Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/17a7af-9853-4ee8-a778-15185f4dd955/1/LYaFYMEtcoFiGgzC4zUuCixHz-c.roa
File: LYaFYMEtcoFiGgzC4zUuCixHz-c.roa (raw, json)
Hash identifier: AtKbSMq1WsG+Z5PcGQrZUh5zBo6rNO+8G8e4EJ3y1yw=
Subject key identifier: 2D:86:85:60:C1:2D:72:81:62:1A:0C:C2:E3:35:2E:0A:2C:47:CF:E7
Certificate issuer: /CN=8d243abb7c571aaa9ce223cf61c47e54f9e1ca3b
Certificate serial: 019B7B363B99FCCE8B2CB1B4DD357A942A81
Authority key identifier: 8D:24:3A:BB:7C:57:1A:AA:9C:E2:23:CF:61:C4:7E:54:F9:E1:CA:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jSQ6u3xXGqqc4iPPYcR-VPnhyjs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/17a7af-9853-4ee8-a778-15185f4dd955/1/LYaFYMEtcoFiGgzC4zUuCixHz-c.roa
Signing time: Thu 01 Jan 2026 20:18:30 +0000
ROA not before: Thu 01 Jan 2026 20:18:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 211451
IP address blocks: 91.234.233.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/17a7af-9853-4ee8-a778-15185f4dd955/1/jSQ6u3xXGqqc4iPPYcR-VPnhyjs.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/17a7af-9853-4ee8-a778-15185f4dd955/1/jSQ6u3xXGqqc4iPPYcR-VPnhyjs.mft
rsync://rpki.ripe.net/repository/DEFAULT/jSQ6u3xXGqqc4iPPYcR-VPnhyjs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 11:01:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7b:36:3b:99:fc:ce:8b:2c:b1:b4:dd:35:7a:94:2a:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d243abb7c571aaa9ce223cf61c47e54f9e1ca3b
Validity
Not Before: Jan 1 20:18:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2d868560c12d7281621a0cc2e3352e0a2c47cfe7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:6e:c8:85:95:a8:68:0f:33:05:96:34:0f:9b:
11:76:c4:6a:98:f3:68:94:27:be:86:29:a6:f6:2b:
ff:d9:5a:6a:83:65:c6:8a:83:1c:8c:15:38:2c:c1:
01:35:a0:16:a0:f9:83:9d:b9:70:d5:d4:d0:e4:ac:
ca:7f:89:d2:c2:ed:a8:9e:cb:33:05:ff:d0:cb:2b:
ce:69:02:cb:ca:90:be:71:35:8e:c2:d5:af:3b:29:
15:43:aa:c9:7f:b3:6b:56:77:22:df:53:dc:ea:d7:
51:8d:bf:fa:d7:17:5e:d2:a7:7f:f6:99:6a:5e:b8:
b4:6b:31:30:68:81:46:aa:13:fa:44:0b:1d:0f:a6:
01:68:0c:c4:f8:63:b5:f1:d7:22:17:2f:cb:c8:c9:
2c:25:5e:31:96:80:ee:47:9e:78:ec:6d:fe:08:65:
4a:1c:00:d2:c6:3a:9f:90:2e:94:44:63:31:31:00:
04:16:cc:12:99:57:2f:c6:66:9f:16:82:4f:b1:59:
bb:44:c5:1d:cc:dd:79:0f:42:b5:c3:6f:c8:58:a7:
be:ff:ec:40:95:14:43:9c:aa:f6:cc:e8:96:9a:74:
6b:03:23:8f:9d:0a:b3:02:7f:23:ae:a8:20:1c:3c:
f0:5f:02:75:50:43:ff:ae:78:a9:0c:7f:b7:e7:f9:
f3:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:86:85:60:C1:2D:72:81:62:1A:0C:C2:E3:35:2E:0A:2C:47:CF:E7
X509v3 Authority Key Identifier:
keyid:8D:24:3A:BB:7C:57:1A:AA:9C:E2:23:CF:61:C4:7E:54:F9:E1:CA:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jSQ6u3xXGqqc4iPPYcR-VPnhyjs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/17a7af-9853-4ee8-a778-15185f4dd955/1/LYaFYMEtcoFiGgzC4zUuCixHz-c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/17a7af-9853-4ee8-a778-15185f4dd955/1/jSQ6u3xXGqqc4iPPYcR-VPnhyjs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.234.233.0/24
Signature Algorithm: sha256WithRSAEncryption
95:e8:11:1e:ef:44:1e:9b:2e:31:c2:6b:78:08:ce:9f:c2:6e:
e6:3e:fc:c5:04:38:75:24:4b:d2:e6:c7:3c:d4:9b:b6:da:b1:
00:65:10:69:6b:da:8e:04:d4:0b:77:45:f3:c4:76:94:08:3b:
ad:b3:97:90:b6:6f:9f:b5:f4:d0:20:ff:bb:af:ad:93:12:6a:
ef:a6:f8:b2:3b:40:21:6e:de:72:e6:c3:00:5f:50:36:b6:95:
f9:8b:71:30:55:68:41:ac:39:b9:bb:b8:71:04:f6:a5:fa:dc:
5d:4c:f4:59:03:87:44:57:d0:f9:eb:52:f0:12:88:49:ae:d5:
d3:c0:9d:4b:70:25:d4:68:55:76:e1:09:a7:d9:06:f6:39:37:
ec:85:d1:df:b7:20:5c:3b:21:38:80:55:30:bb:07:9f:29:15:
bb:a3:e4:bd:0c:db:93:fb:8e:2a:c8:1e:1a:e6:ef:73:d6:1a:
13:c1:24:e0:d9:46:38:0c:cb:22:0b:ba:97:ce:36:4a:bb:69:
fd:ff:99:06:4e:78:df:9d:46:dc:d2:d0:f0:df:79:fd:52:3c:
cc:3e:e3:62:a4:71:e4:1d:27:0e:07:bc:e3:52:47:cb:72:3d:
c1:86:dd:0a:96:74:36:08:e4:7d:72:c1:01:cf:b4:d2:ac:79:
1e:22:7d:b6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt7NjuZ/M6LLLG03TV6lCqBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMjQzYWJiN2M1NzFhYWE5Y2UyMjNjZjYxYzQ3ZTU0Zjll
MWNhM2IwHhcNMjYwMTAxMjAxODMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDg2ODU2MGMxMmQ3MjgxNjIxYTBjYzJlMzM1MmUwYTJjNDdjZmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu27IhZWoaA8zBZY0D5sRdsRqmPNo
lCe+himm9iv/2Vpqg2XGioMcjBU4LMEBNaAWoPmDnblw1dTQ5KzKf4nSwu2onssz
Bf/QyyvOaQLLypC+cTWOwtWvOykVQ6rJf7NrVnci31Pc6tdRjb/61xde0qd/9plq
Xri0azEwaIFGqhP6RAsdD6YBaAzE+GO18dciFy/LyMksJV4xloDuR5547G3+CGVK
HADSxjqfkC6URGMxMQAEFswSmVcvxmafFoJPsVm7RMUdzN15D0K1w2/IWKe+/+xA
lRRDnKr2zOiWmnRrAyOPnQqzAn8jrqggHDzwXwJ1UEP/rnipDH+35/nzrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC2GhWDBLXKBYhoMwuM1LgosR8/nMB8GA1UdIwQY
MBaAFI0kOrt8VxqqnOIjz2HEflT54co7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalNRNnUzeFhHcXFjNGlQUFljUi1WUG5oeWpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8xN2E3YWYtOTg1My00ZWU4LWE3Nzgt
MTUxODVmNGRkOTU1LzEvTFlhRllNRXRjb0ZpR2d6QzR6VXVDaXhIei1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8xN2E3YWYtOTg1My00ZWU4LWE3NzgtMTUxODVmNGRkOTU1
LzEvalNRNnUzeFhHcXFjNGlQUFljUi1WUG5oeWpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+rpMA0G
CSqGSIb3DQEBCwUAA4IBAQCV6BEe70Qemy4xwmt4CM6fwm7mPvzFBDh1JEvS5sc8
1Ju22rEAZRBpa9qOBNQLd0XzxHaUCDuts5eQtm+ftfTQIP+7r62TEmrvpviyO0Ah
bt5y5sMAX1A2tpX5i3EwVWhBrDm5u7hxBPal+txdTPRZA4dEV9D561LwEohJrtXT
wJ1LcCXUaFV24Qmn2Qb2OTfshdHftyBcOyE4gFUwuwefKRW7o+S9DNuT+44qyB4a
5u9z1hoTwSTg2UY4DMsiC7qXzjZKu2n9/5kGTnjfnUbc0tDw33n9UjzMPuNipHHk
HScOB7zjUkfLcj3Bht0KlnQ2COR9csEBz7TSrHkeIn22
-----END CERTIFICATE-----
Generated at Mon Mar 2 16:20:12 2026 by rpki-client