Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/b10562-26a1-4645-8d2b-16f146bef995/1/2TmFbHLlO19GORs7_F9-DHpFpSA.roa
File: 2TmFbHLlO19GORs7_F9-DHpFpSA.roa (raw, json)
Hash identifier: 5QcmAAukWHzAPimKayDjIq+AgPinlkXxG0gwzdT2rUs=
Subject key identifier: D9:39:85:6C:72:E5:3B:5F:46:39:1B:3B:FC:5F:7E:0C:7A:45:A5:20
Certificate issuer: /CN=2e252a477242fb45f20bb08020a403a2bb466a9b
Certificate serial: 019D05B177AA68D6D3A734C1C0A5DF5C5B19
Authority key identifier: 2E:25:2A:47:72:42:FB:45:F2:0B:B0:80:20:A4:03:A2:BB:46:6A:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LiUqR3JC-0XyC7CAIKQDortGaps.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/b10562-26a1-4645-8d2b-16f146bef995/1/2TmFbHLlO19GORs7_F9-DHpFpSA.roa
Signing time: Thu 19 Mar 2026 10:43:29 +0000
ROA not before: Thu 19 Mar 2026 10:43:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 207619
IP address blocks: 94.20.56.0/24 maxlen: 24
94.20.57.0/24 maxlen: 24
94.20.58.0/24 maxlen: 24
94.20.59.0/24 maxlen: 24
94.20.88.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/b10562-26a1-4645-8d2b-16f146bef995/1/LiUqR3JC-0XyC7CAIKQDortGaps.crl
rsync://rpki.ripe.net/repository/DEFAULT/71/b10562-26a1-4645-8d2b-16f146bef995/1/LiUqR3JC-0XyC7CAIKQDortGaps.mft
rsync://rpki.ripe.net/repository/DEFAULT/LiUqR3JC-0XyC7CAIKQDortGaps.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:05:b1:77:aa:68:d6:d3:a7:34:c1:c0:a5:df:5c:5b:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e252a477242fb45f20bb08020a403a2bb466a9b
Validity
Not Before: Mar 19 10:43:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d939856c72e53b5f46391b3bfc5f7e0c7a45a520
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:c1:00:e7:3f:be:eb:04:42:92:56:1f:c3:26:
0c:88:b0:c4:83:ea:ed:70:34:58:5e:78:05:de:8c:
a2:e7:51:66:e1:e7:a7:53:61:7f:43:c0:f5:81:0a:
71:d1:ad:b4:f6:d1:99:bc:4a:60:f2:d5:cf:d4:7c:
07:40:f2:ca:38:43:58:bc:ef:8d:4d:7d:57:e4:ca:
89:45:77:ea:e1:ce:79:b9:3c:ed:3f:cd:54:6c:d5:
7c:01:50:65:ef:e1:eb:80:76:60:e6:0a:95:ea:64:
c3:87:15:61:6e:2e:eb:cb:5e:dc:be:cf:31:40:71:
a9:00:30:b0:4b:c9:c5:06:ac:b5:6b:b9:72:86:28:
c7:3d:bc:e3:59:91:24:7d:e7:da:20:9b:20:09:06:
35:53:6e:e8:43:37:60:86:4c:ba:63:2c:f9:eb:df:
22:8b:0b:3d:d1:b9:75:c1:2c:06:2b:b1:f7:69:eb:
91:75:86:6e:a0:b3:62:d7:b4:0d:5b:30:dd:63:b9:
fb:32:91:ff:f7:01:2f:62:aa:26:f2:55:e6:ab:63:
7a:ab:29:48:f2:c7:f0:fb:04:82:7b:bf:3b:ab:c7:
ef:a5:4c:84:23:b8:72:42:91:67:17:bc:2f:3a:29:
78:23:40:2d:d8:2b:97:62:5e:b3:39:18:18:48:51:
8a:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:39:85:6C:72:E5:3B:5F:46:39:1B:3B:FC:5F:7E:0C:7A:45:A5:20
X509v3 Authority Key Identifier:
keyid:2E:25:2A:47:72:42:FB:45:F2:0B:B0:80:20:A4:03:A2:BB:46:6A:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LiUqR3JC-0XyC7CAIKQDortGaps.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/b10562-26a1-4645-8d2b-16f146bef995/1/2TmFbHLlO19GORs7_F9-DHpFpSA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/b10562-26a1-4645-8d2b-16f146bef995/1/LiUqR3JC-0XyC7CAIKQDortGaps.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.20.56.0/22
94.20.88.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:2b:6b:18:d5:8e:cd:71:8d:6b:d3:53:fb:26:27:7b:56:9f:
e6:b7:db:36:2e:b3:ef:c0:96:ef:e8:fa:90:02:b1:7a:8b:33:
95:04:db:7b:78:66:63:8b:75:1e:27:5c:50:2a:6a:86:54:28:
ef:46:46:ef:80:75:a1:1a:eb:c1:29:f5:c3:e0:4a:21:65:92:
d4:16:c2:1e:a3:da:81:87:d9:8a:40:3a:66:f9:62:26:f9:4f:
17:3d:86:2c:b1:4d:03:6b:52:93:99:8f:57:e9:21:c7:ae:a3:
d4:cb:d8:55:2c:fa:31:0a:01:50:60:0b:5c:7c:d6:95:b2:41:
98:0d:a1:e2:7d:5e:c4:a2:58:ab:86:f2:3e:99:ef:1a:d1:36:
18:d1:5f:5d:33:ee:3b:8d:24:52:24:d6:c9:d2:1b:6a:01:0f:
1b:05:73:79:96:90:57:e3:47:2b:99:42:ef:4c:2a:da:f6:e2:
2d:85:b2:0f:b9:73:09:6b:3f:eb:68:95:da:e1:8e:4e:54:8e:
68:e5:79:69:f0:08:ac:9b:1e:b5:6a:4d:32:3d:96:58:e8:85:
88:bc:1a:78:5e:f0:35:a7:e6:d6:fe:88:f8:84:9e:a1:04:99:
b9:1f:87:85:44:d8:6e:29:89:65:cf:15:51:fa:dd:de:52:d6:
9f:80:7d:75
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ0FsXeqaNbTpzTBwKXfXFsZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlMjUyYTQ3NzI0MmZiNDVmMjBiYjA4MDIwYTQwM2EyYmI0
NjZhOWIwHhcNMjYwMzE5MTA0MzI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTM5ODU2YzcyZTUzYjVmNDYzOTFiM2JmYzVmN2UwYzdhNDVhNTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAusEA5z++6wRCklYfwyYMiLDEg+rt
cDRYXngF3oyi51Fm4eenU2F/Q8D1gQpx0a209tGZvEpg8tXP1HwHQPLKOENYvO+N
TX1X5MqJRXfq4c55uTztP81UbNV8AVBl7+HrgHZg5gqV6mTDhxVhbi7ry17cvs8x
QHGpADCwS8nFBqy1a7lyhijHPbzjWZEkfefaIJsgCQY1U27oQzdghky6Yyz5698i
iws90bl1wSwGK7H3aeuRdYZuoLNi17QNWzDdY7n7MpH/9wEvYqom8lXmq2N6qylI
8sfw+wSCe787q8fvpUyEI7hyQpFnF7wvOil4I0At2CuXYl6zORgYSFGKuQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNk5hWxy5TtfRjkbO/xffgx6RaUgMB8GA1UdIwQY
MBaAFC4lKkdyQvtF8guwgCCkA6K7RmqbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGlVcVIzSkMtMFh5QzdDQUlLUURvcnRHYXBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9iMTA1NjItMjZhMS00NjQ1LThkMmIt
MTZmMTQ2YmVmOTk1LzEvMlRtRmJITGxPMTlHT1JzN19GOS1ESHBGcFNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS9iMTA1NjItMjZhMS00NjQ1LThkMmItMTZmMTQ2YmVmOTk1
LzEvTGlVcVIzSkMtMFh5QzdDQUlLUURvcnRHYXBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCXhQ4AwQA
XhRYMA0GCSqGSIb3DQEBCwUAA4IBAQAsK2sY1Y7NcY1r01P7Jid7Vp/mt9s2LrPv
wJbv6PqQArF6izOVBNt7eGZji3UeJ1xQKmqGVCjvRkbvgHWhGuvBKfXD4EohZZLU
FsIeo9qBh9mKQDpm+WIm+U8XPYYssU0Da1KTmY9X6SHHrqPUy9hVLPoxCgFQYAtc
fNaVskGYDaHifV7EolirhvI+me8a0TYY0V9dM+47jSRSJNbJ0htqAQ8bBXN5lpBX
40crmULvTCra9uIthbIPuXMJaz/raJXa4Y5OVI5o5Xlp8Aismx61ak0yPZZY6IWI
vBp4XvA1p+bW/oj4hJ6hBJm5H4eFRNhuKYllzxVR+t3eUtafgH11
-----END CERTIFICATE-----
Generated at Thu Mar 26 19:06:19 2026 by rpki-client