Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/Di1ezhmin8X_G-IrP_a5CN6tGEg.roa
File: Di1ezhmin8X_G-IrP_a5CN6tGEg.roa (raw, json)
Hash identifier: R0IziczfKNlO2hLKW0FYvhgVwyTPNljMFKRqeIBWo0k=
Subject key identifier: 0E:2D:5E:CE:19:A2:9F:C5:FF:1B:E2:2B:3F:F6:B9:08:DE:AD:18:48
Certificate issuer: /CN=2e6a86e62f0ce98e02e980869ff4414ee2a0f0ce
Certificate serial: 019C523A38776B35A742BCFEF4E87AD83EC4
Authority key identifier: 2E:6A:86:E6:2F:0C:E9:8E:02:E9:80:86:9F:F4:41:4E:E2:A0:F0:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/Di1ezhmin8X_G-IrP_a5CN6tGEg.roa
Signing time: Thu 12 Feb 2026 14:21:13 +0000
ROA not before: Thu 12 Feb 2026 14:21:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 204610
IP address blocks: 138.249.242.0/24 maxlen: 24
138.249.243.0/24 maxlen: 24
138.249.244.0/24 maxlen: 24
138.249.245.0/24 maxlen: 24
138.249.246.0/24 maxlen: 24
138.249.247.0/24 maxlen: 24
138.249.248.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.mft
rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:52:3a:38:77:6b:35:a7:42:bc:fe:f4:e8:7a:d8:3e:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e6a86e62f0ce98e02e980869ff4414ee2a0f0ce
Validity
Not Before: Feb 12 14:21:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0e2d5ece19a29fc5ff1be22b3ff6b908dead1848
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:c6:b0:65:9b:05:15:71:86:d2:b1:79:6d:b7:
3b:17:24:f9:25:08:be:b5:c5:5e:cc:bd:bb:e7:38:
35:84:e2:bd:f7:e4:20:4d:6f:88:09:88:7e:71:e7:
da:8a:71:8c:ad:a3:11:c0:84:c1:3f:ac:6c:ec:40:
5f:69:39:b4:e7:bd:7f:b1:da:9a:e5:fc:cc:50:5f:
18:94:ab:93:77:1a:b6:6d:b7:72:56:96:b5:ce:c2:
82:18:6b:a7:0a:58:37:d7:24:b2:f7:6f:69:6c:68:
f0:95:1d:ee:76:1d:e2:23:35:33:21:43:a9:f2:32:
06:d2:3e:78:2a:5c:d6:8f:26:8a:fb:8e:bb:ca:bc:
8c:b2:e0:71:a1:a4:cc:34:af:3a:f7:35:8c:9e:c1:
61:20:17:5c:b3:d0:66:22:fa:10:f5:56:22:fb:48:
fd:bc:86:55:22:07:d0:06:61:34:fa:a7:ed:5c:5f:
7d:af:0a:13:e6:2d:ed:7d:c9:5d:8d:d8:7f:d5:c2:
26:dd:5e:54:b6:66:77:4c:2e:9d:60:ad:ca:d6:98:
7a:f5:76:cd:e0:93:8f:2c:37:d4:94:fd:0f:d3:66:
a8:46:b5:22:c7:41:0e:32:b9:1f:bf:bb:e0:8c:5a:
7b:31:14:d8:dc:cd:2c:72:15:e9:85:9f:ef:3c:a3:
c1:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:2D:5E:CE:19:A2:9F:C5:FF:1B:E2:2B:3F:F6:B9:08:DE:AD:18:48
X509v3 Authority Key Identifier:
keyid:2E:6A:86:E6:2F:0C:E9:8E:02:E9:80:86:9F:F4:41:4E:E2:A0:F0:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/Di1ezhmin8X_G-IrP_a5CN6tGEg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
138.249.242.0-138.249.248.255
Signature Algorithm: sha256WithRSAEncryption
04:72:ea:2e:87:39:ee:4e:83:56:cf:b7:b5:6e:f8:eb:a8:7c:
a5:7b:3a:d5:a2:c5:fb:03:01:f3:52:38:fb:71:bf:3a:bb:2f:
85:bf:c5:44:02:b0:07:b6:fa:b3:76:87:5c:7f:76:13:02:d0:
1c:72:87:81:68:cb:e3:60:6f:fc:42:bd:5d:05:00:dc:59:c6:
0a:93:a3:3c:bb:b9:c6:2b:10:52:96:b5:19:19:95:38:d7:3f:
51:d4:f9:0a:f3:1f:db:3b:19:79:fc:69:9a:bc:6a:c7:54:dd:
b4:68:2f:88:0a:d8:b1:3d:3c:28:0f:0d:25:4a:88:ed:6e:15:
db:f6:96:d1:f0:11:c9:80:40:ee:74:7a:75:e0:38:48:e7:30:
8e:e9:ae:76:68:02:ad:0e:0c:3a:46:ec:ca:96:d4:8d:a9:86:
52:44:38:fb:99:61:8f:d6:7e:48:32:fa:ef:e8:bd:6c:cc:b5:
8f:ca:18:b9:73:0a:8f:7d:19:25:07:d4:15:09:f4:e3:01:09:
78:e4:a5:5c:b5:85:d9:06:34:d1:84:25:8d:88:95:78:08:05:
65:97:7e:87:45:f5:77:0b:a4:4d:9a:6c:06:f7:08:57:1b:bb:
26:6a:d8:ad:81:ad:80:76:1c:ac:13:88:a5:f4:8c:ae:f5:9c:
7b:9a:3a:0d
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZxSOjh3azWnQrz+9Oh62D7EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlNmE4NmU2MmYwY2U5OGUwMmU5ODA4NjlmZjQ0MTRlZTJh
MGYwY2UwHhcNMjYwMjEyMTQyMTEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTJkNWVjZTE5YTI5ZmM1ZmYxYmUyMmIzZmY2YjkwOGRlYWQxODQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAocawZZsFFXGG0rF5bbc7FyT5JQi+
tcVezL275zg1hOK99+QgTW+ICYh+cefainGMraMRwITBP6xs7EBfaTm0571/sdqa
5fzMUF8YlKuTdxq2bbdyVpa1zsKCGGunClg31ySy929pbGjwlR3udh3iIzUzIUOp
8jIG0j54KlzWjyaK+467yryMsuBxoaTMNK869zWMnsFhIBdcs9BmIvoQ9VYi+0j9
vIZVIgfQBmE0+qftXF99rwoT5i3tfcldjdh/1cIm3V5UtmZ3TC6dYK3K1ph69XbN
4JOPLDfUlP0P02aoRrUix0EOMrkfv7vgjFp7MRTY3M0schXphZ/vPKPBUwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFA4tXs4Zop/F/xviKz/2uQjerRhIMB8GA1UdIwQY
MBaAFC5qhuYvDOmOAumAhp/0QU7ioPDOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG1xRzVpOE02WTRDNllDR25fUkJUdUtnOE00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8yYjYwMzAtNmQ4OC00ZTNlLTlmM2Et
YTY2N2JiNzY1MDYwLzEvRGkxZXpobWluOFhfRy1JclBfYTVDTjZ0R0VnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8yYjYwMzAtNmQ4OC00ZTNlLTlmM2EtYTY2N2JiNzY1MDYw
LzEvTG1xRzVpOE02WTRDNllDR25fUkJUdUtnOE00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAGK+fID
BACK+fgwDQYJKoZIhvcNAQELBQADggEBAARy6i6HOe5Og1bPt7Vu+OuofKV7OtWi
xfsDAfNSOPtxvzq7L4W/xUQCsAe2+rN2h1x/dhMC0Bxyh4Foy+Ngb/xCvV0FANxZ
xgqTozy7ucYrEFKWtRkZlTjXP1HU+QrzH9s7GXn8aZq8asdU3bRoL4gK2LE9PCgP
DSVKiO1uFdv2ltHwEcmAQO50enXgOEjnMI7prnZoAq0ODDpG7MqW1I2phlJEOPuZ
YY/Wfkgy+u/ovWzMtY/KGLlzCo99GSUH1BUJ9OMBCXjkpVy1hdkGNNGEJY2IlXgI
BWWXfodF9XcLpE2abAb3CFcbuyZq2K2BrYB2HKwTiKX0jK71nHuaOg0=
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:28:04 2026 by rpki-client