Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/lxGIQbkAiSYPzjcaXIWFWWaFXaU.roa
File: lxGIQbkAiSYPzjcaXIWFWWaFXaU.roa (raw, json)
Hash identifier: /FM/6ehnyvbMqGmRgncz6hFscwHm/ewxUU8RGglD0WU=
Subject key identifier: 97:11:88:41:B9:00:89:26:0F:CE:37:1A:5C:85:85:59:66:85:5D:A5
Certificate issuer: /CN=7e20b034e2c497b1884488def106972704765029
Certificate serial: 019C4C556E60F9CD623CBB69F3F253F828DB
Authority key identifier: 7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/lxGIQbkAiSYPzjcaXIWFWWaFXaU.roa
Signing time: Wed 11 Feb 2026 10:53:13 +0000
ROA not before: Wed 11 Feb 2026 10:53:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 6205
IP address blocks: 85.189.14.0/24 maxlen: 24
85.189.19.0/24 maxlen: 24
85.189.25.0/24 maxlen: 24
85.189.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.mft
rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 10:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:4c:55:6e:60:f9:cd:62:3c:bb:69:f3:f2:53:f8:28:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e20b034e2c497b1884488def106972704765029
Validity
Not Before: Feb 11 10:53:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=97118841b90089260fce371a5c85855966855da5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:b9:97:f3:36:8c:9a:e3:e0:fe:80:b0:11:a4:
51:ab:d8:50:35:dc:45:86:5a:0b:f7:de:8e:c0:c4:
55:ea:35:db:62:7d:a8:ab:f1:f8:d6:d2:34:23:de:
06:eb:e8:c3:85:76:6c:b5:d9:9a:23:9e:52:28:7f:
fe:f8:5b:bb:a5:57:c1:8d:fe:65:df:b7:af:0c:7a:
e5:10:16:3f:0a:33:05:70:25:c2:72:b2:18:a4:c9:
03:6c:eb:dd:2f:7a:8f:4f:24:5e:9e:57:56:84:d2:
01:e5:09:d3:b1:b3:e9:cc:80:7d:7b:e7:19:1a:fc:
6e:40:9f:0e:f0:5c:6f:03:64:96:eb:3f:43:64:c1:
f4:c9:c3:04:19:91:35:2c:c0:37:47:02:43:dd:75:
e6:72:ca:91:24:cc:c9:72:88:03:1d:93:0a:fc:75:
ad:7f:9a:62:7c:87:e7:bd:b8:af:36:46:54:39:6b:
49:49:36:fd:84:d9:fd:6b:f9:0c:2d:62:0c:74:ac:
6e:da:0c:c8:a5:e2:03:94:1b:c2:ac:8b:08:9d:41:
57:a0:6d:c0:5c:c3:bd:1f:f1:18:95:93:13:8b:e8:
a1:46:2d:f0:07:86:84:fd:f4:0f:33:fa:f6:b2:f9:
87:d2:72:4d:77:8f:ac:24:1e:6b:be:8b:26:79:30:
2e:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:11:88:41:B9:00:89:26:0F:CE:37:1A:5C:85:85:59:66:85:5D:A5
X509v3 Authority Key Identifier:
keyid:7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/lxGIQbkAiSYPzjcaXIWFWWaFXaU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.189.14.0/24
85.189.19.0/24
85.189.25.0/24
85.189.31.0/24
Signature Algorithm: sha256WithRSAEncryption
39:e1:ef:d8:a5:c6:d6:80:ca:92:63:db:79:6a:4d:b8:04:51:
c3:1a:06:e4:0c:f4:68:b9:8d:8c:6d:94:c5:89:d8:1f:52:e4:
f8:44:bb:39:65:7f:27:3a:3d:11:db:df:6f:c6:d9:d6:13:65:
f7:b3:b3:03:dd:6d:78:df:6f:13:00:24:26:3d:63:2c:0e:59:
ac:c0:51:3d:06:f8:d1:d9:f9:c9:af:1f:7d:3b:67:f5:b9:f9:
c4:65:eb:45:e4:77:f5:12:27:f9:45:4c:f8:94:61:64:d7:ed:
d9:be:a1:be:38:33:c4:a9:ef:7d:68:d8:38:ca:cd:61:58:4c:
4a:b7:2e:11:92:df:19:78:e6:04:56:d8:4b:68:3b:21:ff:44:
c9:e2:1b:41:98:b0:b0:f9:13:e9:10:b8:8f:87:4b:73:41:99:
4b:42:6f:ff:97:b7:82:e4:94:32:ca:6d:24:ae:e1:ad:af:3c:
d7:70:ca:c6:ae:b0:03:77:d0:82:b5:9b:03:2c:68:5a:4a:77:
19:42:b6:16:05:77:c1:21:ee:aa:4e:b2:1e:ca:10:5a:02:43:
42:d1:b3:64:4f:ae:4a:92:02:e7:f1:f8:2b:46:2e:4a:42:40:
49:5c:b8:64:4a:13:b3:b6:7e:0f:73:11:2f:6d:77:57:c8:2d:
dd:16:f3:f8
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZxMVW5g+c1iPLtp8/JT+CjbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMjBiMDM0ZTJjNDk3YjE4ODQ0ODhkZWYxMDY5NzI3MDQ3
NjUwMjkwHhcNMjYwMjExMTA1MzEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzExODg0MWI5MDA4OTI2MGZjZTM3MWE1Yzg1ODU1OTY2ODU1ZGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9bmX8zaMmuPg/oCwEaRRq9hQNdxF
hloL996OwMRV6jXbYn2oq/H41tI0I94G6+jDhXZstdmaI55SKH/++Fu7pVfBjf5l
37evDHrlEBY/CjMFcCXCcrIYpMkDbOvdL3qPTyRenldWhNIB5QnTsbPpzIB9e+cZ
GvxuQJ8O8FxvA2SW6z9DZMH0ycMEGZE1LMA3RwJD3XXmcsqRJMzJcogDHZMK/HWt
f5pifIfnvbivNkZUOWtJSTb9hNn9a/kMLWIMdKxu2gzIpeIDlBvCrIsInUFXoG3A
XMO9H/EYlZMTi+ihRi3wB4aE/fQPM/r2svmH0nJNd4+sJB5rvosmeTAuiwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJcRiEG5AIkmD843GlyFhVlmhV2lMB8GA1UdIwQY
MBaAFH4gsDTixJexiESI3vEGlycEdlApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2Qt
MDM1ZDk3N2Y0MjE2LzEvbHhHSVFia0FpU1lQempjYVhJV0ZXV2FGWGFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2QtMDM1ZDk3N2Y0MjE2
LzEvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVb0OAwQA
Vb0TAwQAVb0ZAwQAVb0fMA0GCSqGSIb3DQEBCwUAA4IBAQA54e/YpcbWgMqSY9t5
ak24BFHDGgbkDPRouY2MbZTFidgfUuT4RLs5ZX8nOj0R299vxtnWE2X3s7MD3W14
328TACQmPWMsDlmswFE9BvjR2fnJrx99O2f1ufnEZetF5Hf1Eif5RUz4lGFk1+3Z
vqG+ODPEqe99aNg4ys1hWExKty4Rkt8ZeOYEVthLaDsh/0TJ4htBmLCw+RPpELiP
h0tzQZlLQm//l7eC5JQyym0kruGtrzzXcMrGrrADd9CCtZsDLGhaSncZQrYWBXfB
Ie6qTrIeyhBaAkNC0bNkT65KkgLn8fgrRi5KQkBJXLhkShOztn4PcxEvbXdXyC3d
FvP4
-----END CERTIFICATE-----
Generated at Mon Mar 2 20:05:03 2026 by rpki-client