Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/29cd58-8327-42be-b7f9-c9819a410a7a/1/lr150d2XGILiqF-TQMwRxqDTm5w.roa
File: lr150d2XGILiqF-TQMwRxqDTm5w.roa (raw, json)
Hash identifier: swf9GzpHqLFrOjJ0Syj99F4hF6OOAJag78U+mc9YBAE=
Subject key identifier: 96:BD:79:D1:DD:97:18:82:E2:A8:5F:93:40:CC:11:C6:A0:D3:9B:9C
Certificate issuer: /CN=348cf9779a92efe97543b22a347b81c2eaa5bbfa
Certificate serial: 019B7EA46C27B16641E25F56B199B99C8184
Authority key identifier: 34:8C:F9:77:9A:92:EF:E9:75:43:B2:2A:34:7B:81:C2:EA:A5:BB:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NIz5d5qS7-l1Q7IqNHuBwuqlu_o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/29cd58-8327-42be-b7f9-c9819a410a7a/1/lr150d2XGILiqF-TQMwRxqDTm5w.roa
Signing time: Fri 02 Jan 2026 12:17:43 +0000
ROA not before: Fri 02 Jan 2026 12:17:43 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 199752
IP address blocks: 45.113.236.0/24 maxlen: 24
185.36.132.0/22 maxlen: 22
185.187.108.0/22 maxlen: 22
185.239.171.0/24 maxlen: 24
2a00:ef20::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/29cd58-8327-42be-b7f9-c9819a410a7a/1/NIz5d5qS7-l1Q7IqNHuBwuqlu_o.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/29cd58-8327-42be-b7f9-c9819a410a7a/1/NIz5d5qS7-l1Q7IqNHuBwuqlu_o.mft
rsync://rpki.ripe.net/repository/DEFAULT/NIz5d5qS7-l1Q7IqNHuBwuqlu_o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:01:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7e:a4:6c:27:b1:66:41:e2:5f:56:b1:99:b9:9c:81:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=348cf9779a92efe97543b22a347b81c2eaa5bbfa
Validity
Not Before: Jan 2 12:17:43 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=96bd79d1dd971882e2a85f9340cc11c6a0d39b9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:04:5d:c6:a2:0d:4f:9a:2b:31:e3:fe:6c:9f:
14:10:bb:8c:74:0a:86:5d:54:d9:b9:9a:44:1a:ab:
d5:ef:c6:e5:e2:de:3e:9c:25:1a:26:5c:13:51:54:
a7:ae:5e:ff:1d:72:17:f9:15:d6:d2:e4:bc:71:1e:
dc:8e:ed:d6:e0:5d:f5:3c:46:91:46:ca:22:45:6e:
9c:3a:c1:d1:bf:99:36:29:5d:6e:2b:46:b9:37:c4:
0d:7e:18:0f:d3:73:b1:72:d2:54:2c:46:38:a1:a6:
05:f5:49:42:24:ea:fd:5a:30:1d:86:98:38:e3:0f:
e7:f1:37:8e:ea:5f:7b:dc:fa:58:01:70:1d:b6:cf:
b2:41:1b:df:3f:8e:e2:de:f9:1b:27:79:ae:6c:67:
47:1b:bc:6d:92:ec:60:b7:3d:ef:4f:7d:44:ee:79:
19:b3:76:d4:a0:07:13:12:76:8b:49:3d:98:2a:05:
ca:0e:aa:8b:06:41:b2:a1:b4:7d:f6:4d:c0:a7:b0:
1a:07:7b:83:11:d3:3b:82:61:d0:a0:22:58:e1:39:
65:c8:59:91:a8:ad:1c:30:19:31:02:6b:9c:e4:e6:
e7:e6:d8:e4:fd:95:d7:f3:81:1b:cf:26:ff:28:3c:
84:df:08:4d:f3:1a:f9:da:9b:8b:e4:10:78:40:5f:
68:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:BD:79:D1:DD:97:18:82:E2:A8:5F:93:40:CC:11:C6:A0:D3:9B:9C
X509v3 Authority Key Identifier:
keyid:34:8C:F9:77:9A:92:EF:E9:75:43:B2:2A:34:7B:81:C2:EA:A5:BB:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NIz5d5qS7-l1Q7IqNHuBwuqlu_o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/29cd58-8327-42be-b7f9-c9819a410a7a/1/lr150d2XGILiqF-TQMwRxqDTm5w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/29cd58-8327-42be-b7f9-c9819a410a7a/1/NIz5d5qS7-l1Q7IqNHuBwuqlu_o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.113.236.0/24
185.36.132.0/22
185.187.108.0/22
185.239.171.0/24
IPv6:
2a00:ef20::/29
Signature Algorithm: sha256WithRSAEncryption
4d:02:d5:4b:5d:0d:b9:43:33:f5:5d:db:5e:af:42:b0:2b:da:
60:b3:1b:3c:c6:4c:ae:cd:fe:a0:c5:94:3d:85:57:e1:e0:6f:
0b:c0:a2:d5:e5:2d:7a:c4:26:ce:02:fb:d7:db:bd:ec:39:af:
36:68:76:e3:8f:a2:cd:ef:70:b8:2f:84:93:59:7e:77:4b:31:
57:0e:3d:e4:25:b0:7f:3b:db:55:fc:a7:01:18:b8:91:d5:b4:
de:5d:60:f8:93:47:79:2a:81:df:53:b9:8c:65:84:37:2d:a9:
1b:96:2e:c2:c3:75:1f:ab:b3:b6:62:01:34:a5:98:1b:51:7b:
0c:0d:ed:aa:5a:81:1b:26:cc:76:5f:d8:43:8a:77:6a:aa:4d:
79:f3:8c:e7:e3:db:d0:44:f8:1f:10:82:2b:fd:89:af:79:df:
84:6b:d9:4f:cc:86:9b:5f:63:96:9d:3e:bb:9b:1d:2c:84:00:
f4:36:25:76:4b:be:fb:b3:19:63:98:62:4c:1f:b5:8c:03:e4:
51:a0:61:d8:4c:f2:d0:1f:33:5d:a4:58:59:96:38:00:56:0a:
c8:d7:0e:52:9e:50:01:8d:81:7d:98:e2:dd:97:df:a5:5e:11:
a6:ff:fb:4e:40:2d:a0:d4:0f:b4:88:4b:4f:ae:a5:74:db:02:
88:33:34:0a
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZt+pGwnsWZB4l9WsZm5nIGEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OGNmOTc3OWE5MmVmZTk3NTQzYjIyYTM0N2I4MWMyZWFh
NWJiZmEwHhcNMjYwMTAyMTIxNzQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmJkNzlkMWRkOTcxODgyZTJhODVmOTM0MGNjMTFjNmEwZDM5YjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAigRdxqINT5orMeP+bJ8UELuMdAqG
XVTZuZpEGqvV78bl4t4+nCUaJlwTUVSnrl7/HXIX+RXW0uS8cR7cju3W4F31PEaR
RsoiRW6cOsHRv5k2KV1uK0a5N8QNfhgP03OxctJULEY4oaYF9UlCJOr9WjAdhpg4
4w/n8TeO6l973PpYAXAdts+yQRvfP47i3vkbJ3mubGdHG7xtkuxgtz3vT31E7nkZ
s3bUoAcTEnaLST2YKgXKDqqLBkGyobR99k3Ap7AaB3uDEdM7gmHQoCJY4TllyFmR
qK0cMBkxAmuc5Obn5tjk/ZXX84Ebzyb/KDyE3whN8xr52puL5BB4QF9otwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFJa9edHdlxiC4qhfk0DMEcag05ucMB8GA1UdIwQY
MBaAFDSM+Xeaku/pdUOyKjR7gcLqpbv6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkl6NWQ1cVM3LWwxUTdJcU5IdUJ3dXFsdV9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8yOWNkNTgtODMyNy00MmJlLWI3Zjkt
Yzk4MTlhNDEwYTdhLzEvbHIxNTBkMlhHSUxpcUYtVFFNd1J4cURUbTV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8yOWNkNTgtODMyNy00MmJlLWI3ZjktYzk4MTlhNDEwYTdh
LzEvTkl6NWQ1cVM3LWwxUTdJcU5IdUJ3dXFsdV9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQALXHsAwQC
uSSEAwQCubtsAwQAue+rMA0EAgACMAcDBQMqAO8gMA0GCSqGSIb3DQEBCwUAA4IB
AQBNAtVLXQ25QzP1Xdter0KwK9pgsxs8xkyuzf6gxZQ9hVfh4G8LwKLV5S16xCbO
AvvX273sOa82aHbjj6LN73C4L4STWX53SzFXDj3kJbB/O9tV/KcBGLiR1bTeXWD4
k0d5KoHfU7mMZYQ3Lakbli7Cw3Ufq7O2YgE0pZgbUXsMDe2qWoEbJsx2X9hDindq
qk1584zn49vQRPgfEIIr/Ymved+Ea9lPzIabX2OWnT67mx0shAD0NiV2S777sxlj
mGJMH7WMA+RRoGHYTPLQHzNdpFhZljgAVgrI1w5SnlABjYF9mOLdl9+lXhGm//tO
QC2g1A+0iEtPrqV02wKIMzQK
-----END CERTIFICATE-----
Generated at Mon Mar 2 18:31:54 2026 by rpki-client