Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/01638c-6cb9-4589-909b-d37df634a929/1/lWg7vkHZKoUTr9NcDvXsJHiO9NI.roa
File: lWg7vkHZKoUTr9NcDvXsJHiO9NI.roa (raw, json)
Hash identifier: hnXLBiYzcA6j2q9gin73kUQrdgupmbTcJczhf1x1FMQ=
Subject key identifier: 95:68:3B:BE:41:D9:2A:85:13:AF:D3:5C:0E:F5:EC:24:78:8E:F4:D2
Certificate issuer: /CN=6cd98c2c54b0cbea134e27a981cfdde73236e055
Certificate serial: 019CCEDABA1A5112F308D5B337DF64C1A303
Authority key identifier: 6C:D9:8C:2C:54:B0:CB:EA:13:4E:27:A9:81:CF:DD:E7:32:36:E0:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bNmMLFSwy-oTTiepgc_d5zI24FU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/01638c-6cb9-4589-909b-d37df634a929/1/lWg7vkHZKoUTr9NcDvXsJHiO9NI.roa
Signing time: Sun 08 Mar 2026 19:09:26 +0000
ROA not before: Sun 08 Mar 2026 19:09:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 45.153.164.0/24 maxlen: 24
45.153.166.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/01638c-6cb9-4589-909b-d37df634a929/1/bNmMLFSwy-oTTiepgc_d5zI24FU.crl
rsync://rpki.ripe.net/repository/DEFAULT/e1/01638c-6cb9-4589-909b-d37df634a929/1/bNmMLFSwy-oTTiepgc_d5zI24FU.mft
rsync://rpki.ripe.net/repository/DEFAULT/bNmMLFSwy-oTTiepgc_d5zI24FU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Mar 2026 07:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ce:da:ba:1a:51:12:f3:08:d5:b3:37:df:64:c1:a3:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6cd98c2c54b0cbea134e27a981cfdde73236e055
Validity
Not Before: Mar 8 19:09:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=95683bbe41d92a8513afd35c0ef5ec24788ef4d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:18:92:fd:f5:10:5a:26:64:52:31:55:53:b4:
c3:26:cb:6e:0d:d0:93:bd:70:9f:14:24:6e:d9:86:
c3:7b:0f:81:cd:61:ee:48:09:f4:41:1f:9c:e3:5d:
55:6e:81:3a:1c:4c:c9:07:e8:a6:b5:36:69:24:76:
5c:97:dc:d8:67:75:45:fc:95:cb:2b:f3:af:f2:99:
fc:aa:5a:ca:21:52:1a:db:4e:d7:fc:04:82:3c:64:
1b:af:f7:95:57:b3:b3:12:89:e3:b6:d4:c3:c5:fa:
2e:9d:44:8c:b3:c8:ff:ab:09:57:2f:3e:19:0e:3f:
9c:f8:15:64:75:8a:cd:ee:1f:27:2f:b1:61:0b:40:
0d:51:bc:4a:87:a5:12:8c:ce:48:b1:d9:93:02:b1:
f5:5d:c1:17:0f:f6:be:e2:d8:d1:5f:4d:19:99:f5:
e3:52:66:8a:28:c6:28:07:45:f3:dd:d3:ae:8e:d8:
63:1c:84:50:5d:25:f2:a6:0a:96:b6:16:77:6a:39:
9b:26:e4:eb:ed:54:5c:af:7b:a6:00:12:9e:20:f8:
82:8b:bb:08:14:0a:8d:4b:bd:fc:73:6f:a3:6d:fc:
1c:4a:bd:5c:c0:2e:26:f0:09:a0:9f:e1:a2:69:02:
61:2c:f9:2c:82:45:6f:22:6c:a8:03:2b:aa:48:09:
0b:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:68:3B:BE:41:D9:2A:85:13:AF:D3:5C:0E:F5:EC:24:78:8E:F4:D2
X509v3 Authority Key Identifier:
keyid:6C:D9:8C:2C:54:B0:CB:EA:13:4E:27:A9:81:CF:DD:E7:32:36:E0:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bNmMLFSwy-oTTiepgc_d5zI24FU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/01638c-6cb9-4589-909b-d37df634a929/1/lWg7vkHZKoUTr9NcDvXsJHiO9NI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/01638c-6cb9-4589-909b-d37df634a929/1/bNmMLFSwy-oTTiepgc_d5zI24FU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.164.0/24
45.153.166.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:2b:a4:97:ad:7b:0a:8f:13:03:35:fe:e7:4b:51:1d:93:10:
dc:90:a1:88:05:71:17:ac:c7:fa:4a:d7:1b:e2:38:02:79:25:
38:f6:16:63:51:5f:af:a5:9f:9f:97:11:23:c3:4a:78:73:b8:
70:02:07:35:c9:4c:f0:e2:9e:bc:1f:09:a5:2c:8e:ea:81:60:
c6:5d:8b:b2:5f:88:12:7c:47:6d:a6:79:ba:54:88:66:5c:9c:
30:fe:92:5f:18:c8:f8:8d:e7:ff:f0:62:4b:a7:a9:72:64:cb:
4e:80:20:0f:a9:4f:28:92:22:4c:de:8c:f1:20:a7:68:e4:a1:
dc:42:8c:87:0c:65:e2:b7:8b:d2:15:bd:af:b4:19:cc:71:02:
81:ae:6b:06:a0:4d:79:f3:b5:38:5f:4e:b1:6b:4e:68:fd:bc:
33:7f:1c:df:f2:7a:ca:b0:01:2f:22:e8:a9:2c:fe:94:61:19:
f0:f5:20:8a:b2:95:b6:6e:a9:21:23:ab:cf:85:e4:94:de:30:
25:38:88:dd:d3:61:28:c2:78:45:82:b5:78:7c:12:2b:74:d2:
af:62:61:e4:4f:2f:54:15:9d:f4:c6:6b:7e:c0:1f:b8:29:db:
e3:90:2d:fa:7f:af:83:c3:1d:40:aa:5c:b4:bb:93:4b:f6:56:
60:dd:cc:e2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZzO2roaURLzCNWzN99kwaMDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjZDk4YzJjNTRiMGNiZWExMzRlMjdhOTgxY2ZkZGU3MzIz
NmUwNTUwHhcNMjYwMzA4MTkwOTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTY4M2JiZTQxZDkyYTg1MTNhZmQzNWMwZWY1ZWMyNDc4OGVmNGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmBiS/fUQWiZkUjFVU7TDJstuDdCT
vXCfFCRu2YbDew+BzWHuSAn0QR+c411VboE6HEzJB+imtTZpJHZcl9zYZ3VF/JXL
K/Ov8pn8qlrKIVIa207X/ASCPGQbr/eVV7OzEonjttTDxfounUSMs8j/qwlXLz4Z
Dj+c+BVkdYrN7h8nL7FhC0ANUbxKh6USjM5IsdmTArH1XcEXD/a+4tjRX00ZmfXj
UmaKKMYoB0Xz3dOujthjHIRQXSXypgqWthZ3ajmbJuTr7VRcr3umABKeIPiCi7sI
FAqNS738c2+jbfwcSr1cwC4m8Amgn+GiaQJhLPksgkVvImyoAyuqSAkLtQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJVoO75B2SqFE6/TXA717CR4jvTSMB8GA1UdIwQY
MBaAFGzZjCxUsMvqE04nqYHP3ecyNuBVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYk5tTUxGU3d5LW9UVGllcGdjX2Q1ekkyNEZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS8wMTYzOGMtNmNiOS00NTg5LTkwOWIt
ZDM3ZGY2MzRhOTI5LzEvbFdnN3ZrSFpLb1VUcjlOY0R2WHNKSGlPOU5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS8wMTYzOGMtNmNiOS00NTg5LTkwOWItZDM3ZGY2MzRhOTI5
LzEvYk5tTUxGU3d5LW9UVGllcGdjX2Q1ekkyNEZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZmkAwQA
LZmmMA0GCSqGSIb3DQEBCwUAA4IBAQCwK6SXrXsKjxMDNf7nS1EdkxDckKGIBXEX
rMf6Stcb4jgCeSU49hZjUV+vpZ+flxEjw0p4c7hwAgc1yUzw4p68HwmlLI7qgWDG
XYuyX4gSfEdtpnm6VIhmXJww/pJfGMj4jef/8GJLp6lyZMtOgCAPqU8okiJM3ozx
IKdo5KHcQoyHDGXit4vSFb2vtBnMcQKBrmsGoE1587U4X06xa05o/bwzfxzf8nrK
sAEvIuipLP6UYRnw9SCKspW2bqkhI6vPheSU3jAlOIjd02EownhFgrV4fBIrdNKv
YmHkTy9UFZ30xmt+wB+4KdvjkC36f6+Dwx1Aqly0u5NL9lZg3czi
-----END CERTIFICATE-----
Generated at Fri Mar 13 12:08:41 2026 by rpki-client