Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/bc6089-3d90-4529-bb47-5cf56ee435b3/1/LwHwj6FuudcYKgDfMaRCUtd665E.roa
File: LwHwj6FuudcYKgDfMaRCUtd665E.roa (raw, json)
Hash identifier: nVhTn8aMgu5Y4MbrBry3u6rNnhiAwk4SD50bpwBJRPA=
Subject key identifier: 2F:01:F0:8F:A1:6E:B9:D7:18:2A:00:DF:31:A4:42:52:D7:7A:EB:91
Certificate issuer: /CN=5fe53c0bfc3c8fb56b81191317144443e0e29d25
Certificate serial: 019DA26990AEB3FA5A43B3052E4BA2EC4AF1
Authority key identifier: 5F:E5:3C:0B:FC:3C:8F:B5:6B:81:19:13:17:14:44:43:E0:E2:9D:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X-U8C_w8j7VrgRkTFxREQ-DinSU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/bc6089-3d90-4529-bb47-5cf56ee435b3/1/LwHwj6FuudcYKgDfMaRCUtd665E.roa
Signing time: Sat 18 Apr 2026 21:05:20 +0000
ROA not before: Sat 18 Apr 2026 21:05:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 199524
IP address blocks: 87.232.92.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ad/bc6089-3d90-4529-bb47-5cf56ee435b3/1/X-U8C_w8j7VrgRkTFxREQ-DinSU.crl
rsync://rpki.ripe.net/repository/DEFAULT/ad/bc6089-3d90-4529-bb47-5cf56ee435b3/1/X-U8C_w8j7VrgRkTFxREQ-DinSU.mft
rsync://rpki.ripe.net/repository/DEFAULT/X-U8C_w8j7VrgRkTFxREQ-DinSU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 May 2026 13:57:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:a2:69:90:ae:b3:fa:5a:43:b3:05:2e:4b:a2:ec:4a:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5fe53c0bfc3c8fb56b81191317144443e0e29d25
Validity
Not Before: Apr 18 21:05:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2f01f08fa16eb9d7182a00df31a44252d77aeb91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:37:e1:69:5c:00:57:a2:fc:c5:ac:c4:3a:a8:
08:1b:0e:05:0d:8b:4f:38:7e:73:f6:66:eb:7f:14:
e1:09:8f:6d:f0:6d:90:59:3b:1b:ed:88:ff:4b:b4:
c8:20:26:43:6a:68:6a:aa:ac:d4:94:5e:3d:29:64:
2d:32:47:90:ec:62:5d:95:4e:82:a5:9d:70:9e:04:
e6:b7:9a:ac:a7:6b:1b:1d:7f:b0:38:16:ab:a4:b8:
71:2b:8d:8b:99:1b:95:bc:16:47:3b:78:4d:0f:81:
d4:0a:0b:9f:51:94:ae:62:9b:ff:e2:4c:d6:88:4b:
8c:6a:51:20:44:0f:5a:2e:9c:74:8c:f9:a9:1f:68:
cb:5c:e5:2c:c8:7b:e6:e7:27:b9:55:16:f3:b2:d1:
40:10:29:7c:20:73:28:50:89:d8:7f:60:a4:da:90:
71:c6:2e:5c:c2:a5:71:be:5b:bb:37:42:0e:20:54:
6d:df:24:29:d7:ba:9a:41:c2:03:95:0c:d5:8f:63:
bc:6d:28:84:e6:dc:57:9a:44:27:99:2a:03:b3:e2:
ae:02:6d:74:62:5d:61:41:74:f1:d0:f1:94:31:30:
6b:d0:88:15:f6:28:d0:69:d2:c0:66:9e:9d:80:06:
c9:3d:6f:3b:0a:b9:08:36:7c:70:5f:6d:bc:63:87:
96:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:01:F0:8F:A1:6E:B9:D7:18:2A:00:DF:31:A4:42:52:D7:7A:EB:91
X509v3 Authority Key Identifier:
keyid:5F:E5:3C:0B:FC:3C:8F:B5:6B:81:19:13:17:14:44:43:E0:E2:9D:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X-U8C_w8j7VrgRkTFxREQ-DinSU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/bc6089-3d90-4529-bb47-5cf56ee435b3/1/LwHwj6FuudcYKgDfMaRCUtd665E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/bc6089-3d90-4529-bb47-5cf56ee435b3/1/X-U8C_w8j7VrgRkTFxREQ-DinSU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.232.92.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:12:3b:85:79:0d:15:db:f5:0f:f4:bd:96:7f:67:3d:90:02:
f8:6d:92:29:31:b7:61:f4:35:47:c2:32:dc:fa:8c:11:1a:06:
51:71:b6:ca:16:04:d0:63:ec:ee:db:81:d9:10:a1:97:f4:b1:
c2:67:17:2c:06:37:d6:a0:25:f2:a6:6a:bc:2a:bb:57:68:0e:
9f:74:c2:62:8b:67:c0:f6:ed:0d:f1:04:e4:84:f4:87:e8:8e:
02:0f:5e:63:e0:ae:88:40:96:7a:f2:c3:dc:e9:1b:1d:7c:80:
ca:54:f4:4d:e8:b6:47:87:25:c3:8f:01:a4:a4:7a:3c:44:38:
be:6a:6c:7c:a4:91:ab:49:51:f2:ce:a7:22:aa:f7:50:22:3f:
09:b1:5c:be:48:f3:2f:a5:fb:24:ad:2e:2d:54:ab:03:91:66:
d0:c5:44:6e:39:64:64:2e:9b:67:e9:a9:0f:fc:20:25:e7:a2:
4a:8e:ef:72:60:20:f8:85:e8:06:24:b2:3d:2f:cc:ad:b6:9c:
8f:91:c4:b4:c9:15:95:46:9f:f5:41:b0:55:4e:1e:fd:99:74:
37:4a:59:f4:7a:e3:e8:a8:60:1f:3a:d1:87:0b:a5:35:c4:3b:
31:51:ea:7d:89:0e:92:c1:f6:9c:f1:6f:62:f9:86:18:4a:54:
ce:be:49:5a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ2iaZCus/paQ7MFLkui7ErxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmZTUzYzBiZmMzYzhmYjU2YjgxMTkxMzE3MTQ0NDQzZTBl
MjlkMjUwHhcNMjYwNDE4MjEwNTIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjAxZjA4ZmExNmViOWQ3MTgyYTAwZGYzMWE0NDI1MmQ3N2FlYjkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzfhaVwAV6L8xazEOqgIGw4FDYtP
OH5z9mbrfxThCY9t8G2QWTsb7Yj/S7TIICZDamhqqqzUlF49KWQtMkeQ7GJdlU6C
pZ1wngTmt5qsp2sbHX+wOBarpLhxK42LmRuVvBZHO3hND4HUCgufUZSuYpv/4kzW
iEuMalEgRA9aLpx0jPmpH2jLXOUsyHvm5ye5VRbzstFAECl8IHMoUInYf2Ck2pBx
xi5cwqVxvlu7N0IOIFRt3yQp17qaQcIDlQzVj2O8bSiE5txXmkQnmSoDs+KuAm10
Yl1hQXTx0PGUMTBr0IgV9ijQadLAZp6dgAbJPW87CrkINnxwX228Y4eWlQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC8B8I+hbrnXGCoA3zGkQlLXeuuRMB8GA1UdIwQY
MBaAFF/lPAv8PI+1a4EZExcUREPg4p0lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWC1VOENfdzhqN1ZyZ1JrVEZ4UkVRLURpblNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9iYzYwODktM2Q5MC00NTI5LWJiNDct
NWNmNTZlZTQzNWIzLzEvTHdId2o2RnV1ZGNZS2dEZk1hUkNVdGQ2NjVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9iYzYwODktM2Q5MC00NTI5LWJiNDctNWNmNTZlZTQzNWIz
LzEvWC1VOENfdzhqN1ZyZ1JrVEZ4UkVRLURpblNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV+hcMA0G
CSqGSIb3DQEBCwUAA4IBAQB8EjuFeQ0V2/UP9L2Wf2c9kAL4bZIpMbdh9DVHwjLc
+owRGgZRcbbKFgTQY+zu24HZEKGX9LHCZxcsBjfWoCXypmq8KrtXaA6fdMJii2fA
9u0N8QTkhPSH6I4CD15j4K6IQJZ68sPc6RsdfIDKVPRN6LZHhyXDjwGkpHo8RDi+
amx8pJGrSVHyzqciqvdQIj8JsVy+SPMvpfskrS4tVKsDkWbQxURuOWRkLptn6akP
/CAl56JKju9yYCD4hegGJLI9L8yttpyPkcS0yRWVRp/1QbBVTh79mXQ3Sln0euPo
qGAfOtGHC6U1xDsxUep9iQ6Swfac8W9i+YYYSlTOvkla
-----END CERTIFICATE-----
Generated at Tue May 5 19:06:10 2026 by rpki-client