Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/3b1544-4b50-4684-ab75-fce214c6ffda/1/Lu0A41Q5pFS0BwtpNAPtssCo0S4.roa
File: Lu0A41Q5pFS0BwtpNAPtssCo0S4.roa (raw, json)
Hash identifier: qztJk2kblBGSD62DzOMXwoBz8qyRVHAXX4kD8NQjcWE=
Subject key identifier: 2E:ED:00:E3:54:39:A4:54:B4:07:0B:69:34:03:ED:B2:C0:A8:D1:2E
Certificate issuer: /CN=f2e160f0ce5e035af3cb21f4dfd04eab9ea7ee51
Certificate serial: 019E0257EB5CA547C55D80DFFC3F85EE8601
Authority key identifier: F2:E1:60:F0:CE:5E:03:5A:F3:CB:21:F4:DF:D0:4E:AB:9E:A7:EE:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8uFg8M5eA1rzyyH039BOq56n7lE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/3b1544-4b50-4684-ab75-fce214c6ffda/1/Lu0A41Q5pFS0BwtpNAPtssCo0S4.roa
Signing time: Thu 07 May 2026 12:09:36 +0000
ROA not before: Thu 07 May 2026 12:09:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 205775
IP address blocks: 77.91.96.0/23 maxlen: 23
77.91.96.0/24 maxlen: 24
77.91.97.0/24 maxlen: 24
77.91.119.0/24 maxlen: 24
91.214.78.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b5/3b1544-4b50-4684-ab75-fce214c6ffda/1/8uFg8M5eA1rzyyH039BOq56n7lE.crl
rsync://rpki.ripe.net/repository/DEFAULT/b5/3b1544-4b50-4684-ab75-fce214c6ffda/1/8uFg8M5eA1rzyyH039BOq56n7lE.mft
rsync://rpki.ripe.net/repository/DEFAULT/8uFg8M5eA1rzyyH039BOq56n7lE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 18:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:02:57:eb:5c:a5:47:c5:5d:80:df:fc:3f:85:ee:86:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f2e160f0ce5e035af3cb21f4dfd04eab9ea7ee51
Validity
Not Before: May 7 12:09:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2eed00e35439a454b4070b693403edb2c0a8d12e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:71:b6:6f:76:f6:0b:ef:84:a4:1f:7c:a3:b3:
7e:7e:4a:79:34:67:ae:59:20:ea:27:9b:ca:9b:69:
a5:e6:6a:ad:0a:57:3d:4b:2f:94:2a:84:ef:70:8d:
17:e3:76:09:cc:78:bd:39:5d:9b:15:79:b9:81:41:
b0:df:39:09:e9:a1:2e:88:6c:7e:e1:ae:4a:34:23:
22:13:5c:6c:8e:46:51:94:85:ac:c2:3b:1b:e4:ee:
83:47:1a:a6:b2:d0:2f:ee:14:7a:e8:19:be:8d:c1:
7a:80:05:4f:c9:72:63:7f:77:e5:a0:34:b8:15:2f:
bd:15:03:04:70:ce:a4:00:b7:b9:95:cc:0b:b5:d9:
58:1c:1b:79:53:3b:21:97:e0:05:24:60:a1:53:ea:
23:5e:43:6f:78:8a:37:26:58:53:44:e5:99:2d:3f:
b6:5c:f9:6c:a7:6b:01:3e:56:83:cc:55:16:75:f0:
9b:98:12:d4:eb:c7:55:3f:c2:76:97:42:d6:a0:ab:
38:fb:6f:d5:2b:c6:b7:48:b4:62:b2:54:74:59:3e:
c5:8f:cd:bd:69:83:90:7d:75:3d:27:16:47:b9:5b:
b5:d3:d3:d0:57:c9:9a:ac:ab:2d:02:03:ac:2e:19:
32:69:7a:75:8d:21:82:a7:74:26:39:47:94:88:1a:
c9:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:ED:00:E3:54:39:A4:54:B4:07:0B:69:34:03:ED:B2:C0:A8:D1:2E
X509v3 Authority Key Identifier:
keyid:F2:E1:60:F0:CE:5E:03:5A:F3:CB:21:F4:DF:D0:4E:AB:9E:A7:EE:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8uFg8M5eA1rzyyH039BOq56n7lE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/3b1544-4b50-4684-ab75-fce214c6ffda/1/Lu0A41Q5pFS0BwtpNAPtssCo0S4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/3b1544-4b50-4684-ab75-fce214c6ffda/1/8uFg8M5eA1rzyyH039BOq56n7lE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.91.96.0/23
77.91.119.0/24
91.214.78.0/24
Signature Algorithm: sha256WithRSAEncryption
27:2e:a3:91:68:22:d4:21:71:2c:b9:f5:6c:54:35:49:13:a4:
27:b9:fe:7d:c7:fa:9a:02:39:f1:cc:6d:57:83:eb:f4:dd:7f:
bc:66:7d:63:63:67:3f:b9:29:2a:7c:2d:72:c9:ef:39:0b:d4:
a5:e0:c4:02:e5:35:74:30:1a:64:cc:3a:c1:37:ba:3e:63:8c:
7d:7e:fa:a4:37:cf:87:42:ba:89:ac:b4:72:74:86:e4:bf:b9:
eb:ae:9c:df:35:16:b7:e6:cf:0c:2d:a4:48:58:45:6c:ef:c1:
2d:49:96:bb:13:dc:74:b5:97:e1:d0:3a:0c:c0:cd:cb:37:09:
f3:cb:38:e2:f3:c0:3d:2a:49:8f:ea:ad:be:8b:01:d6:74:12:
a8:be:82:4a:f4:5a:a7:c2:08:1c:5b:22:d2:0c:91:ce:db:86:
37:b8:32:2b:ea:8d:cd:27:25:9c:ac:a4:31:50:dd:3c:91:38:
d6:fd:a1:e2:d7:1b:22:c6:7c:2d:f5:59:1b:61:84:3d:a5:0a:
f5:5d:76:f8:c7:2a:55:2c:f6:d8:2b:2c:32:5d:c0:56:d3:63:
40:32:2d:e4:88:b0:88:32:f8:72:be:a9:a4:02:98:37:90:02:
fc:5e:78:dc:be:40:0d:68:b3:11:74:47:2b:e5:d5:8b:5d:9f:
7f:cb:ac:b6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZ4CV+tcpUfFXYDf/D+F7oYBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyZTE2MGYwY2U1ZTAzNWFmM2NiMjFmNGRmZDA0ZWFiOWVh
N2VlNTEwHhcNMjYwNTA3MTIwOTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWVkMDBlMzU0MzlhNDU0YjQwNzBiNjkzNDAzZWRiMmMwYThkMTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3nG2b3b2C++EpB98o7N+fkp5NGeu
WSDqJ5vKm2ml5mqtClc9Sy+UKoTvcI0X43YJzHi9OV2bFXm5gUGw3zkJ6aEuiGx+
4a5KNCMiE1xsjkZRlIWswjsb5O6DRxqmstAv7hR66Bm+jcF6gAVPyXJjf3floDS4
FS+9FQMEcM6kALe5lcwLtdlYHBt5Uzshl+AFJGChU+ojXkNveIo3JlhTROWZLT+2
XPlsp2sBPlaDzFUWdfCbmBLU68dVP8J2l0LWoKs4+2/VK8a3SLRislR0WT7Fj829
aYOQfXU9JxZHuVu109PQV8marKstAgOsLhkyaXp1jSGCp3QmOUeUiBrJ+wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFC7tAONUOaRUtAcLaTQD7bLAqNEuMB8GA1UdIwQY
MBaAFPLhYPDOXgNa88sh9N/QTquep+5RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHVGZzhNNWVBMXJ6eXlIMDM5Qk9xNTZuN2xFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS8zYjE1NDQtNGI1MC00Njg0LWFiNzUt
ZmNlMjE0YzZmZmRhLzEvTHUwQTQxUTVwRlMwQnd0cE5BUHRzc0NvMFM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS8zYjE1NDQtNGI1MC00Njg0LWFiNzUtZmNlMjE0YzZmZmRh
LzEvOHVGZzhNNWVBMXJ6eXlIMDM5Qk9xNTZuN2xFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBTVtgAwQA
TVt3AwQAW9ZOMA0GCSqGSIb3DQEBCwUAA4IBAQAnLqORaCLUIXEsufVsVDVJE6Qn
uf59x/qaAjnxzG1Xg+v03X+8Zn1jY2c/uSkqfC1yye85C9Sl4MQC5TV0MBpkzDrB
N7o+Y4x9fvqkN8+HQrqJrLRydIbkv7nrrpzfNRa35s8MLaRIWEVs78EtSZa7E9x0
tZfh0DoMwM3LNwnzyzji88A9KkmP6q2+iwHWdBKovoJK9FqnwggcWyLSDJHO24Y3
uDIr6o3NJyWcrKQxUN08kTjW/aHi1xsixnwt9VkbYYQ9pQr1XXb4xypVLPbYKywy
XcBW02NAMi3kiLCIMvhyvqmkApg3kAL8XnjcvkANaLMRdEcr5dWLXZ9/y6y2
-----END CERTIFICATE-----
Generated at Wed May 13 03:55:40 2026 by rpki-client