Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/Lmglx6k3OhVfB6qXrSYWY-3n7wU.roa
File: Lmglx6k3OhVfB6qXrSYWY-3n7wU.roa (raw, json)
Hash identifier: jOlTc86u7s0cDJRLkmCFCCAUXlp7wxNhr83b5DVvky8=
Subject key identifier: 2E:68:25:C7:A9:37:3A:15:5F:07:AA:97:AD:26:16:63:ED:E7:EF:05
Certificate issuer: /CN=70f9b16adf2fd31988859922b4457481dd7eef40
Certificate serial: 019E3F05AC6678B90ED4AE7C70DAAC34967D
Authority key identifier: 70:F9:B1:6A:DF:2F:D3:19:88:85:99:22:B4:45:74:81:DD:7E:EF:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cPmxat8v0xmIhZkitEV0gd1-70A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/Lmglx6k3OhVfB6qXrSYWY-3n7wU.roa
Signing time: Tue 19 May 2026 06:56:36 +0000
ROA not before: Tue 19 May 2026 06:56:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 199270
IP address blocks: 85.155.94.0/24 maxlen: 24
141.226.249.0/24 maxlen: 24
185.23.172.0/23 maxlen: 24
185.23.172.0/24 maxlen: 24
185.23.174.0/24 maxlen: 24
2a00:66a0::/35 maxlen: 35
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/cPmxat8v0xmIhZkitEV0gd1-70A.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/cPmxat8v0xmIhZkitEV0gd1-70A.mft
rsync://rpki.ripe.net/repository/DEFAULT/cPmxat8v0xmIhZkitEV0gd1-70A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 05 Jun 2026 07:00:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:3f:05:ac:66:78:b9:0e:d4:ae:7c:70:da:ac:34:96:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70f9b16adf2fd31988859922b4457481dd7eef40
Validity
Not Before: May 19 06:56:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2e6825c7a9373a155f07aa97ad261663ede7ef05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:4a:66:8a:c7:37:54:d1:2f:37:b1:a0:fa:d3:
61:6a:90:25:ed:af:e5:08:6b:19:33:1b:37:42:5f:
fb:f9:fd:62:50:ac:03:5e:f9:ef:41:c9:d6:f7:d3:
27:55:c7:52:85:39:aa:71:b7:e4:5e:05:ba:d5:d5:
73:55:04:cc:77:7a:3c:e5:ee:ad:67:b1:6d:a7:b8:
ed:df:f1:a0:de:ca:fb:52:c3:a6:a0:4b:41:a7:6c:
d9:fc:6d:37:e6:59:77:b4:17:62:99:60:94:37:f2:
02:d2:47:18:fb:74:1b:0f:a4:99:e7:65:46:62:1e:
f7:b0:de:a6:3c:62:2e:52:59:04:5b:01:9b:e2:bb:
1c:6d:82:f6:72:b2:7f:6b:e6:ed:51:eb:77:fb:90:
54:d1:85:2c:86:d3:e1:9b:b7:45:21:6c:02:fc:fe:
da:f0:37:13:0f:5b:d5:9f:e8:c5:3d:0a:cc:7d:ad:
f2:92:1d:6c:b3:94:bf:fe:b2:a8:55:bc:27:49:78:
6f:88:b3:d8:eb:73:cb:db:54:e0:b8:ce:b6:f6:f5:
a8:c6:92:e7:e4:b0:4b:82:6d:3d:56:81:86:3b:65:
7a:03:7d:76:e9:6a:2c:6d:7a:20:e9:b1:1e:84:88:
0a:76:0a:e5:d5:e6:75:f6:45:65:d7:21:7b:73:63:
a1:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:68:25:C7:A9:37:3A:15:5F:07:AA:97:AD:26:16:63:ED:E7:EF:05
X509v3 Authority Key Identifier:
keyid:70:F9:B1:6A:DF:2F:D3:19:88:85:99:22:B4:45:74:81:DD:7E:EF:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cPmxat8v0xmIhZkitEV0gd1-70A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/Lmglx6k3OhVfB6qXrSYWY-3n7wU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/cPmxat8v0xmIhZkitEV0gd1-70A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.155.94.0/24
141.226.249.0/24
185.23.172.0-185.23.174.255
IPv6:
2a00:66a0::/35
Signature Algorithm: sha256WithRSAEncryption
9e:b5:35:54:af:48:67:cf:62:83:2e:9e:f1:91:d6:32:a0:e3:
d9:c9:64:43:b7:c8:49:ad:e4:ff:99:80:3d:36:4a:b7:c9:b9:
63:fc:71:30:c9:94:e1:5a:25:ea:46:77:41:10:a5:5a:f6:a3:
f9:ca:80:09:3a:12:86:f7:0e:14:14:75:57:00:97:02:a8:5e:
03:89:fe:cc:93:00:a3:a6:20:f4:3f:87:38:66:d2:2e:a7:74:
21:6d:c5:bc:c9:0f:1c:6f:68:7a:24:3b:3a:d0:f7:3d:9b:f9:
fe:80:39:b6:ae:34:e6:3c:a6:d2:f3:5c:84:3b:07:07:62:a8:
92:88:4d:2e:97:23:f1:07:41:97:ad:ea:80:e8:63:8d:63:2f:
22:cc:fa:01:f4:03:1e:0e:4a:43:7e:00:e8:dc:6e:6a:ce:85:
92:83:8c:9e:af:d8:5b:f1:8e:1f:4b:c7:ff:30:10:af:92:78:
fa:53:8a:1a:75:f5:63:55:00:1c:c7:6e:6e:8c:d3:50:7c:ed:
94:47:68:e5:70:e4:3f:97:cb:56:b1:bc:e7:68:08:f4:dd:18:
95:d9:d2:08:a1:5e:b3:0e:df:b5:5f:34:5d:f2:7f:04:d6:4e:
e4:6f:c0:fe:b2:40:11:ab:83:96:54:e7:0b:39:61:0b:fa:e0:
48:4e:59:15
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZ4/BaxmeLkO1K58cNqsNJZ9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwZjliMTZhZGYyZmQzMTk4ODg1OTkyMmI0NDU3NDgxZGQ3
ZWVmNDAwHhcNMjYwNTE5MDY1NjM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTY4MjVjN2E5MzczYTE1NWYwN2FhOTdhZDI2MTY2M2VkZTdlZjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwEpmisc3VNEvN7Gg+tNhapAl7a/l
CGsZMxs3Ql/7+f1iUKwDXvnvQcnW99MnVcdShTmqcbfkXgW61dVzVQTMd3o85e6t
Z7Ftp7jt3/Gg3sr7UsOmoEtBp2zZ/G035ll3tBdimWCUN/IC0kcY+3QbD6SZ52VG
Yh73sN6mPGIuUlkEWwGb4rscbYL2crJ/a+btUet3+5BU0YUshtPhm7dFIWwC/P7a
8DcTD1vVn+jFPQrMfa3ykh1ss5S//rKoVbwnSXhviLPY63PL21TguM629vWoxpLn
5LBLgm09VoGGO2V6A3126WosbXog6bEehIgKdgrl1eZ19kVl1yF7c2OhGQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFC5oJcepNzoVXweql60mFmPt5+8FMB8GA1UdIwQY
MBaAFHD5sWrfL9MZiIWZIrRFdIHdfu9AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1BteGF0OHYweG1JaFpraXRFVjBnZDEtNzBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi85NTZkYjktYzhmNy00YjlmLWE1NmUt
YmM2ZGI3MjQ4YWRkLzEvTG1nbHg2azNPaFZmQjZxWHJTWVdZLTNuN3dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi85NTZkYjktYzhmNy00YjlmLWE1NmUtYmM2ZGI3MjQ4YWRk
LzEvY1BteGF0OHYweG1JaFpraXRFVjBnZDEtNzBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAgBAIAATAaAwQAVZteAwQA
jeL5MAwDBAK5F6wDBAC5F64wDgQCAAIwCAMGBSoAZqAAMA0GCSqGSIb3DQEBCwUA
A4IBAQCetTVUr0hnz2KDLp7xkdYyoOPZyWRDt8hJreT/mYA9Nkq3yblj/HEwyZTh
WiXqRndBEKVa9qP5yoAJOhKG9w4UFHVXAJcCqF4Dif7MkwCjpiD0P4c4ZtIup3Qh
bcW8yQ8cb2h6JDs60Pc9m/n+gDm2rjTmPKbS81yEOwcHYqiSiE0ulyPxB0GXreqA
6GONYy8izPoB9AMeDkpDfgDo3G5qzoWSg4yer9hb8Y4fS8f/MBCvknj6U4oadfVj
VQAcx25ujNNQfO2UR2jlcOQ/l8tWsbznaAj03RiV2dIIoV6zDt+1XzRd8n8E1k7k
b8D+skARq4OWVOcLOWEL+uBITlkV
-----END CERTIFICATE-----
Generated at Thu Jun 4 13:01:27 2026 by rpki-client