Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/LxhRpQl_cobyxZdlwhHk2HcK2aI.roa
File: LxhRpQl_cobyxZdlwhHk2HcK2aI.roa (raw, json)
Hash identifier: E0fHaBUUw516lw3xsuTyJHhkGD1FVbVemIOVXbxFI1M=
Subject key identifier: 2F:18:51:A5:09:7F:72:86:F2:C5:97:65:C2:11:E4:D8:77:0A:D9:A2
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 019ECB9A17D110E0084830494C4939A1EEC6
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/LxhRpQl_cobyxZdlwhHk2HcK2aI.roa
Signing time: Mon 15 Jun 2026 14:05:33 +0000
ROA not before: Mon 15 Jun 2026 14:05:33 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 204914
IP address blocks: 2.56.165.0/24 maxlen: 24
77.83.242.0/24 maxlen: 24
89.190.158.0/24 maxlen: 24
185.227.69.0/24 maxlen: 24
185.234.75.0/24 maxlen: 24
194.56.226.0/24 maxlen: 24
212.107.14.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Jun 2026 11:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:cb:9a:17:d1:10:e0:08:48:30:49:4c:49:39:a1:ee:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jun 15 14:05:33 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2f1851a5097f7286f2c59765c211e4d8770ad9a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:0c:a0:2f:9e:73:83:b7:c5:4b:64:b6:2e:59:
6b:4e:05:f0:df:d7:0c:ed:4e:21:2a:bd:f1:20:44:
41:02:36:a7:77:8f:f7:00:20:d5:1c:e5:97:82:f3:
f4:ee:60:7c:8e:80:49:16:d4:81:dc:05:ac:7c:c2:
ac:a5:15:7c:61:63:ad:ec:08:13:71:38:1b:e5:d0:
76:9d:14:30:22:1a:37:65:32:ae:32:ed:70:96:24:
0b:94:81:67:a9:cf:90:78:48:e7:3a:4e:8e:e5:e8:
1c:c7:6f:4d:d0:7a:ad:bd:08:7b:c5:53:61:84:27:
79:27:4e:19:66:26:55:a2:41:e4:6e:d6:6f:4c:51:
c7:92:fa:84:43:20:64:57:ac:aa:6d:7f:60:b0:bf:
fd:f0:0b:42:32:76:ad:47:08:94:c7:a3:2a:f6:3d:
cc:be:d7:9c:ec:22:60:f6:28:d5:0f:b7:3f:c7:3d:
10:7e:85:d2:2d:f3:b7:b0:a3:55:af:79:56:2b:a7:
8c:77:76:b9:a5:a7:57:c9:e1:c2:d7:3a:1d:6f:66:
11:26:7c:fc:83:45:dc:c3:cd:3e:1b:a8:8f:c4:e3:
2b:69:e1:e0:6b:76:ea:88:21:db:fa:03:fb:bf:a9:
1e:53:1c:bb:85:5a:cb:8f:94:48:91:ff:c1:7b:49:
b4:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:18:51:A5:09:7F:72:86:F2:C5:97:65:C2:11:E4:D8:77:0A:D9:A2
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/LxhRpQl_cobyxZdlwhHk2HcK2aI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.165.0/24
77.83.242.0/24
89.190.158.0/24
185.227.69.0/24
185.234.75.0/24
194.56.226.0/24
212.107.14.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:61:0f:2f:37:10:53:1d:30:c1:a8:cc:1a:aa:58:b9:7c:e5:
22:9f:09:e3:51:3c:52:35:16:e9:b5:4a:0a:e5:2d:22:86:3f:
c9:81:27:33:ef:4c:36:cb:39:aa:b0:8d:56:e6:c7:3d:41:44:
58:76:19:5b:ec:98:75:9a:c6:ed:ed:23:b2:52:db:7c:bf:e1:
bf:54:63:24:5f:e7:bf:de:68:5c:79:c4:7e:90:a2:4b:a7:89:
78:fd:95:4c:71:22:6d:f2:10:5e:43:c1:79:9d:2e:8f:b7:dc:
50:25:7f:7d:d9:9a:02:55:b1:de:b3:9b:7d:6d:5b:29:9a:7a:
a9:12:d5:21:0f:ce:c1:92:ec:14:84:e1:7a:be:34:e9:00:d3:
bc:40:85:0d:b3:fd:19:46:f4:11:af:13:8e:fa:fc:96:1f:86:
c2:8b:d1:f0:a7:2e:fe:fd:5e:7f:ba:73:43:67:b4:a2:5c:77:
d5:a7:69:86:4f:ce:54:69:7c:26:1a:44:cd:0b:29:ee:c8:5e:
30:c9:a4:d0:22:39:b0:08:df:e9:c5:10:ac:b4:14:fd:41:4e:
86:73:15:a8:3b:af:88:df:3f:99:e5:23:f0:f2:28:6c:41:9e:
24:35:18:b2:ff:5f:97:e8:a9:d0:53:44:aa:9a:8e:2f:e3:2e:
d2:2b:a7:3e
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZ7LmhfREOAISDBJTEk5oe7GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjYwNjE1MTQwNTMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjE4NTFhNTA5N2Y3Mjg2ZjJjNTk3NjVjMjExZTRkODc3MGFkOWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlQygL55zg7fFS2S2LllrTgXw39cM
7U4hKr3xIERBAjand4/3ACDVHOWXgvP07mB8joBJFtSB3AWsfMKspRV8YWOt7AgT
cTgb5dB2nRQwIho3ZTKuMu1wliQLlIFnqc+QeEjnOk6O5egcx29N0HqtvQh7xVNh
hCd5J04ZZiZVokHkbtZvTFHHkvqEQyBkV6yqbX9gsL/98AtCMnatRwiUx6Mq9j3M
vtec7CJg9ijVD7c/xz0QfoXSLfO3sKNVr3lWK6eMd3a5padXyeHC1zodb2YRJnz8
g0Xcw80+G6iPxOMraeHga3bqiCHb+gP7v6keUxy7hVrLj5RIkf/Be0m02QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFC8YUaUJf3KG8sWXZcIR5Nh3CtmiMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvTHhoUnBRbF9jb2J5eFpkbHdoSGsySGNLMmFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAAjilAwQA
TVPyAwQAWb6eAwQAueNFAwQAuepLAwQAwjjiAwQA1GsOMA0GCSqGSIb3DQEBCwUA
A4IBAQC2YQ8vNxBTHTDBqMwaqli5fOUinwnjUTxSNRbptUoK5S0ihj/JgScz70w2
yzmqsI1W5sc9QURYdhlb7Jh1msbt7SOyUtt8v+G/VGMkX+e/3mhcecR+kKJLp4l4
/ZVMcSJt8hBeQ8F5nS6Pt9xQJX992ZoCVbHes5t9bVspmnqpEtUhD87BkuwUhOF6
vjTpANO8QIUNs/0ZRvQRrxOO+vyWH4bCi9Hwpy7+/V5/unNDZ7SiXHfVp2mGT85U
aXwmGkTNCynuyF4wyaTQIjmwCN/pxRCstBT9QU6GcxWoO6+I3z+Z5SPw8ihsQZ4k
NRiy/1+X6KnQU0Sqmo4v4y7SK6c+
-----END CERTIFICATE-----
Generated at Wed Jun 17 20:23:35 2026 by rpki-client