Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/645b74-d8fb-4488-bbfd-c028d91ebc9c/1/_lZzPK9uWMwoSBp8I6Oz0H5otFM.roa
File: _lZzPK9uWMwoSBp8I6Oz0H5otFM.roa (raw, json)
Hash identifier: HhqN6YMYlZ3P1sgosME+uE6us2GmXOviN/kysVznFCI=
Subject key identifier: FE:56:73:3C:AF:6E:58:CC:28:48:1A:7C:23:A3:B3:D0:7E:68:B4:53
Certificate issuer: /CN=2c887302d1e740f5f98481fb4b7a461696bfe5c1
Certificate serial: 019C0944EEAC2D2B8BB02EFC3E1CD6D3B9E8
Authority key identifier: 2C:88:73:02:D1:E7:40:F5:F9:84:81:FB:4B:7A:46:16:96:BF:E5:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LIhzAtHnQPX5hIH7S3pGFpa_5cE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/645b74-d8fb-4488-bbfd-c028d91ebc9c/1/_lZzPK9uWMwoSBp8I6Oz0H5otFM.roa
Signing time: Thu 29 Jan 2026 10:20:38 +0000
ROA not before: Thu 29 Jan 2026 10:20:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 41364
IP address blocks: 185.140.168.0/22 maxlen: 22
193.42.134.0/24 maxlen: 24
194.116.72.0/23 maxlen: 23
194.116.74.0/23 maxlen: 23
194.116.76.0/22 maxlen: 24
194.116.80.0/23 maxlen: 23
194.116.82.0/24 maxlen: 24
194.116.83.0/24 maxlen: 24
194.116.84.0/24 maxlen: 24
194.116.85.0/24 maxlen: 24
194.116.86.0/23 maxlen: 23
194.116.88.0/22 maxlen: 22
194.116.92.0/24 maxlen: 24
194.116.93.0/24 maxlen: 24
194.116.94.0/23 maxlen: 23
194.116.101.0/24 maxlen: 24
194.116.102.0/23 maxlen: 23
194.116.106.0/23 maxlen: 23
194.116.108.0/22 maxlen: 22
194.116.112.0/21 maxlen: 21
194.116.120.0/22 maxlen: 22
194.116.124.0/23 maxlen: 23
194.116.126.0/24 maxlen: 24
194.116.127.0/24 maxlen: 24
2a07:1ec0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/645b74-d8fb-4488-bbfd-c028d91ebc9c/1/LIhzAtHnQPX5hIH7S3pGFpa_5cE.crl
rsync://rpki.ripe.net/repository/DEFAULT/4a/645b74-d8fb-4488-bbfd-c028d91ebc9c/1/LIhzAtHnQPX5hIH7S3pGFpa_5cE.mft
rsync://rpki.ripe.net/repository/DEFAULT/LIhzAtHnQPX5hIH7S3pGFpa_5cE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:09:44:ee:ac:2d:2b:8b:b0:2e:fc:3e:1c:d6:d3:b9:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c887302d1e740f5f98481fb4b7a461696bfe5c1
Validity
Not Before: Jan 29 10:20:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=fe56733caf6e58cc28481a7c23a3b3d07e68b453
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:4b:26:69:2d:90:40:cd:2e:ad:1c:20:ec:e0:
79:bb:90:50:80:ad:bb:b8:e9:fe:bf:28:66:65:a9:
3a:24:d1:88:4a:f4:0e:54:e2:a5:26:16:8f:f2:b0:
cb:a8:2a:8b:48:9e:16:d8:f2:f8:ca:09:0c:bf:b4:
8a:e8:a0:cb:3b:a3:2b:35:7e:94:f2:58:f4:d7:28:
da:3a:3a:44:d5:93:67:fc:45:e3:9c:d0:a3:98:51:
dc:30:6a:72:b9:18:b4:3e:27:b7:4b:d7:dd:eb:e9:
2d:b6:ba:b3:88:61:03:ec:53:d4:89:07:ff:4c:1e:
5e:f6:9f:e2:ca:ab:10:59:d3:24:14:eb:5d:de:4d:
2f:9d:51:a8:8d:19:c0:d3:89:37:9a:fd:e2:91:ee:
f5:b5:6a:ce:cf:6e:15:4e:eb:ca:a9:2f:90:88:89:
40:5a:94:75:e6:64:6c:c2:24:47:9a:ea:7a:e1:1b:
8c:b1:d2:48:1f:95:8c:8c:0b:6f:8c:34:6a:e4:24:
ca:1b:22:63:ed:47:62:74:fc:9c:e5:ca:5a:da:25:
79:d1:ee:18:a3:15:ed:fd:cb:e4:a9:91:db:e5:0b:
f5:4f:59:78:40:bf:c4:18:5f:92:c8:06:4d:19:c0:
22:f5:1f:13:31:f1:63:f2:c8:a0:1f:1c:31:59:1c:
bd:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:56:73:3C:AF:6E:58:CC:28:48:1A:7C:23:A3:B3:D0:7E:68:B4:53
X509v3 Authority Key Identifier:
keyid:2C:88:73:02:D1:E7:40:F5:F9:84:81:FB:4B:7A:46:16:96:BF:E5:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LIhzAtHnQPX5hIH7S3pGFpa_5cE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/645b74-d8fb-4488-bbfd-c028d91ebc9c/1/_lZzPK9uWMwoSBp8I6Oz0H5otFM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/645b74-d8fb-4488-bbfd-c028d91ebc9c/1/LIhzAtHnQPX5hIH7S3pGFpa_5cE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.140.168.0/22
193.42.134.0/24
194.116.72.0-194.116.95.255
194.116.101.0-194.116.103.255
194.116.106.0-194.116.127.255
IPv6:
2a07:1ec0::/29
Signature Algorithm: sha256WithRSAEncryption
22:0a:52:6b:f5:6d:e3:12:b3:1f:c2:48:39:3a:ad:30:4b:d0:
50:e2:ca:3a:e0:f0:0e:27:e3:85:a4:95:99:f5:c8:cc:b9:07:
0d:bf:6c:eb:ed:f7:c8:a4:d3:4a:a3:53:5e:35:1b:cb:2f:dd:
33:a2:52:0c:bd:f7:7b:40:0a:68:97:73:6b:fd:02:2d:cd:b8:
70:bc:fc:2a:99:f0:b3:f7:e5:27:a1:c0:10:73:63:3d:bc:e7:
f4:24:44:40:2e:70:4a:fd:81:2f:c8:56:83:84:ec:1d:42:b2:
24:19:52:9a:a8:2c:e5:7d:c6:3c:2d:58:5b:84:55:3a:8f:7d:
ba:65:0d:46:f2:7e:43:8b:d2:61:0c:cf:28:db:40:7e:c9:bb:
7a:c2:ed:7a:75:e5:6d:98:9f:aa:a6:8e:0f:72:e3:8b:67:c0:
56:a8:94:5d:59:bf:c5:d3:a3:c2:b0:43:84:59:50:51:c4:22:
f9:6e:e6:39:98:f3:75:75:22:1e:c5:4d:3f:90:90:14:ba:0c:
89:81:e8:18:b6:9c:f2:96:94:a9:d7:ba:60:a7:7b:56:d0:c6:
1c:d0:f0:a2:71:8b:8e:a7:2c:24:63:2b:1d:e3:08:f2:b4:9a:
10:37:b0:77:db:1f:8a:1a:b0:69:02:6d:cb:bc:4c:6f:a3:13:
94:38:40:97
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAZwJRO6sLSuLsC78PhzW07noMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjODg3MzAyZDFlNzQwZjVmOTg0ODFmYjRiN2E0NjE2OTZi
ZmU1YzEwHhcNMjYwMTI5MTAyMDM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTU2NzMzY2FmNmU1OGNjMjg0ODFhN2MyM2EzYjNkMDdlNjhiNDUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmksmaS2QQM0urRwg7OB5u5BQgK27
uOn+vyhmZak6JNGISvQOVOKlJhaP8rDLqCqLSJ4W2PL4ygkMv7SK6KDLO6MrNX6U
8lj01yjaOjpE1ZNn/EXjnNCjmFHcMGpyuRi0Pie3S9fd6+kttrqziGED7FPUiQf/
TB5e9p/iyqsQWdMkFOtd3k0vnVGojRnA04k3mv3ike71tWrOz24VTuvKqS+QiIlA
WpR15mRswiRHmup64RuMsdJIH5WMjAtvjDRq5CTKGyJj7UdidPyc5cpa2iV50e4Y
oxXt/cvkqZHb5Qv1T1l4QL/EGF+SyAZNGcAi9R8TMfFj8sigHxwxWRy9CwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFP5WczyvbljMKEgafCOjs9B+aLRTMB8GA1UdIwQY
MBaAFCyIcwLR50D1+YSB+0t6RhaWv+XBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEloekF0SG5RUFg1aElIN1MzcEdGcGFfNWNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS82NDViNzQtZDhmYi00NDg4LWJiZmQt
YzAyOGQ5MWViYzljLzEvX2xaelBLOXVXTXdvU0JwOEk2T3owSDVvdEZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS82NDViNzQtZDhmYi00NDg4LWJiZmQtYzAyOGQ5MWViYzlj
LzEvTEloekF0SG5RUFg1aElIN1MzcEdGcGFfNWNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQCuYyoAwQA
wSqGMAwDBAPCdEgDBAXCdEAwDAMEAMJ0ZQMEA8J0YDAMAwQBwnRqAwQHwnQAMA0E
AgACMAcDBQMqBx7AMA0GCSqGSIb3DQEBCwUAA4IBAQAiClJr9W3jErMfwkg5Oq0w
S9BQ4so64PAOJ+OFpJWZ9cjMuQcNv2zr7ffIpNNKo1NeNRvLL90zolIMvfd7QApo
l3Nr/QItzbhwvPwqmfCz9+UnocAQc2M9vOf0JERALnBK/YEvyFaDhOwdQrIkGVKa
qCzlfcY8LVhbhFU6j326ZQ1G8n5Di9JhDM8o20B+ybt6wu16deVtmJ+qpo4PcuOL
Z8BWqJRdWb/F06PCsEOEWVBRxCL5buY5mPN1dSIexU0/kJAUugyJgegYtpzylpSp
17pgp3tW0MYc0PCicYuOpywkYysd4wjytJoQN7B32x+KGrBpAm3LvExvoxOUOECX
-----END CERTIFICATE-----
Generated at Mon Mar 2 11:12:46 2026 by rpki-client