Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/LucZqcaecLHikzokx9HoVeBunmI.roa
File: LucZqcaecLHikzokx9HoVeBunmI.roa (raw, json)
Hash identifier: RGfCKqyhv+Ji2oWk7BhacX6zD/ndoTx2nz8Vyzpnj5g=
Subject key identifier: 2E:E7:19:A9:C6:9E:70:B1:E2:93:3A:24:C7:D1:E8:55:E0:6E:9E:62
Certificate issuer: /CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Certificate serial: 019E97572068D14E93AEA6BEA7D914C4A16D
Authority key identifier: 11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/LucZqcaecLHikzokx9HoVeBunmI.roa
Signing time: Fri 05 Jun 2026 10:32:10 +0000
ROA not before: Fri 05 Jun 2026 10:32:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 209847
IP address blocks: 5.182.36.0/24 maxlen: 24
5.182.37.0/24 maxlen: 24
5.182.38.0/24 maxlen: 24
5.182.39.0/24 maxlen: 24
45.8.144.0/24 maxlen: 24
45.8.145.0/24 maxlen: 24
45.8.146.0/24 maxlen: 24
45.8.147.0/24 maxlen: 24
45.67.34.0/24 maxlen: 24
45.67.35.0/24 maxlen: 24
45.84.0.0/24 maxlen: 24
45.87.152.0/24 maxlen: 24
45.87.153.0/24 maxlen: 24
45.87.154.0/24 maxlen: 24
45.87.155.0/24 maxlen: 24
45.89.52.0/24 maxlen: 24
45.89.53.0/24 maxlen: 24
45.89.54.0/24 maxlen: 24
45.89.55.0/24 maxlen: 24
45.93.10.0/24 maxlen: 24
45.93.11.0/24 maxlen: 24
45.159.248.0/24 maxlen: 24
45.159.249.0/24 maxlen: 24
45.159.250.0/24 maxlen: 24
45.159.251.0/24 maxlen: 24
93.185.166.0/24 maxlen: 24
141.98.168.0/24 maxlen: 24
141.98.169.0/24 maxlen: 24
141.98.170.0/24 maxlen: 24
185.231.204.0/24 maxlen: 24
185.231.205.0/24 maxlen: 24
185.231.206.0/24 maxlen: 24
185.231.207.0/24 maxlen: 24
188.119.123.0/24 maxlen: 24
193.43.146.0/24 maxlen: 24
193.43.147.0/24 maxlen: 24
193.46.56.0/24 maxlen: 24
193.46.57.0/24 maxlen: 24
193.57.136.0/24 maxlen: 24
193.57.137.0/24 maxlen: 24
193.57.138.0/24 maxlen: 24
193.57.139.0/24 maxlen: 24
194.4.48.0/24 maxlen: 24
194.4.49.0/24 maxlen: 24
194.4.50.0/24 maxlen: 24
194.4.51.0/24 maxlen: 24
194.31.109.0/24 maxlen: 24
194.116.172.0/24 maxlen: 24
194.116.173.0/24 maxlen: 24
194.116.190.0/24 maxlen: 24
194.116.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.mft
rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Jun 2026 04:00:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:97:57:20:68:d1:4e:93:ae:a6:be:a7:d9:14:c4:a1:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Validity
Not Before: Jun 5 10:32:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2ee719a9c69e70b1e2933a24c7d1e855e06e9e62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:61:be:97:61:9f:14:9f:79:2a:c4:b3:39:e6:
11:57:3f:32:60:bf:8e:c1:40:45:14:a8:6c:d4:e9:
e4:8a:c6:04:7b:87:c3:cd:1a:0c:6d:7e:f8:e0:15:
5e:c9:43:4e:6f:1b:48:7a:f9:1a:0a:df:dd:d9:e1:
08:f0:9e:49:8e:e1:ee:76:66:3e:fd:7f:cb:ad:77:
82:d7:ca:b2:b7:ce:8f:5f:ac:fe:9c:d3:ac:10:80:
41:a5:ed:55:57:53:20:23:71:78:dd:06:53:f1:db:
ed:07:0c:7a:41:b6:48:2a:ef:ec:17:ce:cb:06:df:
e9:c7:d2:a0:aa:01:03:8f:23:f4:ee:15:70:97:f7:
df:e1:21:b5:5a:03:6e:3b:9e:9e:3e:c2:62:d5:e0:
d5:84:98:59:5a:37:7b:65:3a:99:e6:e5:16:d9:00:
32:b8:15:40:d8:45:ad:07:96:ec:d3:3d:55:28:ae:
d3:fe:00:4f:1a:5d:93:e1:bc:23:39:dc:81:60:5d:
fb:74:63:36:41:6d:bb:24:ab:cf:aa:a6:f4:0a:4c:
12:3a:2f:19:c0:be:69:9e:2a:31:ab:e0:02:14:ea:
0f:ea:27:15:07:c0:ef:0b:73:e0:b8:89:fd:60:cb:
e5:3a:b7:1b:3a:03:da:9e:e7:2c:b1:be:95:68:b1:
3f:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:E7:19:A9:C6:9E:70:B1:E2:93:3A:24:C7:D1:E8:55:E0:6E:9E:62
X509v3 Authority Key Identifier:
keyid:11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/LucZqcaecLHikzokx9HoVeBunmI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.36.0/22
45.8.144.0/22
45.67.34.0/23
45.84.0.0/24
45.87.152.0/22
45.89.52.0/22
45.93.10.0/23
45.159.248.0/22
93.185.166.0/24
141.98.168.0-141.98.170.255
185.231.204.0/22
188.119.123.0/24
193.43.146.0/23
193.46.56.0/23
193.57.136.0/22
194.4.48.0/22
194.31.109.0/24
194.116.172.0/23
194.116.190.0/23
Signature Algorithm: sha256WithRSAEncryption
d7:2f:3a:10:82:9e:0b:ea:19:2b:75:20:9d:ab:be:ab:b9:43:
45:fd:18:03:e3:09:af:93:18:d0:b7:bd:bb:e5:0a:7b:6b:f9:
cf:fd:80:cc:33:91:a3:2e:e9:55:db:24:21:c0:a3:02:da:e7:
66:26:26:d0:c2:07:f5:e5:5b:96:d4:7a:96:47:3b:56:a2:c9:
1d:47:4f:31:9a:61:e1:a3:1f:9f:7b:06:0c:20:45:e8:46:df:
99:7b:ef:fe:fd:25:5a:44:62:50:cb:4d:11:1f:8a:6e:46:53:
94:03:bf:15:aa:66:1c:39:37:0d:2f:cc:6a:ca:41:66:1f:22:
69:e0:c5:86:21:95:23:e6:fd:81:40:33:8b:8b:82:1c:6f:d4:
08:8b:40:5d:c3:25:3c:5a:df:e5:24:11:12:b8:89:41:e1:5a:
ce:bc:7f:36:a4:33:7c:d8:8e:a1:eb:ce:84:ca:14:f2:c7:e1:
71:74:46:ab:8f:3c:28:e2:52:80:d9:49:25:62:67:c2:c4:25:
90:02:31:98:b6:7b:1a:db:ae:08:48:72:e4:7b:a1:e1:eb:b3:
eb:32:51:fc:af:28:e8:06:c5:f0:60:d5:5e:1e:84:6a:33:c4:
04:36:21:4f:f7:41:94:6d:5f:f7:f9:97:c6:42:cc:b1:93:79:
07:27:7d:e9
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAZ6XVyBo0U6Trqa+p9kUxKFtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTAxMGY4N2EwNDliNmUyMWFiZWQ5YjQwOTgzYjA0ZjNm
MWM3ZTgwHhcNMjYwNjA1MTAzMjEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWU3MTlhOWM2OWU3MGIxZTI5MzNhMjRjN2QxZTg1NWUwNmU5ZTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkmG+l2GfFJ95KsSzOeYRVz8yYL+O
wUBFFKhs1OnkisYEe4fDzRoMbX744BVeyUNObxtIevkaCt/d2eEI8J5JjuHudmY+
/X/LrXeC18qyt86PX6z+nNOsEIBBpe1VV1MgI3F43QZT8dvtBwx6QbZIKu/sF87L
Bt/px9KgqgEDjyP07hVwl/ff4SG1WgNuO56ePsJi1eDVhJhZWjd7ZTqZ5uUW2QAy
uBVA2EWtB5bs0z1VKK7T/gBPGl2T4bwjOdyBYF37dGM2QW27JKvPqqb0CkwSOi8Z
wL5pnioxq+ACFOoP6icVB8DvC3PguIn9YMvlOrcbOgPanucssb6VaLE/5QIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFC7nGanGnnCx4pM6JMfR6FXgbp5iMB8GA1UdIwQY
MBaAFBGgEPh6BJtuIavtm0CYOwTz8cfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUt
ZWU3NDY1NzU0ZmY2LzEvTHVjWnFjYWVjTEhpa3pva3g5SG9WZUJ1bm1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUtZWU3NDY1NzU0ZmY2
LzEvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzCBgAQCAAEwegMEAgW2
JAMEAi0IkAMEAS1DIgMEAC1UAAMEAi1XmAMEAi1ZNAMEAS1dCgMEAi2f+AMEAF25
pjAMAwQDjWKoAwQAjWKqAwQCuefMAwQAvHd7AwQBwSuSAwQBwS44AwQCwTmIAwQC
wgQwAwQAwh9tAwQBwnSsAwQBwnS+MA0GCSqGSIb3DQEBCwUAA4IBAQDXLzoQgp4L
6hkrdSCdq76ruUNF/RgD4wmvkxjQt7275Qp7a/nP/YDMM5GjLulV2yQhwKMC2udm
JibQwgf15VuW1HqWRztWoskdR08xmmHhox+fewYMIEXoRt+Ze+/+/SVaRGJQy00R
H4puRlOUA78VqmYcOTcNL8xqykFmHyJp4MWGIZUj5v2BQDOLi4Icb9QIi0BdwyU8
Wt/lJBESuIlB4VrOvH82pDN82I6h686EyhTyx+FxdEarjzwo4lKA2UklYmfCxCWQ
AjGYtnsa264ISHLke6Hh67PrMlH8ryjoBsXwYNVeHoRqM8QENiFP90GUbV/3+ZfG
Qsyxk3kHJ33p
-----END CERTIFICATE-----
Generated at Sat Jun 6 12:03:56 2026 by rpki-client