Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/eaa787-a249-485f-b750-67062faef802/1/LxeehfG4ABL-Mjofqe-m1zgbRF8.roa
File: LxeehfG4ABL-Mjofqe-m1zgbRF8.roa (raw, json)
Hash identifier: G0fIhVP6EAMZqllSYGxKMKH7WM5clIvSUyRbvtMaMHc=
Subject key identifier: 2F:17:9E:85:F1:B8:00:12:FE:32:3A:1F:A9:EF:A6:D7:38:1B:44:5F
Certificate issuer: /CN=1afbd4488916faecfde27af63cf98451b9672ff6
Certificate serial: 019D624FBBEF02ABBBFB516E14673ACC68D7
Authority key identifier: 1A:FB:D4:48:89:16:FA:EC:FD:E2:7A:F6:3C:F9:84:51:B9:67:2F:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GvvUSIkW-uz94nr2PPmEUblnL_Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/eaa787-a249-485f-b750-67062faef802/1/LxeehfG4ABL-Mjofqe-m1zgbRF8.roa
Signing time: Mon 06 Apr 2026 10:21:25 +0000
ROA not before: Mon 06 Apr 2026 10:21:25 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 209264
IP address blocks: 2a0d:9840::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/eaa787-a249-485f-b750-67062faef802/1/GvvUSIkW-uz94nr2PPmEUblnL_Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/99/eaa787-a249-485f-b750-67062faef802/1/GvvUSIkW-uz94nr2PPmEUblnL_Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/GvvUSIkW-uz94nr2PPmEUblnL_Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 16:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:62:4f:bb:ef:02:ab:bb:fb:51:6e:14:67:3a:cc:68:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1afbd4488916faecfde27af63cf98451b9672ff6
Validity
Not Before: Apr 6 10:21:25 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2f179e85f1b80012fe323a1fa9efa6d7381b445f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:f5:dc:e5:4b:4b:8f:76:b7:31:57:6b:9a:e8:
4d:40:72:e2:36:68:67:21:ff:95:86:2b:d0:fe:b5:
c1:cd:96:9b:a8:37:f6:e3:99:d7:96:e8:11:f3:11:
21:b0:13:27:40:e7:ef:ac:92:dc:69:73:54:c9:7c:
5a:eb:6e:c6:05:1e:e4:a4:b7:61:da:52:85:96:3c:
da:0b:f4:3d:33:62:4a:64:5a:71:25:dd:c0:d1:69:
47:c7:01:51:9e:8e:3e:e2:eb:e9:c8:d1:ff:2b:9f:
be:02:a2:18:cb:cc:bd:be:68:e8:33:86:fd:02:8f:
0a:19:cc:aa:07:3a:dc:a4:91:0e:bd:e3:b1:91:1c:
61:db:f7:46:04:02:a2:d7:48:60:3c:f3:31:21:af:
3f:03:30:ab:a0:68:ea:61:e7:2f:1a:e8:af:fb:99:
84:68:cc:aa:f5:7a:40:77:e3:13:6e:c6:0c:2b:b9:
e2:39:96:b9:0d:7b:44:93:24:fe:0d:01:48:f8:11:
e2:d0:19:6b:65:08:33:7e:46:1a:10:6a:ba:2d:09:
31:c1:db:ae:c8:e4:71:de:f1:f2:e2:a1:fe:4f:b6:
42:0e:ab:99:21:65:70:46:04:6a:1f:ad:eb:15:cb:
d7:10:28:1a:6e:da:2b:75:06:ac:f2:97:41:58:93:
9b:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:17:9E:85:F1:B8:00:12:FE:32:3A:1F:A9:EF:A6:D7:38:1B:44:5F
X509v3 Authority Key Identifier:
keyid:1A:FB:D4:48:89:16:FA:EC:FD:E2:7A:F6:3C:F9:84:51:B9:67:2F:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GvvUSIkW-uz94nr2PPmEUblnL_Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/eaa787-a249-485f-b750-67062faef802/1/LxeehfG4ABL-Mjofqe-m1zgbRF8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/eaa787-a249-485f-b750-67062faef802/1/GvvUSIkW-uz94nr2PPmEUblnL_Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:9840::/48
Signature Algorithm: sha256WithRSAEncryption
75:dc:76:10:82:e7:6b:9c:37:e8:91:12:52:52:56:bb:d6:dd:
08:50:f2:4d:cb:15:a7:92:76:33:88:42:b2:65:43:75:3c:89:
3e:73:db:3e:e7:f4:61:06:d4:92:32:ca:18:42:6a:9b:7a:0d:
bc:71:5d:a1:e9:a1:a7:99:ed:07:ea:48:93:bf:91:45:74:a3:
0a:ba:20:1f:3a:78:05:7a:9b:bd:50:5d:41:4c:16:2a:ad:fd:
50:ed:f7:df:1c:dd:3d:fa:30:4b:2f:33:2a:51:e1:27:74:ac:
3f:ff:46:1d:fc:bd:3f:01:bc:66:57:ac:6d:f5:49:00:83:87:
22:d1:a7:2c:b5:ea:8a:28:09:9f:e5:94:a2:41:71:6f:bb:fe:
84:b0:10:92:52:25:35:30:5a:8c:28:2c:a4:aa:3d:37:1d:87:
e4:60:ab:82:32:f0:35:b1:7c:50:1a:6e:62:fa:bc:5a:70:bb:
14:2a:09:a0:39:e4:c4:a6:3c:2e:b0:99:ff:e6:ba:0d:30:c7:
d9:c9:0e:ba:6f:f1:69:65:df:04:77:9d:7e:ef:4c:e2:e1:ba:
e1:de:08:07:04:8b:e4:27:13:9e:69:be:9d:25:62:ef:72:f7:
bc:3f:15:a3:ce:84:b6:eb:4d:54:28:7d:87:cb:ef:ac:dd:fe:
8a:da:14:0a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZ1iT7vvAqu7+1FuFGc6zGjXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhZmJkNDQ4ODkxNmZhZWNmZGUyN2FmNjNjZjk4NDUxYjk2
NzJmZjYwHhcNMjYwNDA2MTAyMTI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjE3OWU4NWYxYjgwMDEyZmUzMjNhMWZhOWVmYTZkNzM4MWI0NDVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9/Xc5UtLj3a3MVdrmuhNQHLiNmhn
If+VhivQ/rXBzZabqDf245nXlugR8xEhsBMnQOfvrJLcaXNUyXxa627GBR7kpLdh
2lKFljzaC/Q9M2JKZFpxJd3A0WlHxwFRno4+4uvpyNH/K5++AqIYy8y9vmjoM4b9
Ao8KGcyqBzrcpJEOveOxkRxh2/dGBAKi10hgPPMxIa8/AzCroGjqYecvGuiv+5mE
aMyq9XpAd+MTbsYMK7niOZa5DXtEkyT+DQFI+BHi0BlrZQgzfkYaEGq6LQkxwduu
yORx3vHy4qH+T7ZCDquZIWVwRgRqH63rFcvXECgabtordQas8pdBWJObNQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFC8XnoXxuAAS/jI6H6nvptc4G0RfMB8GA1UdIwQY
MBaAFBr71EiJFvrs/eJ69jz5hFG5Zy/2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3Z2VVNJa1ctdXo5NG5yMlBQbUVVYmxuTF9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9lYWE3ODctYTI0OS00ODVmLWI3NTAt
NjcwNjJmYWVmODAyLzEvTHhlZWhmRzRBQkwtTWpvZnFlLW0xemdiUkY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9lYWE3ODctYTI0OS00ODVmLWI3NTAtNjcwNjJmYWVmODAy
LzEvR3Z2VVNJa1ctdXo5NG5yMlBQbUVVYmxuTF9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg2YQAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQB13HYQgudrnDfokRJSUla71t0IUPJNyxWnknYz
iEKyZUN1PIk+c9s+5/RhBtSSMsoYQmqbeg28cV2h6aGnme0H6kiTv5FFdKMKuiAf
OngFepu9UF1BTBYqrf1Q7fffHN09+jBLLzMqUeEndKw//0Yd/L0/AbxmV6xt9UkA
g4ci0acsteqKKAmf5ZSiQXFvu/6EsBCSUiU1MFqMKCykqj03HYfkYKuCMvA1sXxQ
Gm5i+rxacLsUKgmgOeTEpjwusJn/5roNMMfZyQ66b/FpZd8Ed51+70zi4brh3ggH
BIvkJxOeab6dJWLvcve8PxWjzoS2601UKH2Hy++s3f6K2hQK
-----END CERTIFICATE-----
Generated at Sat Apr 18 02:05:30 2026 by rpki-client