Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/LKTFJq5uzKrk7Jc9yDrfPu8n8bs.roa
File: LKTFJq5uzKrk7Jc9yDrfPu8n8bs.roa (raw, json)
Hash identifier: 3JMqZ1lpR4Duze6tW851187lKiriQQwDm9bDPSKXV5I=
Subject key identifier: 2C:A4:C5:26:AE:6E:CC:AA:E4:EC:97:3D:C8:3A:DF:3E:EF:27:F1:BB
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 019C9E09C9EAC97B6CAEC9C3EBF4FA7A489A
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/LKTFJq5uzKrk7Jc9yDrfPu8n8bs.roa
Signing time: Fri 27 Feb 2026 07:39:27 +0000
ROA not before: Fri 27 Feb 2026 07:39:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 49581
IP address blocks: 5.231.26.0/24 maxlen: 24
5.231.105.0/24 maxlen: 24
5.231.242.0/24 maxlen: 24
83.243.86.0/24 maxlen: 24
89.106.69.0/24 maxlen: 24
89.106.71.0/24 maxlen: 24
94.249.230.0/24 maxlen: 24
2a02:2fc0:11::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:9e:09:c9:ea:c9:7b:6c:ae:c9:c3:eb:f4:fa:7a:48:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Feb 27 07:39:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2ca4c526ae6eccaae4ec973dc83adf3eef27f1bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:81:fd:0a:e0:c1:4e:fa:c5:a3:1e:49:b0:10:
76:ea:a0:07:31:ed:e2:37:e4:09:45:da:d6:8b:ec:
00:8f:76:a5:88:00:5a:93:2b:3b:22:77:75:43:59:
e9:c2:f3:56:f5:50:fd:d0:b1:73:cc:ab:33:1d:ea:
1e:79:a4:3e:d5:fe:c7:d1:fe:62:e7:eb:1e:7b:29:
b5:af:bf:b2:1c:ff:98:d5:c8:b3:3f:87:a5:01:c5:
c5:d9:bf:d8:d9:03:c5:b9:c7:83:f8:4b:4b:4d:fb:
98:be:bb:da:7a:f9:a4:ef:a3:ba:b4:8a:d4:91:30:
40:41:0d:4a:90:b5:bb:ed:1e:d0:b0:0c:db:80:75:
38:64:78:4e:01:73:cc:8f:d2:9c:bc:9d:70:fb:ce:
f2:df:2c:eb:b9:d8:38:dd:a3:50:45:5a:78:23:00:
14:e2:e2:b9:5e:b7:db:2b:3b:38:13:96:cc:74:ef:
ee:53:7c:82:0c:c3:3c:8d:85:be:fd:67:78:6f:cf:
71:20:29:e2:4f:5b:10:1b:17:7f:84:13:85:6d:3f:
03:1a:27:85:a6:ca:44:d6:62:d0:6e:46:1b:49:5a:
35:53:69:ca:50:1c:9d:ee:ff:31:66:7b:46:97:20:
20:84:e3:c8:06:d1:f9:98:5f:e0:88:02:8c:6f:4e:
e7:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:A4:C5:26:AE:6E:CC:AA:E4:EC:97:3D:C8:3A:DF:3E:EF:27:F1:BB
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/LKTFJq5uzKrk7Jc9yDrfPu8n8bs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.231.26.0/24
5.231.105.0/24
5.231.242.0/24
83.243.86.0/24
89.106.69.0/24
89.106.71.0/24
94.249.230.0/24
IPv6:
2a02:2fc0:11::/48
Signature Algorithm: sha256WithRSAEncryption
bd:9d:4a:c8:69:7b:94:87:1a:da:99:c8:d9:bb:c5:9e:0b:b5:
13:a1:5e:be:63:4c:28:76:9c:8d:90:a2:2f:d3:af:ac:ca:f2:
ca:15:26:b5:b7:ee:9f:aa:cc:8b:32:80:61:46:f4:eb:d7:1e:
ec:df:97:5e:1f:14:bc:2f:9f:bb:57:8d:8c:a5:e9:08:21:e8:
10:f4:0d:9a:7c:13:07:26:27:00:69:23:9a:75:b3:35:fb:81:
b5:fb:8e:ec:df:88:1f:45:60:2d:ca:65:77:74:36:0b:ae:f0:
53:d3:27:6b:28:15:d0:03:e1:d8:8b:f9:ae:86:66:67:07:64:
0f:4a:ba:81:a8:e7:8b:f4:72:3d:62:55:e3:89:2f:6f:92:eb:
eb:4d:9b:7b:35:6e:3b:aa:83:53:d1:ab:64:f5:f3:47:ab:0a:
ec:2a:b6:5c:f0:76:5c:5a:95:7e:3e:c2:0f:ba:67:b1:98:fe:
f9:65:3d:42:08:fa:4a:4b:30:95:c6:d3:bd:13:b5:ee:9d:a6:
82:3c:93:51:72:4b:f3:7e:7c:0b:f1:d5:3c:83:97:c8:25:e2:
c1:bc:33:bb:43:0b:36:9e:4f:c6:e1:8c:35:26:7c:f6:74:b8:
69:d2:f5:6c:d3:d0:56:34:5e:eb:d9:9a:c5:9a:ba:4f:4f:e9:
05:fe:94:c3
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAZyeCcnqyXtsrsnD6/T6ekiaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjYwMjI3MDczOTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyY2E0YzUyNmFlNmVjY2FhZTRlYzk3M2RjODNhZGYzZWVmMjdmMWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqYH9CuDBTvrFox5JsBB26qAHMe3i
N+QJRdrWi+wAj3aliABakys7Ind1Q1npwvNW9VD90LFzzKszHeoeeaQ+1f7H0f5i
5+seeym1r7+yHP+Y1cizP4elAcXF2b/Y2QPFuceD+EtLTfuYvrvaevmk76O6tIrU
kTBAQQ1KkLW77R7QsAzbgHU4ZHhOAXPMj9KcvJ1w+87y3yzrudg43aNQRVp4IwAU
4uK5XrfbKzs4E5bMdO/uU3yCDMM8jYW+/Wd4b89xICniT1sQGxd/hBOFbT8DGieF
pspE1mLQbkYbSVo1U2nKUByd7v8xZntGlyAghOPIBtH5mF/giAKMb07nawIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFCykxSaubsyq5OyXPcg63z7vJ/G7MB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvTEtURkpxNXV6S3JrN0pjOXlEcmZQdThuOGJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAwBAIAATAqAwQABecaAwQA
BedpAwQABefyAwQAU/NWAwQAWWpFAwQAWWpHAwQAXvnmMA8EAgACMAkDBwAqAi/A
ABEwDQYJKoZIhvcNAQELBQADggEBAL2dSshpe5SHGtqZyNm7xZ4LtROhXr5jTCh2
nI2Qoi/Tr6zK8soVJrW37p+qzIsygGFG9OvXHuzfl14fFLwvn7tXjYyl6Qgh6BD0
DZp8EwcmJwBpI5p1szX7gbX7juzfiB9FYC3KZXd0Nguu8FPTJ2soFdAD4diL+a6G
ZmcHZA9KuoGo54v0cj1iVeOJL2+S6+tNm3s1bjuqg1PRq2T180erCuwqtlzwdlxa
lX4+wg+6Z7GY/vllPUII+kpLMJXG070Tte6dpoI8k1FyS/N+fAvx1TyDl8gl4sG8
M7tDCzaeT8bhjDUmfPZ0uGnS9WzT0FY0XuvZmsWauk9P6QX+lMM=
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:30:52 2026 by rpki-client