Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/lVYtj-lDAAdJOMBN76tShGRfRkM.roa
File: lVYtj-lDAAdJOMBN76tShGRfRkM.roa (raw, json)
Hash identifier: iL2RC199LlVxk2tqnUySZbxRPOqZNzZ2mAVwjByug6U=
Subject key identifier: 95:56:2D:8F:E9:43:00:07:49:38:C0:4D:EF:AB:52:84:64:5F:46:43
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 019DA94FA6C77562C32081BF6E8D39BE4C5E
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/lVYtj-lDAAdJOMBN76tShGRfRkM.roa
Signing time: Mon 20 Apr 2026 05:14:22 +0000
ROA not before: Mon 20 Apr 2026 05:14:22 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 20473
IP address blocks: 2a06:de02:400::/38 maxlen: 48
2a0c:3b87:ff00::/40 maxlen: 48
2a0c:3b87:ffff::/48 maxlen: 48
2a0e:97c0:791::/48 maxlen: 48
2a0e:97c0:792::/48 maxlen: 48
2a0e:b107:9f4::/48 maxlen: 48
2a0e:b107:9f6::/48 maxlen: 48
2a0e:b107:df2::/48 maxlen: 48
2a0e:b107:1870::/48 maxlen: 48
2a0e:b107:1b9e::/48 maxlen: 48
2a0e:b107:278b::/48 maxlen: 48
2a10:ccc1:400::/38 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Apr 2026 13:21:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:a9:4f:a6:c7:75:62:c3:20:81:bf:6e:8d:39:be:4c:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Apr 20 05:14:22 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=95562d8fe94300074938c04defab5284645f4643
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:9e:2f:46:3e:2d:24:66:f0:9a:8a:fe:fd:23:
3e:e1:1f:64:f7:e5:db:98:6d:e2:59:31:45:5e:10:
c7:51:c3:a4:d7:94:f9:71:bf:93:5d:78:08:ca:52:
e1:5b:4f:9c:b6:ed:e2:31:7f:62:b0:30:38:3e:03:
b8:42:cd:43:9f:e8:94:de:af:b0:55:39:1c:bb:d5:
4d:b4:62:20:26:99:e3:2b:c3:86:99:ea:4e:0f:48:
fe:7d:43:9f:6f:cd:13:f5:28:81:80:a5:04:c0:fc:
49:31:bd:5a:bb:68:29:bb:36:d5:f6:f7:96:57:98:
f9:ca:8e:ae:1b:6b:5d:0f:83:08:7b:1e:8c:22:dd:
49:6e:3a:33:6c:d2:6f:86:4f:45:62:06:60:2c:5b:
cb:26:b4:ee:ee:7a:e3:9d:f3:d6:02:5d:23:0d:ed:
5a:89:17:f7:50:43:cc:a1:5e:20:fc:87:45:4b:92:
bc:93:fd:d8:34:a8:cc:c3:3b:87:56:c0:77:e6:df:
95:af:63:d6:2d:cb:c6:94:97:21:84:22:25:bf:0f:
82:ad:1f:9f:dd:d8:51:54:bf:d5:23:65:f0:40:7d:
96:86:bf:1d:f0:17:66:c0:91:94:45:5f:3a:f7:03:
fd:52:21:51:30:0f:e8:26:d1:2b:01:13:33:44:20:
b6:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:56:2D:8F:E9:43:00:07:49:38:C0:4D:EF:AB:52:84:64:5F:46:43
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/lVYtj-lDAAdJOMBN76tShGRfRkM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:de02:400::/38
2a0c:3b87:ff00::/40
2a0e:97c0:791::-2a0e:97c0:792:ffff:ffff:ffff:ffff:ffff
2a0e:b107:9f4::/48
2a0e:b107:9f6::/48
2a0e:b107:df2::/48
2a0e:b107:1870::/48
2a0e:b107:1b9e::/48
2a0e:b107:278b::/48
2a10:ccc1:400::/38
Signature Algorithm: sha256WithRSAEncryption
95:d2:22:31:95:d0:e4:0d:20:66:66:f1:62:06:dd:72:96:35:
0a:c3:0f:f9:10:0d:65:05:00:00:00:08:c3:77:cb:67:d5:97:
42:72:97:c2:8b:82:34:91:be:36:99:32:97:c6:12:dc:9a:a6:
ec:c8:5f:c2:c9:fe:a9:17:cc:aa:3e:ec:41:b7:d0:2e:73:39:
ff:09:ea:57:ef:0c:29:41:3c:3c:3e:ef:2b:7e:a3:b8:00:44:
0d:eb:74:49:40:2a:33:92:9a:f9:ba:c1:b8:9e:61:d6:d3:f0:
9d:f4:9d:58:35:c5:b8:31:a9:7d:0d:a9:40:e4:02:2c:40:ce:
fd:7b:29:18:29:b5:c0:60:c7:27:6c:01:49:33:b9:8d:e8:01:
68:0b:58:e3:f5:b4:fe:40:46:ae:be:54:82:d5:ae:75:08:2a:
7e:ed:74:a5:f0:45:18:90:e9:31:45:30:62:4d:84:05:f9:06:
f1:d1:98:7d:5c:6a:3a:cd:6e:99:20:ab:e5:7f:9c:37:2e:4a:
92:b2:a7:e1:9e:53:2a:78:fd:b7:9c:e3:c4:29:d8:58:fc:b1:
98:f3:f6:d8:cd:d8:a9:b3:5b:11:75:24:ea:d8:b3:1b:1f:1a:
0b:f5:99:34:0b:3d:39:6b:46:bb:a9:49:de:5b:1d:62:e5:09:
4a:16:4b:1f
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAZ2pT6bHdWLDIIG/bo05vkxeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjYwNDIwMDUxNDIyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTU2MmQ4ZmU5NDMwMDA3NDkzOGMwNGRlZmFiNTI4NDY0NWY0NjQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj54vRj4tJGbwmor+/SM+4R9k9+Xb
mG3iWTFFXhDHUcOk15T5cb+TXXgIylLhW0+ctu3iMX9isDA4PgO4Qs1Dn+iU3q+w
VTkcu9VNtGIgJpnjK8OGmepOD0j+fUOfb80T9SiBgKUEwPxJMb1au2gpuzbV9veW
V5j5yo6uG2tdD4MIex6MIt1JbjozbNJvhk9FYgZgLFvLJrTu7nrjnfPWAl0jDe1a
iRf3UEPMoV4g/IdFS5K8k/3YNKjMwzuHVsB35t+Vr2PWLcvGlJchhCIlvw+CrR+f
3dhRVL/VI2XwQH2Whr8d8BdmwJGURV869wP9UiFRMA/oJtErARMzRCC2eQIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFJVWLY/pQwAHSTjATe+rUoRkX0ZDMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvbFZZdGotbERBQWRKT01CTjc2dFNoR1JmUmtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBoBAIAAjBiAwYCKgbeAgQD
BgAqDDuH/zASAwcAKg6XwAeRAwcAKg6XwAeSAwcAKg6xBwn0AwcAKg6xBwn2AwcA
Kg6xBw3yAwcAKg6xBxhwAwcAKg6xBxueAwcAKg6xByeLAwYCKhDMwQQwDQYJKoZI
hvcNAQELBQADggEBAJXSIjGV0OQNIGZm8WIG3XKWNQrDD/kQDWUFAAAACMN3y2fV
l0Jyl8KLgjSRvjaZMpfGEtyapuzIX8LJ/qkXzKo+7EG30C5zOf8J6lfvDClBPDw+
7yt+o7gARA3rdElAKjOSmvm6wbieYdbT8J30nVg1xbgxqX0NqUDkAixAzv17KRgp
tcBgxydsAUkzuY3oAWgLWOP1tP5ARq6+VILVrnUIKn7tdKXwRRiQ6TFFMGJNhAX5
BvHRmH1cajrNbpkgq+V/nDcuSpKyp+GeUyp4/bec48Qp2Fj8sZjz9tjN2KmzWxF1
JOrYsxsfGgv1mTQLPTlrRrupSd5bHWLlCUoWSx8=
-----END CERTIFICATE-----
Generated at Mon Apr 20 19:45:19 2026 by rpki-client