Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/5eb212-46f5-438c-8672-1fa78018a6e9/1/aXQLtcOwVN8fpurjCOFqsqSeizE.roa
File: aXQLtcOwVN8fpurjCOFqsqSeizE.roa (raw, json)
Hash identifier: pI93Daua5V7da7QmDH9DHnKxunq64cV74XwDIWCy4RM=
Subject key identifier: 69:74:0B:B5:C3:B0:54:DF:1F:A6:EA:E3:08:E1:6A:B2:A4:9E:8B:31
Certificate issuer: /CN=2d1c16f7ea710af45e2b3a11e628a38ce67bc7a5
Certificate serial: 019CA11B4F9F2CAD508D71786B13D9800F65
Authority key identifier: 2D:1C:16:F7:EA:71:0A:F4:5E:2B:3A:11:E6:28:A3:8C:E6:7B:C7:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRwW9-pxCvReKzoR5iijjOZ7x6U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/5eb212-46f5-438c-8672-1fa78018a6e9/1/aXQLtcOwVN8fpurjCOFqsqSeizE.roa
Signing time: Fri 27 Feb 2026 21:57:27 +0000
ROA not before: Fri 27 Feb 2026 21:57:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 51791
IP address blocks: 153.56.128.0/24 maxlen: 24
153.56.129.0/24 maxlen: 24
2a11:1fc0::/48 maxlen: 48
2a11:1fc0:2::/48 maxlen: 48
2a11:1fc0:3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/5eb212-46f5-438c-8672-1fa78018a6e9/1/LRwW9-pxCvReKzoR5iijjOZ7x6U.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/5eb212-46f5-438c-8672-1fa78018a6e9/1/LRwW9-pxCvReKzoR5iijjOZ7x6U.mft
rsync://rpki.ripe.net/repository/DEFAULT/LRwW9-pxCvReKzoR5iijjOZ7x6U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 12:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:a1:1b:4f:9f:2c:ad:50:8d:71:78:6b:13:d9:80:0f:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1c16f7ea710af45e2b3a11e628a38ce67bc7a5
Validity
Not Before: Feb 27 21:57:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=69740bb5c3b054df1fa6eae308e16ab2a49e8b31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:be:97:55:aa:df:5b:b2:d7:23:87:3b:95:44:
d0:aa:69:d9:df:14:00:12:d9:27:23:14:bc:11:29:
19:91:4c:92:6b:8b:75:31:49:55:d6:65:ed:cb:22:
8c:b4:d7:6a:2a:73:ea:9b:a4:9e:a2:d3:43:80:5a:
94:a0:13:f5:c3:70:7b:d5:31:cb:a2:84:a7:17:e0:
45:96:8e:c8:14:0a:8c:9c:3d:7c:38:13:11:c8:ae:
d3:e2:10:06:62:36:7e:fb:b8:62:d2:60:f6:4a:6f:
ed:6f:92:ee:c4:25:c7:ee:33:7f:b4:8d:48:9e:79:
8d:c7:39:ea:c6:09:3b:11:c4:22:9c:74:44:78:12:
02:09:00:09:f3:1c:bf:df:fa:a6:25:44:f8:ee:c6:
c8:31:6a:54:da:4f:f7:91:c5:f6:45:90:38:cd:00:
bf:4a:06:4c:39:c6:82:d7:d8:2a:1a:75:b0:83:0a:
1a:ca:f8:dd:7f:4f:17:aa:61:fb:a6:e0:bb:65:58:
3e:5c:dc:3c:9c:00:11:3a:88:8f:14:61:78:f2:b8:
f9:6d:34:a1:b7:d2:cc:8d:45:b2:12:1f:8c:3c:a1:
c0:e7:f7:3c:02:df:99:22:e7:00:b7:73:39:68:8e:
99:d9:a3:28:02:a6:0a:ff:4d:0c:a8:f1:a6:54:2c:
c2:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:74:0B:B5:C3:B0:54:DF:1F:A6:EA:E3:08:E1:6A:B2:A4:9E:8B:31
X509v3 Authority Key Identifier:
keyid:2D:1C:16:F7:EA:71:0A:F4:5E:2B:3A:11:E6:28:A3:8C:E6:7B:C7:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRwW9-pxCvReKzoR5iijjOZ7x6U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/5eb212-46f5-438c-8672-1fa78018a6e9/1/aXQLtcOwVN8fpurjCOFqsqSeizE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/5eb212-46f5-438c-8672-1fa78018a6e9/1/LRwW9-pxCvReKzoR5iijjOZ7x6U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
153.56.128.0/23
IPv6:
2a11:1fc0::/48
2a11:1fc0:2::/47
Signature Algorithm: sha256WithRSAEncryption
d6:b8:b4:94:a0:0e:9e:ac:0d:54:a9:67:91:48:5d:d3:7e:f6:
a5:c0:c0:02:f1:e9:65:24:92:a6:c2:4d:bb:2b:77:73:d9:a3:
89:cf:30:02:f6:2f:70:4f:02:12:52:a9:18:3b:08:05:8d:b4:
73:6f:6f:10:7a:a1:40:32:f4:44:2d:5b:e2:fd:fd:e4:e0:97:
e8:4d:00:ff:d4:67:ad:00:4d:5b:84:c9:af:f8:76:94:68:b0:
50:f6:23:3e:31:a0:bd:52:1b:a2:05:99:4a:e5:6d:73:d7:5d:
39:44:01:f7:1a:9d:51:3e:c8:04:81:3a:d8:2e:bf:24:89:97:
15:3f:d8:c5:15:f2:0e:16:a6:61:42:7d:86:06:bf:bf:fe:df:
dd:38:ac:0f:f7:65:b8:9a:1d:83:45:5d:7f:4d:38:f1:16:d9:
db:da:9d:30:4d:15:ad:07:9d:f3:08:0d:ff:b5:82:3e:63:9a:
e1:60:f0:94:8e:c0:dd:b0:14:cf:a3:ec:7a:98:bc:81:be:09:
6c:a9:7b:dd:af:2a:4c:61:4b:f0:7b:50:af:70:43:8a:13:d4:
06:74:fb:78:f0:29:b7:71:60:0a:94:c3:6d:70:c2:d1:43:e8:
c4:5f:c0:17:2b:76:ee:a0:12:f3:3f:47:74:4a:7d:08:f7:26:
a4:f6:45:48
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZyhG0+fLK1QjXF4axPZgA9lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWMxNmY3ZWE3MTBhZjQ1ZTJiM2ExMWU2MjhhMzhjZTY3
YmM3YTUwHhcNMjYwMjI3MjE1NzI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTc0MGJiNWMzYjA1NGRmMWZhNmVhZTMwOGUxNmFiMmE0OWU4YjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyb6XVarfW7LXI4c7lUTQqmnZ3xQA
EtknIxS8ESkZkUySa4t1MUlV1mXtyyKMtNdqKnPqm6SeotNDgFqUoBP1w3B71THL
ooSnF+BFlo7IFAqMnD18OBMRyK7T4hAGYjZ++7hi0mD2Sm/tb5LuxCXH7jN/tI1I
nnmNxznqxgk7EcQinHREeBICCQAJ8xy/3/qmJUT47sbIMWpU2k/3kcX2RZA4zQC/
SgZMOcaC19gqGnWwgwoayvjdf08XqmH7puC7ZVg+XNw8nAAROoiPFGF48rj5bTSh
t9LMjUWyEh+MPKHA5/c8At+ZIucAt3M5aI6Z2aMoAqYK/00MqPGmVCzCzQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFGl0C7XDsFTfH6bq4wjharKknosxMB8GA1UdIwQY
MBaAFC0cFvfqcQr0Xis6EeYoo4zme8elMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ3VzktcHhDdlJlS3pvUjVpaWpqT1o3eDZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy81ZWIyMTItNDZmNS00MzhjLTg2NzIt
MWZhNzgwMThhNmU5LzEvYVhRTHRjT3dWTjhmcHVyakNPRnFzcVNlaXpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy81ZWIyMTItNDZmNS00MzhjLTg2NzItMWZhNzgwMThhNmU5
LzEvTFJ3VzktcHhDdlJlS3pvUjVpaWpqT1o3eDZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQBmTiAMBgE
AgACMBIDBwAqER/AAAADBwEqER/AAAIwDQYJKoZIhvcNAQELBQADggEBANa4tJSg
Dp6sDVSpZ5FIXdN+9qXAwALx6WUkkqbCTbsrd3PZo4nPMAL2L3BPAhJSqRg7CAWN
tHNvbxB6oUAy9EQtW+L9/eTgl+hNAP/UZ60ATVuEya/4dpRosFD2Iz4xoL1SG6IF
mUrlbXPXXTlEAfcanVE+yASBOtguvySJlxU/2MUV8g4WpmFCfYYGv7/+3904rA/3
ZbiaHYNFXX9NOPEW2dvanTBNFa0HnfMIDf+1gj5jmuFg8JSOwN2wFM+j7HqYvIG+
CWype92vKkxhS/B7UK9wQ4oT1AZ0+3jwKbdxYAqUw21wwtFD6MRfwBcrdu6gEvM/
R3RKfQj3JqT2RUg=
-----END CERTIFICATE-----
Generated at Mon Mar 2 16:04:56 2026 by rpki-client