Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/d6d30b-0b9b-429e-8413-55a930fc0c71/1/lNFX6JR33oagWwHcQSBTeat9zBY.roa
File: lNFX6JR33oagWwHcQSBTeat9zBY.roa (raw, json)
Hash identifier: peF00m3zIs2m9F1un51juc2YE8LDkrNqnwtvZ/TuqS4=
Subject key identifier: 94:D1:57:E8:94:77:DE:86:A0:5B:01:DC:41:20:53:79:AB:7D:CC:16
Certificate issuer: /CN=2f2a0fa20383332a3f414f054753a0b60b25ba10
Certificate serial: 019F08A0AF9F744B23FFF3E72EAE0018560E
Authority key identifier: 2F:2A:0F:A2:03:83:33:2A:3F:41:4F:05:47:53:A0:B6:0B:25:BA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LyoPogODMyo_QU8FR1OgtgsluhA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/d6d30b-0b9b-429e-8413-55a930fc0c71/1/lNFX6JR33oagWwHcQSBTeat9zBY.roa
Signing time: Sat 27 Jun 2026 10:29:36 +0000
ROA not before: Sat 27 Jun 2026 10:29:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 5.144.154.0/24 maxlen: 24
5.144.155.0/24 maxlen: 24
78.143.252.0/24 maxlen: 24
78.143.253.0/24 maxlen: 24
79.135.100.0/23 maxlen: 23
194.33.150.0/24 maxlen: 24
194.33.151.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/d6d30b-0b9b-429e-8413-55a930fc0c71/1/LyoPogODMyo_QU8FR1OgtgsluhA.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/d6d30b-0b9b-429e-8413-55a930fc0c71/1/LyoPogODMyo_QU8FR1OgtgsluhA.mft
rsync://rpki.ripe.net/repository/DEFAULT/LyoPogODMyo_QU8FR1OgtgsluhA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Jun 2026 02:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9f:08:a0:af:9f:74:4b:23:ff:f3:e7:2e:ae:00:18:56:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f2a0fa20383332a3f414f054753a0b60b25ba10
Validity
Not Before: Jun 27 10:29:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=94d157e89477de86a05b01dc41205379ab7dcc16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:20:dc:50:5f:77:65:5a:cb:06:32:a6:c8:3d:
a4:ce:d1:a8:10:f9:5c:c3:ec:07:2c:cb:04:b2:f9:
69:b6:12:cd:52:ce:2f:fc:31:3d:f3:0c:18:2c:de:
a6:8c:dd:bd:47:58:4e:5e:70:70:6d:dd:b3:b7:2c:
5d:1d:c3:6c:48:d0:24:e1:01:69:0d:44:e2:13:ab:
4f:db:52:32:ef:83:58:ba:13:50:bb:a9:57:e0:f2:
4c:80:fa:90:27:2b:fb:0c:f8:9f:3a:09:01:5e:d4:
de:f8:d9:b6:52:bb:81:41:70:83:35:23:98:da:0f:
ad:e5:65:7b:8f:cb:61:12:16:06:01:1b:2a:71:95:
9c:08:16:41:94:ee:db:96:f5:5c:a3:24:c6:4c:46:
c3:8c:48:43:0b:b1:d8:9e:a3:04:66:c6:6a:f4:06:
cf:47:5f:c6:ab:3e:21:2b:fb:e5:36:ed:38:cd:c9:
35:78:c6:5d:1a:f5:78:36:a5:76:e9:83:a3:85:0f:
98:aa:f2:68:27:c0:97:a9:80:59:3a:1e:00:9f:c4:
d5:82:dd:5d:17:8b:8a:45:e0:66:4a:3b:a7:69:b2:
3a:f9:e2:7e:7f:c9:02:21:75:9c:ae:80:37:57:1e:
42:b5:b4:a2:93:70:d0:a4:72:4f:85:70:31:f2:34:
78:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:D1:57:E8:94:77:DE:86:A0:5B:01:DC:41:20:53:79:AB:7D:CC:16
X509v3 Authority Key Identifier:
keyid:2F:2A:0F:A2:03:83:33:2A:3F:41:4F:05:47:53:A0:B6:0B:25:BA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LyoPogODMyo_QU8FR1OgtgsluhA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/d6d30b-0b9b-429e-8413-55a930fc0c71/1/lNFX6JR33oagWwHcQSBTeat9zBY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/d6d30b-0b9b-429e-8413-55a930fc0c71/1/LyoPogODMyo_QU8FR1OgtgsluhA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.144.154.0/23
78.143.252.0/23
79.135.100.0/23
194.33.150.0/23
Signature Algorithm: sha256WithRSAEncryption
8f:03:0e:dc:48:f5:dd:8d:1d:74:ca:55:ec:db:11:f1:ef:57:
c7:15:53:09:b1:d6:b1:3d:4f:94:4a:95:3b:06:6d:49:5b:9b:
4e:dd:f5:69:26:68:b3:1e:36:40:16:a0:81:29:0b:94:7f:dd:
8b:f1:e8:fb:dc:69:8c:c3:ea:33:55:31:51:81:58:09:7d:da:
a6:e7:6c:4c:96:ec:cd:ad:be:31:97:d5:8c:bc:0b:f7:27:5e:
b5:fa:80:1c:c5:3c:dc:26:7f:d1:39:f7:51:27:5c:52:04:bc:
6b:53:46:ae:bd:e9:04:5c:32:dc:10:82:4d:ff:c8:d3:ed:e8:
6a:00:3e:a8:8a:ca:bf:52:89:e0:92:9d:8e:c7:b0:b9:9c:36:
a7:02:d8:62:fa:e0:3e:82:30:bf:62:83:38:b9:b9:ed:b9:ff:
01:36:e1:73:94:9d:d4:2d:63:8b:24:35:e1:4a:ea:98:20:65:
b7:2a:72:61:9d:df:a0:fa:d7:3d:25:1e:bb:60:24:55:b3:a7:
ac:3d:f1:ff:71:c4:5f:e7:8a:1d:a4:c3:49:ba:3e:ea:66:c3:
5a:23:18:c0:9e:16:36:b1:92:a8:27:20:c8:3f:d4:ae:ea:7d:
af:f5:72:cc:70:42:ba:a3:e3:94:38:c7:79:62:54:c8:1f:dc:
2f:86:85:81
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ8IoK+fdEsj//PnLq4AGFYOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmMmEwZmEyMDM4MzMzMmEzZjQxNGYwNTQ3NTNhMGI2MGIy
NWJhMTAwHhcNMjYwNjI3MTAyOTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGQxNTdlODk0NzdkZTg2YTA1YjAxZGM0MTIwNTM3OWFiN2RjYzE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAviDcUF93ZVrLBjKmyD2kztGoEPlc
w+wHLMsEsvlpthLNUs4v/DE98wwYLN6mjN29R1hOXnBwbd2ztyxdHcNsSNAk4QFp
DUTiE6tP21Iy74NYuhNQu6lX4PJMgPqQJyv7DPifOgkBXtTe+Nm2UruBQXCDNSOY
2g+t5WV7j8thEhYGARsqcZWcCBZBlO7blvVcoyTGTEbDjEhDC7HYnqMEZsZq9AbP
R1/Gqz4hK/vlNu04zck1eMZdGvV4NqV26YOjhQ+YqvJoJ8CXqYBZOh4An8TVgt1d
F4uKReBmSjunabI6+eJ+f8kCIXWcroA3Vx5CtbSik3DQpHJPhXAx8jR4zwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJTRV+iUd96GoFsB3EEgU3mrfcwWMB8GA1UdIwQY
MBaAFC8qD6IDgzMqP0FPBUdToLYLJboQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHlvUG9nT0RNeW9fUVU4RlIxT2d0Z3NsdWhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9kNmQzMGItMGI5Yi00MjllLTg0MTMt
NTVhOTMwZmMwYzcxLzEvbE5GWDZKUjMzb2FnV3dIY1FTQlRlYXQ5ekJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9kNmQzMGItMGI5Yi00MjllLTg0MTMtNTVhOTMwZmMwYzcx
LzEvTHlvUG9nT0RNeW9fUVU4RlIxT2d0Z3NsdWhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBBZCaAwQB
To/8AwQBT4dkAwQBwiGWMA0GCSqGSIb3DQEBCwUAA4IBAQCPAw7cSPXdjR10ylXs
2xHx71fHFVMJsdaxPU+USpU7Bm1JW5tO3fVpJmizHjZAFqCBKQuUf92L8ej73GmM
w+ozVTFRgVgJfdqm52xMluzNrb4xl9WMvAv3J161+oAcxTzcJn/ROfdRJ1xSBLxr
U0auvekEXDLcEIJN/8jT7ehqAD6oisq/Uongkp2Ox7C5nDanAthi+uA+gjC/YoM4
ubntuf8BNuFzlJ3ULWOLJDXhSuqYIGW3KnJhnd+g+tc9JR67YCRVs6esPfH/ccRf
54odpMNJuj7qZsNaIxjAnhY2sZKoJyDIP9Su6n2v9XLMcEK6o+OUOMd5YlTIH9wv
hoWB
-----END CERTIFICATE-----
Generated at Mon Jun 29 10:00:06 2026 by rpki-client