Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/6f0269-834e-47c5-98e1-f1f802e6613b/1/LT0Iyo1R8YEuaI1JHoSd3uYiu4U.roa
File: LT0Iyo1R8YEuaI1JHoSd3uYiu4U.roa (raw, json)
Hash identifier: doboAOIfjYNyHdw1r6xfrE7hmv8gQ0YwGnxIdc/ApGY=
Subject key identifier: 2D:3D:08:CA:8D:51:F1:81:2E:68:8D:49:1E:84:9D:DE:E6:22:BB:85
Certificate issuer: /CN=cc2eb5b38bb62ede5c98cbfbcff9532852180516
Certificate serial: 019D5592A142AD105A521EEF7C6E3E774941
Authority key identifier: CC:2E:B5:B3:8B:B6:2E:DE:5C:98:CB:FB:CF:F9:53:28:52:18:05:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zC61s4u2Lt5cmMv7z_lTKFIYBRY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/6f0269-834e-47c5-98e1-f1f802e6613b/1/LT0Iyo1R8YEuaI1JHoSd3uYiu4U.roa
Signing time: Fri 03 Apr 2026 22:59:26 +0000
ROA not before: Fri 03 Apr 2026 22:59:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 210083
IP address blocks: 121.127.33.0/24 maxlen: 24
185.130.44.0/24 maxlen: 24
185.130.45.0/24 maxlen: 24
185.130.46.0/24 maxlen: 24
185.130.47.0/24 maxlen: 24
199.231.235.0/24 maxlen: 24
202.181.177.0/24 maxlen: 24
2a07:e00::/48 maxlen: 48
2a07:e00:a::/48 maxlen: 48
2a07:e00:b::/48 maxlen: 48
2a07:e00:c::/48 maxlen: 48
2a07:e00:ac::/48 maxlen: 48
2a07:e00:ad::/48 maxlen: 48
2a07:e00:bb::/48 maxlen: 48
2a07:e00:bc::/48 maxlen: 48
2a07:e00:d0::/44 maxlen: 48
2a07:e00:d0::/48 maxlen: 48
2a07:e00:ff::/48 maxlen: 48
2a07:e00:19f::/48 maxlen: 48
2a07:e00:f9f9::/48 maxlen: 48
2a07:e01::/32 maxlen: 32
2a07:e02:41::/48 maxlen: 48
2a07:e02:a00::/40 maxlen: 40
2a07:e02:b00::/40 maxlen: 56
2a07:e02:baf::/48 maxlen: 48
2a07:e02:bee::/48 maxlen: 48
2a07:e02:1000::/36 maxlen: 40
2a07:e02:1000::/40 maxlen: 40
2a07:e03::/32 maxlen: 48
2a07:e04::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/6f0269-834e-47c5-98e1-f1f802e6613b/1/zC61s4u2Lt5cmMv7z_lTKFIYBRY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/6f0269-834e-47c5-98e1-f1f802e6613b/1/zC61s4u2Lt5cmMv7z_lTKFIYBRY.mft
rsync://rpki.ripe.net/repository/DEFAULT/zC61s4u2Lt5cmMv7z_lTKFIYBRY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 16:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:55:92:a1:42:ad:10:5a:52:1e:ef:7c:6e:3e:77:49:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cc2eb5b38bb62ede5c98cbfbcff9532852180516
Validity
Not Before: Apr 3 22:59:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2d3d08ca8d51f1812e688d491e849ddee622bb85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:f5:68:0f:46:66:0b:bc:47:f9:54:4f:e3:d3:
93:c3:7a:4a:f0:13:72:43:c4:92:2e:01:06:17:ac:
20:9a:c5:d2:bf:9a:19:e1:ab:be:e9:af:e1:25:dc:
84:47:2a:52:4f:b9:f8:83:4a:a1:7e:0c:bc:1f:dc:
61:ff:d0:a5:1e:fc:9d:90:eb:96:d7:d4:2c:be:ab:
95:25:7d:b5:b0:ce:43:62:1b:ba:22:cf:2b:a9:81:
bf:2a:90:5d:5e:fb:4c:a0:75:9e:dc:c8:19:ee:29:
15:7c:59:b7:6b:91:19:0d:92:23:fb:36:9f:67:d4:
2b:96:3c:16:d1:68:5a:4f:da:27:74:0a:80:13:29:
76:f1:34:e0:76:90:14:b0:d5:76:a8:56:bc:b4:b7:
3c:2f:70:7d:56:96:f6:d1:9b:d1:21:eb:0a:43:57:
d4:99:a3:ec:86:3d:f0:af:2d:5c:43:3c:8f:07:dd:
af:81:bd:5b:b0:ec:70:2a:76:0e:60:35:1c:b3:4d:
7f:d2:44:a0:92:62:7a:80:a7:fc:59:a7:30:90:a1:
00:89:2d:43:3c:26:97:a6:4b:81:a2:6d:c5:8a:1e:
f1:ab:6b:ff:12:7f:d4:f7:cf:91:87:98:d0:47:8d:
34:cd:66:54:88:7c:79:90:b2:d7:68:12:90:12:b9:
2a:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:3D:08:CA:8D:51:F1:81:2E:68:8D:49:1E:84:9D:DE:E6:22:BB:85
X509v3 Authority Key Identifier:
keyid:CC:2E:B5:B3:8B:B6:2E:DE:5C:98:CB:FB:CF:F9:53:28:52:18:05:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zC61s4u2Lt5cmMv7z_lTKFIYBRY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/6f0269-834e-47c5-98e1-f1f802e6613b/1/LT0Iyo1R8YEuaI1JHoSd3uYiu4U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/6f0269-834e-47c5-98e1-f1f802e6613b/1/zC61s4u2Lt5cmMv7z_lTKFIYBRY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
121.127.33.0/24
185.130.44.0/22
199.231.235.0/24
202.181.177.0/24
IPv6:
2a07:e00::/48
2a07:e00:a::-2a07:e00:c:ffff:ffff:ffff:ffff:ffff
2a07:e00:ac::/47
2a07:e00:bb::-2a07:e00:bc:ffff:ffff:ffff:ffff:ffff
2a07:e00:d0::/44
2a07:e00:ff::/48
2a07:e00:19f::/48
2a07:e00:f9f9::/48
2a07:e01::/32
2a07:e02:41::/48
2a07:e02:a00::/39
2a07:e02:1000::/36
2a07:e03::-2a07:e04:fff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
2d:b6:e4:a8:f6:41:38:e0:16:6f:72:56:67:d8:5f:13:d5:34:
67:64:1c:65:2f:79:8c:68:75:32:81:d0:6d:66:78:9b:f2:e7:
48:46:32:a1:59:e5:0a:bf:99:c1:15:1b:38:b8:96:c8:9e:ee:
51:b9:86:01:48:24:1b:f0:0f:f2:29:b5:0f:a5:f3:eb:34:31:
23:ff:97:ec:a0:c1:6b:a9:d7:7a:81:ce:95:da:36:9e:73:59:
df:90:22:ee:ba:f3:62:bb:6d:c8:db:36:f4:44:09:c0:fe:a2:
4f:b6:9a:ed:62:7d:5e:35:4b:e8:4f:b4:d5:73:11:8c:6d:c1:
62:c1:30:83:96:25:42:9a:32:12:49:77:03:43:fc:c1:78:40:
5f:c8:21:f5:02:ea:b1:03:58:c3:d3:bf:57:ec:a4:77:b0:2c:
6c:0f:12:de:4a:60:c8:99:61:28:dd:74:f9:b1:06:f9:d0:29:
40:97:2f:c3:21:72:55:af:41:8f:9c:7f:1b:17:07:19:66:d8:
55:04:62:c4:3a:9c:76:05:c0:c2:1b:52:39:37:c3:f5:77:56:
1a:25:88:d6:ff:7b:bb:90:4f:cb:ee:30:08:cb:a1:99:f2:09:
fa:87:ab:5a:76:4d:a6:08:cc:a4:54:94:8e:f4:93:47:a6:14:
0b:54:10:f8
-----BEGIN CERTIFICATE-----
MIIFqzCCBJOgAwIBAgISAZ1VkqFCrRBaUh7vfG4+d0lBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjMmViNWIzOGJiNjJlZGU1Yzk4Y2JmYmNmZjk1MzI4NTIx
ODA1MTYwHhcNMjYwNDAzMjI1OTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDNkMDhjYThkNTFmMTgxMmU2ODhkNDkxZTg0OWRkZWU2MjJiYjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtfVoD0ZmC7xH+VRP49OTw3pK8BNy
Q8SSLgEGF6wgmsXSv5oZ4au+6a/hJdyERypST7n4g0qhfgy8H9xh/9ClHvydkOuW
19QsvquVJX21sM5DYhu6Is8rqYG/KpBdXvtMoHWe3MgZ7ikVfFm3a5EZDZIj+zaf
Z9QrljwW0WhaT9ondAqAEyl28TTgdpAUsNV2qFa8tLc8L3B9Vpb20ZvRIesKQ1fU
maPshj3wry1cQzyPB92vgb1bsOxwKnYOYDUcs01/0kSgkmJ6gKf8WacwkKEAiS1D
PCaXpkuBom3Fih7xq2v/En/U98+Rh5jQR400zWZUiHx5kLLXaBKQErkqCQIDAQAB
o4ICtzCCArMwHQYDVR0OBBYEFC09CMqNUfGBLmiNSR6End7mIruFMB8GA1UdIwQY
MBaAFMwutbOLti7eXJjL+8/5UyhSGAUWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekM2MXM0dTJMdDVjbU12N3pfbFRLRklZQlJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC82ZjAyNjktODM0ZS00N2M1LTk4ZTEt
ZjFmODAyZTY2MTNiLzEvTFQwSXlvMVI4WUV1YUkxSkhvU2QzdVlpdTRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC82ZjAyNjktODM0ZS00N2M1LTk4ZTEtZjFmODAyZTY2MTNi
LzEvekM2MXM0dTJMdDVjbU12N3pfbFRLRklZQlJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHMBggrBgEFBQcBBwEB/wSBvDCBuTAeBAIAATAYAwQAeX8h
AwQCuYIsAwQAx+frAwQAyrWxMIGWBAIAAjCBjwMHACoHDgAAADASAwcBKgcOAAAK
AwcAKgcOAAAMAwcBKgcOAACsMBIDBwAqBw4AALsDBwAqBw4AALwDBwQqBw4AANAD
BwAqBw4AAP8DBwAqBw4AAZ8DBwAqBw4A+fkDBQAqBw4BAwcAKgcOAgBBAwYBKgcO
AgoDBgQqBw4CEDAPAwUAKgcOAwMGBCoHDgQAMA0GCSqGSIb3DQEBCwUAA4IBAQAt
tuSo9kE44BZvclZn2F8T1TRnZBxlL3mMaHUygdBtZnib8udIRjKhWeUKv5nBFRs4
uJbInu5RuYYBSCQb8A/yKbUPpfPrNDEj/5fsoMFrqdd6gc6V2jaec1nfkCLuuvNi
u23I2zb0RAnA/qJPtprtYn1eNUvoT7TVcxGMbcFiwTCDliVCmjISSXcDQ/zBeEBf
yCH1AuqxA1jD079X7KR3sCxsDxLeSmDImWEo3XT5sQb50ClAly/DIXJVr0GPnH8b
FwcZZthVBGLEOpx2BcDCG1I5N8P1d1YaJYjW/3u7kE/L7jAIy6GZ8gn6h6tadk2m
CMykVJSO9JNHphQLVBD4
-----END CERTIFICATE-----
Generated at Fri Apr 17 20:24:11 2026 by rpki-client