Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/736a4a-39e0-4119-b4cb-082d924c2f33/1/2LmzHT0ZIbdBKtvls7SHR70OMro.roa
File: 2LmzHT0ZIbdBKtvls7SHR70OMro.roa (raw, json)
Hash identifier: tbuaZMJ3bR1Rnp3JGF/Y5/b7H89NRs10IqAGEmMX3hw=
Subject key identifier: D8:B9:B3:1D:3D:19:21:B7:41:2A:DB:E5:B3:B4:87:47:BD:0E:32:BA
Certificate issuer: /CN=65cb4f6cd8489fddd173970a0ef44d4e1547a405
Certificate serial: 019E15B0EB97381351D8A4EAA213F6CD4F5F
Authority key identifier: 65:CB:4F:6C:D8:48:9F:DD:D1:73:97:0A:0E:F4:4D:4E:15:47:A4:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZctPbNhIn93Rc5cKDvRNThVHpAU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/736a4a-39e0-4119-b4cb-082d924c2f33/1/2LmzHT0ZIbdBKtvls7SHR70OMro.roa
Signing time: Mon 11 May 2026 06:19:36 +0000
ROA not before: Mon 11 May 2026 06:19:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 28730
IP address blocks: 93.95.200.0/21 maxlen: 21
93.95.200.0/24 maxlen: 24
93.95.201.0/24 maxlen: 24
93.95.202.0/24 maxlen: 24
93.95.203.0/24 maxlen: 24
93.95.204.0/24 maxlen: 24
93.95.205.0/24 maxlen: 24
93.95.206.0/24 maxlen: 24
93.95.207.0/24 maxlen: 24
185.176.44.0/22 maxlen: 22
185.176.44.0/24 maxlen: 24
185.176.45.0/24 maxlen: 24
185.176.46.0/24 maxlen: 24
185.176.47.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/736a4a-39e0-4119-b4cb-082d924c2f33/1/ZctPbNhIn93Rc5cKDvRNThVHpAU.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/736a4a-39e0-4119-b4cb-082d924c2f33/1/ZctPbNhIn93Rc5cKDvRNThVHpAU.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZctPbNhIn93Rc5cKDvRNThVHpAU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:15:b0:eb:97:38:13:51:d8:a4:ea:a2:13:f6:cd:4f:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65cb4f6cd8489fddd173970a0ef44d4e1547a405
Validity
Not Before: May 11 06:19:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d8b9b31d3d1921b7412adbe5b3b48747bd0e32ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:e8:13:51:49:8d:3f:e9:3c:6a:28:e7:f8:03:
19:3b:8a:5f:fd:f7:af:1d:de:b0:40:fc:78:1a:bb:
b1:7c:23:9e:20:53:28:92:fa:f1:75:d1:43:96:2c:
dc:f1:38:08:23:42:70:ae:4f:29:a8:c2:a7:7d:fa:
0e:9e:c0:ec:52:e3:86:b6:3e:89:11:24:45:96:4f:
11:1c:d9:86:3b:89:47:33:c1:60:50:96:7a:54:28:
94:4f:c4:8b:13:18:77:06:d6:af:96:e5:5d:d0:13:
2c:5f:5b:02:7d:44:66:5d:4e:2d:68:ac:1a:55:de:
da:b8:71:79:9b:a1:35:9b:30:db:fd:be:c3:e5:84:
1a:2d:bc:b3:5f:9c:2b:4a:4b:85:86:d2:0e:e4:66:
ab:a6:87:15:4b:f4:c8:05:ea:da:9b:f2:19:88:3c:
e6:26:42:ad:fd:3e:73:bf:b3:1a:1d:47:1b:35:38:
01:1a:b1:da:e8:53:f9:9d:e8:70:3c:33:51:16:f2:
3a:39:a4:9b:1e:97:1d:6f:65:d6:5c:e4:19:cc:6e:
83:01:f1:a9:fd:77:ec:a7:51:1d:f1:9a:90:ab:c7:
3f:ee:08:79:9b:50:79:01:73:28:6a:6c:5c:f7:52:
97:06:e2:68:7b:19:0e:f3:c6:79:ef:cf:97:64:9f:
58:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:B9:B3:1D:3D:19:21:B7:41:2A:DB:E5:B3:B4:87:47:BD:0E:32:BA
X509v3 Authority Key Identifier:
keyid:65:CB:4F:6C:D8:48:9F:DD:D1:73:97:0A:0E:F4:4D:4E:15:47:A4:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZctPbNhIn93Rc5cKDvRNThVHpAU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/736a4a-39e0-4119-b4cb-082d924c2f33/1/2LmzHT0ZIbdBKtvls7SHR70OMro.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/736a4a-39e0-4119-b4cb-082d924c2f33/1/ZctPbNhIn93Rc5cKDvRNThVHpAU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.95.200.0/21
185.176.44.0/22
Signature Algorithm: sha256WithRSAEncryption
4b:ca:ba:5e:94:8f:a0:c9:39:51:e6:14:1d:1d:b8:6b:f8:b7:
d3:95:94:6d:46:15:07:c3:62:71:26:e1:16:59:fc:b4:81:39:
ff:a7:dc:c6:3f:61:cf:d5:2c:44:fb:bc:5b:8a:71:32:69:21:
99:56:81:bc:2c:27:64:1c:1e:67:81:a4:85:ad:f7:0c:9e:ba:
d3:a5:ba:49:b1:0e:87:e5:53:4e:52:c6:ea:ea:ef:c4:7c:76:
ca:7a:c0:32:47:86:69:68:6d:64:24:72:c4:d1:8c:f1:bb:ec:
91:9e:94:36:79:42:d0:42:4f:e2:04:9c:0b:1e:e7:68:6b:39:
cb:da:ed:b7:ba:2d:80:94:97:44:59:f9:bc:60:fc:b9:87:1a:
22:b1:f1:a2:e6:fb:8f:8e:f0:54:49:d5:32:46:2e:5d:c1:76:
7a:3a:b8:2e:27:5a:03:aa:e2:24:8e:87:b6:e4:50:a7:9e:e4:
6f:18:d2:2e:43:d6:78:c5:2c:61:fa:44:e6:12:c8:5c:ed:65:
83:be:79:62:39:71:1d:5a:bc:13:73:e5:2d:4d:d4:14:81:65:
2b:37:61:26:fc:41:01:6f:4c:78:a0:5c:52:58:83:7c:c3:a3:
df:21:f3:43:3c:9d:2e:51:eb:6c:ef:ed:e6:e4:53:4e:73:18:
ec:5c:a6:1b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ4VsOuXOBNR2KTqohP2zU9fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1Y2I0ZjZjZDg0ODlmZGRkMTczOTcwYTBlZjQ0ZDRlMTU0
N2E0MDUwHhcNMjYwNTExMDYxOTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGI5YjMxZDNkMTkyMWI3NDEyYWRiZTViM2I0ODc0N2JkMGUzMmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAregTUUmNP+k8aijn+AMZO4pf/fev
Hd6wQPx4GruxfCOeIFMokvrxddFDlizc8TgII0Jwrk8pqMKnffoOnsDsUuOGtj6J
ESRFlk8RHNmGO4lHM8FgUJZ6VCiUT8SLExh3BtavluVd0BMsX1sCfURmXU4taKwa
Vd7auHF5m6E1mzDb/b7D5YQaLbyzX5wrSkuFhtIO5GarpocVS/TIBeram/IZiDzm
JkKt/T5zv7MaHUcbNTgBGrHa6FP5nehwPDNRFvI6OaSbHpcdb2XWXOQZzG6DAfGp
/Xfsp1Ed8ZqQq8c/7gh5m1B5AXMoamxc91KXBuJoexkO88Z578+XZJ9YmQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNi5sx09GSG3QSrb5bO0h0e9DjK6MB8GA1UdIwQY
MBaAFGXLT2zYSJ/d0XOXCg70TU4VR6QFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmN0UGJOaEluOTNSYzVjS0R2Uk5UaFZIcEFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS83MzZhNGEtMzllMC00MTE5LWI0Y2It
MDgyZDkyNGMyZjMzLzEvMkxtekhUMFpJYmRCS3R2bHM3U0hSNzBPTXJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS83MzZhNGEtMzllMC00MTE5LWI0Y2ItMDgyZDkyNGMyZjMz
LzEvWmN0UGJOaEluOTNSYzVjS0R2Uk5UaFZIcEFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDXV/IAwQC
ubAsMA0GCSqGSIb3DQEBCwUAA4IBAQBLyrpelI+gyTlR5hQdHbhr+LfTlZRtRhUH
w2JxJuEWWfy0gTn/p9zGP2HP1SxE+7xbinEyaSGZVoG8LCdkHB5ngaSFrfcMnrrT
pbpJsQ6H5VNOUsbq6u/EfHbKesAyR4ZpaG1kJHLE0Yzxu+yRnpQ2eULQQk/iBJwL
HudoaznL2u23ui2AlJdEWfm8YPy5hxoisfGi5vuPjvBUSdUyRi5dwXZ6OrguJ1oD
quIkjoe25FCnnuRvGNIuQ9Z4xSxh+kTmEshc7WWDvnliOXEdWrwTc+UtTdQUgWUr
N2Em/EEBb0x4oFxSWIN8w6PfIfNDPJ0uUets7+3m5FNOcxjsXKYb
-----END CERTIFICATE-----
Generated at Tue May 12 21:39:29 2026 by rpki-client