Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/514437-93ea-48c1-9127-8b7716354c8d/1/nLekjx1vLWfSpKCoFldqi7pFzOc.roa
File: nLekjx1vLWfSpKCoFldqi7pFzOc.roa (raw, json)
Hash identifier: rKL7H1ryzcB0XUmqHRtIBqU8H4g7SbFojwMZbrklQ9Q=
Subject key identifier: 9C:B7:A4:8F:1D:6F:2D:67:D2:A4:A0:A8:16:57:6A:8B:BA:45:CC:E7
Certificate issuer: /CN=f63fc5a11f96168267a08d8e50ada48383420b98
Certificate serial: 019C7020F080DFD60DAB9081160F83B86DAF
Authority key identifier: F6:3F:C5:A1:1F:96:16:82:67:A0:8D:8E:50:AD:A4:83:83:42:0B:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9j_FoR-WFoJnoI2OUK2kg4NCC5g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/514437-93ea-48c1-9127-8b7716354c8d/1/nLekjx1vLWfSpKCoFldqi7pFzOc.roa
Signing time: Wed 18 Feb 2026 09:42:12 +0000
ROA not before: Wed 18 Feb 2026 09:42:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 43727
IP address blocks: 5.187.64.0/19 maxlen: 24
31.210.192.0/19 maxlen: 24
77.241.240.0/20 maxlen: 24
91.195.126.0/23 maxlen: 24
91.202.24.0/22 maxlen: 24
93.157.144.0/21 maxlen: 24
109.106.128.0/19 maxlen: 24
178.210.32.0/19 maxlen: 24
185.33.160.0/22 maxlen: 24
185.177.96.0/22 maxlen: 24
2a00:1440::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/514437-93ea-48c1-9127-8b7716354c8d/1/9j_FoR-WFoJnoI2OUK2kg4NCC5g.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/514437-93ea-48c1-9127-8b7716354c8d/1/9j_FoR-WFoJnoI2OUK2kg4NCC5g.mft
rsync://rpki.ripe.net/repository/DEFAULT/9j_FoR-WFoJnoI2OUK2kg4NCC5g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 06:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:70:20:f0:80:df:d6:0d:ab:90:81:16:0f:83:b8:6d:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f63fc5a11f96168267a08d8e50ada48383420b98
Validity
Not Before: Feb 18 09:42:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9cb7a48f1d6f2d67d2a4a0a816576a8bba45cce7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:d5:c9:0d:76:e8:77:fc:b0:3d:c1:3d:b8:00:
37:53:b1:f3:da:6a:41:15:2a:85:ae:c0:67:32:50:
86:a1:e9:39:70:2a:ab:71:f0:6d:3c:d8:5a:69:38:
37:43:c5:08:05:c9:14:88:af:52:71:44:77:cb:8b:
cf:75:c8:c5:1e:d5:a6:ff:85:98:f0:40:0c:98:69:
e4:31:c6:e4:94:bd:ce:b6:0d:f1:f4:b9:18:ed:54:
92:d5:cc:17:9e:dd:bf:1d:89:93:59:ed:9d:39:8c:
82:1b:3a:90:44:8d:59:cd:f1:ea:18:75:99:53:20:
84:a8:f6:32:eb:ab:e8:45:92:b1:ef:b3:e1:09:16:
e4:3a:9a:0c:b1:ae:3d:45:73:71:bb:7b:35:01:0a:
0d:29:c5:08:bc:e7:0a:fd:9f:c9:97:c0:fc:88:d9:
59:65:5c:a8:66:b8:af:f2:70:c3:46:ae:0c:55:5d:
08:b6:93:bb:d3:45:fa:ac:dd:ac:0f:9a:14:3c:9f:
92:95:4e:0b:af:2c:3b:f3:e0:44:c3:ef:f0:cd:66:
31:4a:b9:fd:63:3b:e9:65:ce:ee:05:f1:a0:8e:74:
81:a7:bb:42:3c:8a:cb:fd:90:ef:11:59:9c:ef:28:
30:df:bc:68:d9:db:ed:48:36:e2:42:fa:5f:6b:54:
12:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:B7:A4:8F:1D:6F:2D:67:D2:A4:A0:A8:16:57:6A:8B:BA:45:CC:E7
X509v3 Authority Key Identifier:
keyid:F6:3F:C5:A1:1F:96:16:82:67:A0:8D:8E:50:AD:A4:83:83:42:0B:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9j_FoR-WFoJnoI2OUK2kg4NCC5g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/514437-93ea-48c1-9127-8b7716354c8d/1/nLekjx1vLWfSpKCoFldqi7pFzOc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/514437-93ea-48c1-9127-8b7716354c8d/1/9j_FoR-WFoJnoI2OUK2kg4NCC5g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.187.64.0/19
31.210.192.0/19
77.241.240.0/20
91.195.126.0/23
91.202.24.0/22
93.157.144.0/21
109.106.128.0/19
178.210.32.0/19
185.33.160.0/22
185.177.96.0/22
IPv6:
2a00:1440::/32
Signature Algorithm: sha256WithRSAEncryption
28:6c:9d:e2:24:11:7a:c0:39:1b:65:ce:67:34:10:d7:b4:50:
40:be:d2:15:f9:3b:bc:57:0c:9a:a8:9a:b7:08:98:ab:da:2d:
c4:4c:af:2f:5d:a9:e7:0c:5e:df:01:65:3e:41:f5:53:f0:53:
53:63:d6:13:b3:11:02:74:c0:98:d5:3c:a0:89:ed:56:90:71:
9f:6e:af:eb:8e:1c:aa:43:45:35:d6:ed:69:ec:4c:5e:e2:ec:
d1:cf:aa:9b:78:71:2c:f5:51:af:cb:68:ef:08:bf:c2:2d:18:
5f:cf:53:e7:a7:cf:8f:0f:d0:fd:d3:0f:b0:ac:ac:eb:47:f3:
05:c5:8b:ab:03:68:16:49:b9:75:5a:26:32:d9:b0:67:78:a5:
5d:05:5a:ee:a3:79:78:ba:03:9f:63:43:b6:67:b4:aa:fb:44:
fe:7c:55:c3:bd:ec:ae:d7:a0:88:6e:b8:2b:2d:8e:15:36:e8:
19:a5:df:cd:2f:c6:e4:12:3b:64:ed:eb:20:e3:7d:85:7b:dc:
41:de:14:fc:d4:3c:11:05:7b:51:9c:82:fa:91:3e:57:dc:e0:
c3:c7:cc:7a:0c:4a:c9:d0:67:af:a9:c1:e1:fb:8b:6e:7f:19:
f2:a8:61:3f:75:db:bd:33:fe:6e:1e:87:1a:56:af:ae:3e:5c:
d1:fd:09:e5
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAZxwIPCA39YNq5CBFg+DuG2vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2M2ZjNWExMWY5NjE2ODI2N2EwOGQ4ZTUwYWRhNDgzODM0
MjBiOTgwHhcNMjYwMjE4MDk0MjEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2I3YTQ4ZjFkNmYyZDY3ZDJhNGEwYTgxNjU3NmE4YmJhNDVjY2U3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6NXJDXbod/ywPcE9uAA3U7Hz2mpB
FSqFrsBnMlCGoek5cCqrcfBtPNhaaTg3Q8UIBckUiK9ScUR3y4vPdcjFHtWm/4WY
8EAMmGnkMcbklL3Otg3x9LkY7VSS1cwXnt2/HYmTWe2dOYyCGzqQRI1ZzfHqGHWZ
UyCEqPYy66voRZKx77PhCRbkOpoMsa49RXNxu3s1AQoNKcUIvOcK/Z/Jl8D8iNlZ
ZVyoZriv8nDDRq4MVV0ItpO700X6rN2sD5oUPJ+SlU4Lryw78+BEw+/wzWYxSrn9
YzvpZc7uBfGgjnSBp7tCPIrL/ZDvEVmc7ygw37xo2dvtSDbiQvpfa1QSJQIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFJy3pI8dby1n0qSgqBZXaou6RcznMB8GA1UdIwQY
MBaAFPY/xaEflhaCZ6CNjlCtpIODQguYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWpfRm9SLVdGb0pub0kyT1VLMmtnNE5DQzVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi81MTQ0MzctOTNlYS00OGMxLTkxMjct
OGI3NzE2MzU0YzhkLzEvbkxla2p4MXZMV2ZTcEtDb0ZsZHFpN3BGek9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi81MTQ0MzctOTNlYS00OGMxLTkxMjctOGI3NzE2MzU0Yzhk
LzEvOWpfRm9SLVdGb0pub0kyT1VLMmtnNE5DQzVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwQFBbtAAwQF
H9LAAwQETfHwAwQBW8N+AwQCW8oYAwQDXZ2QAwQFbWqAAwQFstIgAwQCuSGgAwQC
ubFgMA0EAgACMAcDBQAqABRAMA0GCSqGSIb3DQEBCwUAA4IBAQAobJ3iJBF6wDkb
Zc5nNBDXtFBAvtIV+Tu8VwyaqJq3CJir2i3ETK8vXannDF7fAWU+QfVT8FNTY9YT
sxECdMCY1Tygie1WkHGfbq/rjhyqQ0U11u1p7Exe4uzRz6qbeHEs9VGvy2jvCL/C
LRhfz1Pnp8+PD9D90w+wrKzrR/MFxYurA2gWSbl1WiYy2bBneKVdBVruo3l4ugOf
Y0O2Z7Sq+0T+fFXDveyu16CIbrgrLY4VNugZpd/NL8bkEjtk7esg432Fe9xB3hT8
1DwRBXtRnIL6kT5X3ODDx8x6DErJ0GevqcHh+4tufxnyqGE/ddu9M/5uHocaVq+u
PlzR/Qnl
-----END CERTIFICATE-----
Generated at Sat Mar 28 15:55:52 2026 by rpki-client