Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/c9e115-1236-4fda-a033-99eea1f0a354/1/LpF7hzS-_Bqq_u0GKSkOq_jaXmU.roa
File: LpF7hzS-_Bqq_u0GKSkOq_jaXmU.roa (raw, json)
Hash identifier: pIhXh24IzpIa3o8LFBdn/va5JW8n7fuKIIlkGDvBzts=
Subject key identifier: 2E:91:7B:87:34:BE:FC:1A:AA:FE:ED:06:29:29:0E:AB:F8:DA:5E:65
Certificate issuer: /CN=1e0e4d2dbde986fdc25bf3bf75637852da87abf1
Certificate serial: 019C8F1CAEA4DC8D3D6521A6E3ED9B6AE294
Authority key identifier: 1E:0E:4D:2D:BD:E9:86:FD:C2:5B:F3:BF:75:63:78:52:DA:87:AB:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hg5NLb3phv3CW_O_dWN4UtqHq_E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/c9e115-1236-4fda-a033-99eea1f0a354/1/LpF7hzS-_Bqq_u0GKSkOq_jaXmU.roa
Signing time: Tue 24 Feb 2026 10:05:47 +0000
ROA not before: Tue 24 Feb 2026 10:05:47 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 202790
IP address blocks: 146.19.201.0/24 maxlen: 28
185.152.124.0/22 maxlen: 24
185.152.124.0/24 maxlen: 24
185.152.125.0/24 maxlen: 24
185.152.126.0/24 maxlen: 24
185.152.127.0/24 maxlen: 24
212.18.121.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/c9e115-1236-4fda-a033-99eea1f0a354/1/Hg5NLb3phv3CW_O_dWN4UtqHq_E.crl
rsync://rpki.ripe.net/repository/DEFAULT/9a/c9e115-1236-4fda-a033-99eea1f0a354/1/Hg5NLb3phv3CW_O_dWN4UtqHq_E.mft
rsync://rpki.ripe.net/repository/DEFAULT/Hg5NLb3phv3CW_O_dWN4UtqHq_E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:8f:1c:ae:a4:dc:8d:3d:65:21:a6:e3:ed:9b:6a:e2:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e0e4d2dbde986fdc25bf3bf75637852da87abf1
Validity
Not Before: Feb 24 10:05:47 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2e917b8734befc1aaafeed0629290eabf8da5e65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:27:17:a6:ac:57:11:c9:3f:2a:26:d6:3f:ac:
12:a1:bb:4f:55:7f:5a:b5:e0:c4:fe:b6:fb:33:ef:
57:b2:cf:2b:98:da:f2:f9:6a:64:43:b5:cd:97:f8:
bc:ca:94:ba:c7:44:1d:2b:47:3b:21:05:7c:ac:f7:
d6:1e:d5:cd:28:f4:50:de:b4:82:4b:96:e3:d6:40:
f7:34:34:99:c9:23:78:96:f0:23:ab:a0:3f:7f:ab:
54:6d:c4:e5:fa:3e:04:b0:26:76:32:e9:33:64:23:
3b:20:64:32:1d:b2:2d:a2:71:4e:27:b9:2f:9f:47:
ec:bf:b6:c6:69:22:af:ef:83:88:21:a4:94:a0:51:
7e:25:2e:52:4f:69:3b:7c:b4:5a:77:be:99:e2:a7:
c8:00:ab:30:0e:14:4a:55:73:3f:ad:3a:00:e7:9f:
b7:8e:84:41:83:59:71:f5:06:7a:f3:c7:47:77:d8:
53:99:60:4b:ed:65:d8:df:66:a5:d8:44:f7:52:d1:
bb:f9:5d:be:77:b9:fe:4f:ad:33:33:f5:3c:56:82:
0e:39:40:9f:06:79:a5:04:e2:11:58:c4:63:a8:58:
e1:b2:58:97:54:12:48:50:ef:37:bd:9f:45:51:37:
f4:7f:39:a7:ee:b5:54:6a:bc:86:4c:99:91:e4:7d:
04:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:91:7B:87:34:BE:FC:1A:AA:FE:ED:06:29:29:0E:AB:F8:DA:5E:65
X509v3 Authority Key Identifier:
keyid:1E:0E:4D:2D:BD:E9:86:FD:C2:5B:F3:BF:75:63:78:52:DA:87:AB:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hg5NLb3phv3CW_O_dWN4UtqHq_E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/c9e115-1236-4fda-a033-99eea1f0a354/1/LpF7hzS-_Bqq_u0GKSkOq_jaXmU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/c9e115-1236-4fda-a033-99eea1f0a354/1/Hg5NLb3phv3CW_O_dWN4UtqHq_E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.201.0/24
185.152.124.0/22
212.18.121.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:d3:dc:cc:41:53:f0:bd:19:23:1f:2e:30:38:de:31:f7:66:
96:0c:05:7f:ec:c7:d8:4e:75:d1:5a:ff:46:a9:0b:59:e9:2f:
4c:49:1b:f5:4d:10:b3:64:38:f7:bd:3f:95:25:d1:2a:2f:ad:
e9:fb:2a:04:19:e4:7d:ba:44:1b:20:bd:73:58:03:20:36:1d:
f6:da:ec:2f:79:60:d7:18:08:2d:5d:3d:2d:2d:d8:a1:b3:17:
4d:5e:11:af:f6:b7:5b:c3:9f:61:90:ae:ee:17:3a:d7:f3:75:
19:c7:aa:34:05:1f:ea:49:12:b5:45:f4:3c:58:32:ee:b6:29:
56:10:8e:58:81:1f:f8:57:05:58:1a:a5:7d:0b:99:38:10:e0:
e5:b4:48:2d:40:87:2d:de:16:ef:80:36:e4:fd:27:06:55:c0:
01:e1:d0:ed:e3:ab:88:42:ba:f1:59:2f:ef:eb:19:32:18:da:
c4:0b:32:9e:1b:76:b3:a2:fa:e2:da:dd:fe:b9:d9:ee:9d:36:
d0:c8:7c:62:71:dd:b3:02:7e:72:20:f6:39:6c:f5:2b:5d:2f:
8b:7d:ba:1e:e6:ce:c6:8d:2c:2b:51:ff:a1:c4:8d:55:96:45:
c0:2b:76:c7:79:43:ca:f0:51:a1:bb:55:dd:1f:4a:8e:d8:98:
1b:ec:ae:cd
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZyPHK6k3I09ZSGm4+2bauKUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMGU0ZDJkYmRlOTg2ZmRjMjViZjNiZjc1NjM3ODUyZGE4
N2FiZjEwHhcNMjYwMjI0MTAwNTQ3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTkxN2I4NzM0YmVmYzFhYWFmZWVkMDYyOTI5MGVhYmY4ZGE1ZTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwicXpqxXEck/KibWP6wSobtPVX9a
teDE/rb7M+9Xss8rmNry+WpkQ7XNl/i8ypS6x0QdK0c7IQV8rPfWHtXNKPRQ3rSC
S5bj1kD3NDSZySN4lvAjq6A/f6tUbcTl+j4EsCZ2MukzZCM7IGQyHbItonFOJ7kv
n0fsv7bGaSKv74OIIaSUoFF+JS5ST2k7fLRad76Z4qfIAKswDhRKVXM/rToA55+3
joRBg1lx9QZ688dHd9hTmWBL7WXY32al2ET3UtG7+V2+d7n+T60zM/U8VoIOOUCf
BnmlBOIRWMRjqFjhsliXVBJIUO83vZ9FUTf0fzmn7rVUaryGTJmR5H0EYQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFC6Re4c0vvwaqv7tBikpDqv42l5lMB8GA1UdIwQY
MBaAFB4OTS296Yb9wlvzv3VjeFLah6vxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGc1TkxiM3BodjNDV19PX2RXTjRVdHFIcV9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9jOWUxMTUtMTIzNi00ZmRhLWEwMzMt
OTllZWExZjBhMzU0LzEvTHBGN2h6Uy1fQnFxX3UwR0tTa09xX2phWG1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9jOWUxMTUtMTIzNi00ZmRhLWEwMzMtOTllZWExZjBhMzU0
LzEvSGc1TkxiM3BodjNDV19PX2RXTjRVdHFIcV9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAkhPJAwQC
uZh8AwQA1BJ5MA0GCSqGSIb3DQEBCwUAA4IBAQAM09zMQVPwvRkjHy4wON4x92aW
DAV/7MfYTnXRWv9GqQtZ6S9MSRv1TRCzZDj3vT+VJdEqL63p+yoEGeR9ukQbIL1z
WAMgNh322uwveWDXGAgtXT0tLdihsxdNXhGv9rdbw59hkK7uFzrX83UZx6o0BR/q
SRK1RfQ8WDLutilWEI5YgR/4VwVYGqV9C5k4EODltEgtQIct3hbvgDbk/ScGVcAB
4dDt46uIQrrxWS/v6xkyGNrECzKeG3azovri2t3+udnunTbQyHxicd2zAn5yIPY5
bPUrXS+Lfboe5s7GjSwrUf+hxI1VlkXAK3bHeUPK8FGhu1XdH0qO2Jgb7K7N
-----END CERTIFICATE-----
Generated at Mon Mar 2 11:19:07 2026 by rpki-client