Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/LjDOVZrqVTaBdMy7LiiRAm06F6U.roa
File: LjDOVZrqVTaBdMy7LiiRAm06F6U.roa (raw, json)
Hash identifier: lfo+HanxOREHeonoDkwf+MHoVMUC8NNDEATyitbN46w=
Subject key identifier: 2E:30:CE:55:9A:EA:55:36:81:74:CC:BB:2E:28:91:02:6D:3A:17:A5
Certificate issuer: /CN=94d98e8fec680775a157266e0c6b78b141a34f5e
Certificate serial: 019DAB2475F9E2B319344B36AF950C73EAA2
Authority key identifier: 94:D9:8E:8F:EC:68:07:75:A1:57:26:6E:0C:6B:78:B1:41:A3:4F:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lNmOj-xoB3WhVyZuDGt4sUGjT14.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/LjDOVZrqVTaBdMy7LiiRAm06F6U.roa
Signing time: Mon 20 Apr 2026 13:46:26 +0000
ROA not before: Mon 20 Apr 2026 13:46:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 50979
IP address blocks: 46.28.64.0/24 maxlen: 24
193.238.155.0/24 maxlen: 24
195.123.208.0/21 maxlen: 21
195.123.236.0/24 maxlen: 24
2a02:27ac::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/lNmOj-xoB3WhVyZuDGt4sUGjT14.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/lNmOj-xoB3WhVyZuDGt4sUGjT14.mft
rsync://rpki.ripe.net/repository/DEFAULT/lNmOj-xoB3WhVyZuDGt4sUGjT14.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 01:01:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:ab:24:75:f9:e2:b3:19:34:4b:36:af:95:0c:73:ea:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94d98e8fec680775a157266e0c6b78b141a34f5e
Validity
Not Before: Apr 20 13:46:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2e30ce559aea55368174ccbb2e2891026d3a17a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:34:a3:50:ae:30:9f:0b:d4:50:26:d1:91:46:
37:ad:3a:57:70:e6:74:9e:e3:2f:78:57:49:e9:c5:
ff:47:03:f7:15:27:c0:10:3e:cd:76:6a:f0:7e:96:
e7:b6:84:29:80:8c:46:1a:1b:37:9b:ee:42:e8:aa:
75:8f:3a:07:d9:67:56:1e:55:62:d9:b5:84:37:1d:
29:21:e3:b4:e5:d2:7a:b4:b9:e9:d1:00:ec:66:5a:
50:c2:3e:51:91:cb:84:f6:d1:3d:e4:8e:d6:36:f8:
c3:f0:31:4a:c1:74:83:d3:61:2e:00:3e:0c:1a:f7:
3e:f9:bb:ca:43:5c:b3:18:58:c9:60:78:70:ad:48:
dc:7e:70:17:9c:b5:1a:30:ae:a3:07:de:45:c2:4e:
09:0d:7f:a5:a0:5b:52:c9:e8:ea:d6:95:82:cb:d7:
0c:80:3f:43:f1:83:54:5f:cb:82:a2:96:00:e5:1c:
98:a4:23:5b:2b:3d:21:f4:d1:fa:6d:1e:3d:82:27:
b9:23:6a:b4:cc:24:03:fc:03:d5:4f:20:7d:ef:06:
68:33:40:80:55:b6:cf:99:36:07:e0:f5:05:e9:ec:
90:e7:c0:43:22:56:37:f2:94:be:f3:42:4f:69:47:
93:2d:54:f4:e5:40:04:ee:ec:41:a0:be:31:f7:2b:
fe:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:30:CE:55:9A:EA:55:36:81:74:CC:BB:2E:28:91:02:6D:3A:17:A5
X509v3 Authority Key Identifier:
keyid:94:D9:8E:8F:EC:68:07:75:A1:57:26:6E:0C:6B:78:B1:41:A3:4F:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lNmOj-xoB3WhVyZuDGt4sUGjT14.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/LjDOVZrqVTaBdMy7LiiRAm06F6U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/lNmOj-xoB3WhVyZuDGt4sUGjT14.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.28.64.0/24
193.238.155.0/24
195.123.208.0/21
195.123.236.0/24
IPv6:
2a02:27ac::/32
Signature Algorithm: sha256WithRSAEncryption
02:19:f9:82:9b:dc:fb:67:d5:41:d9:b5:04:bb:2f:10:5d:ee:
9d:91:69:6e:9d:05:04:65:72:88:6c:12:3f:84:da:1b:98:a1:
7f:85:4c:91:b6:68:e8:2e:f2:59:36:51:65:2c:96:78:d2:f3:
41:c9:ce:3b:2f:21:96:6d:c9:44:18:af:2b:70:39:68:61:d5:
59:8b:bb:fb:3f:03:09:ba:0d:05:c4:72:94:af:03:94:18:7c:
f9:ba:22:15:b9:a3:21:f5:7e:c9:72:ff:dc:b0:70:6f:bf:ca:
81:2a:ce:98:2b:e1:4a:96:c1:9a:d2:05:b6:51:95:37:4b:f0:
5c:46:cc:9c:6d:7c:8b:bd:3d:a3:17:ca:36:44:10:d6:ba:45:
ce:24:8f:8b:44:8f:1c:84:a9:83:36:21:98:fc:a2:60:af:1b:
7f:cc:02:48:9e:19:51:08:2a:9a:6d:92:94:ed:f2:ba:91:30:
a4:ab:98:f3:07:4b:97:0a:fe:af:b2:63:18:c3:a4:bf:a7:5a:
de:d7:59:fe:05:15:19:1e:fe:0f:bc:c9:16:8c:29:75:75:4c:
19:64:64:d3:1e:f8:01:81:44:86:aa:c0:20:99:8a:ba:6d:02:
9f:a3:ba:ba:78:21:d4:5c:80:96:ed:8c:50:b9:8c:21:82:98:
3e:72:eb:20
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZ2rJHX54rMZNEs2r5UMc+qiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ZDk4ZThmZWM2ODA3NzVhMTU3MjY2ZTBjNmI3OGIxNDFh
MzRmNWUwHhcNMjYwNDIwMTM0NjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTMwY2U1NTlhZWE1NTM2ODE3NGNjYmIyZTI4OTEwMjZkM2ExN2E1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArjSjUK4wnwvUUCbRkUY3rTpXcOZ0
nuMveFdJ6cX/RwP3FSfAED7NdmrwfpbntoQpgIxGGhs3m+5C6Kp1jzoH2WdWHlVi
2bWENx0pIeO05dJ6tLnp0QDsZlpQwj5RkcuE9tE95I7WNvjD8DFKwXSD02EuAD4M
Gvc++bvKQ1yzGFjJYHhwrUjcfnAXnLUaMK6jB95Fwk4JDX+loFtSyejq1pWCy9cM
gD9D8YNUX8uCopYA5RyYpCNbKz0h9NH6bR49gie5I2q0zCQD/APVTyB97wZoM0CA
VbbPmTYH4PUF6eyQ58BDIlY38pS+80JPaUeTLVT05UAE7uxBoL4x9yv+uwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFC4wzlWa6lU2gXTMuy4okQJtOhelMB8GA1UdIwQY
MBaAFJTZjo/saAd1oVcmbgxreLFBo09eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbE5tT2oteG9CM1doVnladURHdDRzVUdqVDE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83YWUzYzctNjdlNC00NGRlLWIxMzkt
ODdkMTdkZjc0YzdlLzEvTGpET1ZacnFWVGFCZE15N0xpaVJBbTA2RjZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83YWUzYzctNjdlNC00NGRlLWIxMzktODdkMTdkZjc0Yzdl
LzEvbE5tT2oteG9CM1doVnladURHdDRzVUdqVDE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQALhxAAwQA
we6bAwQDw3vQAwQAw3vsMA0EAgACMAcDBQAqAiesMA0GCSqGSIb3DQEBCwUAA4IB
AQACGfmCm9z7Z9VB2bUEuy8QXe6dkWlunQUEZXKIbBI/hNobmKF/hUyRtmjoLvJZ
NlFlLJZ40vNByc47LyGWbclEGK8rcDloYdVZi7v7PwMJug0FxHKUrwOUGHz5uiIV
uaMh9X7Jcv/csHBvv8qBKs6YK+FKlsGa0gW2UZU3S/BcRsycbXyLvT2jF8o2RBDW
ukXOJI+LRI8chKmDNiGY/KJgrxt/zAJInhlRCCqabZKU7fK6kTCkq5jzB0uXCv6v
smMYw6S/p1re11n+BRUZHv4PvMkWjCl1dUwZZGTTHvgBgUSGqsAgmYq6bQKfo7q6
eCHUXICW7YxQuYwhgpg+cusg
-----END CERTIFICATE-----
Generated at Mon Apr 27 10:38:32 2026 by rpki-client