Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/bb85d7-7cde-4e1c-b9df-79eeb6321eb7/1/zLsfLFOJpnTtg3F4KVVDlPfhrD4.roa
File: zLsfLFOJpnTtg3F4KVVDlPfhrD4.roa (raw, json)
Hash identifier: lvwGobToDcZgHYg/+bZlkIQ8ZdF7bln38m78tCC4O58=
Subject key identifier: CC:BB:1F:2C:53:89:A6:74:ED:83:71:78:29:55:43:94:F7:E1:AC:3E
Certificate issuer: /CN=19e06155fc1e37652b2b79c9a536d2e6144d04f7
Certificate serial: 019D002F8C6A2D5B0834BFDC3723F8D714E0
Authority key identifier: 19:E0:61:55:FC:1E:37:65:2B:2B:79:C9:A5:36:D2:E6:14:4D:04:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GeBhVfweN2UrK3nJpTbS5hRNBPc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/bb85d7-7cde-4e1c-b9df-79eeb6321eb7/1/zLsfLFOJpnTtg3F4KVVDlPfhrD4.roa
Signing time: Wed 18 Mar 2026 09:03:29 +0000
ROA not before: Wed 18 Mar 2026 09:03:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 47292
IP address blocks: 31.31.80.0/21 maxlen: 24
77.66.0.0/21 maxlen: 24
77.66.8.0/22 maxlen: 24
77.66.16.0/20 maxlen: 24
77.66.32.0/21 maxlen: 24
77.66.40.0/22 maxlen: 24
77.66.48.0/23 maxlen: 24
77.66.54.0/23 maxlen: 24
77.66.56.0/21 maxlen: 24
77.66.64.0/22 maxlen: 24
77.66.72.0/23 maxlen: 24
77.66.76.0/22 maxlen: 24
77.66.80.0/21 maxlen: 24
77.66.88.0/22 maxlen: 24
77.66.96.0/23 maxlen: 24
77.66.104.0/22 maxlen: 24
77.66.120.0/23 maxlen: 24
77.66.124.0/23 maxlen: 24
81.7.128.0/21 maxlen: 24
81.7.136.0/22 maxlen: 24
81.7.140.0/23 maxlen: 24
81.7.144.0/23 maxlen: 24
81.7.148.0/22 maxlen: 24
81.7.152.0/22 maxlen: 24
81.7.152.0/24 maxlen: 24
81.7.158.0/23 maxlen: 24
81.7.160.0/21 maxlen: 24
81.7.168.0/22 maxlen: 24
81.7.174.0/23 maxlen: 24
81.7.176.0/20 maxlen: 24
81.19.224.0/20 maxlen: 24
81.19.240.0/21 maxlen: 24
81.19.248.0/22 maxlen: 24
83.221.128.0/22 maxlen: 24
83.221.142.0/23 maxlen: 24
83.221.150.0/23 maxlen: 24
83.221.154.0/23 maxlen: 24
83.221.156.0/23 maxlen: 24
86.48.32.0/21 maxlen: 24
86.48.40.0/23 maxlen: 24
86.48.48.0/22 maxlen: 24
86.48.66.0/23 maxlen: 24
86.48.72.0/21 maxlen: 24
86.48.80.0/20 maxlen: 24
86.48.96.0/20 maxlen: 24
86.48.112.0/23 maxlen: 24
86.58.128.0/23 maxlen: 24
86.58.132.0/22 maxlen: 24
86.58.136.0/21 maxlen: 24
86.58.144.0/22 maxlen: 24
86.58.148.0/23 maxlen: 24
86.58.156.0/22 maxlen: 24
86.58.160.0/21 maxlen: 24
86.58.168.0/22 maxlen: 24
86.58.174.0/23 maxlen: 24
86.58.176.0/21 maxlen: 24
86.58.184.0/22 maxlen: 24
86.58.192.0/22 maxlen: 24
86.58.198.0/23 maxlen: 24
86.58.204.0/22 maxlen: 24
86.58.224.0/22 maxlen: 24
86.58.240.0/22 maxlen: 24
86.58.244.0/23 maxlen: 24
86.58.248.0/21 maxlen: 24
89.186.168.0/23 maxlen: 24
89.186.172.0/22 maxlen: 24
89.188.80.0/21 maxlen: 24
89.188.88.0/23 maxlen: 24
89.188.92.0/23 maxlen: 24
91.102.88.0/21 maxlen: 24
91.193.136.0/22 maxlen: 24
91.215.160.0/22 maxlen: 24
93.180.80.0/23 maxlen: 24
93.180.84.0/22 maxlen: 24
94.126.176.0/23 maxlen: 24
94.126.182.0/23 maxlen: 24
109.238.48.0/21 maxlen: 24
185.45.48.0/22 maxlen: 24
195.190.153.0/24 maxlen: 24
195.211.176.0/22 maxlen: 24
212.97.128.0/22 maxlen: 24
217.30.36.0/22 maxlen: 24
217.116.224.0/20 maxlen: 24
217.116.240.0/23 maxlen: 24
217.116.254.0/23 maxlen: 24
217.145.48.0/21 maxlen: 24
217.145.56.0/23 maxlen: 24
2001:1448::/32 maxlen: 48
2a00:49c0::/32 maxlen: 48
2a01:6200::/32 maxlen: 48
2a01:7920::/29 maxlen: 48
2a02:9d0::/32 maxlen: 48
2a03:a480::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/bb85d7-7cde-4e1c-b9df-79eeb6321eb7/1/GeBhVfweN2UrK3nJpTbS5hRNBPc.crl
rsync://rpki.ripe.net/repository/DEFAULT/9a/bb85d7-7cde-4e1c-b9df-79eeb6321eb7/1/GeBhVfweN2UrK3nJpTbS5hRNBPc.mft
rsync://rpki.ripe.net/repository/DEFAULT/GeBhVfweN2UrK3nJpTbS5hRNBPc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 12:01:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:00:2f:8c:6a:2d:5b:08:34:bf:dc:37:23:f8:d7:14:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19e06155fc1e37652b2b79c9a536d2e6144d04f7
Validity
Not Before: Mar 18 09:03:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ccbb1f2c5389a674ed83717829554394f7e1ac3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:f2:14:e7:e4:1c:4b:65:52:28:e1:fb:d1:a5:
75:13:50:cb:10:ab:9d:3b:c0:b5:ce:39:66:bf:11:
97:af:2e:c1:8e:c8:8f:30:90:5a:06:40:94:32:d6:
11:98:42:25:b2:2a:55:17:db:55:24:da:4e:22:18:
1a:26:0d:62:35:f0:0e:9c:c1:ee:3b:91:68:ab:a0:
d0:de:e9:95:bc:fd:d8:e5:6f:91:13:26:d7:39:3a:
df:5e:3a:11:80:4b:b7:03:39:f0:22:7a:23:f3:41:
51:d2:d1:51:35:62:bd:15:39:9d:cf:34:22:39:e6:
00:5d:e1:98:71:86:ee:ce:29:2c:1c:be:40:7f:72:
74:34:df:05:50:f8:c0:98:ef:60:6a:a5:43:10:65:
e7:cc:96:22:28:32:4f:0d:dd:cd:67:f0:f3:a3:41:
ac:8e:38:eb:1f:d3:35:87:0c:4c:bc:71:3c:71:a0:
40:00:fd:0f:c2:a8:fa:02:f1:bd:76:08:e1:f1:55:
76:d4:ba:f9:14:7e:9f:7b:df:7d:6b:0f:c9:34:af:
e3:1b:0b:b9:46:6c:a2:a4:65:58:68:95:90:82:91:
5f:0e:94:cf:39:e3:3a:fd:8d:1e:b8:f7:d3:ce:a3:
7e:9f:c9:28:3a:0e:68:0d:01:76:d7:78:f2:5a:97:
f2:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:BB:1F:2C:53:89:A6:74:ED:83:71:78:29:55:43:94:F7:E1:AC:3E
X509v3 Authority Key Identifier:
keyid:19:E0:61:55:FC:1E:37:65:2B:2B:79:C9:A5:36:D2:E6:14:4D:04:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GeBhVfweN2UrK3nJpTbS5hRNBPc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/bb85d7-7cde-4e1c-b9df-79eeb6321eb7/1/zLsfLFOJpnTtg3F4KVVDlPfhrD4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/bb85d7-7cde-4e1c-b9df-79eeb6321eb7/1/GeBhVfweN2UrK3nJpTbS5hRNBPc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.31.80.0/21
77.66.0.0-77.66.11.255
77.66.16.0-77.66.43.255
77.66.48.0/23
77.66.54.0-77.66.67.255
77.66.72.0/23
77.66.76.0-77.66.91.255
77.66.96.0/23
77.66.104.0/22
77.66.120.0/23
77.66.124.0/23
81.7.128.0-81.7.141.255
81.7.144.0/23
81.7.148.0-81.7.155.255
81.7.158.0-81.7.171.255
81.7.174.0-81.7.191.255
81.19.224.0-81.19.251.255
83.221.128.0/22
83.221.142.0/23
83.221.150.0/23
83.221.154.0-83.221.157.255
86.48.32.0-86.48.41.255
86.48.48.0/22
86.48.66.0/23
86.48.72.0-86.48.113.255
86.58.128.0/23
86.58.132.0-86.58.149.255
86.58.156.0-86.58.171.255
86.58.174.0-86.58.187.255
86.58.192.0/22
86.58.198.0/23
86.58.204.0/22
86.58.224.0/22
86.58.240.0-86.58.245.255
86.58.248.0/21
89.186.168.0/23
89.186.172.0/22
89.188.80.0-89.188.89.255
89.188.92.0/23
91.102.88.0/21
91.193.136.0/22
91.215.160.0/22
93.180.80.0/23
93.180.84.0/22
94.126.176.0/23
94.126.182.0/23
109.238.48.0/21
185.45.48.0/22
195.190.153.0/24
195.211.176.0/22
212.97.128.0/22
217.30.36.0/22
217.116.224.0-217.116.241.255
217.116.254.0/23
217.145.48.0-217.145.57.255
IPv6:
2001:1448::/32
2a00:49c0::/32
2a01:6200::/32
2a01:7920::/29
2a02:9d0::/32
2a03:a480::/32
Signature Algorithm: sha256WithRSAEncryption
0e:6d:a1:58:8a:f6:80:78:2c:c5:d0:18:d5:73:f5:a4:dd:8b:
d2:ff:83:18:36:fe:ef:da:b6:32:fc:c1:9d:6f:b8:70:e0:ba:
5c:58:1a:9c:b0:be:f5:c7:69:72:f3:7b:10:c7:14:13:49:05:
d3:f0:6d:51:0a:95:ca:8f:5a:49:fd:cb:41:af:6c:c3:d5:b9:
0b:d0:5d:49:74:bc:7e:4f:4c:1b:17:df:ac:8b:8d:28:eb:f2:
cd:74:b3:67:13:33:ad:81:4e:8c:5b:c2:40:64:a8:f5:6e:f3:
27:a1:04:4d:81:30:78:b4:b8:d0:c1:1a:ff:c6:b2:98:fd:79:
e3:05:fe:8b:f9:2a:6e:4b:e5:a0:fd:d5:40:4a:d4:f9:12:f1:
31:63:07:8c:ba:09:73:81:e5:9e:4a:83:53:9e:ba:f2:3b:ac:
6c:4f:ba:fe:57:ef:95:99:05:c9:3b:4b:0b:67:0e:05:fc:25:
42:f0:3e:f5:3d:a3:c6:c3:80:9e:49:da:9f:14:e2:f1:f2:1c:
0c:6f:e6:f3:e1:d5:8d:30:c7:a4:c0:52:61:c6:18:cd:ab:22:
ad:59:03:0f:cf:66:3d:19:93:a3:a6:da:8a:1e:c2:95:ce:5b:
2e:ff:7d:96:ba:74:02:ee:d3:a8:84:68:8e:90:5c:ae:b9:85:
e7:43:56:df
-----BEGIN CERTIFICATE-----
MIIHFDCCBfygAwIBAgISAZ0AL4xqLVsINL/cNyP41xTgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5ZTA2MTU1ZmMxZTM3NjUyYjJiNzljOWE1MzZkMmU2MTQ0
ZDA0ZjcwHhcNMjYwMzE4MDkwMzI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2JiMWYyYzUzODlhNjc0ZWQ4MzcxNzgyOTU1NDM5NGY3ZTFhYzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsvIU5+QcS2VSKOH70aV1E1DLEKud
O8C1zjlmvxGXry7BjsiPMJBaBkCUMtYRmEIlsipVF9tVJNpOIhgaJg1iNfAOnMHu
O5Foq6DQ3umVvP3Y5W+REybXOTrfXjoRgEu3AznwInoj80FR0tFRNWK9FTmdzzQi
OeYAXeGYcYbuziksHL5Af3J0NN8FUPjAmO9gaqVDEGXnzJYiKDJPDd3NZ/Dzo0Gs
jjjrH9M1hwxMvHE8caBAAP0Pwqj6AvG9dgjh8VV21Lr5FH6fe999aw/JNK/jGwu5
RmyipGVYaJWQgpFfDpTPOeM6/Y0euPfTzqN+n8koOg5oDQF213jyWpfy4QIDAQAB
o4IEIDCCBBwwHQYDVR0OBBYEFMy7HyxTiaZ07YNxeClVQ5T34aw+MB8GA1UdIwQY
MBaAFBngYVX8HjdlKyt5yaU20uYUTQT3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2VCaFZmd2VOMlVySzNuSnBUYlM1aFJOQlBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9iYjg1ZDctN2NkZS00ZTFjLWI5ZGYt
NzllZWI2MzIxZWI3LzEvekxzZkxGT0pwblR0ZzNGNEtWVkRsUGZockQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9iYjg1ZDctN2NkZS00ZTFjLWI5ZGYtNzllZWI2MzIxZWI3
LzEvR2VCaFZmd2VOMlVySzNuSnBUYlM1aFJOQlBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICNAYIKwYBBQUHAQcBAf8EggIjMIICHzCCAekEAgABMIIB
4QMEAx8fUDALAwMBTUIDBAJNQggwDAMEBE1CEAMEAk1CKAMEAU1CMDAMAwQBTUI2
AwQCTUJAAwQBTUJIMAwDBAJNQkwDBAJNQlgDBAFNQmADBAJNQmgDBAFNQngDBAFN
QnwwDAMEB1EHgAMEAVEHjAMEAVEHkDAMAwQCUQeUAwQCUQeYMAwDBAFRB54DBAJR
B6gwDAMEAVEHrgMEBlEHgDAMAwQFURPgAwQCURP4AwQCU92AAwQBU92OAwQBU92W
MAwDBAFT3ZoDBAFT3ZwwDAMEBVYwIAMEAVYwKAMEAlYwMAMEAVYwQjAMAwQDVjBI
AwQBVjBwAwQBVjqAMAwDBAJWOoQDBAFWOpQwDAMEAlY6nAMEAlY6qDAMAwQBVjqu
AwQCVjq4AwQCVjrAAwQBVjrGAwQCVjrMAwQCVjrgMAwDBARWOvADBAFWOvQDBANW
OvgDBAFZuqgDBAJZuqwwDAMEBFm8UAMEAVm8WAMEAVm8XAMEA1tmWAMEAlvBiAME
AlvXoAMEAV20UAMEAl20VAMEAV5+sAMEAV5+tgMEA23uMAMEArktMAMEAMO+mQME
AsPTsAMEAtRhgAMEAtkeJDAMAwQF2XTgAwQB2XTwAwQB2XT+MAwDBATZkTADBAHZ
kTgwMAQCAAIwKgMFACABFEgDBQAqAEnAAwUAKgFiAAMFAyoBeSADBQAqAgnQAwUA
KgOkgDANBgkqhkiG9w0BAQsFAAOCAQEADm2hWIr2gHgsxdAY1XP1pN2L0v+DGDb+
79q2MvzBnW+4cOC6XFganLC+9cdpcvN7EMcUE0kF0/BtUQqVyo9aSf3LQa9sw9W5
C9BdSXS8fk9MGxffrIuNKOvyzXSzZxMzrYFOjFvCQGSo9W7zJ6EETYEweLS40MEa
/8aymP154wX+i/kqbkvloP3VQErU+RLxMWMHjLoJc4HlnkqDU5668jusbE+6/lfv
lZkFyTtLC2cOBfwlQvA+9T2jxsOAnknanxTi8fIcDG/m8+HVjTDHpMBSYcYYzasi
rVkDD89mPRmTo6baih7Clc5bLv99lrp0Au7TqIRojpBcrrmF50NW3w==
-----END CERTIFICATE-----
Generated at Wed Mar 25 22:55:03 2026 by rpki-client