Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/lhGLvLH4B6mU8DcXwixTXo1UR58.roa
File: lhGLvLH4B6mU8DcXwixTXo1UR58.roa (raw, json)
Hash identifier: exoOVM6vAsRIgRre7TsOkDPf3aLYJlM+uBmeSFMVO5g=
Subject key identifier: 96:11:8B:BC:B1:F8:07:A9:94:F0:37:17:C2:2C:53:5E:8D:54:47:9F
Certificate issuer: /CN=626a28b7c63ef6ab214a52cfa7c3e78db9a40823
Certificate serial: 019DD935B657663CCA041DCE589D66E55730
Authority key identifier: 62:6A:28:B7:C6:3E:F6:AB:21:4A:52:CF:A7:C3:E7:8D:B9:A4:08:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ymoot8Y-9qshSlLPp8PnjbmkCCM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/lhGLvLH4B6mU8DcXwixTXo1UR58.roa
Signing time: Wed 29 Apr 2026 12:27:49 +0000
ROA not before: Wed 29 Apr 2026 12:27:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212477
IP address blocks: 158.173.80.0/21 maxlen: 24
158.173.90.0/23 maxlen: 24
158.173.92.0/22 maxlen: 24
158.173.112.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/Ymoot8Y-9qshSlLPp8PnjbmkCCM.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/Ymoot8Y-9qshSlLPp8PnjbmkCCM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ymoot8Y-9qshSlLPp8PnjbmkCCM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:d9:35:b6:57:66:3c:ca:04:1d:ce:58:9d:66:e5:57:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=626a28b7c63ef6ab214a52cfa7c3e78db9a40823
Validity
Not Before: Apr 29 12:27:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=96118bbcb1f807a994f03717c22c535e8d54479f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:3d:37:46:6d:cf:31:93:af:64:27:2a:20:17:
0f:d7:3f:36:30:98:69:1a:b1:7e:2b:c5:e3:5f:2e:
d8:26:37:97:f2:64:40:18:a5:63:2f:b6:83:e7:a5:
a9:3e:98:9a:40:eb:36:42:74:64:28:62:0e:14:b7:
1c:10:f1:bd:1b:00:47:47:0f:26:d6:69:8f:67:a4:
86:42:89:36:e3:59:77:f4:bb:6a:b9:cc:cd:f2:2d:
ae:67:94:5a:75:9a:95:07:d2:1e:bb:e3:05:15:bb:
ea:89:6b:13:a2:e0:e4:69:c2:01:83:6b:86:fb:53:
d9:55:00:e9:27:e2:db:d8:fb:0a:75:03:54:c2:84:
3c:6e:d9:1c:32:19:ba:af:1b:f2:bf:76:aa:34:1b:
b0:e8:3c:89:80:ac:ce:cd:01:8c:50:42:2c:db:e1:
be:45:a7:9a:69:e1:b5:ac:4d:d1:9a:03:12:0f:12:
4c:23:2f:78:25:95:7f:2f:1d:a6:ca:13:17:df:2e:
a2:08:13:8c:15:99:e4:93:f2:08:c1:24:52:ca:f2:
9a:37:43:d8:8f:61:cd:72:0c:71:c5:ee:9e:3a:0c:
93:eb:97:fd:b7:51:aa:2c:b3:87:73:13:80:8d:73:
76:44:ba:14:67:7a:28:06:2e:6b:32:b9:cc:db:08:
a3:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:11:8B:BC:B1:F8:07:A9:94:F0:37:17:C2:2C:53:5E:8D:54:47:9F
X509v3 Authority Key Identifier:
keyid:62:6A:28:B7:C6:3E:F6:AB:21:4A:52:CF:A7:C3:E7:8D:B9:A4:08:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ymoot8Y-9qshSlLPp8PnjbmkCCM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/lhGLvLH4B6mU8DcXwixTXo1UR58.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/Ymoot8Y-9qshSlLPp8PnjbmkCCM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.173.80.0/21
158.173.90.0-158.173.95.255
158.173.112.0/23
Signature Algorithm: sha256WithRSAEncryption
73:cc:d1:7b:14:ee:53:1d:dd:4b:40:7e:4e:52:1d:a2:f6:25:
eb:88:33:21:af:bf:05:5c:4d:19:ae:ca:36:28:9e:10:23:75:
ae:01:00:a1:5d:cb:25:90:91:7d:d8:5a:92:47:d3:62:da:80:
9d:f7:63:5e:c8:8a:51:e1:fc:0d:2a:36:b4:ab:7d:96:3c:e7:
a4:63:85:27:a8:4e:46:4f:04:1d:c8:63:d6:f5:49:f0:1f:21:
e0:e2:5a:58:dd:63:36:ea:38:50:97:fe:bd:8a:5f:17:93:55:
d3:68:a8:78:f5:45:95:00:d2:f8:de:15:a6:54:f9:4e:f2:2f:
eb:01:86:04:d3:75:b7:71:0a:8e:ba:34:50:15:48:4c:2e:6b:
48:ea:24:4f:21:e0:1f:af:07:c1:b1:52:38:ce:19:61:77:a0:
cf:31:fe:9f:7a:af:d1:c1:b0:31:1a:00:fe:7b:63:3a:02:d0:
cb:3c:a8:e8:82:c4:b6:b7:c2:34:ad:69:47:db:cf:e1:31:33:
2a:52:bc:90:73:f8:e8:42:e2:94:6a:f8:11:54:0a:54:0b:4c:
0f:14:50:6e:96:cb:b8:11:db:47:8d:4a:68:72:fb:2a:46:b3:
36:84:a5:b6:1e:4b:ce:24:1d:c2:ab:4f:fd:8f:1d:11:ae:3c:
67:7f:c9:0a
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZ3ZNbZXZjzKBB3OWJ1m5VcwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyNmEyOGI3YzYzZWY2YWIyMTRhNTJjZmE3YzNlNzhkYjlh
NDA4MjMwHhcNMjYwNDI5MTIyNzQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjExOGJiY2IxZjgwN2E5OTRmMDM3MTdjMjJjNTM1ZThkNTQ0NzlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyz03Rm3PMZOvZCcqIBcP1z82MJhp
GrF+K8XjXy7YJjeX8mRAGKVjL7aD56WpPpiaQOs2QnRkKGIOFLccEPG9GwBHRw8m
1mmPZ6SGQok241l39LtquczN8i2uZ5RadZqVB9Ieu+MFFbvqiWsTouDkacIBg2uG
+1PZVQDpJ+Lb2PsKdQNUwoQ8btkcMhm6rxvyv3aqNBuw6DyJgKzOzQGMUEIs2+G+
RaeaaeG1rE3RmgMSDxJMIy94JZV/Lx2myhMX3y6iCBOMFZnkk/IIwSRSyvKaN0PY
j2HNcgxxxe6eOgyT65f9t1GqLLOHcxOAjXN2RLoUZ3ooBi5rMrnM2wijswIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFJYRi7yx+AeplPA3F8IsU16NVEefMB8GA1UdIwQY
MBaAFGJqKLfGPvarIUpSz6fD5425pAgjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWW1vb3Q4WS05cXNoU2xMUHA4UG5qYm1rQ0NNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS8zYzA3ODUtYjI3My00MDcyLWE2MzUt
ZDJjZDI2YjY5ZGYxLzEvbGhHTHZMSDRCNm1VOERjWHdpeFRYbzFVUjU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS8zYzA3ODUtYjI3My00MDcyLWE2MzUtZDJjZDI2YjY5ZGYx
LzEvWW1vb3Q4WS05cXNoU2xMUHA4UG5qYm1rQ0NNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQDnq1QMAwD
BAGerVoDBAWerUADBAGerXAwDQYJKoZIhvcNAQELBQADggEBAHPM0XsU7lMd3UtA
fk5SHaL2JeuIMyGvvwVcTRmuyjYonhAjda4BAKFdyyWQkX3YWpJH02LagJ33Y17I
ilHh/A0qNrSrfZY856RjhSeoTkZPBB3IY9b1SfAfIeDiWljdYzbqOFCX/r2KXxeT
VdNoqHj1RZUA0vjeFaZU+U7yL+sBhgTTdbdxCo66NFAVSEwua0jqJE8h4B+vB8Gx
UjjOGWF3oM8x/p96r9HBsDEaAP57YzoC0Ms8qOiCxLa3wjStaUfbz+ExMypSvJBz
+OhC4pRq+BFUClQLTA8UUG6Wy7gR20eNSmhy+ypGszaEpbYeS84kHcKrT/2PHRGu
PGd/yQo=
-----END CERTIFICATE-----
Generated at Wed May 13 01:45:22 2026 by rpki-client