
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Lt7ktd6hzbsO6p64-HVXE9dtLeo.roa
File: Lt7ktd6hzbsO6p64-HVXE9dtLeo.roa (raw, json)
Hash identifier: NbCYh6NRb2z3HVUQAlCsSur0u6OMJCB/0BPxfuQox9U=
Subject key identifier: 2E:DE:E4:B5:DE:A1:CD:BB:0E:EA:9E:B8:F8:75:57:13:D7:6D:2D:EA
Certificate issuer: /CN=be5b8a2b106d334b0c6c61e177aa62f44fe0e3b6
Certificate serial: 019F2368D378A225A2014598595E66CB86D1
Authority key identifier: BE:5B:8A:2B:10:6D:33:4B:0C:6C:61:E1:77:AA:62:F4:4F:E0:E3:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Lt7ktd6hzbsO6p64-HVXE9dtLeo.roa
Signing time: Thu 02 Jul 2026 15:18:20 +0000
ROA not before: Thu 02 Jul 2026 15:18:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 154612
IP address blocks: 81.168.63.0/24 maxlen: 24
89.213.46.0/24 maxlen: 24
89.213.68.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 Jul 2026 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9f:23:68:d3:78:a2:25:a2:01:45:98:59:5e:66:cb:86:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be5b8a2b106d334b0c6c61e177aa62f44fe0e3b6
Validity
Not Before: Jul 2 15:18:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2edee4b5dea1cdbb0eea9eb8f8755713d76d2dea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:3d:b9:3e:85:17:27:2b:58:bc:cb:4f:9f:64:
f7:2e:c9:25:d5:51:58:b6:ce:70:61:0e:02:5e:e7:
41:02:2d:ee:70:3d:39:26:6a:6e:f0:05:b2:b9:82:
bb:1c:82:64:83:33:27:5c:91:13:b1:ca:6a:33:03:
86:36:88:66:de:8f:ee:f9:e8:7b:6a:df:96:9f:d0:
75:ea:5d:5a:35:4e:2f:5a:d4:f9:39:62:ca:d4:b4:
81:b2:bc:f8:13:56:f2:0f:9a:ff:22:32:9c:9e:3a:
0d:f2:57:37:d0:91:a8:57:da:ad:59:4c:fe:d4:54:
86:c6:c3:67:b1:bc:51:e8:b6:42:29:29:97:91:92:
32:e8:94:fa:98:e6:96:32:5a:05:04:1d:5c:df:07:
d6:15:fa:0d:f3:d4:22:47:24:1e:8e:27:e9:fb:d3:
56:7b:42:69:63:bd:d6:53:b5:56:61:0d:60:1e:ad:
c6:e3:09:db:80:fc:af:fa:47:a0:75:9a:b8:c0:99:
3a:12:16:04:e8:96:89:24:e5:92:42:0b:5e:3a:0e:
eb:58:94:df:df:9c:03:af:4a:4d:04:8c:c6:72:e5:
88:ad:1a:e7:7a:0a:da:c0:28:f4:bc:98:d4:76:4d:
0a:6b:a9:b8:5c:54:62:96:e7:41:31:94:00:81:c7:
c7:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:DE:E4:B5:DE:A1:CD:BB:0E:EA:9E:B8:F8:75:57:13:D7:6D:2D:EA
X509v3 Authority Key Identifier:
keyid:BE:5B:8A:2B:10:6D:33:4B:0C:6C:61:E1:77:AA:62:F4:4F:E0:E3:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Lt7ktd6hzbsO6p64-HVXE9dtLeo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.63.0/24
89.213.46.0/24
89.213.68.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:27:fa:3f:b4:d1:62:ba:f2:87:1e:3e:0f:63:38:e5:dc:fd:
4e:c8:e9:aa:37:cd:27:d2:18:0e:a4:57:40:2b:39:78:79:34:
10:67:9e:82:a5:3d:6d:2f:0d:e9:eb:59:a0:c1:c3:f0:82:c3:
6d:6b:20:44:25:ca:37:ba:18:22:9f:91:73:c0:04:63:6d:b3:
5f:3e:01:59:d9:0e:a6:3c:4f:2f:a0:2f:3d:81:07:88:de:48:
61:c6:26:4e:c5:05:2a:85:ba:d9:fd:64:17:e0:dd:af:39:66:
3a:53:50:df:dd:0d:de:47:20:78:77:c8:9a:e2:05:52:44:d8:
a2:cf:2a:21:64:da:96:d9:80:68:a6:21:1d:07:39:a2:3b:a4:
35:48:87:33:29:1a:f3:7b:38:04:8b:06:8f:e7:1b:07:d6:40:
85:67:3c:20:2a:ef:b1:7c:df:8b:62:3b:26:b8:7c:63:65:f8:
85:c5:fe:0e:72:f4:fd:19:7e:b5:00:79:dc:60:96:1c:6d:db:
16:1f:c7:90:39:00:ed:00:e1:0f:be:d5:18:d9:bb:0a:25:e1:
e7:76:46:b3:c7:a8:62:69:b4:49:ee:48:a5:01:0b:92:d7:c3:
c5:9d:b9:7d:65:51:d0:cc:f3:2c:60:42:b4:09:16:82:84:12:
11:c1:f0:10
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZ8jaNN4oiWiAUWYWV5my4bRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNWI4YTJiMTA2ZDMzNGIwYzZjNjFlMTc3YWE2MmY0NGZl
MGUzYjYwHhcNMjYwNzAyMTUxODIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWRlZTRiNWRlYTFjZGJiMGVlYTllYjhmODc1NTcxM2Q3NmQyZGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+T25PoUXJytYvMtPn2T3Lskl1VFY
ts5wYQ4CXudBAi3ucD05Jmpu8AWyuYK7HIJkgzMnXJETscpqMwOGNohm3o/u+eh7
at+Wn9B16l1aNU4vWtT5OWLK1LSBsrz4E1byD5r/IjKcnjoN8lc30JGoV9qtWUz+
1FSGxsNnsbxR6LZCKSmXkZIy6JT6mOaWMloFBB1c3wfWFfoN89QiRyQejifp+9NW
e0JpY73WU7VWYQ1gHq3G4wnbgPyv+kegdZq4wJk6EhYE6JaJJOWSQgteOg7rWJTf
35wDr0pNBIzGcuWIrRrnegrawCj0vJjUdk0Ka6m4XFRiludBMZQAgcfH7wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFC7e5LXeoc27DuqeuPh1VxPXbS3qMB8GA1UdIwQY
MBaAFL5biisQbTNLDGxh4XeqYvRP4OO2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmx1S0t4QnRNMHNNYkdIaGQ2cGk5RV9nNDdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvTHQ3a3RkNmh6YnNPNnA2NC1IVlhFOWR0TGVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvdmx1S0t4QnRNMHNNYkdIaGQ2cGk5RV9nNDdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUag/AwQA
WdUuAwQAWdVEMA0GCSqGSIb3DQEBCwUAA4IBAQBcJ/o/tNFiuvKHHj4PYzjl3P1O
yOmqN80n0hgOpFdAKzl4eTQQZ56CpT1tLw3p61mgwcPwgsNtayBEJco3uhgin5Fz
wARjbbNfPgFZ2Q6mPE8voC89gQeI3khhxiZOxQUqhbrZ/WQX4N2vOWY6U1Df3Q3e
RyB4d8ia4gVSRNiizyohZNqW2YBopiEdBzmiO6Q1SIczKRrzezgEiwaP5xsH1kCF
ZzwgKu+xfN+LYjsmuHxjZfiFxf4OcvT9GX61AHncYJYcbdsWH8eQOQDtAOEPvtUY
2bsKJeHndkazx6hiabRJ7kilAQuS18PFnbl9ZVHQzPMsYEK0CRaChBIRwfAQ
-----END CERTIFICATE-----
Generated at Fri Jul 3 18:21:52 2026 by rpki-client