Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/17e567-9e44-444a-ac64-18b34bea9b06/1/LTkXmxjEPaYMNlQjpdO1jIdtxVM.roa
File: LTkXmxjEPaYMNlQjpdO1jIdtxVM.roa (raw, json)
Hash identifier: tD+ZuVOMZvwhADaDFJCBEUogFwfeRB8TS1oi/afVJYM=
Subject key identifier: 2D:39:17:9B:18:C4:3D:A6:0C:36:54:23:A5:D3:B5:8C:87:6D:C5:53
Certificate issuer: /CN=54791dde2c9bdea366ce7ec6c5a800c5da633454
Certificate serial: 019E21540A6BE07BEDD6928460FF8AD4305C
Authority key identifier: 54:79:1D:DE:2C:9B:DE:A3:66:CE:7E:C6:C5:A8:00:C5:DA:63:34:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VHkd3iyb3qNmzn7GxagAxdpjNFQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/17e567-9e44-444a-ac64-18b34bea9b06/1/LTkXmxjEPaYMNlQjpdO1jIdtxVM.roa
Signing time: Wed 13 May 2026 12:33:36 +0000
ROA not before: Wed 13 May 2026 12:33:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212772
IP address blocks: 45.156.136.0/22 maxlen: 24
46.243.228.0/22 maxlen: 24
92.255.56.0/24 maxlen: 24
92.255.84.0/24 maxlen: 24
94.140.14.0/23 maxlen: 24
176.103.128.0/22 maxlen: 24
185.113.28.0/22 maxlen: 24
217.72.12.0/22 maxlen: 24
2a10:50c0::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8f/17e567-9e44-444a-ac64-18b34bea9b06/1/VHkd3iyb3qNmzn7GxagAxdpjNFQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/8f/17e567-9e44-444a-ac64-18b34bea9b06/1/VHkd3iyb3qNmzn7GxagAxdpjNFQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/VHkd3iyb3qNmzn7GxagAxdpjNFQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 10:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:21:54:0a:6b:e0:7b:ed:d6:92:84:60:ff:8a:d4:30:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54791dde2c9bdea366ce7ec6c5a800c5da633454
Validity
Not Before: May 13 12:33:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2d39179b18c43da60c365423a5d3b58c876dc553
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:be:a6:cc:98:f2:13:e6:6a:2c:5d:c7:5e:97:
78:2f:51:27:18:2d:f9:9f:68:a2:b2:9d:07:e2:f2:
73:40:81:70:f9:86:74:e3:66:b0:85:1e:c5:29:57:
e7:12:c4:2c:9b:bc:45:e5:7c:5e:36:ea:3a:f7:df:
57:b9:40:5f:80:24:d4:73:e6:32:65:c3:56:59:82:
db:02:2f:a0:76:ac:ad:c0:67:97:1b:8a:0b:93:1d:
5f:a0:5f:3b:e1:16:91:47:b5:8f:fc:11:b6:d9:20:
d9:69:a5:3e:3b:c4:fd:2a:96:3e:d6:c5:1b:e4:58:
53:e7:b4:00:89:7d:fb:b4:b5:02:a7:cb:17:e9:2b:
09:de:de:8b:04:9c:b0:da:ce:75:ab:cd:15:7c:9c:
95:1d:31:87:c1:b6:6c:6b:ad:55:73:06:09:ab:76:
96:58:c6:01:2e:2c:58:bd:4a:04:55:f4:ad:6d:06:
8b:26:86:31:dd:75:84:01:47:3b:58:d3:b8:83:cd:
45:9f:59:4f:ab:ae:1a:0f:27:66:92:0f:5d:b1:78:
3c:2c:cf:8a:f3:21:9a:d4:c7:38:20:f8:68:1f:b4:
96:f9:e3:ab:b2:db:34:cb:6d:12:9d:f6:7e:ad:59:
62:e7:a9:e4:17:33:fd:d4:e7:00:c6:32:8b:28:13:
37:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:39:17:9B:18:C4:3D:A6:0C:36:54:23:A5:D3:B5:8C:87:6D:C5:53
X509v3 Authority Key Identifier:
keyid:54:79:1D:DE:2C:9B:DE:A3:66:CE:7E:C6:C5:A8:00:C5:DA:63:34:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VHkd3iyb3qNmzn7GxagAxdpjNFQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/17e567-9e44-444a-ac64-18b34bea9b06/1/LTkXmxjEPaYMNlQjpdO1jIdtxVM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/17e567-9e44-444a-ac64-18b34bea9b06/1/VHkd3iyb3qNmzn7GxagAxdpjNFQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.136.0/22
46.243.228.0/22
92.255.56.0/24
92.255.84.0/24
94.140.14.0/23
176.103.128.0/22
185.113.28.0/22
217.72.12.0/22
IPv6:
2a10:50c0::/32
Signature Algorithm: sha256WithRSAEncryption
02:f2:fd:94:ef:a4:0f:39:e3:fa:25:54:73:88:01:c9:11:be:
3d:f4:c7:4c:44:57:7d:1c:40:77:71:05:d6:4d:c4:15:68:48:
0e:58:85:af:de:2b:c1:a6:2c:4d:23:7d:cb:10:b8:f4:71:ab:
cb:c1:14:e3:96:a9:88:d7:54:b1:17:5b:a9:9d:20:6d:f1:4d:
5f:0e:98:52:58:8b:2f:b4:76:fb:7f:fa:ea:98:73:c7:60:00:
74:e2:24:06:ea:dc:20:30:75:26:81:63:74:e3:4b:3c:a6:60:
bf:a1:96:70:66:9b:b3:5d:6a:e5:59:fc:fb:91:21:ea:9f:97:
79:3f:16:c0:0f:7b:63:42:3e:00:aa:d5:5b:db:63:29:66:56:
36:70:8e:2d:71:cc:f1:e5:95:18:db:c3:ab:17:bf:86:fa:94:
63:23:34:3b:65:50:b2:d5:c3:fb:96:b5:97:3c:d1:88:8b:07:
2a:b9:76:b0:04:db:f5:a5:8d:bb:2f:fb:2a:74:c0:79:9c:85:
45:ed:cd:bd:2a:3b:bb:09:9c:ec:60:74:a0:17:cf:19:4e:29:
8b:cc:43:ed:a3:6a:a9:4f:8a:67:ca:cb:cb:0d:65:7e:54:46:
d7:6c:01:f4:45:53:90:34:47:0b:8b:22:42:68:bb:12:0c:bc:
3a:e2:f8:0d
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZ4hVApr4Hvt1pKEYP+K1DBcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NzkxZGRlMmM5YmRlYTM2NmNlN2VjNmM1YTgwMGM1ZGE2
MzM0NTQwHhcNMjYwNTEzMTIzMzM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDM5MTc5YjE4YzQzZGE2MGMzNjU0MjNhNWQzYjU4Yzg3NmRjNTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7b6mzJjyE+ZqLF3HXpd4L1EnGC35
n2iisp0H4vJzQIFw+YZ042awhR7FKVfnEsQsm7xF5XxeNuo6999XuUBfgCTUc+Yy
ZcNWWYLbAi+gdqytwGeXG4oLkx1foF874RaRR7WP/BG22SDZaaU+O8T9KpY+1sUb
5FhT57QAiX37tLUCp8sX6SsJ3t6LBJyw2s51q80VfJyVHTGHwbZsa61VcwYJq3aW
WMYBLixYvUoEVfStbQaLJoYx3XWEAUc7WNO4g81Fn1lPq64aDydmkg9dsXg8LM+K
8yGa1Mc4IPhoH7SW+eOrsts0y20SnfZ+rVli56nkFzP91OcAxjKLKBM3ewIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFC05F5sYxD2mDDZUI6XTtYyHbcVTMB8GA1UdIwQY
MBaAFFR5Hd4sm96jZs5+xsWoAMXaYzRUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkhrZDNpeWIzcU5tem43R3hhZ0F4ZHBqTkZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi8xN2U1NjctOWU0NC00NDRhLWFjNjQt
MThiMzRiZWE5YjA2LzEvTFRrWG14akVQYVlNTmxRanBkTzFqSWR0eFZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi8xN2U1NjctOWU0NC00NDRhLWFjNjQtMThiMzRiZWE5YjA2
LzEvVkhrZDNpeWIzcU5tem43R3hhZ0F4ZHBqTkZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQCLZyIAwQC
LvPkAwQAXP84AwQAXP9UAwQBXowOAwQCsGeAAwQCuXEcAwQC2UgMMA0EAgACMAcD
BQAqEFDAMA0GCSqGSIb3DQEBCwUAA4IBAQAC8v2U76QPOeP6JVRziAHJEb499MdM
RFd9HEB3cQXWTcQVaEgOWIWv3ivBpixNI33LELj0cavLwRTjlqmI11SxF1upnSBt
8U1fDphSWIsvtHb7f/rqmHPHYAB04iQG6twgMHUmgWN040s8pmC/oZZwZpuzXWrl
Wfz7kSHqn5d5PxbAD3tjQj4AqtVb22MpZlY2cI4tcczx5ZUY28OrF7+G+pRjIzQ7
ZVCy1cP7lrWXPNGIiwcquXawBNv1pY27L/sqdMB5nIVF7c29Kju7CZzsYHSgF88Z
TimLzEPto2qpT4pnysvLDWV+VEbXbAH0RVOQNEcLiyJCaLsSDLw64vgN
-----END CERTIFICATE-----
Generated at Sat Jun 13 20:28:12 2026 by rpki-client