Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/acd34b-357f-4307-83c0-0857e3ec03e0/1/LLUfDJXArW87nsQgK_j-4xIbaZ8.roa
File: LLUfDJXArW87nsQgK_j-4xIbaZ8.roa (raw, json)
Hash identifier: EONEhVHzRlPiTP7W/oyuEVNKCoDHcDhKkpaHkbhWD58=
Subject key identifier: 2C:B5:1F:0C:95:C0:AD:6F:3B:9E:C4:20:2B:F8:FE:E3:12:1B:69:9F
Certificate issuer: /CN=11a3864558bf42892bf9e5359bdb13f03b2527a9
Certificate serial: 019D2B8B3966EEA628A12927C1E32AE9C16A
Authority key identifier: 11:A3:86:45:58:BF:42:89:2B:F9:E5:35:9B:DB:13:F0:3B:25:27:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EaOGRVi_Qokr-eU1m9sT8DslJ6k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/acd34b-357f-4307-83c0-0857e3ec03e0/1/LLUfDJXArW87nsQgK_j-4xIbaZ8.roa
Signing time: Thu 26 Mar 2026 19:07:17 +0000
ROA not before: Thu 26 Mar 2026 19:07:17 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 6823
IP address blocks: 37.202.48.0/21 maxlen: 21
37.202.48.0/24 maxlen: 24
37.202.49.0/24 maxlen: 24
37.202.50.0/24 maxlen: 24
37.202.51.0/24 maxlen: 24
37.202.52.0/24 maxlen: 24
37.202.53.0/24 maxlen: 24
37.202.54.0/24 maxlen: 24
37.202.55.0/24 maxlen: 24
178.251.40.0/21 maxlen: 21
178.251.40.0/24 maxlen: 24
178.251.41.0/24 maxlen: 24
178.251.42.0/24 maxlen: 24
178.251.43.0/24 maxlen: 24
178.251.44.0/24 maxlen: 24
178.251.45.0/24 maxlen: 24
178.251.46.0/24 maxlen: 24
178.251.47.0/24 maxlen: 24
2a01:6be0::/32 maxlen: 38
2a01:6be0::/38 maxlen: 38
2a01:6be0:8000::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6c/acd34b-357f-4307-83c0-0857e3ec03e0/1/EaOGRVi_Qokr-eU1m9sT8DslJ6k.crl
rsync://rpki.ripe.net/repository/DEFAULT/6c/acd34b-357f-4307-83c0-0857e3ec03e0/1/EaOGRVi_Qokr-eU1m9sT8DslJ6k.mft
rsync://rpki.ripe.net/repository/DEFAULT/EaOGRVi_Qokr-eU1m9sT8DslJ6k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 04:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2b:8b:39:66:ee:a6:28:a1:29:27:c1:e3:2a:e9:c1:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11a3864558bf42892bf9e5359bdb13f03b2527a9
Validity
Not Before: Mar 26 19:07:17 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2cb51f0c95c0ad6f3b9ec4202bf8fee3121b699f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:3d:f9:fb:f9:f9:d3:8e:bc:00:4f:bc:45:1d:
7c:ac:b4:c4:ec:42:83:9e:e6:1c:0d:5a:ac:69:09:
cd:cd:0c:70:14:cd:c0:6b:ca:bd:6d:ba:fa:03:d4:
a7:cd:c5:d7:98:fb:12:9b:41:5e:d3:4c:03:37:51:
92:bf:45:26:96:91:89:0b:5b:d9:0f:e9:10:93:8f:
40:c1:d1:56:4f:43:15:2b:4e:eb:6c:17:8d:03:fc:
33:6d:7c:ab:f4:3e:df:d6:ba:7c:ee:9f:31:be:76:
56:05:2a:f2:27:eb:f9:f3:5d:c3:67:d8:91:1b:9d:
c3:71:92:99:8f:6a:f0:a4:94:fc:9e:9e:81:63:37:
ab:16:5f:6b:b8:e1:43:ce:72:08:d4:a9:46:d7:63:
76:bf:02:87:1f:52:73:3b:7c:3e:67:41:59:e6:96:
31:f6:64:e6:79:c4:1b:86:d8:01:98:41:46:bd:50:
45:f8:57:0c:b6:af:ea:94:35:df:93:69:0c:0f:1c:
d8:c9:38:9e:96:35:16:b4:f2:0b:e8:56:13:df:19:
9c:b2:7d:12:57:ab:5f:00:d4:e8:81:3c:ea:9f:9c:
87:c4:cc:e7:9d:40:0d:ab:6d:02:37:65:7f:02:4e:
37:e8:38:f8:ae:79:2d:f1:ff:5e:d1:1a:50:5a:5d:
43:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:B5:1F:0C:95:C0:AD:6F:3B:9E:C4:20:2B:F8:FE:E3:12:1B:69:9F
X509v3 Authority Key Identifier:
keyid:11:A3:86:45:58:BF:42:89:2B:F9:E5:35:9B:DB:13:F0:3B:25:27:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaOGRVi_Qokr-eU1m9sT8DslJ6k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/acd34b-357f-4307-83c0-0857e3ec03e0/1/LLUfDJXArW87nsQgK_j-4xIbaZ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/acd34b-357f-4307-83c0-0857e3ec03e0/1/EaOGRVi_Qokr-eU1m9sT8DslJ6k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.48.0/21
178.251.40.0/21
IPv6:
2a01:6be0::/32
Signature Algorithm: sha256WithRSAEncryption
06:30:ae:8e:64:51:b5:fd:28:93:22:13:56:e9:0c:06:30:3b:
5c:13:3e:74:e2:5b:63:5a:7c:d3:ad:d4:92:e1:22:44:b4:2e:
d3:84:62:89:f7:ad:bb:61:07:65:88:97:d5:66:20:1f:a4:80:
0b:9a:ee:a4:5a:44:5f:bf:d7:b7:df:27:26:15:32:3d:96:d2:
b0:aa:93:27:5b:eb:1b:2c:84:99:f2:17:55:0b:b8:9c:61:97:
b7:6a:03:e1:d4:e3:ba:01:74:25:0a:74:56:59:d2:5b:73:c1:
0a:58:fa:6b:cb:40:39:31:c1:5f:a2:88:af:59:e4:4a:b8:7c:
44:7c:d7:15:c9:d6:54:b7:35:4e:25:48:ea:7c:0e:d9:fa:8c:
16:0b:98:16:62:98:93:e0:fd:7d:5f:70:02:10:31:55:47:31:
5a:2e:d7:b3:d8:e3:5b:fc:24:67:89:a5:89:e3:e9:38:ee:c3:
70:37:c7:94:9e:fa:69:5d:9f:59:f3:0f:e0:1c:b1:10:65:a5:
06:d7:43:af:fc:20:a8:c1:98:47:e1:3e:c6:3d:d1:cd:5a:0d:
50:52:a0:ac:b0:6b:d2:9f:71:79:ba:be:d0:b9:7e:f2:7d:10:
06:f2:cc:c2:1c:6f:fd:67:e5:61:e6:5f:99:22:02:17:8c:89:
6a:ff:55:9d
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZ0rizlm7qYooSknweMq6cFqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTM4NjQ1NThiZjQyODkyYmY5ZTUzNTliZGIxM2YwM2Iy
NTI3YTkwHhcNMjYwMzI2MTkwNzE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyY2I1MWYwYzk1YzBhZDZmM2I5ZWM0MjAyYmY4ZmVlMzEyMWI2OTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvz35+/n50468AE+8RR18rLTE7EKD
nuYcDVqsaQnNzQxwFM3Aa8q9bbr6A9SnzcXXmPsSm0Fe00wDN1GSv0UmlpGJC1vZ
D+kQk49AwdFWT0MVK07rbBeNA/wzbXyr9D7f1rp87p8xvnZWBSryJ+v5813DZ9iR
G53DcZKZj2rwpJT8np6BYzerFl9ruOFDznII1KlG12N2vwKHH1JzO3w+Z0FZ5pYx
9mTmecQbhtgBmEFGvVBF+FcMtq/qlDXfk2kMDxzYyTieljUWtPIL6FYT3xmcsn0S
V6tfANTogTzqn5yHxMznnUANq20CN2V/Ak436Dj4rnkt8f9e0RpQWl1DjQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCy1HwyVwK1vO57EICv4/uMSG2mfMB8GA1UdIwQY
MBaAFBGjhkVYv0KJK/nlNZvbE/A7JSepMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFPR1JWaV9Rb2tyLWVVMW05c1Q4RHNsSjZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy9hY2QzNGItMzU3Zi00MzA3LTgzYzAt
MDg1N2UzZWMwM2UwLzEvTExVZkRKWEFyVzg3bnNRZ0tfai00eEliYVo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy9hY2QzNGItMzU3Zi00MzA3LTgzYzAtMDg1N2UzZWMwM2Uw
LzEvRWFPR1JWaV9Rb2tyLWVVMW05c1Q4RHNsSjZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDJcowAwQD
svsoMA0EAgACMAcDBQAqAWvgMA0GCSqGSIb3DQEBCwUAA4IBAQAGMK6OZFG1/SiT
IhNW6QwGMDtcEz504ltjWnzTrdSS4SJEtC7ThGKJ9627YQdliJfVZiAfpIALmu6k
WkRfv9e33ycmFTI9ltKwqpMnW+sbLISZ8hdVC7icYZe3agPh1OO6AXQlCnRWWdJb
c8EKWPpry0A5McFfooivWeRKuHxEfNcVydZUtzVOJUjqfA7Z+owWC5gWYpiT4P19
X3ACEDFVRzFaLtez2ONb/CRniaWJ4+k47sNwN8eUnvppXZ9Z8w/gHLEQZaUG10Ov
/CCowZhH4T7GPdHNWg1QUqCssGvSn3F5ur7QuX7yfRAG8szCHG/9Z+Vh5l+ZIgIX
jIlq/1Wd
-----END CERTIFICATE-----
Generated at Sat Mar 28 13:24:07 2026 by rpki-client