Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/244958-aa2d-478c-b0ff-69efad6c3a80/1/lOV0FvZ4UI1RmBR3zL2RaV_Elps.roa
File: lOV0FvZ4UI1RmBR3zL2RaV_Elps.roa (raw, json)
Hash identifier: OQfXce7br5oDI4HR7IRbJp2FZmT/5i/l+05MQHFeiH4=
Subject key identifier: 94:E5:74:16:F6:78:50:8D:51:98:14:77:CC:BD:91:69:5F:C4:96:9B
Certificate issuer: /CN=50779799a3b8e0f0f1e3c7498c05a33f85fbbbcd
Certificate serial: 019D8B26F7F84CC37C933A346E3ABC774DA6
Authority key identifier: 50:77:97:99:A3:B8:E0:F0:F1:E3:C7:49:8C:05:A3:3F:85:FB:BB:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UHeXmaO44PDx48dJjAWjP4X7u80.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/244958-aa2d-478c-b0ff-69efad6c3a80/1/lOV0FvZ4UI1RmBR3zL2RaV_Elps.roa
Signing time: Tue 14 Apr 2026 08:41:20 +0000
ROA not before: Tue 14 Apr 2026 08:41:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 206775
IP address blocks: 45.132.68.0/22 maxlen: 24
185.124.243.0/24 maxlen: 24
213.173.8.0/22 maxlen: 24
2a10:1340::/29 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/244958-aa2d-478c-b0ff-69efad6c3a80/1/UHeXmaO44PDx48dJjAWjP4X7u80.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/244958-aa2d-478c-b0ff-69efad6c3a80/1/UHeXmaO44PDx48dJjAWjP4X7u80.mft
rsync://rpki.ripe.net/repository/DEFAULT/UHeXmaO44PDx48dJjAWjP4X7u80.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 16:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:8b:26:f7:f8:4c:c3:7c:93:3a:34:6e:3a:bc:77:4d:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50779799a3b8e0f0f1e3c7498c05a33f85fbbbcd
Validity
Not Before: Apr 14 08:41:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=94e57416f678508d51981477ccbd91695fc4969b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:69:17:b6:23:3b:d9:29:64:1e:1e:92:85:e8:
48:ca:e6:15:5c:69:5f:b1:d5:e9:26:bd:58:49:e9:
59:2a:5c:9c:60:87:0a:6d:01:90:cf:40:50:f5:dc:
9a:9d:ca:c0:fa:ae:48:6e:eb:1e:07:c9:93:96:85:
41:f6:fb:70:7d:99:8e:67:96:cd:32:75:47:57:0b:
3b:d7:01:fd:13:2f:3e:bc:7b:dd:46:cd:ac:5c:0c:
9f:c3:31:3e:1c:db:bc:55:52:bc:8f:b9:99:cf:f7:
98:a8:e5:18:f0:b8:87:7d:2d:4a:8b:f0:95:5a:3b:
8f:56:ef:fe:34:4d:a2:80:ef:2b:a1:cc:e0:9c:d5:
8a:a7:d7:6d:68:f8:66:d9:d9:22:79:9e:62:e8:a6:
00:b3:c2:02:54:c8:44:58:c9:aa:76:8e:39:6c:cd:
c5:2d:8f:3f:fe:12:9f:19:13:5d:67:9f:2d:6f:89:
9f:5d:5c:ab:21:69:b0:e0:e1:43:82:ac:2a:69:f4:
f1:65:2b:48:a1:3d:79:b1:00:18:20:6c:cd:dc:2e:
04:e6:d1:97:8e:58:58:a7:2b:2e:22:a7:55:a6:89:
a6:9f:63:0f:e6:5a:c2:d4:f4:ec:80:4c:2e:b3:36:
ee:4b:a0:b5:b9:e1:5a:8d:32:c6:e5:70:3f:a9:31:
fd:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:E5:74:16:F6:78:50:8D:51:98:14:77:CC:BD:91:69:5F:C4:96:9B
X509v3 Authority Key Identifier:
keyid:50:77:97:99:A3:B8:E0:F0:F1:E3:C7:49:8C:05:A3:3F:85:FB:BB:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UHeXmaO44PDx48dJjAWjP4X7u80.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/244958-aa2d-478c-b0ff-69efad6c3a80/1/lOV0FvZ4UI1RmBR3zL2RaV_Elps.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/244958-aa2d-478c-b0ff-69efad6c3a80/1/UHeXmaO44PDx48dJjAWjP4X7u80.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.68.0/22
185.124.243.0/24
213.173.8.0/22
IPv6:
2a10:1340::/29
Signature Algorithm: sha256WithRSAEncryption
38:9e:dc:11:cb:05:40:b5:b1:19:85:b9:28:78:ee:92:61:db:
b4:25:03:b3:ca:01:cb:c7:4e:9b:d1:80:01:6b:6d:a5:8d:2c:
b0:a1:aa:ae:43:83:4c:06:ec:a9:ac:37:49:14:42:76:e5:82:
3f:5c:0c:da:f0:0f:ea:43:90:94:99:5f:d0:2b:3a:ba:fc:e5:
a1:ae:e5:1f:d1:33:d2:19:6c:90:18:ee:fa:04:3b:8d:55:de:
3b:43:f4:7a:65:ad:39:21:0f:56:c3:11:33:16:43:c2:ae:f0:
ae:90:81:14:d0:70:3f:4c:c2:20:6e:db:df:f6:f2:7d:e0:1f:
6c:81:3d:a2:77:f6:1a:8d:b6:f6:5f:42:bb:3c:28:76:aa:48:
3d:61:bd:4b:71:0f:ad:9f:29:48:82:4f:d1:b5:fd:b7:31:39:
31:9f:bf:a8:b7:53:05:bf:18:ce:0d:55:f9:69:76:71:d1:99:
d3:3a:93:0f:3a:a4:da:42:22:08:cc:8a:f8:6b:4a:14:2d:08:
cd:22:5d:83:e9:d1:54:db:9c:78:4a:05:73:02:29:6a:bd:e0:
29:72:96:d3:0d:cf:a7:5e:d7:a4:45:35:07:23:64:8a:ce:cc:
0e:e5:7b:40:26:80:61:04:d7:e2:b7:f1:1f:68:65:8b:7b:7b:
dd:f2:fa:6e
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZ2LJvf4TMN8kzo0bjq8d02mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNzc5Nzk5YTNiOGUwZjBmMWUzYzc0OThjMDVhMzNmODVm
YmJiY2QwHhcNMjYwNDE0MDg0MTIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGU1NzQxNmY2Nzg1MDhkNTE5ODE0NzdjY2JkOTE2OTVmYzQ5NjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmWkXtiM72SlkHh6ShehIyuYVXGlf
sdXpJr1YSelZKlycYIcKbQGQz0BQ9dyancrA+q5IbuseB8mTloVB9vtwfZmOZ5bN
MnVHVws71wH9Ey8+vHvdRs2sXAyfwzE+HNu8VVK8j7mZz/eYqOUY8LiHfS1Ki/CV
WjuPVu/+NE2igO8roczgnNWKp9dtaPhm2dkieZ5i6KYAs8ICVMhEWMmqdo45bM3F
LY8//hKfGRNdZ58tb4mfXVyrIWmw4OFDgqwqafTxZStIoT15sQAYIGzN3C4E5tGX
jlhYpysuIqdVpommn2MP5lrC1PTsgEwuszbuS6C1ueFajTLG5XA/qTH9CwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJTldBb2eFCNUZgUd8y9kWlfxJabMB8GA1UdIwQY
MBaAFFB3l5mjuODw8ePHSYwFoz+F+7vNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUhlWG1hTzQ0UER4NDhkSmpBV2pQNFg3dTgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8yNDQ5NTgtYWEyZC00NzhjLWIwZmYt
NjllZmFkNmMzYTgwLzEvbE9WMEZ2WjRVSTFSbUJSM3pMMlJhVl9FbHBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8yNDQ5NTgtYWEyZC00NzhjLWIwZmYtNjllZmFkNmMzYTgw
LzEvVUhlWG1hTzQ0UER4NDhkSmpBV2pQNFg3dTgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCLYREAwQA
uXzzAwQC1a0IMA0EAgACMAcDBQMqEBNAMA0GCSqGSIb3DQEBCwUAA4IBAQA4ntwR
ywVAtbEZhbkoeO6SYdu0JQOzygHLx06b0YABa22ljSywoaquQ4NMBuyprDdJFEJ2
5YI/XAza8A/qQ5CUmV/QKzq6/OWhruUf0TPSGWyQGO76BDuNVd47Q/R6Za05IQ9W
wxEzFkPCrvCukIEU0HA/TMIgbtvf9vJ94B9sgT2id/Yajbb2X0K7PCh2qkg9Yb1L
cQ+tnylIgk/Rtf23MTkxn7+ot1MFvxjODVX5aXZx0ZnTOpMPOqTaQiIIzIr4a0oU
LQjNIl2D6dFU25x4SgVzAilqveApcpbTDc+nXtekRTUHI2SKzswO5XtAJoBhBNfi
t/EfaGWLe3vd8vpu
-----END CERTIFICATE-----
Generated at Fri Apr 17 23:23:20 2026 by rpki-client