
35:b7:0f:dd:75:89:a1:9a:07:41:04:04:0a:54:21:
21:94:3b:2d:7a:e4:36:d2:06:0e:50:71:a4:ac:31:
c6:47:99:62:95:10:2a:80:c3:60:57:41:27:cc:34:
10:c9:40:6f:56:cc:e1:ca:36:ba:eb:8c:2d:60:1d:
4c:9b:7a:6c:32:f8:49:70:59:4a:aa:5a:a4:0b:95:
1f:09:1d:de:f2:66:65:d6:61:09:bb:65:e2:82:16:
14:3a:8d:ec:d3:6e:53:ee:2c:9a:87:d7:33:a9:4c:
6e:2e:35:86:37:84:65:6a:72:fe:04:8f:ad:c7:49:
40:23:f2:ca:12:14:df:89:67:4c:84:25:52:c1:21:
e5:59:e5:d7:5e:7b:99:36:07:40:a3:46:66:5c:b6:
05:82:6e:fa:3e:1f:69:3a:f3:e6:53:b0:81:01:24:
93:ca:56:34:a2:20:c3:cd:2d:ca:32:d6:18:2c:f8:
8b:e9:a6:f8:16:b4:92:37:3d:a6:94:e5:6f:86:65:
ec:40:26:94:7b:36:42:98:89:6e:8c:c3:65:cc:d1:
42:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:AD:5D:2C:28:27:D6:42:58:D0:55:CA:79:AF:CD:DC:9C:50:8A:92
X509v3 Authority Key Identifier:
keyid:94:D9:8E:8F:EC:68:07:75:A1:57:26:6E:0C:6B:78:B1:41:A3:4F:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lNmOj-xoB3WhVyZuDGt4sUGjT14.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/1a1dLCgn1kJY0FXKea_N3JxQipI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/lNmOj-xoB3WhVyZuDGt4sUGjT14.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.34.182.0/23
82.118.17.0-82.118.18.255
193.238.152.0/23
217.12.192.0/21
217.12.205.0/24
217.12.210.0-217.12.214.255
217.12.216.0/23
217.12.220.0/22
IPv6:
2a02:27a8::/32
2a02:27ad::/32
2a05:9407::/32
Signature Algorithm: sha256WithRSAEncryption
5f:30:28:97:7e:49:a6:0c:7d:ae:d3:ab:17:ea:99:ca:cc:f6:
db:ee:4d:d3:bb:09:08:b0:71:d5:62:93:d8:7a:e0:d1:26:d2:
51:cf:3b:f1:dc:e8:ff:4f:95:a3:8b:98:d8:6e:6b:4c:26:ff:
3a:39:95:a3:80:59:4a:dd:d0:89:ec:6c:5b:1b:3b:10:a5:4a:
82:0f:7b:5b:c9:c6:04:2c:1d:48:cd:1c:bc:55:50:f5:5c:19:
95:0e:ee:2c:41:e5:8c:da:9c:7c:61:8f:98:1a:a8:fd:2e:0c:
35:87:ba:55:83:68:e8:4b:9a:1c:cc:a5:a0:d4:95:42:fc:94:
62:0f:11:5e:be:0d:96:a1:96:49:51:df:cc:51:38:a8:50:13:
19:5a:c9:1d:27:29:9b:2c:e1:8c:c9:02:cc:ce:77:a0:12:01:
06:bc:0e:8e:14:80:3a:49:64:2c:09:c9:af:28:a0:d1:03:aa:
6a:94:2f:cb:dd:48:da:84:d7:e1:7e:b2:8b:bd:f7:e1:9f:2f:
d5:ed:9b:c9:2b:26:ab:e3:52:a0:e5:31:ff:f8:9b:a0:bc:ef:
a9:bb:ee:d4:15:8c:f6:f7:b7:2c:69:69:0a:c0:f5:cd:67:c3:
b7:2e:cf:8c:c0:55:be:0e:00:45:5d:6e:64:dc:92:e5:3a:3a:
56:be:a0:75
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgISAZ0DX0nFju6jMPQa7r6Ha9kyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ZDk4ZThmZWM2ODA3NzVhMTU3MjY2ZTBjNmI3OGIxNDFh
MzRmNWUwHhcNMjYwMzE4MjM1NDI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWFkNWQyYzI4MjdkNjQyNThkMDU1Y2E3OWFmY2RkYzljNTA4YTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7tFFp38NblOqoqeWkwExPnjNv0V8
94LadwSItvgYnSdYHuhY0P5tvq6eJFU1tw/ddYmhmgdBBAQKVCEhlDsteuQ20gYO
UHGkrDHGR5lilRAqgMNgV0EnzDQQyUBvVszhyja664wtYB1Mm3psMvhJcFlKqlqk
C5UfCR3e8mZl1mEJu2XighYUOo3s025T7iyah9czqUxuLjWGN4RlanL+BI+tx0lA
I/LKEhTfiWdMhCVSwSHlWeXXXnuZNgdAo0ZmXLYFgm76Ph9pOvPmU7CBASSTylY0
oiDDzS3KMtYYLPiL6ab4FrSSNz2mlOVvhmXsQCaUezZCmIlujMNlzNFCsQIDAQAB
o4ICYDCCAlwwHQYDVR0OBBYEFNWtXSwoJ9ZCWNBVynmvzdycUIqSMB8GA1UdIwQY
MBaAFJTZjo/saAd1oVcmbgxreLFBo09eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbE5tT2oteG9CM1doVnladURHdDRzVUdqVDE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83YWUzYzctNjdlNC00NGRlLWIxMzkt
ODdkMTdkZjc0YzdlLzEvMWExZExDZ24xa0pZMEZYS2VhX04zSnhRaXBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83YWUzYzctNjdlNC00NGRlLWIxMzktODdkMTdkZjc0Yzdl
LzEvbE5tT2oteG9CM1doVnladURHdDRzVUdqVDE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHYGCCsGAQUFBwEHAQH/BGcwZTBGBAIAATBAAwQBBSK2MAwD
BABSdhEDBABSdhIDBAHB7pgDBAPZDMADBADZDM0wDAMEAdkM0gMEANkM1gMEAdkM
2AMEAtkM3DAbBAIAAjAVAwUAKgInqAMFACoCJ60DBQAqBZQHMA0GCSqGSIb3DQEB
CwUAA4IBAQBfMCiXfkmmDH2u06sX6pnKzPbb7k3TuwkIsHHVYpPYeuDRJtJRzzvx
3Oj/T5Wji5jYbmtMJv86OZWjgFlK3dCJ7GxbGzsQpUqCD3tbycYELB1IzRy8VVD1
XBmVDu4sQeWM2px8YY+YGqj9Lgw1h7pVg2joS5oczKWg1JVC/JRiDxFevg2WoZZJ
Ud/MUTioUBMZWskdJymbLOGMyQLMznegEgEGvA6OFIA6SWQsCcmvKKDRA6pqlC/L
3UjahNfhfrKLvffhny/V7ZvJKyar41Kg5TH/+JugvO+pu+7UFYz297csaWkKwPXN
Z8O3Ls+MwFW+DgBFXW5k3JLlOjpWvqB1
-----END CERTIFICATE-----
Generated at Thu Mar 26 08:36:53 2026 by rpki-client