Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/LZsZ8skmixkFjuL8M9jPZFgdHQs.roa
File: LZsZ8skmixkFjuL8M9jPZFgdHQs.roa (raw, json)
Hash identifier: Bk7sgAwuv12/vT8/579265TXaC01Cb9q9VWu1B9TVrM=
Subject key identifier: 2D:9B:19:F2:C9:26:8B:19:05:8E:E2:FC:33:D8:CF:64:58:1D:1D:0B
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 019E3A5CBEA4C97250A69F2DDE39A2FF7428
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/LZsZ8skmixkFjuL8M9jPZFgdHQs.roa
Signing time: Mon 18 May 2026 09:13:37 +0000
ROA not before: Mon 18 May 2026 09:13:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 216070
IP address blocks: 89.125.21.0/24 maxlen: 24
89.125.22.0/24 maxlen: 24
89.125.23.0/24 maxlen: 24
89.125.215.0/24 maxlen: 24
89.125.216.0/24 maxlen: 24
89.125.217.0/24 maxlen: 24
89.125.218.0/24 maxlen: 24
89.125.219.0/24 maxlen: 24
89.125.220.0/24 maxlen: 24
89.125.221.0/24 maxlen: 24
89.125.222.0/24 maxlen: 24
176.126.174.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.mft
rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:3a:5c:be:a4:c9:72:50:a6:9f:2d:de:39:a2:ff:74:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: May 18 09:13:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2d9b19f2c9268b19058ee2fc33d8cf64581d1d0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:6c:90:d3:50:5c:05:53:cb:f4:17:e2:8a:a5:
4b:0a:23:f0:65:79:79:b0:7a:40:53:97:cb:84:f4:
50:7f:2c:79:40:28:33:e9:15:29:0b:01:ff:d6:72:
9f:51:5e:d0:34:4e:7b:fd:3b:28:dd:ef:7b:06:c9:
5f:19:99:ef:54:1d:21:ca:61:bb:7c:b6:05:52:b7:
c1:fc:69:d0:47:11:52:16:90:31:0c:b9:60:f8:8f:
40:6c:55:c4:97:bf:10:28:0c:46:3c:46:da:45:53:
d5:3b:40:55:b0:b0:b1:c3:15:74:0d:5a:a6:c2:cf:
51:ef:91:22:2f:6c:c7:c5:87:cf:94:ef:08:d0:0e:
94:4b:fd:ff:e0:bf:f4:c8:cd:c6:d9:c1:04:26:1e:
8a:8d:bb:f3:e5:64:f7:fb:c2:a1:51:8a:8f:23:04:
af:a9:0f:0a:ad:1b:4a:8c:86:f1:cd:fd:66:25:93:
1e:d3:07:09:04:d2:80:c8:2e:2e:98:b9:91:2f:eb:
76:33:db:d9:55:c6:67:d9:55:04:9b:6e:01:d0:50:
b4:52:e0:f5:82:34:75:01:f8:0a:90:5c:44:0c:49:
ae:dc:65:3e:c3:29:4e:1d:14:0b:25:f5:49:c1:5c:
d5:a7:9c:b5:46:ae:5b:bb:fc:be:67:01:83:ee:43:
8e:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:9B:19:F2:C9:26:8B:19:05:8E:E2:FC:33:D8:CF:64:58:1D:1D:0B
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/LZsZ8skmixkFjuL8M9jPZFgdHQs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.125.21.0-89.125.23.255
89.125.215.0-89.125.222.255
176.126.174.0/24
Signature Algorithm: sha256WithRSAEncryption
66:de:10:c2:62:d5:d5:3a:bb:82:a3:5c:f2:62:0d:5e:33:06:
35:7f:86:62:2c:04:7b:3e:4f:2f:96:56:83:64:a6:e2:60:a8:
76:0b:86:ba:29:8b:70:78:26:a8:a4:be:c7:85:20:24:94:54:
66:f0:3c:63:03:b0:fc:7e:d0:a9:08:57:33:75:c1:ba:99:37:
c1:c0:12:e5:a5:00:c3:11:56:fd:e0:39:b4:00:da:1e:38:3f:
d2:ff:d1:6d:22:06:75:c9:90:4c:af:79:15:fc:2d:2a:65:fd:
36:b7:a8:e1:9f:e8:46:5f:9a:69:b7:34:65:1c:d2:8d:1e:f5:
2a:37:84:d1:65:17:4b:00:45:18:50:02:f5:e7:8e:35:35:3b:
d4:b1:17:eb:2b:58:81:79:b7:d1:c9:33:5a:5e:e6:6e:5e:df:
ce:6d:b2:3e:16:68:2c:69:b2:bd:9f:3e:72:f4:22:50:7e:55:
7a:1a:3e:3f:96:05:0a:fd:a6:24:4a:78:3e:1b:3e:ca:2b:6b:
91:b4:c5:82:c7:e8:1a:dc:1a:7f:2c:cd:f8:e1:ee:19:ef:b5:
08:c8:68:3b:da:b5:87:7f:ef:dd:27:3e:d7:26:ba:6a:d6:1f:
85:6d:f3:57:aa:f1:74:61:d6:fc:d5:a4:bd:64:85:15:5f:be:
38:8f:99:6a
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZ46XL6kyXJQpp8t3jmi/3QoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjYwNTE4MDkxMzM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDliMTlmMmM5MjY4YjE5MDU4ZWUyZmMzM2Q4Y2Y2NDU4MWQxZDBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu2yQ01BcBVPL9BfiiqVLCiPwZXl5
sHpAU5fLhPRQfyx5QCgz6RUpCwH/1nKfUV7QNE57/Tso3e97BslfGZnvVB0hymG7
fLYFUrfB/GnQRxFSFpAxDLlg+I9AbFXEl78QKAxGPEbaRVPVO0BVsLCxwxV0DVqm
ws9R75EiL2zHxYfPlO8I0A6US/3/4L/0yM3G2cEEJh6Kjbvz5WT3+8KhUYqPIwSv
qQ8KrRtKjIbxzf1mJZMe0wcJBNKAyC4umLmRL+t2M9vZVcZn2VUEm24B0FC0UuD1
gjR1AfgKkFxEDEmu3GU+wylOHRQLJfVJwVzVp5y1Rq5bu/y+ZwGD7kOOuQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFC2bGfLJJosZBY7i/DPYz2RYHR0LMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvTFpzWjhza21peGtGanVMOE05alBaRmdkSFFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBABZfRUD
BANZfRAwDAMEAFl91wMEAFl93gMEALB+rjANBgkqhkiG9w0BAQsFAAOCAQEAZt4Q
wmLV1Tq7gqNc8mINXjMGNX+GYiwEez5PL5ZWg2Sm4mCodguGuimLcHgmqKS+x4Ug
JJRUZvA8YwOw/H7QqQhXM3XBupk3wcAS5aUAwxFW/eA5tADaHjg/0v/RbSIGdcmQ
TK95FfwtKmX9Nreo4Z/oRl+aabc0ZRzSjR71KjeE0WUXSwBFGFAC9eeONTU71LEX
6ytYgXm30ckzWl7mbl7fzm2yPhZoLGmyvZ8+cvQiUH5Veho+P5YFCv2mJEp4Phs+
yitrkbTFgsfoGtwafyzN+OHuGe+1CMhoO9q1h3/v3Sc+1ya6atYfhW3zV6rxdGHW
/NWkvWSFFV++OI+Zag==
-----END CERTIFICATE-----
Generated at Thu Jun 4 06:21:07 2026 by rpki-client