Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/LyXimnFMcZJxnBpBCeQ1vRZRtY4.roa
File: LyXimnFMcZJxnBpBCeQ1vRZRtY4.roa (raw, json)
Hash identifier: GpV5gTHpTGnkrjsvJ6cea+n5bR4V56pzwV8VkKw+UFw=
Subject key identifier: 2F:25:E2:9A:71:4C:71:92:71:9C:1A:41:09:E4:35:BD:16:51:B5:8E
Certificate issuer: /CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Certificate serial: 019E73F0EAB02D41ABEA3F1DA801A0260667
Authority key identifier: C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/LyXimnFMcZJxnBpBCeQ1vRZRtY4.roa
Signing time: Fri 29 May 2026 13:33:49 +0000
ROA not before: Fri 29 May 2026 13:33:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 197897
IP address blocks: 78.128.12.0/22 maxlen: 24
78.128.16.0/20 maxlen: 24
78.128.52.0/22 maxlen: 24
78.128.56.0/22 maxlen: 24
78.128.84.0/23 maxlen: 24
78.142.22.0/23 maxlen: 24
79.124.80.0/23 maxlen: 24
91.92.59.0/24 maxlen: 24
91.148.150.0/23 maxlen: 24
91.148.152.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.mft
rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 13:27:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:73:f0:ea:b0:2d:41:ab:ea:3f:1d:a8:01:a0:26:06:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Validity
Not Before: May 29 13:33:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2f25e29a714c7192719c1a4109e435bd1651b58e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:01:82:49:95:df:4e:11:0c:9a:4d:7e:e2:dc:
57:5c:54:0b:03:48:5a:f9:9d:fe:4a:4e:ad:a1:5e:
fa:3c:f2:1d:1b:66:1b:83:ec:c9:c7:b6:93:20:8d:
f9:0e:a2:ca:e3:f3:fd:68:15:cf:44:a9:9b:86:bb:
c5:8b:67:8a:18:95:6b:56:e9:03:a2:61:6f:81:39:
45:eb:c3:60:cb:42:86:6a:f8:3c:94:70:6f:23:b7:
11:85:c9:3a:b4:65:22:32:f8:ce:d1:eb:fa:16:0e:
ff:62:00:52:de:7f:e4:00:78:f1:a9:ca:97:7d:90:
9b:59:61:5e:0c:34:5a:97:12:a0:1e:71:1c:0e:45:
19:50:8d:72:08:13:33:b7:b8:d3:1e:9c:08:73:70:
0e:3e:64:e8:ab:8a:cc:41:78:01:1d:42:22:e4:16:
f0:8f:49:ad:12:af:2a:37:71:c9:09:e4:64:50:45:
4b:06:8a:b2:60:24:42:b6:19:c7:14:20:47:1c:90:
39:9f:ea:08:43:dc:73:b0:a5:bc:76:2c:d0:24:89:
a8:11:9e:88:3e:48:f8:7a:3d:c2:e7:71:e6:de:40:
24:ca:88:da:5b:f6:f4:8d:b6:c0:f2:69:12:1c:75:
3e:c7:c4:4d:68:79:c5:91:18:32:48:e6:89:c6:99:
0c:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:25:E2:9A:71:4C:71:92:71:9C:1A:41:09:E4:35:BD:16:51:B5:8E
X509v3 Authority Key Identifier:
keyid:C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/LyXimnFMcZJxnBpBCeQ1vRZRtY4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.128.12.0-78.128.31.255
78.128.52.0-78.128.59.255
78.128.84.0/23
78.142.22.0/23
79.124.80.0/23
91.92.59.0/24
91.148.150.0-91.148.159.255
Signature Algorithm: sha256WithRSAEncryption
66:44:52:9a:4e:6e:2b:40:31:09:66:89:22:61:c2:09:25:90:
5e:a0:c1:bb:da:64:ba:84:d5:de:aa:53:40:c7:3c:96:c3:0d:
94:ff:06:a1:15:5d:a4:e1:9b:15:0c:dc:a9:1f:d5:39:b1:9b:
7b:fb:0d:9b:93:87:52:84:b7:eb:9a:92:9f:11:46:e3:94:99:
e5:3e:30:b3:81:87:64:f4:73:89:a0:00:2b:27:1f:e3:34:7e:
32:b0:f7:e5:33:33:c7:fb:07:06:f2:68:0a:70:05:b6:66:11:
38:51:b7:2f:df:bc:d9:00:1c:04:f4:c6:fb:d9:23:db:ac:a1:
f8:ed:3a:e4:d3:05:66:d2:cb:de:0e:62:0d:8d:a3:55:ee:55:
bc:5d:2f:ac:31:21:3c:a6:78:9e:a9:d8:c4:2a:0e:e4:92:d9:
12:2e:8c:23:02:37:6e:14:19:99:91:2d:ee:ab:fb:32:57:27:
78:0e:41:d2:0f:6c:83:f7:61:97:c9:87:75:86:89:ca:cc:1e:
fa:d8:ea:d4:1c:0f:a4:7f:54:27:0d:93:6f:b8:8e:2d:c4:3c:
65:b0:cf:51:15:f6:b2:80:df:2f:8c:27:a8:a6:05:9b:9a:19:
a0:d9:54:00:a4:d4:65:41:ef:1c:a8:38:07:c6:2b:32:94:b9:
21:75:7c:c0
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZ5z8OqwLUGr6j8dqAGgJgZnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNWVhYzY0ZWE0ODAyZTY4MjQ2ODZmN2MwZDIwMWYyYzg1
Y2IyYWEwHhcNMjYwNTI5MTMzMzQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjI1ZTI5YTcxNGM3MTkyNzE5YzFhNDEwOWU0MzViZDE2NTFiNThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5wGCSZXfThEMmk1+4txXXFQLA0ha
+Z3+Sk6toV76PPIdG2Ybg+zJx7aTII35DqLK4/P9aBXPRKmbhrvFi2eKGJVrVukD
omFvgTlF68Ngy0KGavg8lHBvI7cRhck6tGUiMvjO0ev6Fg7/YgBS3n/kAHjxqcqX
fZCbWWFeDDRalxKgHnEcDkUZUI1yCBMzt7jTHpwIc3AOPmToq4rMQXgBHUIi5Bbw
j0mtEq8qN3HJCeRkUEVLBoqyYCRCthnHFCBHHJA5n+oIQ9xzsKW8dizQJImoEZ6I
Pkj4ej3C53Hm3kAkyojaW/b0jbbA8mkSHHU+x8RNaHnFkRgySOaJxpkMWwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFC8l4ppxTHGScZwaQQnkNb0WUbWOMB8GA1UdIwQY
MBaAFMNerGTqSALmgkaG98DSAfLIXLKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMt
ZGFjYjVmMzU2ZWEzLzEvTHlYaW1uRk1jWkp4bkJwQkNlUTF2UlpSdFk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMtZGFjYjVmMzU2ZWEz
LzEvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCMAwDBAJOgAwD
BAVOgAAwDAMEAk6ANAMEAk6AOAMEAU6AVAMEAU6OFgMEAU98UAMEAFtcOzAMAwQB
W5SWAwQFW5SAMA0GCSqGSIb3DQEBCwUAA4IBAQBmRFKaTm4rQDEJZokiYcIJJZBe
oMG72mS6hNXeqlNAxzyWww2U/wahFV2k4ZsVDNypH9U5sZt7+w2bk4dShLfrmpKf
EUbjlJnlPjCzgYdk9HOJoAArJx/jNH4ysPflMzPH+wcG8mgKcAW2ZhE4Ubcv37zZ
ABwE9Mb72SPbrKH47Trk0wVm0sveDmINjaNV7lW8XS+sMSE8pnieqdjEKg7kktkS
LowjAjduFBmZkS3uq/syVyd4DkHSD2yD92GXyYd1honKzB762OrUHA+kf1QnDZNv
uI4txDxlsM9RFfaygN8vjCeopgWbmhmg2VQApNRlQe8cqDgHxisylLkhdXzA
-----END CERTIFICATE-----
Generated at Thu Jun 11 19:13:04 2026 by rpki-client