Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/daffb6-8bdf-411d-b6c4-ae4f84e16ca1/1/LgLPacdhRsAQk7Vm_5r4RdWNxxE.roa
File: LgLPacdhRsAQk7Vm_5r4RdWNxxE.roa (raw, json)
Hash identifier: w8JcLAQyevCQky/Dfp2roamWiZayux9j96dBVgl8j+w=
Subject key identifier: 2E:02:CF:69:C7:61:46:C0:10:93:B5:66:FF:9A:F8:45:D5:8D:C7:11
Certificate issuer: /CN=11bc40bcab5e9053ab6db7d19e2a38df1b6f9a4b
Certificate serial: 019E3AF8B31F072FEE8F64522DE3641629CD
Authority key identifier: 11:BC:40:BC:AB:5E:90:53:AB:6D:B7:D1:9E:2A:38:DF:1B:6F:9A:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EbxAvKtekFOrbbfRnio43xtvmks.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/daffb6-8bdf-411d-b6c4-ae4f84e16ca1/1/LgLPacdhRsAQk7Vm_5r4RdWNxxE.roa
Signing time: Mon 18 May 2026 12:03:57 +0000
ROA not before: Mon 18 May 2026 12:03:57 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 202391
IP address blocks: 94.199.0.0/24 maxlen: 24
185.235.136.0/24 maxlen: 24
185.235.139.0/24 maxlen: 24
185.255.208.0/22 maxlen: 22
185.255.208.0/24 maxlen: 24
2a0a:4b80::/30 maxlen: 30
2a0a:4b84::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/daffb6-8bdf-411d-b6c4-ae4f84e16ca1/1/EbxAvKtekFOrbbfRnio43xtvmks.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/daffb6-8bdf-411d-b6c4-ae4f84e16ca1/1/EbxAvKtekFOrbbfRnio43xtvmks.mft
rsync://rpki.ripe.net/repository/DEFAULT/EbxAvKtekFOrbbfRnio43xtvmks.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 05:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:3a:f8:b3:1f:07:2f:ee:8f:64:52:2d:e3:64:16:29:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11bc40bcab5e9053ab6db7d19e2a38df1b6f9a4b
Validity
Not Before: May 18 12:03:57 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2e02cf69c76146c01093b566ff9af845d58dc711
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:f8:ce:c1:65:6b:97:e3:c4:e3:9f:c4:f1:10:
b1:87:e5:06:1f:ab:16:09:4f:1a:21:72:88:03:5e:
49:a6:01:cb:3d:e0:d0:b5:f5:3d:d0:db:80:b4:56:
47:bb:d8:e5:45:8a:2d:b9:be:35:5b:77:79:50:d2:
1b:d7:9a:4c:4b:c7:c5:91:1e:b8:17:11:e5:61:bd:
fd:01:aa:c6:b4:ed:f3:d8:17:68:41:05:77:da:4e:
7f:9b:41:55:1d:01:e3:a5:7f:e4:85:1c:35:34:a4:
f7:5b:3a:36:9c:35:81:38:82:df:aa:d0:d0:27:ef:
5e:aa:7d:79:e9:ac:5e:1b:73:d4:d4:81:01:7c:02:
c3:08:49:47:a5:32:73:2f:51:9c:6d:37:51:d9:86:
44:3d:ff:9a:2e:35:d8:73:c5:3d:83:ca:e0:a8:68:
30:3b:1a:89:80:97:ce:c4:27:0c:f6:e0:8d:ba:b2:
c1:b1:0c:17:ae:20:bf:6e:72:7f:59:d2:42:1e:1f:
35:7d:b6:85:87:5d:58:f4:50:1a:10:be:2c:6f:bf:
7e:ad:45:f4:05:0e:c4:75:d0:cd:dd:b8:59:0b:14:
5b:a3:89:ad:f7:bb:03:9d:15:72:2d:52:a3:b3:75:
6b:c0:9b:d9:eb:16:c2:7f:94:1b:e2:9c:d2:3a:ed:
ed:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:02:CF:69:C7:61:46:C0:10:93:B5:66:FF:9A:F8:45:D5:8D:C7:11
X509v3 Authority Key Identifier:
keyid:11:BC:40:BC:AB:5E:90:53:AB:6D:B7:D1:9E:2A:38:DF:1B:6F:9A:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EbxAvKtekFOrbbfRnio43xtvmks.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/daffb6-8bdf-411d-b6c4-ae4f84e16ca1/1/LgLPacdhRsAQk7Vm_5r4RdWNxxE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/daffb6-8bdf-411d-b6c4-ae4f84e16ca1/1/EbxAvKtekFOrbbfRnio43xtvmks.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.199.0.0/24
185.235.136.0/24
185.235.139.0/24
185.255.208.0/22
IPv6:
2a0a:4b80::/29
Signature Algorithm: sha256WithRSAEncryption
71:ec:f6:5a:11:93:3e:c7:86:5d:bd:a7:ed:f4:9d:ce:d6:53:
e5:15:56:f8:ed:7b:f1:37:19:ee:d9:b8:56:69:87:be:bc:d2:
50:c0:4a:ca:e6:11:77:26:12:3e:45:92:08:c9:c1:53:38:a4:
c6:81:cb:20:87:e5:84:00:10:d5:0c:7c:64:c6:40:26:27:5f:
ae:b7:11:d4:b3:6f:1a:a1:3a:b1:6e:7d:90:91:e6:84:65:ba:
07:24:80:34:2d:ec:30:3f:80:ff:12:99:a5:22:a0:bd:bb:67:
5a:ec:e4:26:56:99:f6:b7:b9:1f:97:7d:0b:56:6a:f4:31:4d:
40:29:94:40:57:c8:6a:f0:e7:e1:0c:03:19:1d:75:fd:25:23:
7b:08:5e:d8:7a:71:b5:e8:ff:eb:2c:f3:26:ff:63:a4:7e:a6:
7d:35:7b:f3:cf:e5:e2:3d:09:f2:d6:61:fe:55:60:4f:60:06:
7d:c2:46:ec:c0:c0:fa:3b:61:f9:1c:13:f6:92:92:6d:8d:97:
41:16:e1:ef:83:35:43:49:28:ae:2e:cd:3c:43:0b:a2:4d:a2:
17:ab:7e:d2:ad:76:48:a7:23:a1:d6:69:7c:f2:17:28:cb:51:
99:31:cd:85:5f:4b:c3:d6:d2:4d:b8:fd:22:62:f4:c8:27:e2:
ff:c9:b7:73
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZ46+LMfBy/uj2RSLeNkFinNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYmM0MGJjYWI1ZTkwNTNhYjZkYjdkMTllMmEzOGRmMWI2
ZjlhNGIwHhcNMjYwNTE4MTIwMzU3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTAyY2Y2OWM3NjE0NmMwMTA5M2I1NjZmZjlhZjg0NWQ1OGRjNzExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkvjOwWVrl+PE45/E8RCxh+UGH6sW
CU8aIXKIA15JpgHLPeDQtfU90NuAtFZHu9jlRYotub41W3d5UNIb15pMS8fFkR64
FxHlYb39AarGtO3z2BdoQQV32k5/m0FVHQHjpX/khRw1NKT3Wzo2nDWBOILfqtDQ
J+9eqn156axeG3PU1IEBfALDCElHpTJzL1GcbTdR2YZEPf+aLjXYc8U9g8rgqGgw
OxqJgJfOxCcM9uCNurLBsQwXriC/bnJ/WdJCHh81fbaFh11Y9FAaEL4sb79+rUX0
BQ7EddDN3bhZCxRbo4mt97sDnRVyLVKjs3VrwJvZ6xbCf5Qb4pzSOu3tcQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFC4Cz2nHYUbAEJO1Zv+a+EXVjccRMB8GA1UdIwQY
MBaAFBG8QLyrXpBTq2230Z4qON8bb5pLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWJ4QXZLdGVrRk9yYmJmUm5pbzQzeHR2bWtzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9kYWZmYjYtOGJkZi00MTFkLWI2YzQt
YWU0Zjg0ZTE2Y2ExLzEvTGdMUGFjZGhSc0FRazdWbV81cjRSZFdOeHhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC9kYWZmYjYtOGJkZi00MTFkLWI2YzQtYWU0Zjg0ZTE2Y2Ex
LzEvRWJ4QXZLdGVrRk9yYmJmUm5pbzQzeHR2bWtzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAXscAAwQA
ueuIAwQAueuLAwQCuf/QMA0EAgACMAcDBQMqCkuAMA0GCSqGSIb3DQEBCwUAA4IB
AQBx7PZaEZM+x4Zdvaft9J3O1lPlFVb47XvxNxnu2bhWaYe+vNJQwErK5hF3JhI+
RZIIycFTOKTGgcsgh+WEABDVDHxkxkAmJ1+utxHUs28aoTqxbn2QkeaEZboHJIA0
LewwP4D/EpmlIqC9u2da7OQmVpn2t7kfl30LVmr0MU1AKZRAV8hq8OfhDAMZHXX9
JSN7CF7YenG16P/rLPMm/2OkfqZ9NXvzz+XiPQny1mH+VWBPYAZ9wkbswMD6O2H5
HBP2kpJtjZdBFuHvgzVDSSiuLs08QwuiTaIXq37SrXZIpyOh1ml88hcoy1GZMc2F
X0vD1tJNuP0iYvTIJ+L/ybdz
-----END CERTIFICATE-----
Generated at Fri Jun 12 08:42:30 2026 by rpki-client