Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/lus2mDFBlnfK6cCGCsqf0E1uMCg.roa
File: lus2mDFBlnfK6cCGCsqf0E1uMCg.roa (raw, json)
Hash identifier: qFqddJxumK8jiY+F1ldGtDH76+rUxM0pFy79RRATEYg=
Subject key identifier: 96:EB:36:98:31:41:96:77:CA:E9:C0:86:0A:CA:9F:D0:4D:6E:30:28
Certificate issuer: /CN=7e20b034e2c497b1884488def106972704765029
Certificate serial: 019D01632CC9CBA89092013BC924A09BBADB
Authority key identifier: 7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/lus2mDFBlnfK6cCGCsqf0E1uMCg.roa
Signing time: Wed 18 Mar 2026 14:39:29 +0000
ROA not before: Wed 18 Mar 2026 14:39:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 2856
IP address blocks: 82.108.44.0/22 maxlen: 22
82.108.88.0/23 maxlen: 23
82.108.92.0/22 maxlen: 22
82.108.102.0/23 maxlen: 23
82.108.116.0/22 maxlen: 22
82.108.140.0/22 maxlen: 22
82.108.152.0/23 maxlen: 23
87.86.24.0/23 maxlen: 23
212.134.46.0/24 maxlen: 24
212.134.52.0/24 maxlen: 24
212.134.54.0/24 maxlen: 24
212.134.124.0/22 maxlen: 24
212.134.164.0/22 maxlen: 24
212.134.208.0/22 maxlen: 24
212.134.224.0/22 maxlen: 24
212.212.16.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.mft
rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 04:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:01:63:2c:c9:cb:a8:90:92:01:3b:c9:24:a0:9b:ba:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e20b034e2c497b1884488def106972704765029
Validity
Not Before: Mar 18 14:39:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=96eb369831419677cae9c0860aca9fd04d6e3028
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:07:87:de:c1:a7:c2:30:b1:cf:7e:2f:25:c6:
62:32:15:1e:02:ca:4c:1d:5d:98:98:57:5d:3b:16:
0d:d9:78:5f:e5:50:a3:a6:00:53:1f:3a:26:a0:83:
9c:7f:44:e9:48:ba:5e:cf:10:ab:55:ff:ed:08:30:
16:97:3d:ee:bc:ce:0b:2e:f1:16:5d:80:3a:22:d4:
67:b8:ee:12:f4:2d:e2:91:39:dc:5e:8e:ae:bc:d4:
e1:db:93:ff:25:10:09:f2:23:61:ec:ee:b7:2f:a0:
38:af:89:6e:e2:d4:3a:de:79:39:63:bf:08:30:40:
e3:2d:e7:6e:d4:b7:eb:16:8d:72:d2:f9:ec:79:0e:
a1:e2:88:eb:9a:1f:b8:46:de:d7:43:e6:35:a5:a6:
da:47:30:2b:e1:82:9f:64:0d:36:47:e0:72:f8:43:
34:8a:58:ba:1f:f2:66:62:de:b5:4a:52:39:79:1e:
7e:01:fa:3f:40:8d:39:0b:4a:3e:b0:3b:10:f4:e3:
93:a0:71:98:d5:3d:64:87:2c:45:0b:c7:72:f2:a9:
d0:40:dc:aa:18:7d:7e:ed:a7:87:da:69:2e:ce:dc:
81:1c:ba:39:ef:12:59:a9:05:0b:e2:f3:3d:5e:4c:
26:bf:5b:47:7e:f3:e8:52:6b:13:9f:60:3a:63:8b:
46:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:EB:36:98:31:41:96:77:CA:E9:C0:86:0A:CA:9F:D0:4D:6E:30:28
X509v3 Authority Key Identifier:
keyid:7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/lus2mDFBlnfK6cCGCsqf0E1uMCg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.108.44.0/22
82.108.88.0/23
82.108.92.0/22
82.108.102.0/23
82.108.116.0/22
82.108.140.0/22
82.108.152.0/23
87.86.24.0/23
212.134.46.0/24
212.134.52.0/24
212.134.54.0/24
212.134.124.0/22
212.134.164.0/22
212.134.208.0/22
212.134.224.0/22
212.212.16.0/22
Signature Algorithm: sha256WithRSAEncryption
03:32:fc:23:54:73:2f:07:fa:2b:8d:33:4b:a1:7d:51:af:ee:
ed:74:6d:f1:ae:5d:93:70:1a:6c:67:9e:65:55:f6:38:d6:d3:
22:dd:06:aa:be:87:e6:36:f7:59:3a:0d:d8:0f:e5:e5:4e:55:
74:6e:25:4c:03:92:ca:5b:d1:5b:23:dd:54:0f:c4:dd:c0:b8:
86:78:f1:23:77:6b:5f:6d:6c:27:6e:b5:56:21:99:30:b1:20:
ed:63:29:fd:9d:55:be:0f:a0:85:54:30:5e:22:5e:a9:b7:70:
1c:87:4f:9b:8f:00:15:69:02:ee:4c:c9:79:af:2a:2a:3c:1f:
54:bf:02:19:41:65:0b:34:fa:f0:d7:e3:8d:db:df:0c:6d:32:
fb:e1:80:4f:8d:ca:b8:3c:c1:8d:a2:a4:47:2c:97:97:e1:09:
92:6c:be:76:83:e8:62:d0:fe:d5:95:b0:49:62:12:73:01:2f:
b3:9c:95:c1:74:61:34:e1:19:e4:51:2b:ec:e1:df:8c:a7:d9:
d6:eb:7f:73:2a:bb:22:b0:65:49:71:4b:43:33:11:17:a9:a2:
46:a3:7b:eb:6d:81:a1:2b:32:6c:f0:4b:4b:63:5c:9f:f8:ab:
2a:17:a9:14:af:b9:05:ea:dd:48:77:bd:93:13:7f:dd:6e:b9:
58:56:f0:12
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAZ0BYyzJy6iQkgE7ySSgm7rbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMjBiMDM0ZTJjNDk3YjE4ODQ0ODhkZWYxMDY5NzI3MDQ3
NjUwMjkwHhcNMjYwMzE4MTQzOTI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmViMzY5ODMxNDE5Njc3Y2FlOWMwODYwYWNhOWZkMDRkNmUzMDI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzAeH3sGnwjCxz34vJcZiMhUeAspM
HV2YmFddOxYN2Xhf5VCjpgBTHzomoIOcf0TpSLpezxCrVf/tCDAWlz3uvM4LLvEW
XYA6ItRnuO4S9C3ikTncXo6uvNTh25P/JRAJ8iNh7O63L6A4r4lu4tQ63nk5Y78I
MEDjLedu1LfrFo1y0vnseQ6h4ojrmh+4Rt7XQ+Y1pabaRzAr4YKfZA02R+By+EM0
ili6H/JmYt61SlI5eR5+Afo/QI05C0o+sDsQ9OOToHGY1T1khyxFC8dy8qnQQNyq
GH1+7aeH2mkuztyBHLo57xJZqQUL4vM9Xkwmv1tHfvPoUmsTn2A6Y4tGXwIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFJbrNpgxQZZ3yunAhgrKn9BNbjAoMB8GA1UdIwQY
MBaAFH4gsDTixJexiESI3vEGlycEdlApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2Qt
MDM1ZDk3N2Y0MjE2LzEvbHVzMm1ERkJsbmZLNmNDR0NzcWYwRTF1TUNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2QtMDM1ZDk3N2Y0MjE2
LzEvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBmBAIAATBgAwQCUmwsAwQB
UmxYAwQCUmxcAwQBUmxmAwQCUmx0AwQCUmyMAwQBUmyYAwQBV1YYAwQA1IYuAwQA
1IY0AwQA1IY2AwQC1IZ8AwQC1IakAwQC1IbQAwQC1IbgAwQC1NQQMA0GCSqGSIb3
DQEBCwUAA4IBAQADMvwjVHMvB/orjTNLoX1Rr+7tdG3xrl2TcBpsZ55lVfY41tMi
3QaqvofmNvdZOg3YD+XlTlV0biVMA5LKW9FbI91UD8TdwLiGePEjd2tfbWwnbrVW
IZkwsSDtYyn9nVW+D6CFVDBeIl6pt3Ach0+bjwAVaQLuTMl5ryoqPB9UvwIZQWUL
NPrw1+ON298MbTL74YBPjcq4PMGNoqRHLJeX4QmSbL52g+hi0P7VlbBJYhJzAS+z
nJXBdGE04RnkUSvs4d+Mp9nW639zKrsisGVJcUtDMxEXqaJGo3vrbYGhKzJs8EtL
Y1yf+KsqF6kUr7kF6t1Id72TE3/dbrlYVvAS
-----END CERTIFICATE-----
Generated at Sat Mar 28 12:09:59 2026 by rpki-client