Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/4bd661-9b0c-4560-b1d1-2cea8e153632/1/LzJeistanBiOKXErxoTp59Nqyxs.roa
File: LzJeistanBiOKXErxoTp59Nqyxs.roa (raw, json)
Hash identifier: lbEuCzjhR7tPHwoY5wShJ32jhg+zSn2e+kMFcRklJPk=
Subject key identifier: 2F:32:5E:8A:CB:5A:9C:18:8E:29:71:2B:C6:84:E9:E7:D3:6A:CB:1B
Certificate issuer: /CN=3a5d4a329702e2c9831cd36262bbb7fa7b97de37
Certificate serial: 019CC12759601BDCED34FFE63598233C2AF0
Authority key identifier: 3A:5D:4A:32:97:02:E2:C9:83:1C:D3:62:62:BB:B7:FA:7B:97:DE:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ol1KMpcC4smDHNNiYru3-nuX3jc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/4bd661-9b0c-4560-b1d1-2cea8e153632/1/LzJeistanBiOKXErxoTp59Nqyxs.roa
Signing time: Fri 06 Mar 2026 03:18:27 +0000
ROA not before: Fri 06 Mar 2026 03:18:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 150313
IP address blocks: 94.154.178.0/24 maxlen: 24
172.96.38.0/23 maxlen: 24
193.148.95.0/24 maxlen: 24
195.246.194.0/24 maxlen: 24
198.13.22.0/23 maxlen: 24
199.36.102.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/4bd661-9b0c-4560-b1d1-2cea8e153632/1/Ol1KMpcC4smDHNNiYru3-nuX3jc.crl
rsync://rpki.ripe.net/repository/DEFAULT/e9/4bd661-9b0c-4560-b1d1-2cea8e153632/1/Ol1KMpcC4smDHNNiYru3-nuX3jc.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ol1KMpcC4smDHNNiYru3-nuX3jc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Mar 2026 12:01:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:c1:27:59:60:1b:dc:ed:34:ff:e6:35:98:23:3c:2a:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a5d4a329702e2c9831cd36262bbb7fa7b97de37
Validity
Not Before: Mar 6 03:18:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2f325e8acb5a9c188e29712bc684e9e7d36acb1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:18:34:56:6a:8c:f6:83:13:f1:b0:d0:24:b0:
f6:a3:82:b6:40:8b:9a:b5:0a:b1:26:35:2b:30:f5:
f2:b8:33:eb:54:3e:1f:ed:3b:d5:f9:7d:31:e2:6f:
b3:d6:0e:b0:3c:7e:3a:f6:2b:6d:68:be:89:67:5c:
4d:a0:e9:21:b5:8c:bb:c8:7e:ba:70:81:cc:ea:c2:
4d:9d:83:c0:6d:fd:33:46:ef:98:1d:11:aa:ec:18:
53:18:93:a6:71:72:5c:23:80:9c:c2:77:23:a8:1d:
da:2f:87:71:d1:ff:ba:88:33:54:28:dc:b7:9a:15:
12:d6:61:1e:2f:26:a4:e7:c2:f3:08:5d:de:06:51:
1f:89:bf:ba:c0:43:14:ce:e7:e9:15:d2:04:8c:25:
de:10:c0:e1:92:c3:7f:15:ae:45:6e:5f:a4:1c:f8:
28:0e:d5:ae:e9:be:97:de:32:93:76:c1:1c:37:c0:
85:10:1f:33:42:73:22:61:e8:21:87:04:3a:11:7e:
c4:b8:5b:3d:f7:5e:44:56:78:e9:d3:ca:88:e3:c2:
fc:54:10:32:9e:cf:f6:ea:20:bf:fb:3d:ca:ad:64:
3c:0d:ce:8c:ad:39:e0:57:9c:e9:aa:4f:21:f7:ed:
0d:aa:45:72:91:52:5d:9c:3f:30:3c:84:b9:4b:a3:
38:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:32:5E:8A:CB:5A:9C:18:8E:29:71:2B:C6:84:E9:E7:D3:6A:CB:1B
X509v3 Authority Key Identifier:
keyid:3A:5D:4A:32:97:02:E2:C9:83:1C:D3:62:62:BB:B7:FA:7B:97:DE:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ol1KMpcC4smDHNNiYru3-nuX3jc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/4bd661-9b0c-4560-b1d1-2cea8e153632/1/LzJeistanBiOKXErxoTp59Nqyxs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/4bd661-9b0c-4560-b1d1-2cea8e153632/1/Ol1KMpcC4smDHNNiYru3-nuX3jc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.154.178.0/24
172.96.38.0/23
193.148.95.0/24
195.246.194.0/24
198.13.22.0/23
199.36.102.0/23
Signature Algorithm: sha256WithRSAEncryption
61:60:60:de:47:bb:c8:b0:60:7c:90:15:33:ac:5b:79:af:fe:
05:31:3e:ad:9f:c9:5f:e4:6b:73:f9:a4:7d:2b:87:bd:c0:8e:
fb:88:fa:cd:8a:3f:91:c2:38:68:8b:88:f3:dd:b3:f5:db:03:
d5:9f:87:a4:9b:0d:a7:a6:94:34:bb:13:32:f8:6e:74:8c:40:
1e:0f:c8:a3:c2:d2:d2:cc:74:b6:a2:2f:72:19:f7:95:fe:fa:
29:e0:67:cd:50:7c:99:5d:7f:49:f1:92:29:1c:34:97:74:ba:
b1:b5:81:e8:42:f2:e6:ba:63:5d:aa:63:ec:37:1c:a8:56:ee:
5f:dd:73:a3:58:27:2b:98:9f:40:30:69:af:9f:fd:42:e7:82:
e2:58:ba:61:4b:31:8b:9b:20:95:a7:bb:30:39:cd:b5:61:4e:
25:95:f4:07:73:84:e8:c9:d7:d8:ce:c9:48:f0:92:9e:f7:3f:
22:c1:c7:50:72:3b:81:ba:81:fc:20:19:ea:4f:f4:91:f0:a9:
e2:10:b4:cf:1e:7e:0c:d8:90:da:61:92:f6:41:b6:44:8f:00:
44:b9:52:55:06:d9:2c:7b:c0:db:25:97:7a:ef:d0:af:c8:e4:
76:21:10:cd:8f:fd:d5:e9:9b:d1:07:8a:76:9e:45:03:52:30:
ef:18:b4:d1
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZzBJ1lgG9ztNP/mNZgjPCrwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNWQ0YTMyOTcwMmUyYzk4MzFjZDM2MjYyYmJiN2ZhN2I5
N2RlMzcwHhcNMjYwMzA2MDMxODI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjMyNWU4YWNiNWE5YzE4OGUyOTcxMmJjNjg0ZTllN2QzNmFjYjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsBg0VmqM9oMT8bDQJLD2o4K2QIua
tQqxJjUrMPXyuDPrVD4f7TvV+X0x4m+z1g6wPH469ittaL6JZ1xNoOkhtYy7yH66
cIHM6sJNnYPAbf0zRu+YHRGq7BhTGJOmcXJcI4CcwncjqB3aL4dx0f+6iDNUKNy3
mhUS1mEeLyak58LzCF3eBlEfib+6wEMUzufpFdIEjCXeEMDhksN/Fa5Fbl+kHPgo
DtWu6b6X3jKTdsEcN8CFEB8zQnMiYeghhwQ6EX7EuFs9915EVnjp08qI48L8VBAy
ns/26iC/+z3KrWQ8Dc6MrTngV5zpqk8h9+0NqkVykVJdnD8wPIS5S6M4dwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFC8yXorLWpwYjilxK8aE6efTassbMB8GA1UdIwQY
MBaAFDpdSjKXAuLJgxzTYmK7t/p7l943MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2wxS01wY0M0c21ESE5OaVlydTMtbnVYM2pjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS80YmQ2NjEtOWIwYy00NTYwLWIxZDEt
MmNlYThlMTUzNjMyLzEvTHpKZWlzdGFuQmlPS1hFcnhvVHA1OU5xeXhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS80YmQ2NjEtOWIwYy00NTYwLWIxZDEtMmNlYThlMTUzNjMy
LzEvT2wxS01wY0M0c21ESE5OaVlydTMtbnVYM2pjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAXpqyAwQB
rGAmAwQAwZRfAwQAw/bCAwQBxg0WAwQBxyRmMA0GCSqGSIb3DQEBCwUAA4IBAQBh
YGDeR7vIsGB8kBUzrFt5r/4FMT6tn8lf5Gtz+aR9K4e9wI77iPrNij+Rwjhoi4jz
3bP12wPVn4ekmw2nppQ0uxMy+G50jEAeD8ijwtLSzHS2oi9yGfeV/vop4GfNUHyZ
XX9J8ZIpHDSXdLqxtYHoQvLmumNdqmPsNxyoVu5f3XOjWCcrmJ9AMGmvn/1C54Li
WLphSzGLmyCVp7swOc21YU4llfQHc4ToydfYzslI8JKe9z8iwcdQcjuBuoH8IBnq
T/SR8KniELTPHn4M2JDaYZL2QbZEjwBEuVJVBtkse8DbJZd679CvyOR2IRDNj/3V
6ZvRB4p2nkUDUjDvGLTR
-----END CERTIFICATE-----
Generated at Fri Mar 6 22:51:45 2026 by rpki-client