Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/3c076b-aea1-4a33-a9e9-99128bf6a841/1/lF-NQYjHwP7LXQFX0OJCARB0Jts.roa
File: lF-NQYjHwP7LXQFX0OJCARB0Jts.roa (raw, json)
Hash identifier: YQcmPFpdxVDION1toykp/aMiRv2UpsJ26lx7u41JNkI=
Subject key identifier: 94:5F:8D:41:88:C7:C0:FE:CB:5D:01:57:D0:E2:42:01:10:74:26:DB
Certificate issuer: /CN=d8d3ca2c231afdf3b0355c77a7cbb226f81b74de
Certificate serial: 019D0DCFB6D1C234F658DA050E396ED792A2
Authority key identifier: D8:D3:CA:2C:23:1A:FD:F3:B0:35:5C:77:A7:CB:B2:26:F8:1B:74:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2NPKLCMa_fOwNVx3p8uyJvgbdN4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/3c076b-aea1-4a33-a9e9-99128bf6a841/1/lF-NQYjHwP7LXQFX0OJCARB0Jts.roa
Signing time: Sat 21 Mar 2026 00:33:29 +0000
ROA not before: Sat 21 Mar 2026 00:33:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213876
IP address blocks: 85.149.221.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c9/3c076b-aea1-4a33-a9e9-99128bf6a841/1/2NPKLCMa_fOwNVx3p8uyJvgbdN4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c9/3c076b-aea1-4a33-a9e9-99128bf6a841/1/2NPKLCMa_fOwNVx3p8uyJvgbdN4.mft
rsync://rpki.ripe.net/repository/DEFAULT/2NPKLCMa_fOwNVx3p8uyJvgbdN4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 21:01:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:0d:cf:b6:d1:c2:34:f6:58:da:05:0e:39:6e:d7:92:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8d3ca2c231afdf3b0355c77a7cbb226f81b74de
Validity
Not Before: Mar 21 00:33:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=945f8d4188c7c0fecb5d0157d0e24201107426db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:62:e7:cd:72:76:1b:3c:15:56:e4:0c:af:c8:
dd:ab:31:41:a7:84:79:ac:ac:1c:43:be:79:e5:55:
ae:cc:db:7f:dd:a1:b4:8e:d5:b6:73:ed:f2:c0:e8:
1f:4c:64:f2:50:71:8e:a0:f5:bc:0c:04:2f:14:10:
b2:20:72:87:82:ff:73:7d:78:f7:61:bd:28:65:0b:
b7:89:00:c9:f9:72:91:c5:44:73:87:f8:93:58:da:
cf:61:c6:74:7b:f5:15:b8:e9:bb:28:65:b1:5d:ae:
58:74:df:03:bf:90:ef:53:95:72:8d:a9:34:1a:93:
9f:43:0a:2f:25:8c:2f:66:eb:95:8c:3c:34:79:f3:
52:56:6b:9e:96:5e:13:47:dc:5a:da:d6:0a:17:74:
ad:1e:71:8f:4a:35:85:de:47:2e:53:72:e1:df:5e:
db:fb:31:5b:d5:07:70:c5:0d:91:eb:e2:25:f2:76:
91:f5:7c:c5:c8:5e:b3:1d:c6:14:e1:ba:d0:9f:f0:
5d:e8:b8:fc:7f:94:e5:94:46:c4:f3:e9:92:51:4e:
53:c8:11:50:0f:4b:8d:50:8c:b4:df:13:2a:50:6f:
49:8f:9e:b7:06:18:f2:be:6a:54:bb:73:e4:53:c0:
1e:98:6c:b4:0c:ad:0a:06:9a:bf:a1:2c:cc:4e:46:
ee:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:5F:8D:41:88:C7:C0:FE:CB:5D:01:57:D0:E2:42:01:10:74:26:DB
X509v3 Authority Key Identifier:
keyid:D8:D3:CA:2C:23:1A:FD:F3:B0:35:5C:77:A7:CB:B2:26:F8:1B:74:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2NPKLCMa_fOwNVx3p8uyJvgbdN4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/3c076b-aea1-4a33-a9e9-99128bf6a841/1/lF-NQYjHwP7LXQFX0OJCARB0Jts.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/3c076b-aea1-4a33-a9e9-99128bf6a841/1/2NPKLCMa_fOwNVx3p8uyJvgbdN4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.149.221.0/24
Signature Algorithm: sha256WithRSAEncryption
62:78:ee:85:aa:bc:0f:cc:57:61:1d:c1:c0:8a:2f:ac:f6:e6:
69:3e:4f:b3:80:00:98:a9:2c:8e:dd:8d:b8:0d:fe:8e:3f:96:
58:01:f1:7b:51:8a:21:f4:a8:3d:06:7f:90:ae:20:1b:87:4c:
bf:6d:ef:df:f6:85:dc:37:94:7c:39:57:06:67:27:ab:6a:90:
c0:97:7f:b4:72:6c:64:38:62:55:da:78:92:8a:36:fe:a6:eb:
31:eb:a4:ce:cc:bc:c4:a8:1f:6d:21:79:46:6a:44:6b:56:35:
ac:c7:ef:14:78:c5:bf:48:6d:ee:ce:db:81:66:f3:42:7c:39:
82:87:d6:cb:75:c0:d3:70:ae:cb:ac:2d:94:b5:8a:50:0c:85:
4d:be:79:81:16:93:e3:d7:15:ae:35:fa:15:31:d4:fb:4f:93:
cf:ec:b5:bc:61:c9:5e:48:04:14:54:e7:21:eb:37:db:0b:ec:
8c:dc:95:f9:61:fd:0b:02:a5:dc:60:93:d4:6c:d0:d5:1e:23:
4c:98:c9:fc:de:66:33:4d:f7:d4:a1:79:4c:d6:a5:e1:02:6d:
b9:98:4d:8e:a4:11:e5:68:26:dc:82:30:bd:4a:1b:ad:bb:ab:
eb:4c:c4:30:9f:80:95:b2:68:e8:64:25:3a:3e:b4:52:e6:0a:
3a:ef:64:94
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ0Nz7bRwjT2WNoFDjlu15KiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4ZDNjYTJjMjMxYWZkZjNiMDM1NWM3N2E3Y2JiMjI2Zjgx
Yjc0ZGUwHhcNMjYwMzIxMDAzMzI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDVmOGQ0MTg4YzdjMGZlY2I1ZDAxNTdkMGUyNDIwMTEwNzQyNmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqWLnzXJ2GzwVVuQMr8jdqzFBp4R5
rKwcQ7555VWuzNt/3aG0jtW2c+3ywOgfTGTyUHGOoPW8DAQvFBCyIHKHgv9zfXj3
Yb0oZQu3iQDJ+XKRxURzh/iTWNrPYcZ0e/UVuOm7KGWxXa5YdN8Dv5DvU5Vyjak0
GpOfQwovJYwvZuuVjDw0efNSVmuell4TR9xa2tYKF3StHnGPSjWF3kcuU3Lh317b
+zFb1QdwxQ2R6+Il8naR9XzFyF6zHcYU4brQn/Bd6Lj8f5TllEbE8+mSUU5TyBFQ
D0uNUIy03xMqUG9Jj563BhjyvmpUu3PkU8AemGy0DK0KBpq/oSzMTkbuswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJRfjUGIx8D+y10BV9DiQgEQdCbbMB8GA1UdIwQY
MBaAFNjTyiwjGv3zsDVcd6fLsib4G3TeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk5QS0xDTWFfZk93TlZ4M3A4dXlKdmdiZE40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS8zYzA3NmItYWVhMS00YTMzLWE5ZTkt
OTkxMjhiZjZhODQxLzEvbEYtTlFZakh3UDdMWFFGWDBPSkNBUkIwSnRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS8zYzA3NmItYWVhMS00YTMzLWE5ZTktOTkxMjhiZjZhODQx
LzEvMk5QS0xDTWFfZk93TlZ4M3A4dXlKdmdiZE40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVZXdMA0G
CSqGSIb3DQEBCwUAA4IBAQBieO6FqrwPzFdhHcHAii+s9uZpPk+zgACYqSyO3Y24
Df6OP5ZYAfF7UYoh9Kg9Bn+QriAbh0y/be/f9oXcN5R8OVcGZyerapDAl3+0cmxk
OGJV2niSijb+pusx66TOzLzEqB9tIXlGakRrVjWsx+8UeMW/SG3uztuBZvNCfDmC
h9bLdcDTcK7LrC2UtYpQDIVNvnmBFpPj1xWuNfoVMdT7T5PP7LW8YcleSAQUVOch
6zfbC+yM3JX5Yf0LAqXcYJPUbNDVHiNMmMn83mYzTffUoXlM1qXhAm25mE2OpBHl
aCbcgjC9Shutu6vrTMQwn4CVsmjoZCU6PrRS5go672SU
-----END CERTIFICATE-----
Generated at Thu Mar 26 07:47:33 2026 by rpki-client