Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/LgY25QbgZqhNvhqdpq4jCmc_b18.roa
File: LgY25QbgZqhNvhqdpq4jCmc_b18.roa (raw, json)
Hash identifier: 6a+VIppYRWxmbviK7LZBjjPP+2OlNWWoNbpMAlqB7IE=
Subject key identifier: 2E:06:36:E5:06:E0:66:A8:4D:BE:1A:9D:A6:AE:23:0A:67:3F:6F:5F
Certificate issuer: /CN=b45999899f76d2e2e4ccdfc817f9879cfac06bbe
Certificate serial: 019E16D1A1933D4381BC3334047FA22F4275
Authority key identifier: B4:59:99:89:9F:76:D2:E2:E4:CC:DF:C8:17:F9:87:9C:FA:C0:6B:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tFmZiZ920uLkzN_IF_mHnPrAa74.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/LgY25QbgZqhNvhqdpq4jCmc_b18.roa
Signing time: Mon 11 May 2026 11:34:57 +0000
ROA not before: Mon 11 May 2026 11:34:57 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 29119
IP address blocks: 45.6.44.0/22 maxlen: 22
45.120.220.0/22 maxlen: 22
62.106.67.0/24 maxlen: 24
80.174.128.0/17 maxlen: 17
80.174.200.0/21 maxlen: 21
80.174.246.0/24 maxlen: 24
83.143.168.0/21 maxlen: 21
83.143.171.0/24 maxlen: 24
128.0.40.0/24 maxlen: 24
202.58.108.0/22 maxlen: 22
212.86.98.0/24 maxlen: 24
212.118.61.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/tFmZiZ920uLkzN_IF_mHnPrAa74.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/tFmZiZ920uLkzN_IF_mHnPrAa74.mft
rsync://rpki.ripe.net/repository/DEFAULT/tFmZiZ920uLkzN_IF_mHnPrAa74.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:16:d1:a1:93:3d:43:81:bc:33:34:04:7f:a2:2f:42:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b45999899f76d2e2e4ccdfc817f9879cfac06bbe
Validity
Not Before: May 11 11:34:57 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2e0636e506e066a84dbe1a9da6ae230a673f6f5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:82:3f:ba:cf:d8:64:f0:70:80:6c:66:59:ff:
22:9b:37:e3:e8:29:ea:8a:ba:63:3e:64:0e:ee:74:
68:38:a7:62:ea:0a:c4:65:d8:55:34:e7:55:6e:64:
9a:d8:2e:a3:ee:6f:4c:04:c0:11:ce:ee:cb:57:bf:
fa:f3:02:ff:56:2b:06:0d:e7:a2:5f:36:7c:38:5d:
d4:ab:80:02:9d:32:03:7c:60:16:49:27:07:a0:0f:
0e:4c:d6:c7:eb:1a:61:a9:e5:29:61:cc:6b:f8:a9:
01:1d:0a:dc:d6:c2:fc:cb:b8:78:26:ed:c5:3e:f9:
6c:5c:e0:88:6a:a6:88:e5:39:d8:d3:6d:f7:c0:cb:
62:34:e0:84:7b:3f:1c:27:1b:db:b7:ae:9e:7a:2a:
ea:ef:a3:0e:63:c4:31:db:b8:84:24:b5:36:6e:31:
79:58:e7:9c:6d:33:4d:8f:c8:af:68:98:ba:67:7c:
03:93:63:3a:e0:c9:62:b1:40:e3:ec:ea:2f:56:64:
e7:64:e0:86:66:70:82:9a:a3:07:ce:c9:5b:7f:d1:
ce:3d:0f:f3:75:7d:44:9f:6c:7a:f9:31:f7:a4:c5:
75:ee:1c:cf:e3:86:0b:00:00:a7:bd:ca:3d:3f:d1:
61:d4:7a:3d:a0:51:f0:f1:ec:be:d5:7e:33:f9:83:
1f:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:06:36:E5:06:E0:66:A8:4D:BE:1A:9D:A6:AE:23:0A:67:3F:6F:5F
X509v3 Authority Key Identifier:
keyid:B4:59:99:89:9F:76:D2:E2:E4:CC:DF:C8:17:F9:87:9C:FA:C0:6B:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tFmZiZ920uLkzN_IF_mHnPrAa74.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/LgY25QbgZqhNvhqdpq4jCmc_b18.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/tFmZiZ920uLkzN_IF_mHnPrAa74.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.6.44.0/22
45.120.220.0/22
62.106.67.0/24
80.174.128.0/17
83.143.168.0/21
128.0.40.0/24
202.58.108.0/22
212.86.98.0/24
212.118.61.0/24
Signature Algorithm: sha256WithRSAEncryption
33:9e:94:a8:0b:c2:e0:cf:f6:b5:b2:5e:59:4c:1f:af:76:34:
a4:22:dc:78:20:a5:80:35:46:30:b8:9c:2f:d9:ce:c4:23:ee:
94:0e:62:eb:83:b7:c6:ee:a5:13:0c:1b:5d:68:f4:dd:42:11:
0a:13:3a:bc:02:c8:a2:ff:e9:9b:67:a2:16:90:47:cc:f2:4d:
d5:28:21:87:1b:68:4f:23:c6:16:c1:78:3b:ea:69:06:3a:ad:
b0:ed:81:86:bd:90:0c:01:12:58:d6:32:3a:8b:37:8d:d5:38:
e4:d9:9d:35:74:4c:93:d5:88:83:a9:8e:4a:fd:54:88:83:fa:
62:22:e3:14:fa:49:40:53:86:a4:a1:b5:7b:b2:5b:3d:3a:6f:
63:97:e5:4d:88:46:59:8a:42:6b:62:94:d4:19:8c:e1:9e:3f:
b9:64:d2:0c:a3:a9:8a:c0:33:db:06:93:17:43:00:02:fd:02:
52:66:46:65:19:4a:28:f4:81:b7:d8:f3:9a:72:6d:9a:1e:b5:
69:b6:ef:46:a9:32:55:5d:ca:c7:d7:66:9c:ac:3b:39:46:bf:
4d:d3:e2:3a:99:d3:b6:7a:95:0a:56:1f:87:ff:02:f8:9f:49:
fa:fd:09:c9:10:1b:3f:ce:15:b0:4d:92:13:50:3d:4a:eb:97:
0f:c2:dd:81
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZ4W0aGTPUOBvDM0BH+iL0J1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0NTk5OTg5OWY3NmQyZTJlNGNjZGZjODE3Zjk4NzljZmFj
MDZiYmUwHhcNMjYwNTExMTEzNDU3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTA2MzZlNTA2ZTA2NmE4NGRiZTFhOWRhNmFlMjMwYTY3M2Y2ZjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqII/us/YZPBwgGxmWf8imzfj6Cnq
irpjPmQO7nRoOKdi6grEZdhVNOdVbmSa2C6j7m9MBMARzu7LV7/68wL/VisGDeei
XzZ8OF3Uq4ACnTIDfGAWSScHoA8OTNbH6xphqeUpYcxr+KkBHQrc1sL8y7h4Ju3F
PvlsXOCIaqaI5TnY0233wMtiNOCEez8cJxvbt66eeirq76MOY8Qx27iEJLU2bjF5
WOecbTNNj8ivaJi6Z3wDk2M64MlisUDj7OovVmTnZOCGZnCCmqMHzslbf9HOPQ/z
dX1En2x6+TH3pMV17hzP44YLAACnvco9P9Fh1Ho9oFHw8ey+1X4z+YMfXQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFC4GNuUG4GaoTb4anaauIwpnP29fMB8GA1UdIwQY
MBaAFLRZmYmfdtLi5MzfyBf5h5z6wGu+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEZtWmlaOTIwdUxrek5fSUZfbUhuUHJBYTc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9jYjdiMjEtMzM1Yy00MmNhLTg1OWUt
NzM0MjhmOWM3YmZmLzEvTGdZMjVRYmdacWhOdmhxZHBxNGpDbWNfYjE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC9jYjdiMjEtMzM1Yy00MmNhLTg1OWUtNzM0MjhmOWM3YmZm
LzEvdEZtWmlaOTIwdUxrek5fSUZfbUhuUHJBYTc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQCLQYsAwQC
LXjcAwQAPmpDAwQHUK6AAwQDU4+oAwQAgAAoAwQCyjpsAwQA1FZiAwQA1HY9MA0G
CSqGSIb3DQEBCwUAA4IBAQAznpSoC8Lgz/a1sl5ZTB+vdjSkItx4IKWANUYwuJwv
2c7EI+6UDmLrg7fG7qUTDBtdaPTdQhEKEzq8Asii/+mbZ6IWkEfM8k3VKCGHG2hP
I8YWwXg76mkGOq2w7YGGvZAMARJY1jI6izeN1Tjk2Z01dEyT1YiDqY5K/VSIg/pi
IuMU+klAU4akobV7sls9Om9jl+VNiEZZikJrYpTUGYzhnj+5ZNIMo6mKwDPbBpMX
QwAC/QJSZkZlGUoo9IG32POacm2aHrVptu9GqTJVXcrH12acrDs5Rr9N0+I6mdO2
epUKVh+H/wL4n0n6/QnJEBs/zhWwTZITUD1K65cPwt2B
-----END CERTIFICATE-----
Generated at Wed May 13 08:51:59 2026 by rpki-client