Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/LuZReuXLJ1OuD39Eh8AnjJyH8d8.roa
File: LuZReuXLJ1OuD39Eh8AnjJyH8d8.roa (raw, json)
Hash identifier: i8LWGzSoa4vkoY22nWh0T5O8XMQlgbg/pk2IR2Xl1Hg=
Subject key identifier: 2E:E6:51:7A:E5:CB:27:53:AE:0F:7F:44:87:C0:27:8C:9C:87:F1:DF
Certificate issuer: /CN=62a15cc88659f578cc159c52b3a7e9ec5819fb20
Certificate serial: 019DA1BB9E2C1B7B540D69272F56CB265AD0
Authority key identifier: 62:A1:5C:C8:86:59:F5:78:CC:15:9C:52:B3:A7:E9:EC:58:19:FB:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/LuZReuXLJ1OuD39Eh8AnjJyH8d8.roa
Signing time: Sat 18 Apr 2026 17:55:20 +0000
ROA not before: Sat 18 Apr 2026 17:55:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 207057
IP address blocks: 132.243.64.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.mft
rsync://rpki.ripe.net/repository/DEFAULT/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 20:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:a1:bb:9e:2c:1b:7b:54:0d:69:27:2f:56:cb:26:5a:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62a15cc88659f578cc159c52b3a7e9ec5819fb20
Validity
Not Before: Apr 18 17:55:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2ee6517ae5cb2753ae0f7f4487c0278c9c87f1df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:73:fe:90:15:be:cb:c5:b2:f1:94:2a:8d:82:
f4:ca:ee:9d:2b:c0:e8:03:66:dd:19:ba:26:8c:89:
ef:7b:ad:4e:e9:d7:ef:dc:a8:4d:81:12:b5:ed:57:
86:76:98:c4:cb:94:99:e5:8c:d6:04:1d:10:db:d7:
25:75:23:73:fe:86:9e:00:38:25:f0:e1:05:46:14:
fb:91:16:b2:af:05:3c:05:a3:28:23:c8:63:83:a4:
f7:80:1e:4c:1d:5f:b9:38:dc:e7:1e:47:69:df:c8:
b0:d0:7b:b7:27:b5:88:0a:3c:73:ec:61:5a:30:c2:
50:b7:a4:d7:60:f7:fc:cc:47:f1:2f:95:b7:9d:01:
a5:da:81:24:db:57:39:b8:c3:7e:4e:04:df:70:1d:
5d:b4:fe:92:e3:bd:60:a9:04:fa:7d:0f:bc:d4:b4:
e3:4f:4b:15:84:9a:0a:2f:6a:f2:18:2b:a6:29:7e:
54:14:c3:83:3d:dd:f5:aa:a3:21:65:3e:dd:89:66:
99:d9:13:b4:e4:f0:1a:81:9a:fe:e0:96:a9:82:9e:
e5:b9:d9:ea:75:d7:e2:c3:d1:dd:ea:3d:74:fc:fc:
5d:2e:86:ac:cf:4c:a2:d4:d3:f6:bf:6b:9a:ab:f3:
a7:62:d9:6a:95:d4:72:2a:c3:e8:23:32:19:33:bc:
91:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:E6:51:7A:E5:CB:27:53:AE:0F:7F:44:87:C0:27:8C:9C:87:F1:DF
X509v3 Authority Key Identifier:
keyid:62:A1:5C:C8:86:59:F5:78:CC:15:9C:52:B3:A7:E9:EC:58:19:FB:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/LuZReuXLJ1OuD39Eh8AnjJyH8d8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
132.243.64.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:30:67:f8:a9:2d:ea:ad:52:78:3b:2f:9c:91:32:c6:52:55:
92:5d:6e:71:04:6a:9e:6b:13:fd:1f:03:57:3b:4d:1b:d2:fb:
91:4a:fe:6f:39:dc:9b:fd:98:29:11:4c:8e:9f:7f:a0:bd:3e:
9a:de:06:73:ce:5a:1b:ae:c0:a8:3d:b8:f0:2a:25:f3:a7:f0:
c9:9c:b7:b2:71:b2:e1:59:06:39:55:64:4e:f6:2f:d1:1f:fe:
10:78:62:ab:5e:e7:48:9d:73:87:a5:6d:cf:ae:b1:ac:b9:69:
6f:1b:68:68:95:6d:72:c5:2b:ad:07:fe:23:cc:e7:7f:09:d1:
cb:87:75:a5:a3:cd:bf:23:80:2b:f4:31:c1:a1:f9:b9:79:ec:
05:92:b9:d1:a6:59:a1:b0:49:ed:33:82:f2:52:b4:32:1e:2b:
ac:21:9d:2e:c4:cf:36:ea:ab:bf:be:8c:bf:18:32:a6:01:eb:
1a:48:be:b1:24:cb:aa:f3:c5:8c:1c:90:04:1d:a5:95:6a:b8:
7d:cd:10:d4:5c:2b:d1:ac:7d:0b:18:0d:17:00:ce:e6:59:ac:
21:b4:be:02:bf:c3:ed:72:2f:79:40:04:77:87:de:1d:a9:8a:
f4:5f:bd:36:9a:c2:e6:b4:7b:40:26:2f:84:c3:d5:01:dc:59:
7a:8d:8e:85
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ2hu54sG3tUDWknL1bLJlrQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyYTE1Y2M4ODY1OWY1NzhjYzE1OWM1MmIzYTdlOWVjNTgx
OWZiMjAwHhcNMjYwNDE4MTc1NTIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWU2NTE3YWU1Y2IyNzUzYWUwZjdmNDQ4N2MwMjc4YzljODdmMWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1XP+kBW+y8Wy8ZQqjYL0yu6dK8Do
A2bdGbomjInve61O6dfv3KhNgRK17VeGdpjEy5SZ5YzWBB0Q29cldSNz/oaeADgl
8OEFRhT7kRayrwU8BaMoI8hjg6T3gB5MHV+5ONznHkdp38iw0Hu3J7WICjxz7GFa
MMJQt6TXYPf8zEfxL5W3nQGl2oEk21c5uMN+TgTfcB1dtP6S471gqQT6fQ+81LTj
T0sVhJoKL2ryGCumKX5UFMODPd31qqMhZT7diWaZ2RO05PAagZr+4Japgp7ludnq
ddfiw9Hd6j10/PxdLoasz0yi1NP2v2uaq/OnYtlqldRyKsPoIzIZM7yR7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC7mUXrlyydTrg9/RIfAJ4ych/HfMB8GA1UdIwQY
MBaAFGKhXMiGWfV4zBWcUrOn6exYGfsgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXFGY3lJWlo5WGpNRlp4U3M2ZnA3RmdaLXlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8yMTE3YmMtMWY5ZS00NTkwLWE1NTAt
NDI2OWI1NmJmN2Q0LzEvTHVaUmV1WExKMU91RDM5RWg4QW5qSnlIOGQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi8yMTE3YmMtMWY5ZS00NTkwLWE1NTAtNDI2OWI1NmJmN2Q0
LzEvWXFGY3lJWlo5WGpNRlp4U3M2ZnA3RmdaLXlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAhPNAMA0G
CSqGSIb3DQEBCwUAA4IBAQCjMGf4qS3qrVJ4Oy+ckTLGUlWSXW5xBGqeaxP9HwNX
O00b0vuRSv5vOdyb/ZgpEUyOn3+gvT6a3gZzzlobrsCoPbjwKiXzp/DJnLeycbLh
WQY5VWRO9i/RH/4QeGKrXudInXOHpW3PrrGsuWlvG2holW1yxSutB/4jzOd/CdHL
h3Wlo82/I4Ar9DHBofm5eewFkrnRplmhsEntM4LyUrQyHiusIZ0uxM826qu/voy/
GDKmAesaSL6xJMuq88WMHJAEHaWVarh9zRDUXCvRrH0LGA0XAM7mWawhtL4Cv8Pt
ci95QAR3h94dqYr0X702msLmtHtAJi+Ew9UB3Fl6jY6F
-----END CERTIFICATE-----
Generated at Mon Apr 20 07:06:36 2026 by rpki-client