Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/lx_DhApBbepgoPXpAWVMZkHOy4M.roa
File: lx_DhApBbepgoPXpAWVMZkHOy4M.roa (raw, json)
Hash identifier: uguPsOnPbZyPw2Mv7U8Fmu1LMUcIDj3qTCfJ/Uhauy4=
Subject key identifier: 97:1F:C3:84:0A:41:6D:EA:60:A0:F5:E9:01:65:4C:66:41:CE:CB:83
Certificate issuer: /CN=1acb6376a1648d49d55e4d7b01371367b0dc2af9
Certificate serial: 019ECB8E30307FD6297C6E986464026882BF
Authority key identifier: 1A:CB:63:76:A1:64:8D:49:D5:5E:4D:7B:01:37:13:67:B0:DC:2A:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GstjdqFkjUnVXk17ATcTZ7DcKvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/lx_DhApBbepgoPXpAWVMZkHOy4M.roa
Signing time: Mon 15 Jun 2026 13:52:33 +0000
ROA not before: Mon 15 Jun 2026 13:52:33 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 41952
IP address blocks: 185.228.206.0/24 maxlen: 24
193.32.192.0/24 maxlen: 24
193.32.193.0/24 maxlen: 24
193.32.194.0/24 maxlen: 24
193.32.195.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/GstjdqFkjUnVXk17ATcTZ7DcKvk.crl
rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/GstjdqFkjUnVXk17ATcTZ7DcKvk.mft
rsync://rpki.ripe.net/repository/DEFAULT/GstjdqFkjUnVXk17ATcTZ7DcKvk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 Jul 2026 13:01:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:cb:8e:30:30:7f:d6:29:7c:6e:98:64:64:02:68:82:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1acb6376a1648d49d55e4d7b01371367b0dc2af9
Validity
Not Before: Jun 15 13:52:33 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=971fc3840a416dea60a0f5e901654c6641cecb83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:1d:07:e3:a7:bd:4d:52:6f:98:cb:b4:cf:8e:
bd:99:81:c2:b5:2f:59:fb:98:fa:bd:2b:06:23:7a:
b2:3c:4b:3d:57:cc:3e:77:a4:7a:5b:d9:7e:a6:47:
47:8d:db:8a:0f:fa:2d:76:92:f6:6e:a8:2c:1e:4e:
8a:f9:aa:ce:17:ef:6a:21:12:9f:3e:47:ab:7d:65:
d1:22:c6:26:be:20:9e:2a:c4:a7:a6:fa:20:55:52:
3b:6a:6e:b5:36:d4:0b:fd:26:5f:8a:b8:d5:a6:21:
b5:bc:e6:dc:20:f6:12:74:8a:f6:a2:2c:22:e0:1f:
9f:03:8c:16:00:ea:ee:ab:e7:27:93:2a:6f:fb:2a:
11:8d:28:2c:04:fb:c2:5b:cc:ff:71:2e:9c:3a:19:
b4:c9:8a:97:fb:e3:31:0c:65:b6:77:96:cb:63:4b:
f6:00:fe:75:4a:6f:45:97:9e:36:01:59:86:e1:05:
ab:ba:ca:0b:c4:a6:fb:83:05:d2:ff:86:5d:3d:96:
85:65:a0:f3:10:46:d9:90:0a:3f:2c:60:80:a5:18:
48:be:b5:fc:ed:5c:13:36:b0:82:43:c1:8b:b9:18:
fd:70:73:08:69:0e:d2:7d:03:37:e1:bc:25:52:9c:
2c:f8:23:78:1a:78:d7:d9:63:72:fa:19:47:fe:fc:
84:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:1F:C3:84:0A:41:6D:EA:60:A0:F5:E9:01:65:4C:66:41:CE:CB:83
X509v3 Authority Key Identifier:
keyid:1A:CB:63:76:A1:64:8D:49:D5:5E:4D:7B:01:37:13:67:B0:DC:2A:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GstjdqFkjUnVXk17ATcTZ7DcKvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/lx_DhApBbepgoPXpAWVMZkHOy4M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/GstjdqFkjUnVXk17ATcTZ7DcKvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.228.206.0/24
193.32.192.0/22
Signature Algorithm: sha256WithRSAEncryption
6f:b2:9f:1c:af:81:85:a9:20:43:f4:db:ba:67:e5:8e:1c:55:
6e:3b:49:ca:62:5f:ba:f8:b2:7f:1f:99:d7:fd:61:8f:71:8e:
c2:22:1a:32:3a:72:d8:5a:90:5d:fe:4b:15:46:50:e3:1c:62:
e2:63:b2:f3:e3:11:aa:6a:98:0e:33:d9:7d:02:99:60:3d:c1:
88:d5:8c:d2:96:76:b7:3b:01:35:56:2d:e5:8f:5b:28:5c:b0:
94:a0:8f:1e:e9:d5:b4:8d:ba:70:56:f5:08:ea:7a:23:c5:63:
e2:24:cf:1e:bc:30:a5:ef:22:f7:d0:09:ab:8e:ce:c0:e7:13:
08:3e:41:92:2f:22:71:a3:da:f9:b0:54:99:4e:af:ac:80:ac:
58:05:26:8b:db:78:7d:60:e3:cd:01:01:bf:94:4f:73:73:f3:
b0:ac:6c:67:5c:03:c3:01:63:8d:c5:7c:f6:6d:ae:2f:e1:f7:
91:a9:7f:dc:c1:6f:88:fc:a0:2e:11:7c:62:af:46:a0:b0:6d:
eb:81:57:24:46:0e:24:b9:a6:4f:57:3e:11:b8:c0:cd:d5:7e:
98:66:cd:78:a0:99:09:36:5e:fc:96:c5:b3:01:1e:f1:cb:c1:
0f:4d:c0:e7:0e:f4:d4:42:0f:df:ef:36:c2:53:d4:16:fa:a1:
8b:74:e6:9f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ7LjjAwf9YpfG6YZGQCaIK/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2I2Mzc2YTE2NDhkNDlkNTVlNGQ3YjAxMzcxMzY3YjBk
YzJhZjkwHhcNMjYwNjE1MTM1MjMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzFmYzM4NDBhNDE2ZGVhNjBhMGY1ZTkwMTY1NGM2NjQxY2VjYjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAth0H46e9TVJvmMu0z469mYHCtS9Z
+5j6vSsGI3qyPEs9V8w+d6R6W9l+pkdHjduKD/otdpL2bqgsHk6K+arOF+9qIRKf
PkerfWXRIsYmviCeKsSnpvogVVI7am61NtQL/SZfirjVpiG1vObcIPYSdIr2oiwi
4B+fA4wWAOruq+cnkypv+yoRjSgsBPvCW8z/cS6cOhm0yYqX++MxDGW2d5bLY0v2
AP51Sm9Fl542AVmG4QWrusoLxKb7gwXS/4ZdPZaFZaDzEEbZkAo/LGCApRhIvrX8
7VwTNrCCQ8GLuRj9cHMIaQ7SfQM34bwlUpws+CN4GnjX2WNy+hlH/vyE3QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJcfw4QKQW3qYKD16QFlTGZBzsuDMB8GA1UdIwQY
MBaAFBrLY3ahZI1J1V5NewE3E2ew3Cr5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3N0amRxRmtqVW5WWGsxN0FUY1RaN0RjS3ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS83MjQ3YjAtNDk4OS00M2VhLTkzNTAt
N2E5MzY3NTFkYjFiLzEvbHhfRGhBcEJiZXBnb1BYcEFXVk1aa0hPeTRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS83MjQ3YjAtNDk4OS00M2VhLTkzNTAtN2E5MzY3NTFkYjFi
LzEvR3N0amRxRmtqVW5WWGsxN0FUY1RaN0RjS3ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAueTOAwQC
wSDAMA0GCSqGSIb3DQEBCwUAA4IBAQBvsp8cr4GFqSBD9Nu6Z+WOHFVuO0nKYl+6
+LJ/H5nX/WGPcY7CIhoyOnLYWpBd/ksVRlDjHGLiY7Lz4xGqapgOM9l9AplgPcGI
1YzSlna3OwE1Vi3lj1soXLCUoI8e6dW0jbpwVvUI6nojxWPiJM8evDCl7yL30Amr
js7A5xMIPkGSLyJxo9r5sFSZTq+sgKxYBSaL23h9YOPNAQG/lE9zc/OwrGxnXAPD
AWONxXz2ba4v4feRqX/cwW+I/KAuEXxir0agsG3rgVckRg4kuaZPVz4RuMDN1X6Y
Zs14oJkJNl78lsWzAR7xy8EPTcDnDvTUQg/f7zbCU9QW+qGLdOaf
-----END CERTIFICATE-----
Generated at Tue Jun 30 17:17:15 2026 by rpki-client