Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/lWR_sGEmxOQVFlmG-DoEnMK4cfg.roa
File: lWR_sGEmxOQVFlmG-DoEnMK4cfg.roa (raw, json)
Hash identifier: PZ381lfoSWIRX6Stl8DdSUjfvHhbekLapsGjlpTTi70=
Subject key identifier: 95:64:7F:B0:61:26:C4:E4:15:16:59:86:F8:3A:04:9C:C2:B8:71:F8
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 019CE1A4AA79220BB9766C3944FFE78B0BD2
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/lWR_sGEmxOQVFlmG-DoEnMK4cfg.roa
Signing time: Thu 12 Mar 2026 10:43:11 +0000
ROA not before: Thu 12 Mar 2026 10:43:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 42831
IP address blocks: 86.104.25.0/24 maxlen: 24
94.176.142.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.mft
rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 13 Mar 2026 15:04:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:e1:a4:aa:79:22:0b:b9:76:6c:39:44:ff:e7:8b:0b:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Mar 12 10:43:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=95647fb06126c4e415165986f83a049cc2b871f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:c1:51:3b:c9:0e:bc:f5:42:2e:03:7d:36:d6:
a6:87:c3:2f:11:bd:5f:da:1d:cd:d8:02:5b:c7:dd:
64:4e:d4:ea:c3:e3:3e:60:d1:b0:33:57:35:51:93:
c9:6a:88:e5:07:14:4e:63:53:f7:c7:15:32:20:5e:
dd:d1:20:4f:e9:d6:5e:1d:71:12:e9:ee:49:20:82:
6a:6d:9a:b9:b7:b7:8d:ba:c2:41:cf:96:21:c5:58:
2f:d8:e1:d3:05:87:90:84:24:58:3f:94:0f:58:7f:
4e:62:d4:b7:0e:11:41:01:de:28:ee:73:5d:16:c9:
de:db:ab:fd:0e:1a:ba:52:01:23:19:cd:fa:4e:d0:
f0:d8:82:75:70:16:93:5c:1d:3a:f0:51:7b:3b:15:
1a:aa:5a:4c:7b:fd:ac:a3:37:78:58:21:9a:80:78:
00:ee:cb:97:04:06:d0:9f:bb:1b:03:e7:f4:db:4c:
48:8c:32:a2:ab:f4:2e:41:d5:24:2d:72:70:81:04:
f5:36:86:54:68:e6:8c:b1:8e:53:6d:6c:4b:21:11:
64:a6:e1:3c:ca:95:02:fd:ba:a8:5d:3f:65:a1:78:
a1:80:2f:e5:d7:f2:ac:67:48:64:07:65:e5:41:2d:
f1:46:6e:7b:89:a8:87:7f:ab:af:29:e8:b2:9a:89:
29:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:64:7F:B0:61:26:C4:E4:15:16:59:86:F8:3A:04:9C:C2:B8:71:F8
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/lWR_sGEmxOQVFlmG-DoEnMK4cfg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.104.25.0/24
94.176.142.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:df:41:60:59:cc:f1:c1:ba:fe:9d:be:2d:3e:43:e2:8a:7f:
de:ee:69:da:44:16:66:18:c3:d4:1c:54:8c:a0:23:d1:7e:88:
50:6d:8d:5f:dd:4c:4c:d7:cd:48:75:b9:9f:f9:64:39:c3:4a:
f7:fe:b1:12:54:c1:05:a5:07:c9:39:0f:9a:cd:06:2c:4d:25:
90:48:a8:89:a4:1e:f2:58:8d:0b:7d:9e:30:ce:cb:ee:59:60:
dc:e8:b1:34:52:51:5a:7a:63:94:e3:00:1a:2b:31:35:20:c6:
ad:ca:ab:fd:52:72:da:67:b6:5a:25:0b:3f:7d:21:4b:e5:13:
1c:e7:dd:3e:f7:b6:e6:f2:65:f0:04:f1:99:a6:34:4a:48:a5:
b0:96:42:52:23:86:e2:a2:62:1d:f8:13:64:a1:95:d3:83:2f:
81:b2:38:c4:79:20:f1:fa:e9:f9:bb:e8:ac:c9:62:10:25:95:
40:c0:0d:91:7f:53:56:55:3e:83:01:3f:1c:da:2b:52:4c:94:
75:b2:5a:ae:6e:af:01:68:0b:aa:a1:90:5a:23:91:1d:00:43:
2f:f6:bf:21:54:34:47:fd:c0:00:97:cd:99:18:fe:23:fd:3e:
ec:5f:e2:38:6b:f2:d3:26:64:36:81:f9:62:47:71:80:0b:8b:
31:a9:f6:c1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZzhpKp5Igu5dmw5RP/niwvSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjYwMzEyMTA0MzExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTY0N2ZiMDYxMjZjNGU0MTUxNjU5ODZmODNhMDQ5Y2MyYjg3MWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy8FRO8kOvPVCLgN9Ntamh8MvEb1f
2h3N2AJbx91kTtTqw+M+YNGwM1c1UZPJaojlBxROY1P3xxUyIF7d0SBP6dZeHXES
6e5JIIJqbZq5t7eNusJBz5YhxVgv2OHTBYeQhCRYP5QPWH9OYtS3DhFBAd4o7nNd
Fsne26v9Dhq6UgEjGc36TtDw2IJ1cBaTXB068FF7OxUaqlpMe/2sozd4WCGagHgA
7suXBAbQn7sbA+f020xIjDKiq/QuQdUkLXJwgQT1NoZUaOaMsY5TbWxLIRFkpuE8
ypUC/bqoXT9loXihgC/l1/KsZ0hkB2XlQS3xRm57iaiHf6uvKeiymokpzwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJVkf7BhJsTkFRZZhvg6BJzCuHH4MB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvbFdSX3NHRW14T1FWRmxtRy1Eb0VuTUs0Y2ZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVmgZAwQA
XrCOMA0GCSqGSIb3DQEBCwUAA4IBAQCm30FgWczxwbr+nb4tPkPiin/e7mnaRBZm
GMPUHFSMoCPRfohQbY1f3UxM181Idbmf+WQ5w0r3/rESVMEFpQfJOQ+azQYsTSWQ
SKiJpB7yWI0LfZ4wzsvuWWDc6LE0UlFaemOU4wAaKzE1IMatyqv9UnLaZ7ZaJQs/
fSFL5RMc590+97bm8mXwBPGZpjRKSKWwlkJSI4biomId+BNkoZXTgy+BsjjEeSDx
+un5u+isyWIQJZVAwA2Rf1NWVT6DAT8c2itSTJR1slqubq8BaAuqoZBaI5EdAEMv
9r8hVDRH/cAAl82ZGP4j/T7sX+I4a/LTJmQ2gfliR3GAC4sxqfbB
-----END CERTIFICATE-----
Generated at Thu Mar 12 23:57:52 2026 by rpki-client