Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/LXBrSrTbWxCLQwSlu1CSMgpzQzY.roa
File: LXBrSrTbWxCLQwSlu1CSMgpzQzY.roa (raw, json)
Hash identifier: ut2Yo4CXKzY3og1v6O0mewlbFfET3qAR4TUH8Yt/rpk=
Subject key identifier: 2D:70:6B:4A:B4:DB:5B:10:8B:43:04:A5:BB:50:92:32:0A:73:43:36
Certificate issuer: /CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Certificate serial: 019C0F1DB46905345FF684C5423C77350C16
Authority key identifier: 18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/LXBrSrTbWxCLQwSlu1CSMgpzQzY.roa
Signing time: Fri 30 Jan 2026 13:35:30 +0000
ROA not before: Fri 30 Jan 2026 13:35:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 197537
IP address blocks: 2a06:cac0::/29 maxlen: 48
2a11:9600::/29 maxlen: 48
2a12:ec0::/29 maxlen: 48
2a12:1900::/29 maxlen: 48
2a12:28c0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.mft
rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 07:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:0f:1d:b4:69:05:34:5f:f6:84:c5:42:3c:77:35:0c:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Validity
Not Before: Jan 30 13:35:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2d706b4ab4db5b108b4304a5bb5092320a734336
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:17:a6:67:da:14:0f:a2:9c:02:c4:da:13:85:
5f:40:72:5d:2e:f4:24:c8:6b:b0:f0:4f:a0:63:e9:
be:d7:2b:83:e3:2e:1a:14:f8:d7:35:e9:32:3a:87:
67:db:5a:19:9d:93:99:8c:bb:4a:1a:00:8b:78:10:
e1:5c:7e:6f:7a:78:c7:ec:37:2a:5c:af:d8:1a:db:
c9:07:99:92:93:af:41:2a:10:61:e6:b2:96:dc:0d:
84:be:5a:cb:54:58:07:19:af:61:08:f6:09:40:7e:
0c:f0:68:e1:23:82:c8:9c:50:12:2a:d2:58:41:4f:
af:22:95:6c:8e:1c:13:84:a0:1b:2a:de:03:da:a1:
8b:32:08:3b:35:16:d7:35:59:a8:88:bd:4b:39:f5:
e4:8d:d8:01:55:99:73:16:f3:c5:80:b3:e6:9d:a4:
e3:e3:10:db:6a:23:1f:ff:6d:f8:be:54:8c:8b:a6:
dc:17:c6:2c:d6:1d:5d:47:dc:31:0b:b2:b9:f7:cd:
77:b8:2d:ba:f0:f0:01:6d:da:3f:ce:12:34:96:11:
d9:04:56:e1:c4:d7:1a:9e:b3:ff:a6:c8:42:8d:65:
3c:07:c5:67:1f:c1:5a:35:10:51:ea:ad:09:af:6e:
d3:35:82:25:bf:47:41:19:4a:b8:ac:99:99:78:3a:
f6:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:70:6B:4A:B4:DB:5B:10:8B:43:04:A5:BB:50:92:32:0A:73:43:36
X509v3 Authority Key Identifier:
keyid:18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/LXBrSrTbWxCLQwSlu1CSMgpzQzY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:cac0::/29
2a11:9600::/29
2a12:ec0::/29
2a12:1900::/29
2a12:28c0::/29
Signature Algorithm: sha256WithRSAEncryption
94:14:c3:0f:09:32:13:98:6a:d3:60:7a:7f:7c:b2:f2:11:e5:
cd:b3:27:f6:fb:f2:14:e4:d4:25:13:75:a7:e4:60:9a:d7:f3:
92:e7:0d:7f:d1:83:63:fd:30:8e:b4:f5:47:1a:d9:1c:6c:8c:
b8:fe:82:d4:9f:8b:25:70:34:ec:4b:53:cc:22:e0:76:e9:fe:
d5:0e:ef:61:63:f0:3b:09:2e:8f:32:48:c7:b5:2d:14:0a:5c:
d4:e1:ef:02:58:49:8b:3b:f4:ce:ec:f7:20:e2:b5:4e:19:d4:
66:67:ef:94:4b:c1:99:cd:a2:5a:1f:e0:69:4e:12:a6:b4:57:
ed:c2:80:de:50:81:28:2a:4b:9d:39:93:20:68:6d:ef:3e:32:
94:38:d0:15:87:d0:96:c3:fd:42:12:ce:69:cc:f8:56:2b:ba:
28:75:70:3f:38:9d:0c:27:9a:70:1e:9f:26:94:78:19:27:86:
c3:d9:f2:71:9f:2f:15:58:12:57:1f:e9:5a:ff:79:a9:41:03:
a3:99:5c:9d:e3:5a:58:0e:7b:8a:b7:0e:52:4e:3f:ac:2b:44:
3e:b9:44:5c:86:3c:72:c0:46:bd:9d:1e:bd:bd:c6:f1:f0:f2:
3a:e4:d7:d4:43:c5:48:81:d3:e7:60:d8:9e:54:00:fb:ee:43:
b0:e9:a4:4f
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZwPHbRpBTRf9oTFQjx3NQwWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OWQ2YjU1ZDZhNjg4ZWU1ZTMzODE4ODNiYjVhZjY4NDMz
Mjc2ZTMwHhcNMjYwMTMwMTMzNTMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDcwNmI0YWI0ZGI1YjEwOGI0MzA0YTViYjUwOTIzMjBhNzM0MzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwhemZ9oUD6KcAsTaE4VfQHJdLvQk
yGuw8E+gY+m+1yuD4y4aFPjXNekyOodn21oZnZOZjLtKGgCLeBDhXH5venjH7Dcq
XK/YGtvJB5mSk69BKhBh5rKW3A2EvlrLVFgHGa9hCPYJQH4M8GjhI4LInFASKtJY
QU+vIpVsjhwThKAbKt4D2qGLMgg7NRbXNVmoiL1LOfXkjdgBVZlzFvPFgLPmnaTj
4xDbaiMf/234vlSMi6bcF8Ys1h1dR9wxC7K59813uC268PABbdo/zhI0lhHZBFbh
xNcanrP/pshCjWU8B8VnH8FaNRBR6q0Jr27TNYIlv0dBGUq4rJmZeDr2EwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFC1wa0q021sQi0MEpbtQkjIKc0M2MB8GA1UdIwQY
MBaAFBida1XWpojuXjOBiDu1r2hDMnbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUt
YTJhNGM2YTYyMWNkLzEvTFhCclNyVGJXeENMUXdTbHUxQ1NNZ3B6UXpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUtYTJhNGM2YTYyMWNk
LzEvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUDKgbKwAMF
AyoRlgADBQMqEg7AAwUDKhIZAAMFAyoSKMAwDQYJKoZIhvcNAQELBQADggEBAJQU
ww8JMhOYatNgen98svIR5c2zJ/b78hTk1CUTdafkYJrX85LnDX/Rg2P9MI609Uca
2RxsjLj+gtSfiyVwNOxLU8wi4Hbp/tUO72Fj8DsJLo8ySMe1LRQKXNTh7wJYSYs7
9M7s9yDitU4Z1GZn75RLwZnNolof4GlOEqa0V+3CgN5QgSgqS505kyBobe8+MpQ4
0BWH0JbD/UISzmnM+FYruih1cD84nQwnmnAenyaUeBknhsPZ8nGfLxVYElcf6Vr/
ealBA6OZXJ3jWlgOe4q3DlJOP6wrRD65RFyGPHLARr2dHr29xvHw8jrk19RDxUiB
0+dg2J5UAPvuQ7DppE8=
-----END CERTIFICATE-----
Generated at Mon Mar 2 13:12:28 2026 by rpki-client