Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/e62f95-abbd-430d-8160-04ac17881aa9/1/Lx10w8QEiPDY7QbmkKm1WqjMKzY.roa
File: Lx10w8QEiPDY7QbmkKm1WqjMKzY.roa (raw, json)
Hash identifier: 2Jg8RPIFYFJg9gr44bQNGOwxTHbO7QCXzzpqCpKGJY4=
Subject key identifier: 2F:1D:74:C3:C4:04:88:F0:D8:ED:06:E6:90:A9:B5:5A:A8:CC:2B:36
Certificate issuer: /CN=844969780141824cd0acbfa5a784611eeb0a7ddb
Certificate serial: 019E92B04BA5C4837089065BDE932C087805
Authority key identifier: 84:49:69:78:01:41:82:4C:D0:AC:BF:A5:A7:84:61:1E:EB:0A:7D:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hElpeAFBgkzQrL-lp4RhHusKfds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/e62f95-abbd-430d-8160-04ac17881aa9/1/Lx10w8QEiPDY7QbmkKm1WqjMKzY.roa
Signing time: Thu 04 Jun 2026 12:51:27 +0000
ROA not before: Thu 04 Jun 2026 12:51:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 216192
IP address blocks: 85.159.89.0/24 maxlen: 24
188.125.165.0/24 maxlen: 24
188.125.167.0/24 maxlen: 24
188.125.174.0/24 maxlen: 24
194.177.14.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/e62f95-abbd-430d-8160-04ac17881aa9/1/hElpeAFBgkzQrL-lp4RhHusKfds.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/e62f95-abbd-430d-8160-04ac17881aa9/1/hElpeAFBgkzQrL-lp4RhHusKfds.mft
rsync://rpki.ripe.net/repository/DEFAULT/hElpeAFBgkzQrL-lp4RhHusKfds.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 05 Jun 2026 07:00:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:92:b0:4b:a5:c4:83:70:89:06:5b:de:93:2c:08:78:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=844969780141824cd0acbfa5a784611eeb0a7ddb
Validity
Not Before: Jun 4 12:51:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2f1d74c3c40488f0d8ed06e690a9b55aa8cc2b36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:49:61:01:3a:8a:c8:d5:6f:f3:cd:07:1e:96:
6d:c9:5e:ea:3f:e9:3b:f5:ab:2b:cc:f3:ba:33:b5:
d1:2e:7f:45:f0:42:03:81:0d:e9:0d:1a:46:5b:e5:
45:23:0b:84:de:71:25:9e:b6:8c:4b:ba:bb:fb:97:
e7:4e:d7:17:cc:03:18:de:cf:25:c0:9a:c5:6a:1c:
8a:24:87:aa:8c:de:ad:3d:b7:4f:c9:f1:7c:17:48:
eb:82:ec:d5:97:a6:7b:b8:aa:b0:fa:07:67:d3:4e:
9a:66:3b:1a:67:3c:e8:03:29:f1:9d:47:e1:c5:e2:
3d:d5:29:77:3c:3b:a3:ac:e1:c4:43:36:8e:6b:3a:
0b:4b:69:88:af:8e:76:24:df:ec:ee:5f:1c:16:32:
72:82:cb:78:fa:3b:93:17:97:e4:30:48:f2:c8:6a:
4e:d6:33:47:23:4a:de:f4:75:0e:da:13:e4:71:70:
86:96:da:c9:3f:cf:71:37:b2:3c:3a:9c:6f:36:d4:
79:94:66:3e:45:e8:9f:0d:35:c1:6a:1a:3f:67:b1:
78:43:4b:0b:b6:12:f7:4e:7c:fc:b2:88:af:37:9a:
7e:01:d0:f8:f9:70:01:e6:2f:00:6a:ea:77:e9:0b:
48:3f:04:02:bf:2d:da:f7:00:74:04:94:bd:e6:7a:
d3:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:1D:74:C3:C4:04:88:F0:D8:ED:06:E6:90:A9:B5:5A:A8:CC:2B:36
X509v3 Authority Key Identifier:
keyid:84:49:69:78:01:41:82:4C:D0:AC:BF:A5:A7:84:61:1E:EB:0A:7D:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hElpeAFBgkzQrL-lp4RhHusKfds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/e62f95-abbd-430d-8160-04ac17881aa9/1/Lx10w8QEiPDY7QbmkKm1WqjMKzY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/e62f95-abbd-430d-8160-04ac17881aa9/1/hElpeAFBgkzQrL-lp4RhHusKfds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.159.89.0/24
188.125.165.0/24
188.125.167.0/24
188.125.174.0/24
194.177.14.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:fc:4f:f2:45:cd:2e:31:bd:f9:25:b0:dc:6f:63:8f:5e:36:
03:c1:9d:d0:82:a9:78:1d:2e:4c:d0:4d:54:a9:3c:96:b3:3e:
f6:fd:93:99:41:80:52:2a:a1:bb:df:97:20:9f:bb:91:6a:f8:
db:62:65:86:fd:4a:e2:94:c3:10:68:93:aa:9a:55:e8:08:89:
1b:5d:e6:56:83:27:0f:e0:25:80:93:ff:5c:30:6a:68:18:aa:
6f:4e:5b:1b:cb:f7:99:0a:30:e3:22:5b:6d:f5:ff:84:00:37:
8a:82:1b:f6:c0:07:f5:af:92:13:18:8b:22:de:f5:1c:8c:7f:
22:21:a9:31:f6:63:4d:15:77:b0:2e:25:5b:76:78:99:6b:92:
6f:64:c6:77:cc:3d:e0:b8:38:71:76:e6:4d:15:f0:ba:2b:4a:
38:01:ba:c4:9a:07:e6:61:fb:43:53:33:31:cf:f9:7d:ea:f1:
ba:ff:d7:f6:66:e1:b3:77:4e:fc:5d:d9:25:a7:c0:9d:eb:40:
d2:80:ef:ab:b9:5b:8f:97:36:c2:fa:78:3f:29:1c:eb:39:ed:
a2:d5:b7:22:f5:5a:6c:72:3f:b9:8f:e7:3f:02:5b:fd:78:37:
aa:56:14:20:e7:8e:c8:2e:08:52:74:ee:3f:45:c9:9f:72:c4:
18:e9:aa:6c
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZ6SsEulxINwiQZb3pMsCHgFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NDk2OTc4MDE0MTgyNGNkMGFjYmZhNWE3ODQ2MTFlZWIw
YTdkZGIwHhcNMjYwNjA0MTI1MTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjFkNzRjM2M0MDQ4OGYwZDhlZDA2ZTY5MGE5YjU1YWE4Y2MyYjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuklhATqKyNVv880HHpZtyV7qP+k7
9asrzPO6M7XRLn9F8EIDgQ3pDRpGW+VFIwuE3nElnraMS7q7+5fnTtcXzAMY3s8l
wJrFahyKJIeqjN6tPbdPyfF8F0jrguzVl6Z7uKqw+gdn006aZjsaZzzoAynxnUfh
xeI91Sl3PDujrOHEQzaOazoLS2mIr452JN/s7l8cFjJygst4+juTF5fkMEjyyGpO
1jNHI0re9HUO2hPkcXCGltrJP89xN7I8OpxvNtR5lGY+ReifDTXBaho/Z7F4Q0sL
thL3Tnz8soivN5p+AdD4+XAB5i8Aaup36QtIPwQCvy3a9wB0BJS95nrTEwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFC8ddMPEBIjw2O0G5pCptVqozCs2MB8GA1UdIwQY
MBaAFIRJaXgBQYJM0Ky/paeEYR7rCn3bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEVscGVBRkJna3pRckwtbHA0UmhIdXNLZmRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9lNjJmOTUtYWJiZC00MzBkLTgxNjAt
MDRhYzE3ODgxYWE5LzEvTHgxMHc4UUVpUERZN1FibWtLbTFXcWpNS3pZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9lNjJmOTUtYWJiZC00MzBkLTgxNjAtMDRhYzE3ODgxYWE5
LzEvaEVscGVBRkJna3pRckwtbHA0UmhIdXNLZmRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAVZ9ZAwQA
vH2lAwQAvH2nAwQAvH2uAwQAwrEOMA0GCSqGSIb3DQEBCwUAA4IBAQBq/E/yRc0u
Mb35JbDcb2OPXjYDwZ3Qgql4HS5M0E1UqTyWsz72/ZOZQYBSKqG735cgn7uRavjb
YmWG/UrilMMQaJOqmlXoCIkbXeZWgycP4CWAk/9cMGpoGKpvTlsby/eZCjDjIltt
9f+EADeKghv2wAf1r5ITGIsi3vUcjH8iIakx9mNNFXewLiVbdniZa5JvZMZ3zD3g
uDhxduZNFfC6K0o4AbrEmgfmYftDUzMxz/l96vG6/9f2ZuGzd078Xdklp8Cd60DS
gO+ruVuPlzbC+ng/KRzrOe2i1bci9Vpscj+5j+c/Alv9eDeqVhQg547ILghSdO4/
RcmfcsQY6aps
-----END CERTIFICATE-----
Generated at Thu Jun 4 17:16:35 2026 by rpki-client