Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/LFGIolIkn54OlyD8QgLLNJI12kE.roa
File: LFGIolIkn54OlyD8QgLLNJI12kE.roa (raw, json)
Hash identifier: IZM9w56/I9Xlt0BaVTwrfHxm+wffmd7mF/mxwWw81ac=
Subject key identifier: 2C:51:88:A2:52:24:9F:9E:0E:97:20:FC:42:02:CB:34:92:35:DA:41
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019EB5DFF0A30D710D809C32E85350ED248F
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/LFGIolIkn54OlyD8QgLLNJI12kE.roa
Signing time: Thu 11 Jun 2026 08:50:12 +0000
ROA not before: Thu 11 Jun 2026 08:50:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 44828
IP address blocks: 45.139.123.0/24 maxlen: 24
87.120.33.0/24 maxlen: 24
87.120.191.0/24 maxlen: 24
87.121.133.0/24 maxlen: 24
87.121.220.0/24 maxlen: 24
94.154.161.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 08:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:b5:df:f0:a3:0d:71:0d:80:9c:32:e8:53:50:ed:24:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jun 11 08:50:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2c5188a252249f9e0e9720fc4202cb349235da41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:60:d0:31:18:09:8e:fb:a8:25:85:14:d0:3f:
03:32:76:a3:e6:a8:11:69:5c:5e:fe:f6:a9:70:1c:
da:de:89:c2:3c:5c:13:f7:45:ef:df:3a:a9:12:69:
1a:63:d6:14:4e:40:61:2e:7f:d6:80:ac:b1:60:a4:
a7:08:b7:34:36:f8:fa:11:e7:44:c6:0c:35:45:96:
d9:91:82:44:a3:c3:6c:8e:71:75:9d:dc:00:1e:41:
02:28:69:c5:2d:e6:b7:2d:ef:7f:ee:53:03:44:62:
43:01:9a:24:13:ff:49:e5:24:ca:69:43:15:b4:1a:
45:a4:ce:9a:8b:eb:9c:49:84:30:5d:ca:d3:31:1b:
71:f1:0e:6a:1d:73:cf:73:d1:40:2c:f8:18:77:54:
4d:57:76:5e:1f:0a:db:12:05:f6:bf:e6:57:8c:35:
c2:01:47:b9:ee:63:db:e5:1c:02:0b:33:fe:e4:fb:
6a:d4:5e:51:2c:4a:f1:bc:a2:bd:cd:40:8c:23:5a:
d2:75:5c:85:aa:dd:5b:30:c4:5b:2a:cc:0d:65:34:
3d:a0:96:43:ca:14:a9:da:f6:a5:1a:45:48:02:76:
8d:97:af:81:17:cc:d7:41:25:ad:ed:ec:13:5e:98:
f9:d4:bd:4b:82:c2:99:e5:2e:ff:8e:99:4d:be:cf:
86:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:51:88:A2:52:24:9F:9E:0E:97:20:FC:42:02:CB:34:92:35:DA:41
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/LFGIolIkn54OlyD8QgLLNJI12kE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.123.0/24
87.120.33.0/24
87.120.191.0/24
87.121.133.0/24
87.121.220.0/24
94.154.161.0/24
Signature Algorithm: sha256WithRSAEncryption
85:8a:3a:69:16:20:34:c5:6b:60:1c:78:d2:6c:3f:e4:d6:fc:
0f:06:3d:47:cd:34:cd:bf:ba:f4:ea:2e:fa:1f:45:d5:6b:47:
b9:d7:06:16:84:91:88:b6:47:7a:90:35:70:fe:69:4e:68:29:
fc:a1:51:06:be:68:86:ba:2b:d8:f0:8f:3f:82:a5:64:6f:c4:
c5:e7:4e:79:3f:8a:ff:9f:88:c1:b2:18:a0:32:33:25:59:d0:
c7:87:6a:1d:3e:b4:aa:59:dd:09:47:6c:9b:bd:1a:e2:e9:ac:
80:bf:36:05:0f:58:07:89:58:ee:d9:26:75:ca:27:b8:75:c9:
f2:3a:f4:cb:c2:e8:e8:1f:60:8a:84:7f:ce:1b:a7:13:af:15:
57:fc:dc:09:8f:c7:0f:a8:ea:e4:08:64:98:08:28:25:cf:c2:
0c:99:d1:59:90:a7:bb:52:8b:3d:91:24:4b:47:38:9d:46:ca:
bd:ca:06:58:0d:f1:c3:87:b1:5d:e2:c6:97:55:59:1d:90:96:
0d:ff:7a:90:cb:48:29:b9:38:d2:af:3a:f8:df:a1:6e:bf:9e:
dd:0c:91:db:6c:07:85:f1:56:c9:24:0a:26:d1:89:1f:63:12:
7d:03:86:f5:7c:49:44:d6:32:fe:4b:1f:39:41:e3:32:c1:e1:
e5:68:bc:d0
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZ613/CjDXENgJwy6FNQ7SSPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjYwNjExMDg1MDEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzUxODhhMjUyMjQ5ZjllMGU5NzIwZmM0MjAyY2IzNDkyMzVkYTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAymDQMRgJjvuoJYUU0D8DMnaj5qgR
aVxe/vapcBza3onCPFwT90Xv3zqpEmkaY9YUTkBhLn/WgKyxYKSnCLc0Nvj6EedE
xgw1RZbZkYJEo8NsjnF1ndwAHkECKGnFLea3Le9/7lMDRGJDAZokE/9J5STKaUMV
tBpFpM6ai+ucSYQwXcrTMRtx8Q5qHXPPc9FALPgYd1RNV3ZeHwrbEgX2v+ZXjDXC
AUe57mPb5RwCCzP+5Ptq1F5RLErxvKK9zUCMI1rSdVyFqt1bMMRbKswNZTQ9oJZD
yhSp2valGkVIAnaNl6+BF8zXQSWt7ewTXpj51L1LgsKZ5S7/jplNvs+G2QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFCxRiKJSJJ+eDpcg/EICyzSSNdpBMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvTEZHSW9sSWtuNTRPbHlEOFFnTExOSkkxMmtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALYt7AwQA
V3ghAwQAV3i/AwQAV3mFAwQAV3ncAwQAXpqhMA0GCSqGSIb3DQEBCwUAA4IBAQCF
ijppFiA0xWtgHHjSbD/k1vwPBj1HzTTNv7r06i76H0XVa0e51wYWhJGItkd6kDVw
/mlOaCn8oVEGvmiGuivY8I8/gqVkb8TF5055P4r/n4jBshigMjMlWdDHh2odPrSq
Wd0JR2ybvRri6ayAvzYFD1gHiVju2SZ1yie4dcnyOvTLwujoH2CKhH/OG6cTrxVX
/NwJj8cPqOrkCGSYCCglz8IMmdFZkKe7Uos9kSRLRzidRsq9ygZYDfHDh7Fd4saX
VVkdkJYN/3qQy0gpuTjSrzr436Fuv57dDJHbbAeF8VbJJAom0YkfYxJ9A4b1fElE
1jL+Sx85QeMyweHlaLzQ
-----END CERTIFICATE-----
Generated at Thu Jun 11 14:00:11 2026 by rpki-client