Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/LeJNm1ZK5iVV3SsDbJERcUuUUyU.roa
File: LeJNm1ZK5iVV3SsDbJERcUuUUyU.roa (raw, json)
Hash identifier: YZLLMnJFDKGZDywuXIt3IlZ5Tc81OdOTnXuXJJ8sLok=
Subject key identifier: 2D:E2:4D:9B:56:4A:E6:25:55:DD:2B:03:6C:91:11:71:4B:94:53:25
Certificate issuer: /CN=2672b9fb546b365e323230dcea9ba8c9fbedfeb8
Certificate serial: 019CAB3479A8A2B7A8159B7BF4037FDC481E
Authority key identifier: 26:72:B9:FB:54:6B:36:5E:32:32:30:DC:EA:9B:A8:C9:FB:ED:FE:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JnK5-1RrNl4yMjDc6puoyfvt_rg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/LeJNm1ZK5iVV3SsDbJERcUuUUyU.roa
Signing time: Sun 01 Mar 2026 21:01:08 +0000
ROA not before: Sun 01 Mar 2026 21:01:08 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 64439
IP address blocks: 91.190.152.0/24 maxlen: 32
109.205.56.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/JnK5-1RrNl4yMjDc6puoyfvt_rg.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/JnK5-1RrNl4yMjDc6puoyfvt_rg.mft
rsync://rpki.ripe.net/repository/DEFAULT/JnK5-1RrNl4yMjDc6puoyfvt_rg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 06:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ab:34:79:a8:a2:b7:a8:15:9b:7b:f4:03:7f:dc:48:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2672b9fb546b365e323230dcea9ba8c9fbedfeb8
Validity
Not Before: Mar 1 21:01:08 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2de24d9b564ae62555dd2b036c9111714b945325
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:2e:0d:3b:b5:7c:cf:84:38:c5:e1:20:e3:32:
a0:7e:b7:2f:a3:93:63:a5:cc:f7:55:87:a2:55:e1:
b1:b8:07:d6:19:c4:44:17:2e:96:cf:66:45:6d:43:
bf:0c:d0:36:14:fd:0c:aa:74:0c:69:52:37:94:3c:
b0:7a:07:62:dd:f2:0e:84:67:f5:fb:03:fe:68:c4:
97:ab:4a:9d:d4:c3:16:88:e8:25:d0:be:b0:73:a1:
87:2a:6e:a3:c0:0a:ef:00:e3:08:e1:4c:7b:58:61:
ba:1b:37:62:60:38:f0:a7:0f:46:2c:c0:37:78:17:
b8:bc:1b:9c:db:8a:eb:fc:20:1f:7d:a9:e8:c8:68:
a4:d4:4d:b8:32:b0:43:1e:0b:8a:43:a3:eb:ea:38:
be:b3:6b:cc:bf:42:ec:42:b0:f3:33:50:b0:62:e4:
dd:22:d4:0e:77:c2:ae:2a:66:ba:06:11:51:db:c5:
ed:70:28:63:1b:fe:f4:0f:d5:75:5a:9e:05:62:27:
f3:79:22:55:12:c6:68:d5:85:af:c2:80:36:7a:23:
78:ae:7b:32:d1:1d:5c:55:58:a0:ae:89:4d:b7:13:
2b:9f:e9:ff:6c:21:f5:ee:49:ea:b0:f0:b0:65:94:
13:5b:9e:f4:80:dd:41:e5:ce:54:27:57:0a:ef:77:
8a:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:E2:4D:9B:56:4A:E6:25:55:DD:2B:03:6C:91:11:71:4B:94:53:25
X509v3 Authority Key Identifier:
keyid:26:72:B9:FB:54:6B:36:5E:32:32:30:DC:EA:9B:A8:C9:FB:ED:FE:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JnK5-1RrNl4yMjDc6puoyfvt_rg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/LeJNm1ZK5iVV3SsDbJERcUuUUyU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/JnK5-1RrNl4yMjDc6puoyfvt_rg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.190.152.0/24
109.205.56.0/24
Signature Algorithm: sha256WithRSAEncryption
54:2f:ed:cf:82:59:14:e0:8b:f2:11:21:c5:68:9d:c8:85:ae:
5e:ec:05:43:a3:41:01:c7:64:df:2c:df:b7:02:2a:55:b4:b7:
ae:42:4b:1a:f9:57:55:e5:80:d9:e2:fd:83:4a:02:dc:7e:c2:
11:be:e6:db:70:11:62:21:37:a2:39:d1:d8:a0:fe:1b:43:df:
84:f9:a1:35:48:26:91:f2:85:e6:cc:97:ba:c1:d8:2b:cb:76:
67:dd:08:d0:c1:45:67:88:21:6d:62:59:b4:a7:9d:c4:1f:e2:
24:78:a6:63:f0:45:20:a8:13:dd:a7:5e:bb:bf:95:46:b1:ca:
7f:f3:d8:a8:c2:f2:26:16:f1:f5:97:7a:48:ed:4f:43:12:dc:
21:24:53:4c:e4:9a:9e:c5:ff:ac:57:84:41:e8:c5:59:aa:14:
11:ae:f3:0a:75:4a:5a:3c:97:5c:9c:09:8d:3e:29:8d:27:31:
b0:b9:37:30:15:de:a8:68:dd:89:c9:52:e6:3e:9d:5c:5c:c1:
fb:9d:1b:e2:d3:81:a5:06:7c:d7:46:14:fc:cc:f4:29:4a:ee:
95:0f:a4:52:59:b4:40:fb:a9:5a:7d:8f:0c:10:0a:d6:e0:6e:
fb:29:2a:24:00:f3:81:92:75:0b:f5:80:e5:0c:b0:3b:3d:42:
2c:d9:ad:f1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZyrNHmooreoFZt79AN/3EgeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NzJiOWZiNTQ2YjM2NWUzMjMyMzBkY2VhOWJhOGM5ZmJl
ZGZlYjgwHhcNMjYwMzAxMjEwMTA4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGUyNGQ5YjU2NGFlNjI1NTVkZDJiMDM2YzkxMTE3MTRiOTQ1MzI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxy4NO7V8z4Q4xeEg4zKgfrcvo5Nj
pcz3VYeiVeGxuAfWGcREFy6Wz2ZFbUO/DNA2FP0MqnQMaVI3lDywegdi3fIOhGf1
+wP+aMSXq0qd1MMWiOgl0L6wc6GHKm6jwArvAOMI4Ux7WGG6GzdiYDjwpw9GLMA3
eBe4vBuc24rr/CAffanoyGik1E24MrBDHguKQ6Pr6ji+s2vMv0LsQrDzM1CwYuTd
ItQOd8KuKma6BhFR28XtcChjG/70D9V1Wp4FYifzeSJVEsZo1YWvwoA2eiN4rnsy
0R1cVVigrolNtxMrn+n/bCH17knqsPCwZZQTW570gN1B5c5UJ1cK73eKYQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFC3iTZtWSuYlVd0rA2yREXFLlFMlMB8GA1UdIwQY
MBaAFCZyuftUazZeMjIw3OqbqMn77f64MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm5LNS0xUnJObDR5TWpEYzZwdW95ZnZ0X3JnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9iMTNiNTUtMTI4OC00NWU2LTg4NzYt
YTcwZGI1ODI4MGZjLzEvTGVKTm0xWks1aVZWM1NzRGJKRVJjVXVVVXlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9iMTNiNTUtMTI4OC00NWU2LTg4NzYtYTcwZGI1ODI4MGZj
LzEvSm5LNS0xUnJObDR5TWpEYzZwdW95ZnZ0X3JnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW76YAwQA
bc04MA0GCSqGSIb3DQEBCwUAA4IBAQBUL+3PglkU4IvyESHFaJ3Iha5e7AVDo0EB
x2TfLN+3AipVtLeuQksa+VdV5YDZ4v2DSgLcfsIRvubbcBFiITeiOdHYoP4bQ9+E
+aE1SCaR8oXmzJe6wdgry3Zn3QjQwUVniCFtYlm0p53EH+IkeKZj8EUgqBPdp167
v5VGscp/89iowvImFvH1l3pI7U9DEtwhJFNM5Jqexf+sV4RB6MVZqhQRrvMKdUpa
PJdcnAmNPimNJzGwuTcwFd6oaN2JyVLmPp1cXMH7nRvi04GlBnzXRhT8zPQpSu6V
D6RSWbRA+6lafY8MEArW4G77KSokAPOBknUL9YDlDLA7PUIs2a3x
-----END CERTIFICATE-----
Generated at Mon Mar 2 13:59:02 2026 by rpki-client