Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/LRG3ZXbtK0t8Tat3A6fXhSUWf6s.roa
File: LRG3ZXbtK0t8Tat3A6fXhSUWf6s.roa (raw, json)
Hash identifier: y2XBNjnUzUdfvF3g6gyFnX+v1u41LBRe92THimfEZGQ=
Subject key identifier: 2D:11:B7:65:76:ED:2B:4B:7C:4D:AB:77:03:A7:D7:85:25:16:7F:AB
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 019E821BE79EF39E3ED3E18778D5D3E289F4
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/LRG3ZXbtK0t8Tat3A6fXhSUWf6s.roa
Signing time: Mon 01 Jun 2026 07:35:27 +0000
ROA not before: Mon 01 Jun 2026 07:35:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 62387
IP address blocks: 79.132.92.0/22 maxlen: 22
85.234.161.0/24 maxlen: 24
85.234.162.0/24 maxlen: 24
89.191.108.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.mft
rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 05 Jun 2026 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:82:1b:e7:9e:f3:9e:3e:d3:e1:87:78:d5:d3:e2:89:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jun 1 07:35:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2d11b76576ed2b4b7c4dab7703a7d78525167fab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:78:f9:fe:9c:4f:75:c9:20:8c:16:e9:71:79:
7c:b6:f0:b1:12:3c:7e:fc:1b:af:cb:0d:1f:36:66:
16:32:67:d6:ce:f8:d2:32:e0:ab:07:13:65:a3:f2:
bb:98:68:55:ae:48:88:b7:d3:38:fb:f3:c6:71:6c:
cd:1f:d6:bb:c6:c4:fc:db:f7:13:ae:ce:d2:8d:9e:
d9:88:c0:5c:af:0d:68:8b:db:4f:a0:4b:7b:7f:37:
cf:6c:f7:9f:c7:ab:b5:1d:31:35:27:93:20:39:d2:
37:a4:c9:d0:5c:79:a8:63:c5:94:2a:80:3f:79:75:
b4:e2:0b:01:13:4e:77:c4:5e:b9:ae:28:33:42:12:
3d:6f:a9:7d:7f:b9:eb:de:e3:cc:a0:e9:b6:ff:49:
e1:da:df:30:98:89:87:5f:8a:00:a7:3f:e7:7d:23:
ce:e4:93:50:a5:97:61:97:c3:a8:8f:0e:34:0d:58:
47:97:93:0f:a9:d2:b8:13:3b:0d:ae:16:e2:4f:0f:
c3:27:5a:be:e8:da:15:0d:80:86:e5:66:1f:7d:3b:
dd:7f:04:a8:1f:40:d6:2b:ee:30:fb:20:39:49:a5:
e4:00:a6:bd:8a:6e:82:6e:32:ad:ca:28:db:e3:53:
85:8e:34:2a:26:c7:2a:39:6a:28:04:79:98:1b:97:
bb:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:11:B7:65:76:ED:2B:4B:7C:4D:AB:77:03:A7:D7:85:25:16:7F:AB
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/LRG3ZXbtK0t8Tat3A6fXhSUWf6s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.132.92.0/22
85.234.161.0-85.234.162.255
89.191.108.0/22
Signature Algorithm: sha256WithRSAEncryption
48:2b:ac:63:07:77:b0:84:98:46:52:14:2f:52:a9:ce:a8:1e:
30:bd:b8:1d:04:50:b5:8f:2e:c6:be:1d:a2:24:ce:6f:d0:8c:
d2:ae:54:e6:4f:45:f4:df:24:41:5d:07:9f:3b:61:40:28:27:
23:c7:a8:65:35:35:fb:32:2d:5d:f3:01:de:bb:8c:a3:e3:44:
a8:c0:d6:02:b7:40:61:e5:e0:48:ca:4e:3a:03:d9:66:c1:b8:
d7:ec:20:5c:5f:57:5f:77:7a:b5:72:2a:ed:ef:8b:65:cd:6c:
a5:4e:17:7d:99:85:5c:f8:a7:c1:74:aa:52:37:84:b9:97:60:
ab:a5:51:7d:9b:18:82:84:f1:f6:02:b7:84:fa:56:00:d3:46:
71:58:c4:ad:c2:4a:01:cd:a7:d8:71:35:35:f1:92:d8:39:55:
f3:a4:14:fb:8f:9a:ed:ea:a4:a2:8f:b8:08:2e:17:a0:4e:07:
21:82:db:30:ea:9f:5c:88:81:bd:f5:40:96:98:5f:2c:a9:92:
98:b1:1c:ea:8f:97:85:37:5e:b1:e0:fd:df:a7:bc:97:d2:68:
4f:90:c1:d3:25:cb:0c:53:79:57:8e:5a:e0:ae:6a:af:36:2c:
db:d2:6c:2c:17:03:52:94:65:98:ae:3b:14:96:43:68:fd:f8:
8a:71:b6:b8
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZ6CG+ee854+0+GHeNXT4on0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjYwNjAxMDczNTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDExYjc2NTc2ZWQyYjRiN2M0ZGFiNzcwM2E3ZDc4NTI1MTY3ZmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3j5/pxPdckgjBbpcXl8tvCxEjx+
/Buvyw0fNmYWMmfWzvjSMuCrBxNlo/K7mGhVrkiIt9M4+/PGcWzNH9a7xsT82/cT
rs7SjZ7ZiMBcrw1oi9tPoEt7fzfPbPefx6u1HTE1J5MgOdI3pMnQXHmoY8WUKoA/
eXW04gsBE053xF65rigzQhI9b6l9f7nr3uPMoOm2/0nh2t8wmImHX4oApz/nfSPO
5JNQpZdhl8Oojw40DVhHl5MPqdK4EzsNrhbiTw/DJ1q+6NoVDYCG5WYffTvdfwSo
H0DWK+4w+yA5SaXkAKa9im6CbjKtyijb41OFjjQqJscqOWooBHmYG5e7zQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFC0Rt2V27StLfE2rdwOn14UlFn+rMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvTFJHM1pYYnRLMHQ4VGF0M0E2ZlhoU1VXZjZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCT4RcMAwD
BABV6qEDBABV6qIDBAJZv2wwDQYJKoZIhvcNAQELBQADggEBAEgrrGMHd7CEmEZS
FC9Sqc6oHjC9uB0EULWPLsa+HaIkzm/QjNKuVOZPRfTfJEFdB587YUAoJyPHqGU1
NfsyLV3zAd67jKPjRKjA1gK3QGHl4EjKTjoD2WbBuNfsIFxfV193erVyKu3vi2XN
bKVOF32ZhVz4p8F0qlI3hLmXYKulUX2bGIKE8fYCt4T6VgDTRnFYxK3CSgHNp9hx
NTXxktg5VfOkFPuPmu3qpKKPuAguF6BOByGC2zDqn1yIgb31QJaYXyypkpixHOqP
l4U3XrHg/d+nvJfSaE+QwdMlywxTeVeOWuCuaq82LNvSbCwXA1KUZZiuOxSWQ2j9
+Ipxtrg=
-----END CERTIFICATE-----
Generated at Thu Jun 4 09:01:14 2026 by rpki-client