Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/LeeiUVuv1axevP52YRYb6GWpDaE.roa
File: LeeiUVuv1axevP52YRYb6GWpDaE.roa (raw, json)
Hash identifier: 3ewokocUEqwEnCYDqa0bWQiwVx97sfrCp7nlRzxhRvQ=
Subject key identifier: 2D:E7:A2:51:5B:AF:D5:AC:5E:BC:FE:76:61:16:1B:E8:65:A9:0D:A1
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 019C896D750CC34AC159033355AB50F6C654
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/LeeiUVuv1axevP52YRYb6GWpDaE.roa
Signing time: Mon 23 Feb 2026 07:36:17 +0000
ROA not before: Mon 23 Feb 2026 07:36:17 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 3170
IP address blocks: 185.133.73.0/24 maxlen: 32
185.223.164.0/24 maxlen: 32
194.156.159.0/24 maxlen: 32
2a06:7a03::/48 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.mft
rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 09:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:89:6d:75:0c:c3:4a:c1:59:03:33:55:ab:50:f6:c6:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Feb 23 07:36:17 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2de7a2515bafd5ac5ebcfe7661161be865a90da1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:b2:27:d4:3f:bb:4b:e1:58:fe:b8:24:e7:ac:
67:28:09:06:9a:62:5f:af:e0:5c:1f:35:7f:21:3d:
17:20:12:dd:71:55:18:f4:47:b8:4d:14:0d:d1:eb:
f7:f0:65:26:d8:38:6a:8b:c3:88:8b:3e:de:99:69:
c2:13:b5:29:1e:0b:7d:e7:93:12:2a:58:fb:d4:89:
b7:39:74:39:17:5c:c2:ef:99:af:9b:53:62:49:ae:
80:df:a2:62:aa:08:2d:a2:f8:4b:3a:07:6b:16:1c:
9d:cb:70:1c:82:7f:46:e7:6e:41:e6:0e:a9:77:2c:
be:8f:a8:8d:28:85:5a:4d:51:8c:2b:b5:3d:a7:b2:
f2:cf:a4:ae:d2:f6:f6:fa:a3:07:db:40:52:06:b0:
19:6f:31:87:36:04:3e:39:6d:8e:1a:38:a8:8b:b9:
4d:60:a1:b2:ce:34:5d:7e:66:f0:f0:64:1e:59:fd:
44:49:c8:5e:f7:e7:65:31:0c:5d:df:e6:b3:0a:32:
4f:b3:f9:3d:3f:6e:10:6a:44:30:c9:6f:35:75:82:
fb:06:88:52:d5:ac:a1:cd:27:10:61:c3:85:09:99:
15:e2:90:0b:78:23:32:79:f3:b8:33:d6:aa:b6:62:
80:e2:2c:e6:1f:bd:c7:36:ed:fa:d1:6a:73:bb:ef:
ed:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:E7:A2:51:5B:AF:D5:AC:5E:BC:FE:76:61:16:1B:E8:65:A9:0D:A1
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/LeeiUVuv1axevP52YRYb6GWpDaE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.133.73.0/24
185.223.164.0/24
194.156.159.0/24
IPv6:
2a06:7a03::/48
Signature Algorithm: sha256WithRSAEncryption
1e:07:ad:86:61:b3:2d:44:55:26:25:29:b1:a5:fa:f8:5a:06:
ad:8c:2d:40:3a:45:9d:c8:b8:18:e3:e2:17:1d:21:c1:57:38:
f5:cf:9c:13:50:b3:f3:34:d0:85:a5:d1:fd:b5:50:47:f2:e3:
72:22:bb:b2:80:f5:01:f3:3c:75:c5:d2:c6:ce:a6:68:f5:81:
60:e2:1f:af:ba:a7:00:c1:de:8b:38:58:f6:c9:25:0e:f0:19:
91:b3:a1:85:27:68:35:6a:8f:10:54:f6:e4:2c:9a:8f:f2:00:
39:fe:1d:a9:94:8e:38:d4:4e:71:21:1d:5b:7d:93:08:19:f6:
d3:86:db:a5:c1:dd:ff:74:2b:f7:fa:5f:95:68:e8:0d:79:f2:
4f:51:c2:74:ca:ea:94:c4:c6:6d:c5:06:db:60:c6:42:2a:15:
ce:2c:13:78:9c:25:70:41:07:be:38:19:74:de:82:6f:84:09:
10:18:0d:7e:ec:bb:17:1e:49:af:b1:86:45:ba:37:03:45:55:
d2:25:db:9a:04:01:78:c7:7b:74:83:1d:b1:e7:e3:bd:da:53:
ea:69:20:7a:85:e9:1e:32:67:0d:9c:8c:9c:38:b5:da:da:b1:
4f:2b:7f:20:3e:07:2d:93:53:6e:d1:84:6e:42:63:f5:6c:fa:
90:df:68:ae
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZyJbXUMw0rBWQMzVatQ9sZUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjYwMjIzMDczNjE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGU3YTI1MTViYWZkNWFjNWViY2ZlNzY2MTE2MWJlODY1YTkwZGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu7In1D+7S+FY/rgk56xnKAkGmmJf
r+BcHzV/IT0XIBLdcVUY9Ee4TRQN0ev38GUm2Dhqi8OIiz7emWnCE7UpHgt955MS
Klj71Im3OXQ5F1zC75mvm1NiSa6A36JiqggtovhLOgdrFhydy3Acgn9G525B5g6p
dyy+j6iNKIVaTVGMK7U9p7Lyz6Su0vb2+qMH20BSBrAZbzGHNgQ+OW2OGjioi7lN
YKGyzjRdfmbw8GQeWf1ESche9+dlMQxd3+azCjJPs/k9P24QakQwyW81dYL7BohS
1ayhzScQYcOFCZkV4pALeCMyefO4M9aqtmKA4izmH73HNu360Wpzu+/tiQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFC3nolFbr9WsXrz+dmEWG+hlqQ2hMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvTGVlaVVWdXYxYXhldlA1MllSWWI2R1dwRGFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAuYVJAwQA
ud+kAwQAwpyfMA8EAgACMAkDBwAqBnoDAAAwDQYJKoZIhvcNAQELBQADggEBAB4H
rYZhsy1EVSYlKbGl+vhaBq2MLUA6RZ3IuBjj4hcdIcFXOPXPnBNQs/M00IWl0f21
UEfy43Iiu7KA9QHzPHXF0sbOpmj1gWDiH6+6pwDB3os4WPbJJQ7wGZGzoYUnaDVq
jxBU9uQsmo/yADn+HamUjjjUTnEhHVt9kwgZ9tOG26XB3f90K/f6X5Vo6A158k9R
wnTK6pTExm3FBttgxkIqFc4sE3icJXBBB744GXTegm+ECRAYDX7suxceSa+xhkW6
NwNFVdIl25oEAXjHe3SDHbHn473aU+ppIHqF6R4yZw2cjJw4tdrasU8rfyA+By2T
U27RhG5CY/Vs+pDfaK4=
-----END CERTIFICATE-----
Generated at Sun Mar 1 20:04:14 2026 by rpki-client