Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/a9352e-9a3a-49aa-ad77-7be6eb6bce87/1/lLvMNzQqc08rBnqIaGJCkVSk_Lc.roa
File: lLvMNzQqc08rBnqIaGJCkVSk_Lc.roa (raw, json)
Hash identifier: C4csVeC5+fBJXsccVAtKbPNOr2pnHhs7Nw+vsJd23mE=
Subject key identifier: 94:BB:CC:37:34:2A:73:4F:2B:06:7A:88:68:62:42:91:54:A4:FC:B7
Certificate issuer: /CN=9e95a119d9c1a5d6e3f3e21f6fa863d87a2e4b0d
Certificate serial: 019981B6C47355DACC5DEA979E54CB85644A
Authority key identifier: 9E:95:A1:19:D9:C1:A5:D6:E3:F3:E2:1F:6F:A8:63:D8:7A:2E:4B:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWhGdnBpdbj8-Ifb6hj2HouSw0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/a9352e-9a3a-49aa-ad77-7be6eb6bce87/1/lLvMNzQqc08rBnqIaGJCkVSk_Lc.roa
Signing time: Thu 25 Sep 2025 16:31:02 +0000
ROA not before: Thu 25 Sep 2025 16:31:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56478
IP address blocks: 31.14.248.0/22 maxlen: 22
37.156.72.0/22 maxlen: 22
68.168.32.0/19 maxlen: 19
88.98.192.0/18 maxlen: 18
88.98.200.0/22 maxlen: 22
88.98.204.0/22 maxlen: 22
88.98.216.0/23 maxlen: 23
88.98.218.0/23 maxlen: 23
88.98.240.0/20 maxlen: 20
88.98.240.0/22 maxlen: 22
89.32.120.0/22 maxlen: 22
89.34.164.0/22 maxlen: 22
89.35.196.0/22 maxlen: 22
89.36.64.0/21 maxlen: 21
89.39.136.0/21 maxlen: 21
89.44.40.0/22 maxlen: 22
93.115.192.0/22 maxlen: 22
137.220.64.0/18 maxlen: 18
137.220.68.0/22 maxlen: 22
137.220.72.0/21 maxlen: 21
137.220.80.0/22 maxlen: 22
137.220.84.0/22 maxlen: 22
137.220.88.0/22 maxlen: 22
137.220.92.0/22 maxlen: 22
137.220.96.0/22 maxlen: 22
137.220.100.0/22 maxlen: 22
137.220.104.0/22 maxlen: 22
137.220.108.0/22 maxlen: 22
137.220.112.0/23 maxlen: 23
137.220.114.0/23 maxlen: 23
137.220.116.0/23 maxlen: 23
137.220.118.0/23 maxlen: 23
137.220.120.0/23 maxlen: 23
137.220.122.0/23 maxlen: 23
137.220.124.0/22 maxlen: 22
140.228.32.0/19 maxlen: 19
140.228.40.0/22 maxlen: 22
140.228.44.0/22 maxlen: 22
140.228.48.0/22 maxlen: 22
140.228.52.0/22 maxlen: 22
140.228.56.0/22 maxlen: 22
140.228.64.0/19 maxlen: 19
140.228.80.0/21 maxlen: 21
140.228.88.0/22 maxlen: 22
140.228.92.0/22 maxlen: 22
141.0.144.0/21 maxlen: 21
141.0.152.0/21 maxlen: 21
143.58.128.0/18 maxlen: 18
143.58.128.0/21 maxlen: 21
143.58.136.0/21 maxlen: 21
143.58.144.0/22 maxlen: 22
143.58.148.0/22 maxlen: 22
143.58.152.0/21 maxlen: 21
143.58.160.0/21 maxlen: 21
143.58.168.0/21 maxlen: 21
143.58.176.0/21 maxlen: 21
143.58.184.0/21 maxlen: 21
143.58.192.0/18 maxlen: 18
143.58.192.0/21 maxlen: 21
143.58.200.0/21 maxlen: 21
143.58.212.0/22 maxlen: 22
143.58.216.0/21 maxlen: 21
143.58.216.0/22 maxlen: 22
143.58.220.0/22 maxlen: 22
143.58.224.0/21 maxlen: 21
143.58.224.0/22 maxlen: 22
143.58.228.0/22 maxlen: 22
143.58.232.0/22 maxlen: 22
143.58.236.0/22 maxlen: 22
143.58.240.0/21 maxlen: 21
143.58.248.0/21 maxlen: 21
152.37.64.0/18 maxlen: 18
152.37.64.0/22 maxlen: 22
152.37.68.0/22 maxlen: 22
152.37.72.0/22 maxlen: 22
152.37.76.0/22 maxlen: 22
152.37.80.0/22 maxlen: 22
152.37.84.0/22 maxlen: 22
152.37.88.0/22 maxlen: 22
152.37.92.0/22 maxlen: 22
152.37.96.0/22 maxlen: 22
152.37.100.0/23 maxlen: 23
152.37.102.0/23 maxlen: 23
152.37.104.0/22 maxlen: 22
152.37.108.0/22 maxlen: 22
152.37.114.0/23 maxlen: 23
152.37.116.0/22 maxlen: 22
152.37.120.0/22 maxlen: 22
152.37.124.0/23 maxlen: 23
152.37.126.0/23 maxlen: 23
185.24.120.0/22 maxlen: 22
188.172.144.0/20 maxlen: 20
188.210.208.0/21 maxlen: 21
188.210.208.0/22 maxlen: 22
188.210.212.0/22 maxlen: 22
188.210.212.0/23 maxlen: 23
188.210.214.0/23 maxlen: 23
188.211.160.0/22 maxlen: 22
188.213.136.0/22 maxlen: 22
188.214.8.0/21 maxlen: 21
209.35.64.0/19 maxlen: 19
209.35.64.0/21 maxlen: 21
209.35.72.0/22 maxlen: 22
209.35.76.0/22 maxlen: 22
209.35.78.0/23 maxlen: 23
209.35.80.0/21 maxlen: 21
209.35.80.0/22 maxlen: 22
209.35.84.0/22 maxlen: 22
209.35.88.0/21 maxlen: 21
209.35.88.0/22 maxlen: 22
209.35.92.0/22 maxlen: 22
2a01:4b00::/32 maxlen: 32
2a01:4b00:d000::/36 maxlen: 36
2a01:4b00:e000::/35 maxlen: 35
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/74/a9352e-9a3a-49aa-ad77-7be6eb6bce87/1/npWhGdnBpdbj8-Ifb6hj2HouSw0.crl
rsync://rpki.ripe.net/repository/DEFAULT/74/a9352e-9a3a-49aa-ad77-7be6eb6bce87/1/npWhGdnBpdbj8-Ifb6hj2HouSw0.mft
rsync://rpki.ripe.net/repository/DEFAULT/npWhGdnBpdbj8-Ifb6hj2HouSw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:81:b6:c4:73:55:da:cc:5d:ea:97:9e:54:cb:85:64:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a119d9c1a5d6e3f3e21f6fa863d87a2e4b0d
Validity
Not Before: Sep 25 16:31:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=94bbcc37342a734f2b067a886862429154a4fcb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:87:60:29:3f:0a:9f:86:85:cc:05:48:e1:65:
6c:ae:37:3c:45:9c:d9:3e:82:0d:50:b7:f3:f6:22:
4c:9b:ff:b5:37:45:ad:ae:9a:b8:5a:67:45:09:02:
4e:56:79:b4:ed:56:ad:40:86:34:da:4f:e0:25:ba:
6e:7a:54:aa:be:1e:ff:02:97:21:32:b3:34:ab:e4:
52:f2:35:e4:4a:70:de:38:1b:98:cc:d4:f0:4b:53:
b7:65:ea:a1:4c:23:55:78:9d:0f:63:6d:66:2a:3b:
4f:2d:0e:56:46:6d:49:12:48:57:97:42:c7:8c:a9:
ce:a6:0e:06:a1:03:53:cb:3a:66:5b:0c:a1:97:cd:
6e:27:99:04:6d:62:fd:00:ea:4e:26:a8:48:3b:4b:
1f:51:5b:02:4e:8b:00:cc:c0:0e:05:44:3c:a8:99:
c9:d1:27:d8:79:df:67:2e:99:9b:22:07:0d:d6:8d:
a8:a4:ad:f5:83:eb:c5:2a:c6:02:dd:ad:85:31:ef:
fc:c2:0d:45:c9:44:38:10:06:75:dd:da:ea:af:92:
bb:ec:2b:48:01:cb:d2:f9:ec:8c:4c:61:02:8b:50:
d9:2c:7b:51:48:5d:4b:9b:68:56:1a:a2:aa:4b:f6:
75:df:f8:6c:91:30:bc:a2:d8:4e:5f:04:e8:66:10:
25:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:BB:CC:37:34:2A:73:4F:2B:06:7A:88:68:62:42:91:54:A4:FC:B7
X509v3 Authority Key Identifier:
keyid:9E:95:A1:19:D9:C1:A5:D6:E3:F3:E2:1F:6F:A8:63:D8:7A:2E:4B:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWhGdnBpdbj8-Ifb6hj2HouSw0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/a9352e-9a3a-49aa-ad77-7be6eb6bce87/1/lLvMNzQqc08rBnqIaGJCkVSk_Lc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/a9352e-9a3a-49aa-ad77-7be6eb6bce87/1/npWhGdnBpdbj8-Ifb6hj2HouSw0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.248.0/22
37.156.72.0/22
68.168.32.0/19
88.98.192.0/18
89.32.120.0/22
89.34.164.0/22
89.35.196.0/22
89.36.64.0/21
89.39.136.0/21
89.44.40.0/22
93.115.192.0/22
137.220.64.0/18
140.228.32.0-140.228.95.255
141.0.144.0/20
143.58.128.0/17
152.37.64.0/18
185.24.120.0/22
188.172.144.0/20
188.210.208.0/21
188.211.160.0/22
188.213.136.0/22
188.214.8.0/21
209.35.64.0/19
IPv6:
2a01:4b00::/32
Signature Algorithm: sha256WithRSAEncryption
4c:cb:06:94:52:18:79:ea:30:7e:60:b1:bc:b3:8c:4a:d4:88:
ad:1f:d9:fd:c6:6c:c0:34:2c:4d:1a:5f:b4:09:d3:bc:92:2d:
ca:b6:c9:ed:11:a0:5d:bc:c9:a2:10:8b:42:bf:5e:9d:33:03:
b1:8f:d4:0f:71:be:25:19:bb:81:47:fd:0b:f4:c3:6a:b8:1c:
7d:b2:40:9b:fc:14:e5:3e:ef:9d:0e:97:fb:66:e0:e9:0c:36:
fb:f7:9e:a6:ca:ae:e2:ba:c0:54:a3:8a:0c:67:62:16:8f:a8:
4b:ca:f2:49:e8:b9:77:1d:b5:af:6e:99:12:ba:ba:40:a7:8b:
86:82:88:be:e4:8f:07:ca:c8:64:87:9e:04:84:06:28:b9:fb:
34:6f:85:fa:81:d5:b4:01:dc:e6:0d:ca:4d:f6:72:92:d9:81:
54:0f:ad:f4:34:b5:da:4e:46:8c:ee:d0:13:68:c9:05:01:c0:
65:2b:92:30:38:d4:11:23:39:cc:bb:ff:59:02:b3:6c:73:4e:
00:13:cf:2f:f4:ff:a7:ae:6d:0b:5c:29:34:44:4d:19:b4:e4:
49:22:6a:a0:71:7d:6a:03:3a:4e:d9:5f:83:e5:57:7d:af:3f:
98:ae:72:de:3b:68:b7:49:55:d3:8a:f9:fb:e1:d0:fd:98:60:
c7:58:2a:d3
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgISAZmBtsRzVdrMXeqXnlTLhWRKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMTE5ZDljMWE1ZDZlM2YzZTIxZjZmYTg2M2Q4N2Ey
ZTRiMGQwHhcNMjUwOTI1MTYzMTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGJiY2MzNzM0MmE3MzRmMmIwNjdhODg2ODYyNDI5MTU0YTRmY2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqYdgKT8Kn4aFzAVI4WVsrjc8RZzZ
PoINULfz9iJMm/+1N0Wtrpq4WmdFCQJOVnm07VatQIY02k/gJbpuelSqvh7/Apch
MrM0q+RS8jXkSnDeOBuYzNTwS1O3ZeqhTCNVeJ0PY21mKjtPLQ5WRm1JEkhXl0LH
jKnOpg4GoQNTyzpmWwyhl81uJ5kEbWL9AOpOJqhIO0sfUVsCTosAzMAOBUQ8qJnJ
0SfYed9nLpmbIgcN1o2opK31g+vFKsYC3a2FMe/8wg1FyUQ4EAZ13drqr5K77CtI
AcvS+eyMTGECi1DZLHtRSF1Lm2hWGqKqS/Z13/hskTC8othOXwToZhAlxwIDAQAB
o4ICqTCCAqUwHQYDVR0OBBYEFJS7zDc0KnNPKwZ6iGhiQpFUpPy3MB8GA1UdIwQY
MBaAFJ6VoRnZwaXW4/PiH2+oY9h6LksNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXaEdkbkJwZGJqOC1JZmI2aGoySG91U3cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC9hOTM1MmUtOWEzYS00OWFhLWFkNzct
N2JlNmViNmJjZTg3LzEvbEx2TU56UXFjMDhyQm5xSWFHSkNrVlNrX0xjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC9hOTM1MmUtOWEzYS00OWFhLWFkNzctN2JlNmViNmJjZTg3
LzEvbnBXaEdkbkJwZGJqOC1JZmI2aGoySG91U3cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG+BggrBgEFBQcBBwEB/wSBrjCBqzCBmQQCAAEwgZIDBAIf
DvgDBAIlnEgDBAVEqCADBAZYYsADBAJZIHgDBAJZIqQDBAJZI8QDBANZJEADBANZ
J4gDBAJZLCgDBAJdc8ADBAaJ3EAwDAMEBYzkIAMEBYzkQAMEBI0AkAMEB486gAME
BpglQAMEArkYeAMEBLyskAMEA7zS0AMEArzToAMEArzViAMEA7zWCAMEBdEjQDAN
BAIAAjAHAwUAKgFLADANBgkqhkiG9w0BAQsFAAOCAQEATMsGlFIYeeowfmCxvLOM
StSIrR/Z/cZswDQsTRpftAnTvJItyrbJ7RGgXbzJohCLQr9enTMDsY/UD3G+JRm7
gUf9C/TDargcfbJAm/wU5T7vnQ6X+2bg6Qw2+/eepsqu4rrAVKOKDGdiFo+oS8ry
Sei5dx21r26ZErq6QKeLhoKIvuSPB8rIZIeeBIQGKLn7NG+F+oHVtAHc5g3KTfZy
ktmBVA+t9DS12k5GjO7QE2jJBQHAZSuSMDjUESM5zLv/WQKzbHNOABPPL/T/p65t
C1wpNERNGbTkSSJqoHF9agM6Ttlfg+VXfa8/mK5y3jtot0lV04r5++HQ/Zhgx1gq
0w==
-----END CERTIFICATE-----
Generated at Mon Oct 20 03:49:20 2025 by rpki-client