Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/LW1sI_ZixWlnf3tHF18W9bBJCvo.roa
File: LW1sI_ZixWlnf3tHF18W9bBJCvo.roa (raw, json)
Hash identifier: 2INRLrqBvJjR3iq1BuyG14OJdC7jh0rpcw5Z3n4PB1E=
Subject key identifier: 2D:6D:6C:23:F6:62:C5:69:67:7F:7B:47:17:5F:16:F5:B0:49:0A:FA
Certificate issuer: /CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Certificate serial: 019D7B5CED48F24DB8202B08CA428AB79500
Authority key identifier: F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/LW1sI_ZixWlnf3tHF18W9bBJCvo.roa
Signing time: Sat 11 Apr 2026 07:06:20 +0000
ROA not before: Sat 11 Apr 2026 07:06:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213727
IP address blocks: 178.239.144.0/24 maxlen: 24
178.239.149.0/24 maxlen: 24
178.239.156.0/24 maxlen: 24
178.239.159.0/24 maxlen: 24
185.26.33.0/24 maxlen: 24
185.26.34.0/24 maxlen: 24
185.26.35.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 08:11:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:7b:5c:ed:48:f2:4d:b8:20:2b:08:ca:42:8a:b7:95:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Validity
Not Before: Apr 11 07:06:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2d6d6c23f662c569677f7b47175f16f5b0490afa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:eb:8d:29:ac:6d:cd:25:23:72:f1:83:3c:51:
d1:44:02:0d:e7:fd:e7:15:3f:90:8f:79:fd:38:51:
09:2c:46:a4:8d:f8:ba:a7:25:34:e9:6d:f4:23:d5:
8b:1e:65:df:48:60:49:19:26:fb:8b:0d:d5:3b:6f:
f5:0d:43:06:8b:5c:55:7e:4a:85:05:db:79:9e:1f:
36:27:59:d0:55:03:97:56:53:e4:f9:db:1b:ac:04:
3e:f0:62:bc:2a:51:50:7c:d3:ed:6a:01:f2:a5:77:
f3:f1:d5:2b:78:0c:55:e8:b2:1a:4a:6b:35:34:31:
5d:5a:bd:21:8c:c8:5c:cc:7f:0b:37:4b:68:e2:d0:
db:b4:61:19:5b:d4:ab:2c:5c:a4:13:a7:fb:0f:d5:
70:15:24:53:49:27:4c:99:a1:79:e1:08:8d:16:e2:
46:0b:aa:4a:40:5c:30:91:6f:5f:75:dc:6a:6f:1a:
69:42:06:ba:3e:74:6d:3e:0f:3d:51:25:31:58:f8:
51:1b:88:4d:74:5a:a1:88:21:4d:b0:35:28:f8:f7:
93:b7:2f:47:57:fc:99:dc:0c:12:0e:39:65:29:9b:
89:85:10:c4:99:0b:e2:20:7e:d9:e1:07:f0:29:88:
1c:2a:82:98:3b:ed:3b:5d:c3:30:2e:11:03:9f:01:
30:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:6D:6C:23:F6:62:C5:69:67:7F:7B:47:17:5F:16:F5:B0:49:0A:FA
X509v3 Authority Key Identifier:
keyid:F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/LW1sI_ZixWlnf3tHF18W9bBJCvo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.239.144.0/24
178.239.149.0/24
178.239.156.0/24
178.239.159.0/24
185.26.33.0-185.26.35.255
Signature Algorithm: sha256WithRSAEncryption
66:a2:ec:e3:db:f2:d8:d5:fe:c1:01:b3:3f:71:eb:9e:44:60:
32:de:b4:75:f0:a9:de:27:72:e8:e7:e9:88:d5:cb:c2:16:af:
27:02:3a:9c:85:aa:d0:89:fd:5f:33:db:fe:e7:74:94:cf:27:
b1:6e:e3:42:c2:8c:39:3e:88:4e:71:74:c1:13:79:26:0a:35:
95:1f:80:53:30:c3:1e:fb:11:7e:45:27:c8:f3:f2:6b:cd:09:
79:4c:a3:77:c2:47:71:69:a7:1b:b1:5f:5b:6e:e1:e5:21:bd:
32:56:39:a9:86:2d:ba:cb:e8:fb:cf:10:22:c0:e2:1e:76:ae:
da:f6:54:c1:12:6f:f1:15:c1:dc:cc:34:df:71:ec:21:c5:29:
bb:eb:e1:1a:67:0b:de:31:ab:6f:bd:42:01:c8:63:f7:fc:d0:
43:33:98:79:10:2d:bc:56:8e:f8:7d:ed:31:6c:2d:8c:1b:9b:
dd:e3:41:32:b2:d2:26:72:ac:18:2c:d1:90:e4:d3:25:a1:76:
ea:72:bf:46:73:0b:11:04:3a:b8:c7:6c:1f:60:d5:ea:70:f0:
17:c7:d5:03:c5:4d:fc:f0:3c:d0:8e:b1:2a:2f:23:99:7d:fd:
5c:3e:06:b5:ec:4d:0c:b8:87:5b:ae:18:3e:22:35:e7:d2:cd:
24:04:e7:b9
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZ17XO1I8k24ICsIykKKt5UAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMzUzMzM5OWY1NWViNTJlNmIyMjAwYzdjYWU0MjcyYjc0
ZDY0NjQwHhcNMjYwNDExMDcwNjIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDZkNmMyM2Y2NjJjNTY5Njc3ZjdiNDcxNzVmMTZmNWIwNDkwYWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5OuNKaxtzSUjcvGDPFHRRAIN5/3n
FT+Qj3n9OFEJLEakjfi6pyU06W30I9WLHmXfSGBJGSb7iw3VO2/1DUMGi1xVfkqF
Bdt5nh82J1nQVQOXVlPk+dsbrAQ+8GK8KlFQfNPtagHypXfz8dUreAxV6LIaSms1
NDFdWr0hjMhczH8LN0to4tDbtGEZW9SrLFykE6f7D9VwFSRTSSdMmaF54QiNFuJG
C6pKQFwwkW9fddxqbxppQga6PnRtPg89USUxWPhRG4hNdFqhiCFNsDUo+PeTty9H
V/yZ3AwSDjllKZuJhRDEmQviIH7Z4QfwKYgcKoKYO+07XcMwLhEDnwEwNQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFC1tbCP2YsVpZ397RxdfFvWwSQr6MB8GA1UdIwQY
MBaAFPE1MzmfVetS5rIgDHyuQnK3TWRkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEt
OTg5MTY2ODgxOTY5LzEvTFcxc0lfWml4V2xuZjN0SEYxOFc5YkJKQ3ZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEtOTg5MTY2ODgxOTY5
LzEvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAsu+QAwQA
su+VAwQAsu+cAwQAsu+fMAwDBAC5GiEDBAK5GiAwDQYJKoZIhvcNAQELBQADggEB
AGai7OPb8tjV/sEBsz9x655EYDLetHXwqd4ncujn6YjVy8IWrycCOpyFqtCJ/V8z
2/7ndJTPJ7Fu40LCjDk+iE5xdMETeSYKNZUfgFMwwx77EX5FJ8jz8mvNCXlMo3fC
R3FppxuxX1tu4eUhvTJWOamGLbrL6PvPECLA4h52rtr2VMESb/EVwdzMNN9x7CHF
Kbvr4RpnC94xq2+9QgHIY/f80EMzmHkQLbxWjvh97TFsLYwbm93jQTKy0iZyrBgs
0ZDk0yWhdupyv0ZzCxEEOrjHbB9g1epw8BfH1QPFTfzwPNCOsSovI5l9/Vw+BrXs
TQy4h1uuGD4iNefSzSQE57k=
-----END CERTIFICATE-----
Generated at Fri Apr 17 17:43:09 2026 by rpki-client