Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/LnayKnyFr3hNZd2cbR7zcCGUTtI.roa
File: LnayKnyFr3hNZd2cbR7zcCGUTtI.roa (raw, json)
Hash identifier: naIMKUuVHpFPhGKCaOIeCNLnr0cWH49MVJinJbT7/ik=
Subject key identifier: 2E:76:B2:2A:7C:85:AF:78:4D:65:DD:9C:6D:1E:F3:70:21:94:4E:D2
Certificate issuer: /CN=7e20b034e2c497b1884488def106972704765029
Certificate serial: 019E682AD2852F08D7688B79C2669CE53AF4
Authority key identifier: 7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/LnayKnyFr3hNZd2cbR7zcCGUTtI.roa
Signing time: Wed 27 May 2026 06:41:37 +0000
ROA not before: Wed 27 May 2026 06:41:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 198427
IP address blocks: 82.108.162.0/24 maxlen: 24
82.108.173.0/24 maxlen: 24
82.108.202.0/24 maxlen: 24
82.108.220.0/24 maxlen: 24
82.109.11.0/24 maxlen: 24
82.109.60.0/24 maxlen: 24
82.109.69.0/24 maxlen: 24
82.109.98.0/24 maxlen: 24
82.109.102.0/24 maxlen: 24
82.109.151.0/24 maxlen: 24
82.109.166.0/24 maxlen: 24
82.109.172.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.mft
rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jun 2026 13:49:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:68:2a:d2:85:2f:08:d7:68:8b:79:c2:66:9c:e5:3a:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e20b034e2c497b1884488def106972704765029
Validity
Not Before: May 27 06:41:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2e76b22a7c85af784d65dd9c6d1ef37021944ed2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:31:43:52:5b:ac:5a:af:fa:ab:00:57:75:02:
2c:4f:e7:b8:a7:5b:00:86:21:d0:74:ac:fc:57:3c:
8f:6e:de:d8:ba:96:71:39:07:ca:5c:36:5e:22:e1:
c7:eb:6d:d4:9d:d7:d2:12:79:c2:ae:8b:90:d0:f8:
6e:e9:61:cb:4d:7a:1a:55:a7:30:d1:66:d0:af:82:
b7:00:47:a0:98:7e:10:33:f2:11:b8:9a:90:7f:21:
c0:e1:bb:68:34:bd:15:a7:c8:ae:e1:49:11:31:fd:
d6:17:91:94:91:c0:b5:aa:07:77:e3:40:60:f3:a1:
fd:60:ff:5f:20:59:b6:d1:6f:f0:2c:9c:4a:4d:8d:
72:7f:98:97:4c:dd:37:00:70:b7:96:03:2f:39:76:
95:38:e9:7d:b7:aa:d7:39:9d:53:98:c2:6c:06:ff:
8e:78:a8:66:ee:76:13:8c:ea:c5:1d:27:c1:87:12:
6d:e1:d8:ad:ce:06:cb:95:85:e7:91:f1:74:35:4d:
3a:b4:6f:fd:f6:a1:2d:a6:9e:cf:83:ca:65:3d:6a:
25:8b:cf:9d:b8:2e:7d:61:8e:7d:16:d1:01:f0:72:
27:00:20:32:12:c9:64:73:23:b7:8c:ad:27:cb:95:
45:5a:5d:94:36:61:55:7c:1a:c8:61:84:1b:2d:7d:
d7:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:76:B2:2A:7C:85:AF:78:4D:65:DD:9C:6D:1E:F3:70:21:94:4E:D2
X509v3 Authority Key Identifier:
keyid:7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/LnayKnyFr3hNZd2cbR7zcCGUTtI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.108.162.0/24
82.108.173.0/24
82.108.202.0/24
82.108.220.0/24
82.109.11.0/24
82.109.60.0/24
82.109.69.0/24
82.109.98.0/24
82.109.102.0/24
82.109.151.0/24
82.109.166.0/24
82.109.172.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:8d:ac:45:13:3e:5b:1f:77:4d:48:57:c0:a2:55:a4:ee:6e:
d5:5b:19:b3:1b:6c:8b:6e:a2:33:06:ae:4c:c6:8a:b5:ea:9d:
fa:35:d2:d2:e2:d3:b8:ec:62:ea:35:91:0d:a5:57:f6:23:f7:
49:f0:bd:75:02:06:c3:97:dd:60:9b:0c:0a:b3:e7:0a:27:54:
62:43:5f:a1:ed:92:82:8d:ca:02:68:1b:45:a5:e7:eb:fc:e7:
e3:c4:1d:48:9c:6f:cf:4d:98:4d:b3:3e:5c:79:1a:ac:83:73:
5a:8a:db:fa:04:7b:f4:f2:5a:28:54:d7:2c:3d:3f:ad:c5:4c:
a0:f7:56:d8:f3:73:fb:9f:91:25:95:fc:b0:e0:df:25:27:36:
26:3b:9a:4e:d8:07:60:b1:b4:e7:44:37:22:df:d9:51:26:b5:
0d:1c:67:21:49:53:32:55:07:93:0d:c3:21:88:4c:b9:fc:a4:
5a:0b:f7:5f:09:c5:45:44:bc:2d:be:89:7f:a6:dc:02:15:13:
d6:5b:36:ff:15:3a:51:96:51:b5:3c:6c:eb:9b:b5:0b:f5:3c:
5b:e7:02:f4:5c:9b:93:a0:ae:73:4b:fa:59:98:ce:4e:6f:4e:
18:f4:09:18:07:a9:e7:9f:d8:71:bb:40:71:fd:e0:d7:83:bb:
0c:30:7f:1b
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZ5oKtKFLwjXaIt5wmac5Tr0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMjBiMDM0ZTJjNDk3YjE4ODQ0ODhkZWYxMDY5NzI3MDQ3
NjUwMjkwHhcNMjYwNTI3MDY0MTM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTc2YjIyYTdjODVhZjc4NGQ2NWRkOWM2ZDFlZjM3MDIxOTQ0ZWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnzFDUlusWq/6qwBXdQIsT+e4p1sA
hiHQdKz8VzyPbt7YupZxOQfKXDZeIuHH623UndfSEnnCrouQ0Phu6WHLTXoaVacw
0WbQr4K3AEegmH4QM/IRuJqQfyHA4btoNL0Vp8iu4UkRMf3WF5GUkcC1qgd340Bg
86H9YP9fIFm20W/wLJxKTY1yf5iXTN03AHC3lgMvOXaVOOl9t6rXOZ1TmMJsBv+O
eKhm7nYTjOrFHSfBhxJt4ditzgbLlYXnkfF0NU06tG/99qEtpp7Pg8plPWoli8+d
uC59YY59FtEB8HInACAyEslkcyO3jK0ny5VFWl2UNmFVfBrIYYQbLX3XrQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFC52sip8ha94TWXdnG0e83AhlE7SMB8GA1UdIwQY
MBaAFH4gsDTixJexiESI3vEGlycEdlApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2Qt
MDM1ZDk3N2Y0MjE2LzEvTG5heUtueUZyM2hOWmQyY2JSN3pjQ0dVVHRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2QtMDM1ZDk3N2Y0MjE2
LzEvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQAUmyiAwQA
UmytAwQAUmzKAwQAUmzcAwQAUm0LAwQAUm08AwQAUm1FAwQAUm1iAwQAUm1mAwQA
Um2XAwQAUm2mAwQAUm2sMA0GCSqGSIb3DQEBCwUAA4IBAQCqjaxFEz5bH3dNSFfA
olWk7m7VWxmzG2yLbqIzBq5Mxoq16p36NdLS4tO47GLqNZENpVf2I/dJ8L11AgbD
l91gmwwKs+cKJ1RiQ1+h7ZKCjcoCaBtFpefr/OfjxB1InG/PTZhNsz5ceRqsg3Na
itv6BHv08looVNcsPT+txUyg91bY83P7n5Ellfyw4N8lJzYmO5pO2AdgsbTnRDci
39lRJrUNHGchSVMyVQeTDcMhiEy5/KRaC/dfCcVFRLwtvol/ptwCFRPWWzb/FTpR
llG1PGzrm7UL9Txb5wL0XJuToK5zS/pZmM5Ob04Y9AkYB6nnn9hxu0Bx/eDXg7sM
MH8b
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:24:49 2026 by rpki-client