Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/e55e30-97c6-40e6-81b7-507011570ee6/1/lfZvGuublTghs87OLe3YBrTz9rw.roa
File: lfZvGuublTghs87OLe3YBrTz9rw.roa (raw, json)
Hash identifier: 33L3jHKPnMn4vOjKfAOLDS9PGwe/ZxS6Z/D2j8Yjgis=
Subject key identifier: 95:F6:6F:1A:EB:9B:95:38:21:B3:CE:CE:2D:ED:D8:06:B4:F3:F6:BC
Certificate issuer: /CN=a04845af1dc0087b274cee52a4a9e0880335435d
Certificate serial: 019EACBA287B391C7C09C6068C7C20A4D8EC
Authority key identifier: A0:48:45:AF:1D:C0:08:7B:27:4C:EE:52:A4:A9:E0:88:03:35:43:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oEhFrx3ACHsnTO5SpKngiAM1Q10.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/e55e30-97c6-40e6-81b7-507011570ee6/1/lfZvGuublTghs87OLe3YBrTz9rw.roa
Signing time: Tue 09 Jun 2026 14:12:21 +0000
ROA not before: Tue 09 Jun 2026 14:12:21 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 56582
IP address blocks: 178.210.160.0/24 maxlen: 24
178.210.170.0/24 maxlen: 24
178.210.171.0/24 maxlen: 24
178.210.172.0/24 maxlen: 24
178.210.173.0/24 maxlen: 24
178.210.174.0/24 maxlen: 24
178.210.175.0/24 maxlen: 24
178.210.176.0/24 maxlen: 24
178.210.177.0/24 maxlen: 24
178.210.178.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/e55e30-97c6-40e6-81b7-507011570ee6/1/oEhFrx3ACHsnTO5SpKngiAM1Q10.crl
rsync://rpki.ripe.net/repository/DEFAULT/69/e55e30-97c6-40e6-81b7-507011570ee6/1/oEhFrx3ACHsnTO5SpKngiAM1Q10.mft
rsync://rpki.ripe.net/repository/DEFAULT/oEhFrx3ACHsnTO5SpKngiAM1Q10.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 11:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:ac:ba:28:7b:39:1c:7c:09:c6:06:8c:7c:20:a4:d8:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a04845af1dc0087b274cee52a4a9e0880335435d
Validity
Not Before: Jun 9 14:12:21 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=95f66f1aeb9b953821b3cece2dedd806b4f3f6bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:ef:3e:e2:35:ec:4f:6b:af:c0:de:c4:af:fd:
89:9d:fb:d9:83:75:77:21:97:bb:84:e6:24:a2:0c:
38:b8:08:16:ee:2a:d2:6e:cb:1c:ca:18:3e:27:35:
a5:66:e8:d4:db:94:62:0a:9f:0f:65:41:46:36:b6:
0a:5d:87:5c:18:a2:bf:b9:88:b3:c1:06:be:61:92:
bb:84:c6:c7:ad:89:bb:a4:fa:00:50:4d:fd:1e:07:
07:70:93:c0:8c:77:9f:ea:68:d4:96:54:90:aa:41:
55:bb:ab:a3:15:88:2d:12:76:60:1e:a6:d4:f7:46:
9c:9b:12:b5:e4:cf:ed:24:3d:4c:e5:35:fd:d7:e6:
5e:df:86:24:9c:d3:13:82:51:cd:78:c3:99:21:9f:
8a:47:b6:c5:f3:3e:97:ef:88:90:e1:19:65:ea:bd:
f1:51:f8:59:18:7c:60:15:19:80:02:3c:95:8a:fd:
19:c7:b6:36:1f:58:68:ea:b4:97:5d:c4:c9:1d:a5:
26:1d:9b:cd:65:c7:c3:81:5b:e2:69:f8:5e:a0:46:
85:4f:eb:6e:ae:91:b9:4b:20:95:1b:d7:39:17:36:
79:bc:4a:43:d1:d5:ee:93:9c:f6:63:8d:57:03:2a:
6c:1a:c1:2d:8b:bc:c7:30:4d:d2:ac:ee:e9:ea:c6:
43:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:F6:6F:1A:EB:9B:95:38:21:B3:CE:CE:2D:ED:D8:06:B4:F3:F6:BC
X509v3 Authority Key Identifier:
keyid:A0:48:45:AF:1D:C0:08:7B:27:4C:EE:52:A4:A9:E0:88:03:35:43:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oEhFrx3ACHsnTO5SpKngiAM1Q10.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/e55e30-97c6-40e6-81b7-507011570ee6/1/lfZvGuublTghs87OLe3YBrTz9rw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/e55e30-97c6-40e6-81b7-507011570ee6/1/oEhFrx3ACHsnTO5SpKngiAM1Q10.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.210.160.0/24
178.210.170.0-178.210.178.255
Signature Algorithm: sha256WithRSAEncryption
9e:59:29:f9:79:b2:be:e4:75:c9:b5:c1:e5:f9:0f:af:dc:9f:
c5:60:1a:a7:59:ef:e0:5f:1f:9d:e1:62:97:69:ff:61:5c:55:
fa:b9:0d:aa:6b:71:d3:16:4e:98:58:a5:71:44:55:d7:f1:34:
62:d5:85:2b:1f:e3:57:30:9a:0c:47:f8:c6:2b:8e:a0:a9:a5:
53:a5:89:e5:cc:93:75:1e:80:99:80:8f:0f:3e:07:bd:1b:bc:
a9:11:f2:a3:5a:52:d6:46:23:da:15:e1:2e:0e:38:5c:88:ab:
e0:cf:30:9d:34:1a:de:1b:41:81:90:fc:a7:c1:be:30:72:8d:
f7:3b:3b:b1:f7:62:96:13:1c:65:6d:61:ac:d7:a3:f4:3d:9e:
ba:65:35:de:f2:a3:bc:46:4a:a7:2f:fe:7b:f3:85:b5:49:73:
20:77:90:3e:56:77:4e:76:dc:6e:c8:87:5f:ce:dc:13:b7:06:
6d:3c:78:74:66:66:19:0e:e9:4c:d3:f5:00:f9:59:c3:a2:12:
10:66:15:28:08:f8:0f:7a:e2:69:7e:9e:cb:d6:69:ea:38:e0:
b0:3a:51:ff:d8:75:42:38:ed:d4:6f:ff:b7:79:ff:23:fe:b7:
7b:e6:1b:56:1e:0e:c8:cf:bc:fa:b1:db:52:55:71:46:3f:d2:
8d:e9:35:be
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZ6suih7ORx8CcYGjHwgpNjsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwNDg0NWFmMWRjMDA4N2IyNzRjZWU1MmE0YTllMDg4MDMz
NTQzNWQwHhcNMjYwNjA5MTQxMjIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWY2NmYxYWViOWI5NTM4MjFiM2NlY2UyZGVkZDgwNmI0ZjNmNmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAye8+4jXsT2uvwN7Er/2JnfvZg3V3
IZe7hOYkogw4uAgW7irSbsscyhg+JzWlZujU25RiCp8PZUFGNrYKXYdcGKK/uYiz
wQa+YZK7hMbHrYm7pPoAUE39HgcHcJPAjHef6mjUllSQqkFVu6ujFYgtEnZgHqbU
90acmxK15M/tJD1M5TX91+Ze34YknNMTglHNeMOZIZ+KR7bF8z6X74iQ4Rll6r3x
UfhZGHxgFRmAAjyViv0Zx7Y2H1ho6rSXXcTJHaUmHZvNZcfDgVviafheoEaFT+tu
rpG5SyCVG9c5FzZ5vEpD0dXuk5z2Y41XAypsGsEti7zHME3SrO7p6sZD7wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFJX2bxrrm5U4IbPOzi3t2Aa08/a8MB8GA1UdIwQY
MBaAFKBIRa8dwAh7J0zuUqSp4IgDNUNdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0VoRnJ4M0FDSHNuVE81U3BLbmdpQU0xUTEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS9lNTVlMzAtOTdjNi00MGU2LTgxYjct
NTA3MDExNTcwZWU2LzEvbGZadkd1dWJsVGdoczg3T0xlM1lCclR6OXJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS9lNTVlMzAtOTdjNi00MGU2LTgxYjctNTA3MDExNTcwZWU2
LzEvb0VoRnJ4M0FDSHNuVE81U3BLbmdpQU0xUTEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAstKgMAwD
BAGy0qoDBACy0rIwDQYJKoZIhvcNAQELBQADggEBAJ5ZKfl5sr7kdcm1weX5D6/c
n8VgGqdZ7+BfH53hYpdp/2FcVfq5DaprcdMWTphYpXFEVdfxNGLVhSsf41cwmgxH
+MYrjqCppVOlieXMk3UegJmAjw8+B70bvKkR8qNaUtZGI9oV4S4OOFyIq+DPMJ00
Gt4bQYGQ/KfBvjByjfc7O7H3YpYTHGVtYazXo/Q9nrplNd7yo7xGSqcv/nvzhbVJ
cyB3kD5Wd0523G7Ih1/O3BO3Bm08eHRmZhkO6UzT9QD5WcOiEhBmFSgI+A964ml+
nsvWaeo44LA6Uf/YdUI47dRv/7d5/yP+t3vmG1YeDsjPvPqx21JVcUY/0o3pNb4=
-----END CERTIFICATE-----
Generated at Thu Jun 11 20:58:56 2026 by rpki-client