Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/LwoNlzQ6KPqxEuz4ON797gaa1GM.roa
File: LwoNlzQ6KPqxEuz4ON797gaa1GM.roa (raw, json)
Hash identifier: XQhHv++xT20aBfNtLXh4kFjVzZCR74yD4SyhbKhF0VE=
Subject key identifier: 2F:0A:0D:97:34:3A:28:FA:B1:12:EC:F8:38:DE:FD:EE:06:9A:D4:63
Certificate issuer: /CN=bdfad23e11cf0d24a477594eba09f99acc6f1fff
Certificate serial: 019B76EB31C2CADB9B855006B61616D5775B
Authority key identifier: BD:FA:D2:3E:11:CF:0D:24:A4:77:59:4E:BA:09:F9:9A:CC:6F:1F:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vfrSPhHPDSSkd1lOugn5msxvH_8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/LwoNlzQ6KPqxEuz4ON797gaa1GM.roa
Signing time: Thu 01 Jan 2026 00:18:03 +0000
ROA not before: Thu 01 Jan 2026 00:18:03 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 39494
IP address blocks: 31.177.85.0/24 maxlen: 24
31.177.86.0/23 maxlen: 24
79.174.72.0/22 maxlen: 22
89.104.64.0/19 maxlen: 19
89.104.76.0/24 maxlen: 24
89.104.78.0/23 maxlen: 23
89.111.128.0/18 maxlen: 18
89.111.144.0/20 maxlen: 20
89.111.160.0/20 maxlen: 24
89.111.176.0/20 maxlen: 20
89.111.176.0/22 maxlen: 22
89.111.177.0/24 maxlen: 24
91.217.21.0/24 maxlen: 24
2a01:d8::/32 maxlen: 48
2a02:2090::/32 maxlen: 48
2a02:2090:e400::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/vfrSPhHPDSSkd1lOugn5msxvH_8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/vfrSPhHPDSSkd1lOugn5msxvH_8.mft
rsync://rpki.ripe.net/repository/DEFAULT/vfrSPhHPDSSkd1lOugn5msxvH_8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:76:eb:31:c2:ca:db:9b:85:50:06:b6:16:16:d5:77:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bdfad23e11cf0d24a477594eba09f99acc6f1fff
Validity
Not Before: Jan 1 00:18:03 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2f0a0d97343a28fab112ecf838defdee069ad463
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:4c:82:d8:61:40:a3:cb:b5:75:e0:cb:e5:d4:
b0:2d:e0:f0:c1:03:b9:3c:0d:79:c2:a5:b3:74:60:
28:41:a8:2a:08:c2:97:26:99:cd:65:6b:74:53:8e:
5b:23:a7:48:b8:1a:42:9f:bd:35:32:6a:65:bb:6f:
46:18:b0:03:47:65:f4:18:69:f9:a3:6b:32:5d:de:
b9:0f:2a:85:0c:78:d8:61:4d:d2:9d:e3:c3:f8:98:
21:4e:90:eb:00:bf:ae:8d:35:90:10:f0:a9:c4:c6:
2c:c5:eb:fd:36:4f:b7:4f:64:8a:9e:c5:72:dd:8d:
17:b5:13:a3:7d:e9:d3:93:db:11:ce:86:26:5d:87:
e6:9c:ee:38:f5:ec:84:33:80:a7:3b:dc:01:e6:83:
c1:68:ad:37:e7:57:38:ba:a4:8b:b5:16:ea:9c:35:
54:12:0b:b5:2e:5a:62:00:55:7b:d5:6f:28:06:34:
b0:c6:0c:06:f0:58:f5:ec:b5:57:7e:24:94:6c:04:
4e:4c:fd:4d:08:6f:da:ba:12:ce:f3:d7:0b:49:3e:
23:a9:db:70:fe:de:11:82:b6:86:d8:76:e8:65:e3:
2b:3c:10:54:58:fc:c5:5f:03:1f:11:ae:44:6f:d5:
9c:49:e7:df:0a:48:65:7b:47:39:75:f9:45:30:d2:
fb:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:0A:0D:97:34:3A:28:FA:B1:12:EC:F8:38:DE:FD:EE:06:9A:D4:63
X509v3 Authority Key Identifier:
keyid:BD:FA:D2:3E:11:CF:0D:24:A4:77:59:4E:BA:09:F9:9A:CC:6F:1F:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vfrSPhHPDSSkd1lOugn5msxvH_8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/LwoNlzQ6KPqxEuz4ON797gaa1GM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/vfrSPhHPDSSkd1lOugn5msxvH_8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.177.85.0-31.177.87.255
79.174.72.0/22
89.104.64.0/19
89.111.128.0/18
91.217.21.0/24
IPv6:
2a01:d8::/32
2a02:2090::/32
Signature Algorithm: sha256WithRSAEncryption
48:68:55:28:54:7d:b2:e7:0a:b6:7f:e7:56:2e:26:99:32:f7:
2c:d0:1e:c6:22:d8:40:d2:73:05:18:5d:9e:9c:68:b1:66:62:
b5:db:1a:74:88:2a:82:1d:c4:bd:f7:82:a5:8b:a5:a5:91:56:
fc:b2:be:6a:94:d4:dc:fd:4a:ff:88:e5:9c:34:9b:e5:2f:cd:
ff:10:5b:61:63:9a:12:34:ea:7e:f0:a2:f9:34:f9:50:d5:1a:
b5:74:6a:72:fc:68:8d:dd:24:7e:4e:e3:7a:af:c0:a2:15:97:
7c:33:f3:a1:52:6f:7c:fc:ad:2e:3c:c7:e5:72:9f:ee:df:ce:
cd:0d:11:ed:76:4e:7f:03:b9:cf:d3:35:b4:ab:63:38:3c:b3:
92:b8:15:13:9b:3f:25:8e:c1:c5:c2:56:4b:1e:56:ae:c6:4a:
82:ea:d6:b9:3c:8d:22:76:8a:00:77:7c:4f:c4:ab:5e:58:5d:
46:dc:3c:a1:5a:36:1c:c3:f1:b0:e7:16:fe:fc:bb:94:57:26:
fd:db:3f:28:c7:dd:99:6d:d6:20:0c:e7:8b:ac:ee:40:a6:c1:
b1:44:01:17:74:72:88:e0:c3:8e:b4:43:b1:00:34:c5:0c:ef:
8a:07:86:8e:bd:68:90:50:3e:7e:53:59:54:b6:f2:4f:a4:51:
b5:3c:85:47
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZt26zHCytubhVAGthYW1XdbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZmFkMjNlMTFjZjBkMjRhNDc3NTk0ZWJhMDlmOTlhY2M2
ZjFmZmYwHhcNMjYwMTAxMDAxODAzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjBhMGQ5NzM0M2EyOGZhYjExMmVjZjgzOGRlZmRlZTA2OWFkNDYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA10yC2GFAo8u1deDL5dSwLeDwwQO5
PA15wqWzdGAoQagqCMKXJpnNZWt0U45bI6dIuBpCn701Mmplu29GGLADR2X0GGn5
o2syXd65DyqFDHjYYU3SnePD+JghTpDrAL+ujTWQEPCpxMYsxev9Nk+3T2SKnsVy
3Y0XtROjfenTk9sRzoYmXYfmnO449eyEM4CnO9wB5oPBaK0351c4uqSLtRbqnDVU
Egu1LlpiAFV71W8oBjSwxgwG8Fj17LVXfiSUbAROTP1NCG/auhLO89cLST4jqdtw
/t4RgraG2HboZeMrPBBUWPzFXwMfEa5Eb9WcSeffCkhle0c5dflFMNL7hwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFC8KDZc0Oij6sRLs+Dje/e4GmtRjMB8GA1UdIwQY
MBaAFL360j4Rzw0kpHdZTroJ+ZrMbx//MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmZyU1BoSFBEU1NrZDFsT3VnbjVtc3h2SF84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9lMjUyMzktNmFiMC00OTE5LWE3NmEt
NGY0ZTcxZTMyMDg0LzEvTHdvTmx6UTZLUHF4RXV6NE9ONzk3Z2FhMUdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9lMjUyMzktNmFiMC00OTE5LWE3NmEtNGY0ZTcxZTMyMDg0
LzEvdmZyU1BoSFBEU1NrZDFsT3VnbjVtc3h2SF84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDAsBAIAATAmMAwDBAAfsVUD
BAMfsVADBAJPrkgDBAVZaEADBAZZb4ADBABb2RUwFAQCAAIwDgMFACoBANgDBQAq
AiCQMA0GCSqGSIb3DQEBCwUAA4IBAQBIaFUoVH2y5wq2f+dWLiaZMvcs0B7GIthA
0nMFGF2enGixZmK12xp0iCqCHcS994Kli6WlkVb8sr5qlNTc/Ur/iOWcNJvlL83/
EFthY5oSNOp+8KL5NPlQ1Rq1dGpy/GiN3SR+TuN6r8CiFZd8M/OhUm98/K0uPMfl
cp/u387NDRHtdk5/A7nP0zW0q2M4PLOSuBUTmz8ljsHFwlZLHlauxkqC6ta5PI0i
dooAd3xPxKteWF1G3DyhWjYcw/Gw5xb+/LuUVyb92z8ox92ZbdYgDOeLrO5ApsGx
RAEXdHKI4MOOtEOxADTFDO+KB4aOvWiQUD5+U1lUtvJPpFG1PIVH
-----END CERTIFICATE-----
Generated at Mon Mar 2 10:47:01 2026 by rpki-client