Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/LRo2pbuoPfj-qxjM8M8BNh7Ls2o.roa
File: LRo2pbuoPfj-qxjM8M8BNh7Ls2o.roa (raw, json)
Hash identifier: AB0de4ZIStoy9LhouBoGQn0xI1RTpDlrytriiTyVgBE=
Subject key identifier: 2D:1A:36:A5:BB:A8:3D:F8:FE:AB:18:CC:F0:CF:01:36:1E:CB:B3:6A
Certificate issuer: /CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Certificate serial: 019D872940014F7415A293195609158B3729
Authority key identifier: EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/LRo2pbuoPfj-qxjM8M8BNh7Ls2o.roa
Signing time: Mon 13 Apr 2026 14:05:20 +0000
ROA not before: Mon 13 Apr 2026 14:05:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 29802
IP address blocks: 45.93.82.0/24 maxlen: 24
45.131.51.0/24 maxlen: 24
80.64.29.0/24 maxlen: 24
185.210.136.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.mft
rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 02:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:87:29:40:01:4f:74:15:a2:93:19:56:09:15:8b:37:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Validity
Not Before: Apr 13 14:05:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2d1a36a5bba83df8feab18ccf0cf01361ecbb36a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:c7:cb:f9:6f:92:93:92:eb:67:fa:63:97:e5:
12:05:b3:06:27:94:91:00:2d:a8:50:77:26:1a:8f:
e2:16:46:a5:dc:3d:fb:3f:1e:25:6d:ed:87:c8:c0:
f1:41:5d:d8:07:20:d1:c3:89:54:dc:32:6a:8d:c3:
a5:ca:37:96:9a:2f:09:3e:33:f2:ce:8a:95:9f:d7:
10:86:b8:2d:bb:7f:9f:da:c4:1c:bd:4e:82:4f:f2:
87:43:cf:ba:e9:73:86:ca:60:98:a1:bc:e6:35:66:
35:0f:bc:af:a8:ae:8b:3f:2a:37:cc:49:94:40:ae:
34:b9:01:ec:88:ed:f4:af:54:0f:29:b3:da:d9:67:
79:49:4b:be:bb:b8:d1:12:ea:fc:0c:27:9d:6b:0e:
77:8b:c1:fa:c0:0a:3e:f0:bc:bc:63:f5:6d:e2:3f:
dd:36:08:5f:4e:f7:88:79:2a:53:d4:24:32:63:79:
87:1d:96:4d:b7:14:a3:40:f6:59:25:d0:bd:64:80:
b2:b9:12:bc:fb:f5:fa:5e:33:0b:c9:30:db:e3:b0:
f2:45:29:82:ad:95:41:4a:3f:e9:52:3a:09:af:bf:
38:e0:fa:8b:3e:2e:bd:73:86:33:5f:bd:34:bb:d1:
f2:95:ed:f1:3f:bb:38:79:31:92:5c:a9:0b:f0:2b:
7e:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:1A:36:A5:BB:A8:3D:F8:FE:AB:18:CC:F0:CF:01:36:1E:CB:B3:6A
X509v3 Authority Key Identifier:
keyid:EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/LRo2pbuoPfj-qxjM8M8BNh7Ls2o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.93.82.0/24
45.131.51.0/24
80.64.29.0/24
185.210.136.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:4f:5c:c1:9b:ff:c8:e6:52:c4:36:da:4c:b8:bb:fa:66:aa:
a1:4f:2c:23:02:79:fe:df:c2:27:c0:3d:39:93:d9:65:da:ee:
fa:60:07:4f:16:9d:44:d9:a6:3e:18:47:f2:18:0a:b7:0a:bc:
f0:c5:6c:d8:a0:0a:f8:f4:e4:c3:6e:4c:01:92:62:0a:3f:f7:
be:54:7d:ef:19:8b:61:8a:f4:bb:b7:22:b6:1d:4e:b3:d4:1a:
58:09:c4:39:04:40:9e:bf:fb:10:f6:75:31:8d:49:7a:7f:2a:
a6:9e:85:20:98:c9:72:b1:bf:fb:46:4e:a8:13:08:a1:a2:81:
c0:d3:c5:46:6c:7e:d4:76:71:55:ad:cb:d7:48:c2:c8:d4:2d:
fe:54:68:f9:a8:df:8e:3d:51:c2:69:ec:1c:47:3a:5c:6a:71:
30:07:f1:cc:80:91:0a:41:27:be:8c:76:5c:88:27:34:af:d8:
a3:3c:d9:d2:22:d8:9f:da:9b:c4:c3:25:70:f9:18:89:d3:66:
2b:d0:60:37:ee:18:18:09:f1:e0:78:6b:75:9d:5a:b9:17:20:
61:5b:76:29:f3:f0:82:8f:89:3c:d8:2c:e1:9a:75:e0:65:c0:
26:12:8f:fa:c2:8c:d0:44:8a:56:33:3b:98:27:fe:dd:d6:48:
93:e4:3e:2b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ2HKUABT3QVopMZVgkVizcpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYmJmMzE3ZTVmYWY1ZWYwMmM5Y2NlNzk1MjdkNWU3NGI4
YWJjYzUwHhcNMjYwNDEzMTQwNTIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDFhMzZhNWJiYTgzZGY4ZmVhYjE4Y2NmMGNmMDEzNjFlY2JiMzZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzcfL+W+Sk5LrZ/pjl+USBbMGJ5SR
AC2oUHcmGo/iFkal3D37Px4lbe2HyMDxQV3YByDRw4lU3DJqjcOlyjeWmi8JPjPy
zoqVn9cQhrgtu3+f2sQcvU6CT/KHQ8+66XOGymCYobzmNWY1D7yvqK6LPyo3zEmU
QK40uQHsiO30r1QPKbPa2Wd5SUu+u7jREur8DCedaw53i8H6wAo+8Ly8Y/Vt4j/d
NghfTveIeSpT1CQyY3mHHZZNtxSjQPZZJdC9ZICyuRK8+/X6XjMLyTDb47DyRSmC
rZVBSj/pUjoJr7844PqLPi69c4YzX700u9Hyle3xP7s4eTGSXKkL8Ct++QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFC0aNqW7qD34/qsYzPDPATYey7NqMB8GA1UdIwQY
MBaAFO678xfl+vXvAsnM55Un1edLirzFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMt
NmZlOWJmNjA1NjFjLzEvTFJvMnBidW9QZmotcXhqTThNOEJOaDdMczJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMtNmZlOWJmNjA1NjFj
LzEvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALV1SAwQA
LYMzAwQAUEAdAwQAudKIMA0GCSqGSIb3DQEBCwUAA4IBAQBMT1zBm//I5lLENtpM
uLv6ZqqhTywjAnn+38InwD05k9ll2u76YAdPFp1E2aY+GEfyGAq3CrzwxWzYoAr4
9OTDbkwBkmIKP/e+VH3vGYthivS7tyK2HU6z1BpYCcQ5BECev/sQ9nUxjUl6fyqm
noUgmMlysb/7Rk6oEwihooHA08VGbH7UdnFVrcvXSMLI1C3+VGj5qN+OPVHCaewc
RzpcanEwB/HMgJEKQSe+jHZciCc0r9ijPNnSItif2pvEwyVw+RiJ02Yr0GA37hgY
CfHgeGt1nVq5FyBhW3Yp8/CCj4k82CzhmnXgZcAmEo/6wozQRIpWMzuYJ/7d1kiT
5D4r
-----END CERTIFICATE-----
Generated at Sun Apr 19 09:46:07 2026 by rpki-client