Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/LDcWxvFGtXjARcqme-0fq-1eZM0.roa
File: LDcWxvFGtXjARcqme-0fq-1eZM0.roa (raw, json)
Hash identifier: J3V2wk8PD44RPgE403F7EUBvQR+rW/9VY3taz8s9g4g=
Subject key identifier: 2C:37:16:C6:F1:46:B5:78:C0:45:CA:A6:7B:ED:1F:AB:ED:5E:64:CD
Certificate issuer: /CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Certificate serial: 019C9EF7D12FD3EFC86DE19A0C32C2F732C4
Authority key identifier: E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/LDcWxvFGtXjARcqme-0fq-1eZM0.roa
Signing time: Fri 27 Feb 2026 11:59:26 +0000
ROA not before: Fri 27 Feb 2026 11:59:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 5.172.36.0/24 maxlen: 24
109.111.255.0/24 maxlen: 24
178.254.181.0/24 maxlen: 24
185.157.46.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.mft
rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:9e:f7:d1:2f:d3:ef:c8:6d:e1:9a:0c:32:c2:f7:32:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Validity
Not Before: Feb 27 11:59:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2c3716c6f146b578c045caa67bed1fabed5e64cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:41:fe:15:4f:c7:34:06:a7:62:b6:ec:06:28:
ed:34:dc:06:44:1c:25:7e:75:f0:43:76:c0:7e:3d:
3f:30:49:86:6b:cb:b5:b8:0b:fb:61:2d:3d:f1:1c:
83:ed:6e:7a:71:70:32:2f:a9:66:b1:0a:3d:3e:39:
70:e4:3c:06:a4:0a:0b:39:7b:d6:4c:44:2a:e2:4e:
08:e4:c4:12:6d:b6:b8:20:d2:64:2e:78:74:0b:ab:
24:a4:3b:fb:0e:4a:77:a7:4f:5e:d8:ae:6f:c1:18:
9e:52:bf:68:51:b4:3a:47:e0:28:a8:2b:2e:6f:54:
14:eb:3a:6c:50:4a:86:21:05:82:66:dc:8b:77:2a:
48:54:6c:9b:26:68:68:7a:a5:8d:3a:70:7c:58:6f:
75:22:72:68:8e:c0:e6:a1:f9:a0:0c:5c:d7:31:56:
ab:bf:a9:ee:18:51:70:3c:16:4a:87:1d:2c:12:bd:
09:3e:ce:21:76:5f:da:45:2f:d3:1f:ad:da:37:47:
cc:e8:43:62:ef:06:fa:69:df:6b:aa:45:f5:ec:e7:
49:40:13:58:3c:a6:af:a7:a1:21:c3:72:9c:0b:34:
bc:e3:a2:62:03:d4:b6:a6:f8:94:d8:45:de:e5:e2:
77:c4:82:74:ff:35:ce:83:c3:2a:a0:1b:e9:0b:d6:
e3:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:37:16:C6:F1:46:B5:78:C0:45:CA:A6:7B:ED:1F:AB:ED:5E:64:CD
X509v3 Authority Key Identifier:
keyid:E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/LDcWxvFGtXjARcqme-0fq-1eZM0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.36.0/24
109.111.255.0/24
178.254.181.0/24
185.157.46.0/24
Signature Algorithm: sha256WithRSAEncryption
79:e4:bd:ac:30:b3:2f:56:df:4d:3e:ca:c6:7d:f2:4b:3d:ea:
a2:c2:26:d3:83:8a:07:e1:e8:d8:84:34:17:69:f0:69:95:ec:
bb:71:c8:9f:18:4f:a9:b9:cf:24:7c:ed:70:47:a2:18:84:c1:
47:77:10:fd:c1:73:ff:b6:7d:40:09:75:72:98:99:74:d7:81:
07:a1:ab:8b:3f:78:dd:e9:4c:57:c7:70:ef:1f:16:b1:e5:04:
38:b7:3d:d2:43:ac:7a:05:3f:17:29:97:1b:12:0e:a3:fc:2b:
8c:44:c5:78:21:7f:e7:ba:fa:91:43:9a:db:3e:90:9f:bf:e5:
46:72:1b:36:e4:db:d1:91:24:b5:c7:de:0c:22:23:eb:9d:ea:
00:74:ad:18:f4:b0:33:a1:1d:bf:e9:83:dc:ec:c2:fe:98:d9:
06:f9:0e:d6:75:0b:fe:b9:69:49:8c:7e:da:21:32:b5:14:a5:
ce:bb:81:f0:40:bc:bb:f2:f8:81:2e:29:7d:9c:1e:68:c5:08:
94:86:11:a4:20:0d:41:bb:e4:38:14:0a:a3:10:b0:85:65:a8:
d9:47:c7:5d:4a:e2:9e:69:ba:0e:11:ec:f1:ee:6c:a7:ac:56:
af:27:33:3b:63:95:08:3f:03:ff:47:19:56:04:2c:6d:08:43:
76:7b:10:ab
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZye99Ev0+/IbeGaDDLC9zLEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5NzEzZWYyNTI3N2UxM2RkNzNmNDQxOTZmZGE1Y2VjMGZk
OWNlMTYwHhcNMjYwMjI3MTE1OTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzM3MTZjNmYxNDZiNTc4YzA0NWNhYTY3YmVkMWZhYmVkNWU2NGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoEH+FU/HNAanYrbsBijtNNwGRBwl
fnXwQ3bAfj0/MEmGa8u1uAv7YS098RyD7W56cXAyL6lmsQo9Pjlw5DwGpAoLOXvW
TEQq4k4I5MQSbba4INJkLnh0C6skpDv7Dkp3p09e2K5vwRieUr9oUbQ6R+AoqCsu
b1QU6zpsUEqGIQWCZtyLdypIVGybJmhoeqWNOnB8WG91InJojsDmofmgDFzXMVar
v6nuGFFwPBZKhx0sEr0JPs4hdl/aRS/TH63aN0fM6ENi7wb6ad9rqkX17OdJQBNY
PKavp6Ehw3KcCzS846JiA9S2pviU2EXe5eJ3xIJ0/zXOg8MqoBvpC9bjwwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCw3FsbxRrV4wEXKpnvtH6vtXmTNMB8GA1UdIwQY
MBaAFOlxPvJSd+E91z9EGW/aXOwP2c4WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEt
MGY2NmMxODg3OTE2LzEvTERjV3h2Rkd0WGpBUmNxbWUtMGZxLTFlWk0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEtMGY2NmMxODg3OTE2
LzEvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABawkAwQA
bW//AwQAsv61AwQAuZ0uMA0GCSqGSIb3DQEBCwUAA4IBAQB55L2sMLMvVt9NPsrG
ffJLPeqiwibTg4oH4ejYhDQXafBpley7ccifGE+puc8kfO1wR6IYhMFHdxD9wXP/
tn1ACXVymJl014EHoauLP3jd6UxXx3DvHxax5QQ4tz3SQ6x6BT8XKZcbEg6j/CuM
RMV4IX/nuvqRQ5rbPpCfv+VGchs25NvRkSS1x94MIiPrneoAdK0Y9LAzoR2/6YPc
7ML+mNkG+Q7WdQv+uWlJjH7aITK1FKXOu4HwQLy78viBLil9nB5oxQiUhhGkIA1B
u+Q4FAqjELCFZajZR8ddSuKeaboOEezx7mynrFavJzM7Y5UIPwP/RxlWBCxtCEN2
exCr
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:30:58 2026 by rpki-client