Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/721920-939b-412b-a3c5-2329d79c4ae3/1/LpFRmX9PzrWkSCAE9MBkhoB4NC0.roa
File: LpFRmX9PzrWkSCAE9MBkhoB4NC0.roa (raw, json)
Hash identifier: O5h6RKwcek/boNWUKWdfTylprmmWoB0fVIyV7iyo7Aw=
Subject key identifier: 2E:91:51:99:7F:4F:CE:B5:A4:48:20:04:F4:C0:64:86:80:78:34:2D
Certificate issuer: /CN=d8073d06b58652f849fa8bcf3cec6b950909bd68
Certificate serial: 019E15D4A01050A8FA3F444014F553E6694C
Authority key identifier: D8:07:3D:06:B5:86:52:F8:49:FA:8B:CF:3C:EC:6B:95:09:09:BD:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Ac9BrWGUvhJ-ovPPOxrlQkJvWg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/721920-939b-412b-a3c5-2329d79c4ae3/1/LpFRmX9PzrWkSCAE9MBkhoB4NC0.roa
Signing time: Mon 11 May 2026 06:58:36 +0000
ROA not before: Mon 11 May 2026 06:58:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 61121
IP address blocks: 91.212.151.0/24 maxlen: 24
91.212.151.0/32 maxlen: 32
91.212.151.1/32 maxlen: 32
91.212.151.255/32 maxlen: 32
176.120.84.0/22 maxlen: 22
176.120.84.0/23 maxlen: 23
176.120.84.0/24 maxlen: 24
176.120.85.0/24 maxlen: 24
176.120.86.0/23 maxlen: 23
176.120.86.0/24 maxlen: 24
176.120.87.0/24 maxlen: 24
185.18.4.0/22 maxlen: 24
185.18.4.0/23 maxlen: 24
185.18.4.0/24 maxlen: 24
185.18.4.0/32 maxlen: 32
185.18.4.1/32 maxlen: 32
185.18.4.31/32 maxlen: 32
185.18.4.49/32 maxlen: 32
185.18.4.64/32 maxlen: 32
185.18.4.65/32 maxlen: 32
185.18.4.127/32 maxlen: 32
185.18.4.128/32 maxlen: 32
185.18.4.129/32 maxlen: 32
185.18.4.255/32 maxlen: 32
185.18.5.0/24 maxlen: 24
185.18.5.0/32 maxlen: 32
185.18.5.1/32 maxlen: 32
185.18.5.127/32 maxlen: 32
185.18.5.128/32 maxlen: 32
185.18.5.129/32 maxlen: 32
185.18.5.255/32 maxlen: 32
185.18.6.0/23 maxlen: 24
185.18.6.0/24 maxlen: 24
185.18.6.0/32 maxlen: 32
185.18.6.1/32 maxlen: 32
185.18.6.255/32 maxlen: 32
185.18.7.0/24 maxlen: 24
185.18.7.0/32 maxlen: 32
185.18.7.1/32 maxlen: 32
185.18.7.255/32 maxlen: 32
2a03:f1c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/721920-939b-412b-a3c5-2329d79c4ae3/1/2Ac9BrWGUvhJ-ovPPOxrlQkJvWg.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/721920-939b-412b-a3c5-2329d79c4ae3/1/2Ac9BrWGUvhJ-ovPPOxrlQkJvWg.mft
rsync://rpki.ripe.net/repository/DEFAULT/2Ac9BrWGUvhJ-ovPPOxrlQkJvWg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:15:d4:a0:10:50:a8:fa:3f:44:40:14:f5:53:e6:69:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8073d06b58652f849fa8bcf3cec6b950909bd68
Validity
Not Before: May 11 06:58:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2e9151997f4fceb5a4482004f4c064868078342d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:8c:e7:90:f0:61:2b:76:56:5a:a5:ab:aa:06:
b1:67:80:df:e9:33:b9:6b:ea:c3:71:1a:de:d2:1a:
d6:0e:06:92:76:b3:57:b8:4c:26:38:82:ff:d8:f2:
08:f4:58:fb:29:1c:4a:e2:6d:0d:ad:0e:9c:f2:99:
20:e2:84:c2:1f:9a:82:83:40:0a:7e:57:b3:0f:7b:
2d:24:97:14:18:57:c2:a6:e2:04:13:e2:03:19:eb:
51:6c:1a:ae:4c:9d:ed:87:08:10:6d:10:ab:8d:ed:
ff:3e:15:fb:88:65:f8:51:25:2c:c9:ed:40:2b:1a:
88:8c:87:44:98:4a:03:97:f8:24:64:d2:aa:53:52:
90:fd:b8:7e:52:c5:d6:75:93:aa:d3:22:91:7d:0e:
25:42:66:e1:e8:94:9e:cb:ce:65:bb:d2:e0:e2:1d:
38:a2:43:48:aa:a9:9a:5f:b3:97:dd:35:86:d7:f8:
db:7a:86:cd:7b:9b:f2:76:b2:cb:cb:a0:11:d9:b7:
4c:9f:45:14:45:93:fc:3a:c8:51:aa:f2:0e:5f:c6:
22:9a:bb:1f:ca:30:31:e2:27:5a:e0:3f:5a:e9:68:
29:43:a9:8c:93:c6:06:1f:32:2f:1b:72:cd:06:37:
6a:18:93:63:46:39:6d:44:7c:59:1f:53:70:d9:c8:
b3:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:91:51:99:7F:4F:CE:B5:A4:48:20:04:F4:C0:64:86:80:78:34:2D
X509v3 Authority Key Identifier:
keyid:D8:07:3D:06:B5:86:52:F8:49:FA:8B:CF:3C:EC:6B:95:09:09:BD:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Ac9BrWGUvhJ-ovPPOxrlQkJvWg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/721920-939b-412b-a3c5-2329d79c4ae3/1/LpFRmX9PzrWkSCAE9MBkhoB4NC0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/721920-939b-412b-a3c5-2329d79c4ae3/1/2Ac9BrWGUvhJ-ovPPOxrlQkJvWg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.212.151.0/24
176.120.84.0/22
185.18.4.0/22
IPv6:
2a03:f1c0::/32
Signature Algorithm: sha256WithRSAEncryption
4e:bc:47:a3:f9:d5:62:52:7b:32:9a:26:fb:6d:6e:d1:6b:1b:
0c:3e:7d:31:d7:cb:5c:db:af:8a:05:dc:3b:e2:13:a7:c9:c3:
e0:e0:b5:bb:df:a6:24:9b:f6:0b:67:76:00:db:6a:b3:67:fa:
9c:7e:23:60:13:f8:25:b0:7d:88:3e:17:fa:6d:23:b0:1f:b1:
06:95:d4:50:b3:95:59:07:73:f3:50:52:2d:91:e6:21:c1:64:
06:63:72:96:be:12:1a:23:b4:64:e8:41:23:96:7e:1e:3e:f7:
a1:9c:26:8c:c8:08:d3:01:f0:ea:1f:92:bc:af:f8:f3:4b:86:
77:5a:a5:91:cc:28:74:da:06:a7:1f:e5:fe:7d:57:d5:9e:e0:
64:7a:06:4c:f8:2d:25:c6:f4:37:f4:88:ea:1c:e6:e5:c2:aa:
c1:f5:67:ba:6e:02:05:83:82:aa:0e:8a:7f:5d:fd:5f:35:da:
8b:67:08:32:f2:cc:50:1d:3b:12:37:2a:35:9b:6f:b0:94:c0:
18:4f:01:09:90:b6:ec:4d:c3:6d:af:a8:a0:04:c1:82:38:46:
9d:a3:96:ed:c3:7d:0c:84:de:66:63:65:f5:67:ca:bc:ea:f7:
17:86:f4:24:a0:9f:48:b1:85:b7:ad:9a:57:f0:3b:ef:cd:91:
b4:9a:8e:b5
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZ4V1KAQUKj6P0RAFPVT5mlMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MDczZDA2YjU4NjUyZjg0OWZhOGJjZjNjZWM2Yjk1MDkw
OWJkNjgwHhcNMjYwNTExMDY1ODM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTkxNTE5OTdmNGZjZWI1YTQ0ODIwMDRmNGMwNjQ4NjgwNzgzNDJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA64znkPBhK3ZWWqWrqgaxZ4Df6TO5
a+rDcRre0hrWDgaSdrNXuEwmOIL/2PII9Fj7KRxK4m0NrQ6c8pkg4oTCH5qCg0AK
flezD3stJJcUGFfCpuIEE+IDGetRbBquTJ3thwgQbRCrje3/PhX7iGX4USUsye1A
KxqIjIdEmEoDl/gkZNKqU1KQ/bh+UsXWdZOq0yKRfQ4lQmbh6JSey85lu9Lg4h04
okNIqqmaX7OX3TWG1/jbeobNe5vydrLLy6AR2bdMn0UURZP8OshRqvIOX8Yimrsf
yjAx4ida4D9a6WgpQ6mMk8YGHzIvG3LNBjdqGJNjRjltRHxZH1Nw2cizuwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFC6RUZl/T861pEggBPTAZIaAeDQtMB8GA1UdIwQY
MBaAFNgHPQa1hlL4SfqLzzzsa5UJCb1oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkFjOUJyV0dVdmhKLW92UFBPeHJsUWtKdldnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83MjE5MjAtOTM5Yi00MTJiLWEzYzUt
MjMyOWQ3OWM0YWUzLzEvTHBGUm1YOVB6cldrU0NBRTlNQmtob0I0TkMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83MjE5MjAtOTM5Yi00MTJiLWEzYzUtMjMyOWQ3OWM0YWUz
LzEvMkFjOUJyV0dVdmhKLW92UFBPeHJsUWtKdldnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAW9SXAwQC
sHhUAwQCuRIEMA0EAgACMAcDBQAqA/HAMA0GCSqGSIb3DQEBCwUAA4IBAQBOvEej
+dViUnsymib7bW7RaxsMPn0x18tc26+KBdw74hOnycPg4LW736Ykm/YLZ3YA22qz
Z/qcfiNgE/glsH2IPhf6bSOwH7EGldRQs5VZB3PzUFItkeYhwWQGY3KWvhIaI7Rk
6EEjln4ePvehnCaMyAjTAfDqH5K8r/jzS4Z3WqWRzCh02ganH+X+fVfVnuBkegZM
+C0lxvQ39IjqHOblwqrB9We6bgIFg4KqDop/Xf1fNdqLZwgy8sxQHTsSNyo1m2+w
lMAYTwEJkLbsTcNtr6igBMGCOEado5btw30MhN5mY2X1Z8q86vcXhvQkoJ9IsYW3
rZpX8DvvzZG0mo61
-----END CERTIFICATE-----
Generated at Wed May 13 05:55:42 2026 by rpki-client