Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/7588d0-33bd-49c9-885d-4c38bff1af18/1/LwoLT1S5IZ3GJENrbIOLiJKkrxM.roa
File: LwoLT1S5IZ3GJENrbIOLiJKkrxM.roa (raw, json)
Hash identifier: ANC1phdFKuJYTnQOKa5Ojw1nbMCT2ZAJrnTkKz9AGrk=
Subject key identifier: 2F:0A:0B:4F:54:B9:21:9D:C6:24:43:6B:6C:83:8B:88:92:A4:AF:13
Certificate issuer: /CN=7a3508be2a868d6ce54db9b3a864d4be985cae4d
Certificate serial: 019B7CEE6B14B99F439553B41F33D1F9B92A
Authority key identifier: 7A:35:08:BE:2A:86:8D:6C:E5:4D:B9:B3:A8:64:D4:BE:98:5C:AE:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ejUIviqGjWzlTbmzqGTUvphcrk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/7588d0-33bd-49c9-885d-4c38bff1af18/1/LwoLT1S5IZ3GJENrbIOLiJKkrxM.roa
Signing time: Fri 02 Jan 2026 04:19:18 +0000
ROA not before: Fri 02 Jan 2026 04:19:18 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 57671
IP address blocks: 192.146.140.0/23 maxlen: 23
192.146.140.0/24 maxlen: 24
192.146.141.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/7588d0-33bd-49c9-885d-4c38bff1af18/1/ejUIviqGjWzlTbmzqGTUvphcrk0.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/7588d0-33bd-49c9-885d-4c38bff1af18/1/ejUIviqGjWzlTbmzqGTUvphcrk0.mft
rsync://rpki.ripe.net/repository/DEFAULT/ejUIviqGjWzlTbmzqGTUvphcrk0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 19:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7c:ee:6b:14:b9:9f:43:95:53:b4:1f:33:d1:f9:b9:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a3508be2a868d6ce54db9b3a864d4be985cae4d
Validity
Not Before: Jan 2 04:19:18 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2f0a0b4f54b9219dc624436b6c838b8892a4af13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:39:ae:7d:a5:40:e1:da:9b:5d:7f:7a:de:a1:
55:3d:7c:d7:19:94:0f:47:16:f6:49:4e:2f:08:2c:
4e:9a:30:6e:44:19:96:e6:7d:bd:ad:27:b0:d9:d1:
dc:09:7a:2f:53:c4:b9:df:9f:81:76:5b:ce:ff:d1:
54:f0:2d:12:db:63:db:33:29:f7:9a:69:36:a3:9f:
ae:68:e6:df:9e:c4:04:3d:c6:50:01:10:ea:c2:60:
05:13:b0:f6:9e:8c:e8:ed:50:73:cd:08:c5:6f:c7:
cd:ba:c6:36:f2:a8:be:78:b3:10:9c:85:70:db:12:
8d:05:18:91:78:0f:e2:c7:69:70:d6:11:98:47:b4:
f1:87:5d:87:18:8d:fa:1e:86:cb:37:65:3e:cc:e7:
d2:cb:b6:47:99:b4:3e:68:8a:28:3e:a9:b6:db:8f:
b6:18:65:0d:ca:22:8c:f0:ff:6b:7a:9e:f9:45:7e:
5e:dd:c7:3f:0c:d1:b1:05:60:cb:8c:ef:aa:fb:1b:
2b:7c:44:89:0d:38:66:fd:b8:37:8b:ae:c3:e9:a9:
1a:19:28:4e:1d:5a:44:56:4a:24:aa:5e:6f:e0:01:
8d:88:d2:6b:4d:d9:fc:08:5b:f0:67:2a:83:c0:3f:
d7:23:b3:53:06:42:f4:c2:97:0b:29:ba:0f:1a:85:
1a:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:0A:0B:4F:54:B9:21:9D:C6:24:43:6B:6C:83:8B:88:92:A4:AF:13
X509v3 Authority Key Identifier:
keyid:7A:35:08:BE:2A:86:8D:6C:E5:4D:B9:B3:A8:64:D4:BE:98:5C:AE:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ejUIviqGjWzlTbmzqGTUvphcrk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/7588d0-33bd-49c9-885d-4c38bff1af18/1/LwoLT1S5IZ3GJENrbIOLiJKkrxM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/7588d0-33bd-49c9-885d-4c38bff1af18/1/ejUIviqGjWzlTbmzqGTUvphcrk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.146.140.0/23
Signature Algorithm: sha256WithRSAEncryption
84:3c:3c:3f:09:75:4d:76:e6:4f:6c:17:33:a5:1d:70:d5:29:
77:85:27:12:2d:98:f7:0e:87:02:53:70:30:37:b0:b6:6a:bd:
6b:df:f6:85:0c:a4:9c:b4:5e:93:71:73:e1:fa:a9:37:4b:c9:
13:52:c2:e5:49:9d:3e:ee:ec:8c:d6:a8:e4:42:29:47:24:c1:
1e:c0:db:39:33:38:a7:64:c5:54:b5:50:b8:e8:3f:a2:30:ea:
4f:60:82:2c:6f:e8:c8:79:60:75:36:ec:fe:39:2f:56:71:39:
49:dc:c3:0d:c3:ef:df:d2:ae:fa:41:2b:74:27:a3:57:48:5f:
14:1a:18:d6:a8:8d:26:36:84:a4:1e:17:08:01:99:8d:5d:b6:
ce:7b:d2:01:51:fa:57:e5:58:06:9c:6c:84:51:1f:aa:79:03:
c6:df:83:59:bf:1f:99:02:03:d4:03:c4:27:c1:82:f8:41:63:
98:08:90:3a:70:27:df:c2:26:b1:1d:72:04:58:e3:65:d0:0d:
41:76:5a:d5:c7:ce:29:2d:6c:85:8e:4c:89:e3:d1:e8:35:d1:
66:a6:0b:34:08:da:6a:79:b5:37:05:44:93:02:70:4b:13:c4:
6c:5a:44:3d:e7:ef:b9:a4:a8:e6:3c:f3:b5:ae:2d:f3:37:9a:
72:17:39:cb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt87msUuZ9DlVO0HzPR+bkqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhMzUwOGJlMmE4NjhkNmNlNTRkYjliM2E4NjRkNGJlOTg1
Y2FlNGQwHhcNMjYwMTAyMDQxOTE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjBhMGI0ZjU0YjkyMTlkYzYyNDQzNmI2YzgzOGI4ODkyYTRhZjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtDmufaVA4dqbXX963qFVPXzXGZQP
Rxb2SU4vCCxOmjBuRBmW5n29rSew2dHcCXovU8S535+BdlvO/9FU8C0S22PbMyn3
mmk2o5+uaObfnsQEPcZQARDqwmAFE7D2nozo7VBzzQjFb8fNusY28qi+eLMQnIVw
2xKNBRiReA/ix2lw1hGYR7Txh12HGI36HobLN2U+zOfSy7ZHmbQ+aIooPqm224+2
GGUNyiKM8P9rep75RX5e3cc/DNGxBWDLjO+q+xsrfESJDThm/bg3i67D6akaGShO
HVpEVkokql5v4AGNiNJrTdn8CFvwZyqDwD/XI7NTBkL0wpcLKboPGoUa/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC8KC09UuSGdxiRDa2yDi4iSpK8TMB8GA1UdIwQY
MBaAFHo1CL4qho1s5U25s6hk1L6YXK5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWpVSXZpcUdqV3psVGJtenFHVFV2cGhjcmswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS83NTg4ZDAtMzNiZC00OWM5LTg4NWQt
NGMzOGJmZjFhZjE4LzEvTHdvTFQxUzVJWjNHSkVOcmJJT0xpSktrcnhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS83NTg4ZDAtMzNiZC00OWM5LTg4NWQtNGMzOGJmZjFhZjE4
LzEvZWpVSXZpcUdqV3psVGJtenFHVFV2cGhjcmswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwJKMMA0G
CSqGSIb3DQEBCwUAA4IBAQCEPDw/CXVNduZPbBczpR1w1Sl3hScSLZj3DocCU3Aw
N7C2ar1r3/aFDKSctF6TcXPh+qk3S8kTUsLlSZ0+7uyM1qjkQilHJMEewNs5Mzin
ZMVUtVC46D+iMOpPYIIsb+jIeWB1Nuz+OS9WcTlJ3MMNw+/f0q76QSt0J6NXSF8U
GhjWqI0mNoSkHhcIAZmNXbbOe9IBUfpX5VgGnGyEUR+qeQPG34NZvx+ZAgPUA8Qn
wYL4QWOYCJA6cCffwiaxHXIEWONl0A1BdlrVx84pLWyFjkyJ49HoNdFmpgs0CNpq
ebU3BUSTAnBLE8RsWkQ95++5pKjmPPO1ri3zN5pyFznL
-----END CERTIFICATE-----
Generated at Tue Mar 3 04:00:50 2026 by rpki-client