Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/LWD17I_JmZPJPuQ9hiLtEuZ4vzI.roa
File: LWD17I_JmZPJPuQ9hiLtEuZ4vzI.roa (raw, json)
Hash identifier: B5rlBygWjZgJCOb4nVTJOXFGh8EIQQ9yWbyDCMGuoJs=
Subject key identifier: 2D:60:F5:EC:8F:C9:99:93:C9:3E:E4:3D:86:22:ED:12:E6:78:BF:32
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 019D9A7745F470ADF60584F0D4EF07FBB7FB
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/LWD17I_JmZPJPuQ9hiLtEuZ4vzI.roa
Signing time: Fri 17 Apr 2026 08:03:21 +0000
ROA not before: Fri 17 Apr 2026 08:03:21 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 202780
IP address blocks: 192.165.130.0/24 maxlen: 24
192.165.133.0/24 maxlen: 24
193.181.55.0/24 maxlen: 24
193.183.165.0/24 maxlen: 24
193.234.68.0/23 maxlen: 23
194.71.104.0/23 maxlen: 23
194.71.104.0/24 maxlen: 24
194.71.105.0/24 maxlen: 24
194.103.206.0/24 maxlen: 24
194.132.36.0/22 maxlen: 24
2a01:280:360::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 08:03:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9a:77:45:f4:70:ad:f6:05:84:f0:d4:ef:07:fb:b7:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Apr 17 08:03:21 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2d60f5ec8fc99993c93ee43d8622ed12e678bf32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:a2:33:d6:9d:55:7f:96:4a:40:0f:ad:45:37:
76:e9:3c:9c:fc:cf:76:bb:86:9c:e9:c3:f7:a2:42:
bf:95:15:80:b5:7b:78:c0:f5:e9:97:b3:f1:65:0c:
80:a1:57:90:41:da:ae:87:06:f5:0f:6c:b5:4c:0e:
f3:32:3b:d8:c0:27:79:43:e6:27:44:e4:42:95:ca:
86:bf:20:bb:84:5f:f8:23:26:25:e1:09:84:5c:8e:
39:0c:0a:7f:4e:1c:b7:e8:96:64:1e:3d:c3:33:67:
74:fe:f3:77:41:90:7a:c2:38:b1:04:74:dc:56:3b:
ef:d2:a1:4b:5f:5b:cb:08:ed:a8:f1:0c:3d:36:f8:
5f:61:6c:73:9b:d3:cf:f1:76:c3:e9:82:05:8f:d3:
42:9f:ea:69:5a:bc:50:48:9a:2c:31:83:83:d6:e1:
eb:06:17:4e:c0:4a:1c:9a:78:7a:03:45:20:5b:e4:
7a:12:77:ac:8e:3b:fa:36:ef:a3:05:e3:1e:8d:12:
32:b9:23:c4:e8:43:89:c0:fc:b5:7d:ec:00:3a:39:
43:04:d5:3f:8f:0c:69:41:9c:f3:0f:69:24:cb:ed:
66:34:d4:61:b3:d3:b3:23:c8:4d:5d:04:fa:32:c4:
aa:0c:fc:01:06:15:3c:73:ae:df:e5:2f:2f:53:b6:
de:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:60:F5:EC:8F:C9:99:93:C9:3E:E4:3D:86:22:ED:12:E6:78:BF:32
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/LWD17I_JmZPJPuQ9hiLtEuZ4vzI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.165.130.0/24
192.165.133.0/24
193.181.55.0/24
193.183.165.0/24
193.234.68.0/23
194.71.104.0/23
194.103.206.0/24
194.132.36.0/22
IPv6:
2a01:280:360::/48
Signature Algorithm: sha256WithRSAEncryption
c9:e2:f4:f1:0e:7e:4f:10:1b:51:05:92:dd:d4:5b:aa:f3:a1:
d7:07:bb:21:78:89:80:3b:85:d8:12:08:7c:fe:2e:59:f7:66:
fe:b8:18:51:d8:53:67:e2:a1:88:a5:00:dc:82:de:e5:ae:82:
69:6a:71:0b:f6:9a:44:76:3d:01:e5:f0:9e:82:6e:ec:ec:7a:
ad:45:86:f2:71:32:84:79:2a:e8:08:4a:e2:df:79:89:05:5b:
ea:60:eb:9d:f9:08:a2:0f:30:cd:eb:c2:b2:ed:01:e8:c4:bd:
a7:68:3f:f2:d6:fe:d3:63:71:cf:9d:f0:03:32:2f:1a:52:54:
3b:b9:a0:98:a9:51:60:10:a8:48:b0:a1:e2:d4:2e:69:3b:95:
6e:f9:02:a2:da:1b:b2:93:91:39:f8:93:2e:13:04:ec:d8:ae:
8a:58:ae:39:0f:21:48:4c:7f:5a:c6:9d:39:45:cb:f4:2e:2a:
db:ff:2a:56:98:09:66:d0:3b:db:68:67:dc:ec:6a:ff:b1:f8:
94:e7:2e:9a:57:76:91:07:28:63:4f:9e:d0:ae:cf:2f:56:70:
44:41:ab:f9:ae:bb:aa:9c:09:bc:94:80:b1:48:4b:5e:1e:87:
20:83:80:a8:48:3c:e6:99:65:d7:f5:4c:c3:0c:9c:6a:8c:f7:
f7:8a:e8:4f
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAZ2ad0X0cK32BYTw1O8H+7f7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjYwNDE3MDgwMzIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDYwZjVlYzhmYzk5OTkzYzkzZWU0M2Q4NjIyZWQxMmU2NzhiZjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApaIz1p1Vf5ZKQA+tRTd26Tyc/M92
u4ac6cP3okK/lRWAtXt4wPXpl7PxZQyAoVeQQdquhwb1D2y1TA7zMjvYwCd5Q+Yn
RORClcqGvyC7hF/4IyYl4QmEXI45DAp/Thy36JZkHj3DM2d0/vN3QZB6wjixBHTc
Vjvv0qFLX1vLCO2o8Qw9NvhfYWxzm9PP8XbD6YIFj9NCn+ppWrxQSJosMYOD1uHr
BhdOwEocmnh6A0UgW+R6Enesjjv6Nu+jBeMejRIyuSPE6EOJwPy1fewAOjlDBNU/
jwxpQZzzD2kky+1mNNRhs9OzI8hNXQT6MsSqDPwBBhU8c67f5S8vU7beowIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFC1g9eyPyZmTyT7kPYYi7RLmeL8yMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvTFdEMTdJX0ptWlBKUHVROWhpTHRFdVo0dnpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTA2BAIAATAwAwQAwKWCAwQA
wKWFAwQAwbU3AwQAwbelAwQBwepEAwQBwkdoAwQAwmfOAwQCwoQkMA8EAgACMAkD
BwAqAQKAA2AwDQYJKoZIhvcNAQELBQADggEBAMni9PEOfk8QG1EFkt3UW6rzodcH
uyF4iYA7hdgSCHz+Lln3Zv64GFHYU2fioYilANyC3uWugmlqcQv2mkR2PQHl8J6C
buzseq1FhvJxMoR5KugISuLfeYkFW+pg6535CKIPMM3rwrLtAejEvadoP/LW/tNj
cc+d8AMyLxpSVDu5oJipUWAQqEiwoeLULmk7lW75AqLaG7KTkTn4ky4TBOzYropY
rjkPIUhMf1rGnTlFy/QuKtv/KlaYCWbQO9toZ9zsav+x+JTnLppXdpEHKGNPntCu
zy9WcERBq/muu6qcCbyUgLFIS14ehyCDgKhIPOaZZdf1TMMMnGqM9/eK6E8=
-----END CERTIFICATE-----
Generated at Fri Apr 17 17:59:05 2026 by rpki-client