Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/8c51cb-a3bd-476d-880f-a96c6266abdb/1/lpjt7vKcCEN9w7fQPc-YdFQH9RM.roa
File: lpjt7vKcCEN9w7fQPc-YdFQH9RM.roa (raw, json)
Hash identifier: KTPRnzggVfihEMo1GTcOaDyN+Ir6GsTtSYNrpACVZGk=
Subject key identifier: 96:98:ED:EE:F2:9C:08:43:7D:C3:B7:D0:3D:CF:98:74:54:07:F5:13
Certificate issuer: /CN=57182aab5ad9efa380a6c6f06c016e158be977bc
Certificate serial: 019C8A39C2C2559C7AF1E9C61F5DA4E55865
Authority key identifier: 57:18:2A:AB:5A:D9:EF:A3:80:A6:C6:F0:6C:01:6E:15:8B:E9:77:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Vxgqq1rZ76OApsbwbAFuFYvpd7w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/8c51cb-a3bd-476d-880f-a96c6266abdb/1/lpjt7vKcCEN9w7fQPc-YdFQH9RM.roa
Signing time: Mon 23 Feb 2026 11:19:27 +0000
ROA not before: Mon 23 Feb 2026 11:19:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 35704
IP address blocks: 2a02:11ff:400::/46 maxlen: 46
2a02:11ff:404::/46 maxlen: 46
2a02:11ff:408::/46 maxlen: 46
2a02:11ff:40c::/46 maxlen: 46
2a02:11ff:410::/46 maxlen: 46
2a02:11ff:414::/46 maxlen: 46
2a02:11ff:418::/46 maxlen: 46
2a02:11ff:41c::/46 maxlen: 46
2a02:11ff:420::/46 maxlen: 46
2a02:11ff:424::/46 maxlen: 46
2a02:11ff:428::/46 maxlen: 46
2a02:11ff:42c::/46 maxlen: 46
2a02:11ff:430::/46 maxlen: 46
2a02:11ff:434::/46 maxlen: 46
2a02:11ff:438::/46 maxlen: 46
2a02:11ff:43c::/46 maxlen: 46
2a02:11ff:440::/46 maxlen: 46
2a02:11ff:444::/46 maxlen: 46
2a02:11ff:448::/46 maxlen: 46
2a02:11ff:44c::/46 maxlen: 46
2a02:11ff:450::/46 maxlen: 46
2a02:11ff:454::/46 maxlen: 46
2a02:11ff:458::/46 maxlen: 46
2a02:11ff:45c::/46 maxlen: 46
2a02:11ff:460::/46 maxlen: 46
2a02:11ff:464::/46 maxlen: 46
2a02:11ff:468::/46 maxlen: 46
2a02:11ff:46c::/46 maxlen: 46
2a02:11ff:470::/46 maxlen: 46
2a02:11ff:474::/46 maxlen: 46
2a02:11ff:478::/46 maxlen: 46
2a02:11ff:47c::/46 maxlen: 46
2a02:11ff:480::/46 maxlen: 46
2a02:11ff:484::/46 maxlen: 46
2a02:11ff:488::/46 maxlen: 46
2a02:11ff:48c::/46 maxlen: 46
2a02:11ff:490::/46 maxlen: 46
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/56/8c51cb-a3bd-476d-880f-a96c6266abdb/1/Vxgqq1rZ76OApsbwbAFuFYvpd7w.crl
rsync://rpki.ripe.net/repository/DEFAULT/56/8c51cb-a3bd-476d-880f-a96c6266abdb/1/Vxgqq1rZ76OApsbwbAFuFYvpd7w.mft
rsync://rpki.ripe.net/repository/DEFAULT/Vxgqq1rZ76OApsbwbAFuFYvpd7w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:8a:39:c2:c2:55:9c:7a:f1:e9:c6:1f:5d:a4:e5:58:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57182aab5ad9efa380a6c6f06c016e158be977bc
Validity
Not Before: Feb 23 11:19:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9698edeef29c08437dc3b7d03dcf98745407f513
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:d6:dd:62:bc:da:d7:bc:16:1e:c0:98:1b:42:
38:09:b3:7c:0b:24:be:48:fb:76:84:56:05:04:d0:
f9:74:db:a2:18:79:76:c7:a1:f4:d7:2a:76:c9:ac:
6a:d8:c6:81:2f:6c:e3:c9:6a:d3:6f:54:77:f9:de:
4b:1f:c5:f9:b5:b1:cd:47:b8:01:b4:6e:99:5e:dc:
c9:ab:01:f1:e3:8c:ed:4f:48:f0:53:83:59:61:3b:
cd:5b:50:9a:d9:8b:f0:20:c6:a5:dd:d1:ab:08:04:
10:42:e8:ca:77:73:56:ca:fe:ff:3f:24:4b:66:1b:
f4:db:e4:f7:ff:1f:79:b1:e8:aa:40:5d:96:82:af:
03:f4:6a:80:36:5c:fc:dc:7b:ae:cf:36:cb:67:be:
2f:5e:90:c3:bd:c1:8d:fe:c7:4a:3c:53:4b:bf:91:
b3:8f:2b:01:49:d6:bf:6d:81:0f:89:34:f4:ab:c3:
85:58:fa:d6:af:43:e7:72:b1:e3:7b:b1:c0:6a:64:
99:af:da:05:42:72:26:f6:c7:90:42:ea:0b:cf:56:
b7:d4:ed:ab:3c:8e:7b:5d:58:80:49:d9:3f:a1:8b:
86:b3:9c:31:03:e2:25:8b:f5:4b:1d:7d:51:9b:ac:
d0:29:17:7b:fa:73:df:35:f9:22:5a:0a:3a:ed:7d:
7d:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:98:ED:EE:F2:9C:08:43:7D:C3:B7:D0:3D:CF:98:74:54:07:F5:13
X509v3 Authority Key Identifier:
keyid:57:18:2A:AB:5A:D9:EF:A3:80:A6:C6:F0:6C:01:6E:15:8B:E9:77:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vxgqq1rZ76OApsbwbAFuFYvpd7w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/8c51cb-a3bd-476d-880f-a96c6266abdb/1/lpjt7vKcCEN9w7fQPc-YdFQH9RM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/8c51cb-a3bd-476d-880f-a96c6266abdb/1/Vxgqq1rZ76OApsbwbAFuFYvpd7w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:11ff:400::-2a02:11ff:493:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
2a:21:f6:73:e5:5e:c3:fa:4e:30:1a:17:a5:3c:37:7f:ce:9b:
89:58:1c:c3:69:bd:03:9a:3c:a9:6d:45:a1:af:d2:24:e4:45:
0b:91:0c:d4:d3:1b:b4:f7:1d:93:b3:42:97:ff:ff:95:99:1b:
bc:57:a2:5c:e8:78:0a:53:8a:80:90:cd:8e:4a:94:ce:11:11:
ea:de:ef:e5:3d:55:59:e0:c8:eb:29:34:9a:a0:7c:bf:22:82:
a2:30:90:84:0f:fd:e0:d6:c6:e7:9d:01:aa:57:5c:45:ac:c4:
c9:18:a9:87:b2:74:de:a2:a1:36:d1:70:e3:8b:e2:ec:90:da:
58:73:44:39:d1:8b:10:d9:cb:60:60:8e:e2:b2:72:ff:b2:45:
c0:68:a3:19:6e:94:36:7b:a3:64:f1:21:73:ae:87:3f:71:a0:
fe:4c:0f:eb:bb:81:71:53:3a:e3:af:01:fc:ec:d3:97:fa:6a:
2d:89:a5:7a:24:6b:39:c0:49:11:8b:35:4e:55:f1:00:07:c0:
b6:eb:71:ef:7a:76:75:2f:fb:59:6d:e7:9d:7a:55:5b:58:97:
8a:93:47:7a:8f:7e:56:1a:5e:cc:d9:e2:57:5d:3a:c0:be:20:
46:2b:89:23:f4:52:db:ae:7f:a0:9b:b5:c3:37:ca:00:75:91:
75:f9:7e:38
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZyKOcLCVZx68enGH12k5VhlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3MTgyYWFiNWFkOWVmYTM4MGE2YzZmMDZjMDE2ZTE1OGJl
OTc3YmMwHhcNMjYwMjIzMTExOTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Njk4ZWRlZWYyOWMwODQzN2RjM2I3ZDAzZGNmOTg3NDU0MDdmNTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7dbdYrza17wWHsCYG0I4CbN8CyS+
SPt2hFYFBND5dNuiGHl2x6H01yp2yaxq2MaBL2zjyWrTb1R3+d5LH8X5tbHNR7gB
tG6ZXtzJqwHx44ztT0jwU4NZYTvNW1Ca2YvwIMal3dGrCAQQQujKd3NWyv7/PyRL
Zhv02+T3/x95seiqQF2Wgq8D9GqANlz83HuuzzbLZ74vXpDDvcGN/sdKPFNLv5Gz
jysBSda/bYEPiTT0q8OFWPrWr0PncrHje7HAamSZr9oFQnIm9seQQuoLz1a31O2r
PI57XViASdk/oYuGs5wxA+Ili/VLHX1Rm6zQKRd7+nPfNfkiWgo67X19JwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFJaY7e7ynAhDfcO30D3PmHRUB/UTMB8GA1UdIwQY
MBaAFFcYKqta2e+jgKbG8GwBbhWL6Xe8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnhncXExclo3Nk9BcHNid2JBRnVGWXZwZDd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni84YzUxY2ItYTNiZC00NzZkLTg4MGYt
YTk2YzYyNjZhYmRiLzEvbHBqdDd2S2NDRU45dzdmUVBjLVlkRlFIOVJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni84YzUxY2ItYTNiZC00NzZkLTg4MGYtYTk2YzYyNjZhYmRi
LzEvVnhncXExclo3Nk9BcHNid2JBRnVGWXZwZDd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATMBEDBgIqAhH/
BAMHAioCEf8EkDANBgkqhkiG9w0BAQsFAAOCAQEAKiH2c+Vew/pOMBoXpTw3f86b
iVgcw2m9A5o8qW1Foa/SJORFC5EM1NMbtPcdk7NCl///lZkbvFeiXOh4ClOKgJDN
jkqUzhER6t7v5T1VWeDI6yk0mqB8vyKCojCQhA/94NbG550BqldcRazEyRiph7J0
3qKhNtFw44vi7JDaWHNEOdGLENnLYGCO4rJy/7JFwGijGW6UNnujZPEhc66HP3Gg
/kwP67uBcVM6468B/OzTl/pqLYmleiRrOcBJEYs1TlXxAAfAtutx73p2dS/7WW3n
nXpVW1iXipNHeo9+VhpezNniV106wL4gRiuJI/RS265/oJu1wzfKAHWRdfl+OA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:03:22 2026 by rpki-client