Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/2e2747-ad74-4d31-9256-d35edb9fdd21/1/lPxrJNzTmXryV2F51IkQV9qfvk8.roa
File: lPxrJNzTmXryV2F51IkQV9qfvk8.roa (raw, json)
Hash identifier: XwWZCOkUNT19TkGVL4DD1MLeNhROccVqsb63RsLA8Rg=
Subject key identifier: 94:FC:6B:24:DC:D3:99:7A:F2:57:61:79:D4:89:10:57:DA:9F:BE:4F
Certificate issuer: /CN=f48b3f0c6a87c045bdcffabd900db8892be702e1
Certificate serial: 019840AEA908AAD0ADC42315281F865C4A94
Authority key identifier: F4:8B:3F:0C:6A:87:C0:45:BD:CF:FA:BD:90:0D:B8:89:2B:E7:02:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9Is_DGqHwEW9z_q9kA24iSvnAuE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/2e2747-ad74-4d31-9256-d35edb9fdd21/1/lPxrJNzTmXryV2F51IkQV9qfvk8.roa
Signing time: Fri 25 Jul 2025 08:24:04 +0000
ROA not before: Fri 25 Jul 2025 08:24:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5539
IP address blocks: 82.118.32.0/19 maxlen: 19
185.54.120.0/22 maxlen: 22
185.54.188.0/22 maxlen: 22
185.54.190.0/24 maxlen: 24
185.54.191.0/24 maxlen: 24
193.149.32.0/19 maxlen: 19
194.97.64.0/19 maxlen: 19
194.97.128.0/19 maxlen: 19
194.97.137.0/24 maxlen: 24
195.24.96.0/19 maxlen: 19
195.30.0.0/16 maxlen: 16
195.30.21.0/24 maxlen: 24
195.30.50.0/24 maxlen: 24
195.30.64.0/24 maxlen: 24
195.30.121.0/24 maxlen: 24
195.30.131.0/24 maxlen: 24
2001:608::/32 maxlen: 32
2001:608:804::/48 maxlen: 48
2001:608:a04::/48 maxlen: 48
2001:608:e03::/48 maxlen: 48
2001:67c:158c::/48 maxlen: 48
2001:4150::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/26/2e2747-ad74-4d31-9256-d35edb9fdd21/1/9Is_DGqHwEW9z_q9kA24iSvnAuE.crl
rsync://rpki.ripe.net/repository/DEFAULT/26/2e2747-ad74-4d31-9256-d35edb9fdd21/1/9Is_DGqHwEW9z_q9kA24iSvnAuE.mft
rsync://rpki.ripe.net/repository/DEFAULT/9Is_DGqHwEW9z_q9kA24iSvnAuE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Jul 2025 05:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:40:ae:a9:08:aa:d0:ad:c4:23:15:28:1f:86:5c:4a:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f48b3f0c6a87c045bdcffabd900db8892be702e1
Validity
Not Before: Jul 25 08:24:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=94fc6b24dcd3997af2576179d4891057da9fbe4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:6c:73:83:62:b5:e9:40:7c:cb:a7:3f:0a:42:
bb:11:ee:32:64:68:ad:8f:93:c6:a8:d3:cf:53:96:
85:fe:e2:a2:f9:47:b5:80:eb:4a:3f:8a:0a:d1:57:
11:1e:af:9d:44:15:6c:2d:60:c6:b3:c1:b4:44:83:
6d:ba:dc:e0:57:bd:f3:81:74:bb:16:5f:ea:84:06:
e0:ac:69:9a:f7:23:b6:7b:6c:1f:42:82:16:a8:19:
b9:bb:86:7e:47:b5:12:d4:e1:7c:fe:a2:0c:4b:00:
68:24:75:46:1a:05:e3:f2:d9:6b:b8:bc:86:69:f3:
fa:89:31:21:9f:eb:90:e9:b7:61:cf:6f:ef:95:11:
05:15:08:b6:f3:fa:3c:bc:a5:6a:1e:d3:ab:4b:13:
10:10:23:bf:fc:3c:1e:35:a5:29:43:32:b5:17:3f:
f2:0c:66:7a:5b:66:7b:70:3e:82:46:6d:26:30:13:
77:d6:68:b3:b6:7c:8f:25:05:35:ce:51:ce:43:ea:
21:83:96:67:93:52:7a:e5:d6:18:6f:92:85:6c:bc:
d4:38:f4:83:c6:20:05:9f:9d:a9:4c:98:3c:01:0a:
17:0f:dd:8e:3c:4c:7f:53:b2:40:55:f9:da:78:32:
3f:2d:f5:95:ab:2e:5f:64:b0:3d:35:e3:14:89:fa:
2b:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:FC:6B:24:DC:D3:99:7A:F2:57:61:79:D4:89:10:57:DA:9F:BE:4F
X509v3 Authority Key Identifier:
keyid:F4:8B:3F:0C:6A:87:C0:45:BD:CF:FA:BD:90:0D:B8:89:2B:E7:02:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9Is_DGqHwEW9z_q9kA24iSvnAuE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/2e2747-ad74-4d31-9256-d35edb9fdd21/1/lPxrJNzTmXryV2F51IkQV9qfvk8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/2e2747-ad74-4d31-9256-d35edb9fdd21/1/9Is_DGqHwEW9z_q9kA24iSvnAuE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.118.32.0/19
185.54.120.0/22
185.54.188.0/22
193.149.32.0/19
194.97.64.0/19
194.97.128.0/19
195.24.96.0/19
195.30.0.0/16
IPv6:
2001:608::/32
2001:67c:158c::/48
2001:4150::/32
Signature Algorithm: sha256WithRSAEncryption
43:e1:b4:ba:c8:37:a1:9a:01:03:03:85:8a:b3:5f:04:f5:a3:
f2:3d:e0:56:a5:4b:9f:66:b9:e9:d1:c9:e1:56:64:89:2d:87:
88:3a:57:a9:74:06:ab:bc:89:52:6f:f9:87:34:ab:f3:a5:2c:
7a:1c:80:4f:00:8e:bb:04:fd:17:d1:ab:12:fa:46:74:43:48:
02:44:1e:95:9f:a1:d1:f1:64:2b:e7:0f:5b:f4:96:c4:85:05:
b0:25:12:6e:84:8c:88:35:df:b8:15:90:19:35:d4:e5:d3:92:
f2:db:f6:40:89:46:28:eb:45:fe:7f:c2:be:bb:59:0d:1c:06:
ca:a7:cb:26:9d:97:26:c0:67:9e:da:1a:c1:de:f9:2c:80:08:
62:20:1b:5e:92:6f:64:e6:79:3a:df:cf:06:fc:04:b3:bb:37:
49:32:43:b1:2b:c6:4c:60:78:37:ed:7d:62:8e:4a:0e:3e:ed:
d9:41:38:45:3a:ff:8b:5f:2d:7e:68:dc:84:d4:f3:7a:06:93:
af:b8:26:b1:49:e6:25:3d:c6:4a:3f:26:67:c6:de:26:a1:c1:
a9:2b:9c:8f:04:cb:c3:bc:04:36:09:38:0e:e8:a2:2b:d0:be:
ce:aa:4f:72:b0:a0:79:a4:b2:6f:f1:70:79:f2:7d:42:2c:84:
55:e5:1a:e4
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAZhArqkIqtCtxCMVKB+GXEqUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0OGIzZjBjNmE4N2MwNDViZGNmZmFiZDkwMGRiODg5MmJl
NzAyZTEwHhcNMjUwNzI1MDgyNDA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGZjNmIyNGRjZDM5OTdhZjI1NzYxNzlkNDg5MTA1N2RhOWZiZTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz2xzg2K16UB8y6c/CkK7Ee4yZGit
j5PGqNPPU5aF/uKi+Ue1gOtKP4oK0VcRHq+dRBVsLWDGs8G0RINtutzgV73zgXS7
Fl/qhAbgrGma9yO2e2wfQoIWqBm5u4Z+R7US1OF8/qIMSwBoJHVGGgXj8tlruLyG
afP6iTEhn+uQ6bdhz2/vlREFFQi28/o8vKVqHtOrSxMQECO//DweNaUpQzK1Fz/y
DGZ6W2Z7cD6CRm0mMBN31miztnyPJQU1zlHOQ+ohg5Znk1J65dYYb5KFbLzUOPSD
xiAFn52pTJg8AQoXD92OPEx/U7JAVfnaeDI/LfWVqy5fZLA9NeMUifor2wIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFJT8ayTc05l68ldhedSJEFfan75PMB8GA1UdIwQY
MBaAFPSLPwxqh8BFvc/6vZANuIkr5wLhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUlzX0RHcUh3RVc5el9xOWtBMjRpU3ZuQXVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8yZTI3NDctYWQ3NC00ZDMxLTkyNTYt
ZDM1ZWRiOWZkZDIxLzEvbFB4ckpOelRtWHJ5VjJGNTFJa1FWOXFmdms4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8yZTI3NDctYWQ3NC00ZDMxLTkyNTYtZDM1ZWRiOWZkZDIx
LzEvOUlzX0RHcUh3RVc5el9xOWtBMjRpU3ZuQXVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjA1BAIAATAvAwQFUnYgAwQC
uTZ4AwQCuTa8AwQFwZUgAwQFwmFAAwQFwmGAAwQFwxhgAwMAwx4wHQQCAAIwFwMF
ACABBggDBwAgAQZ8FYwDBQAgAUFQMA0GCSqGSIb3DQEBCwUAA4IBAQBD4bS6yDeh
mgEDA4WKs18E9aPyPeBWpUufZrnp0cnhVmSJLYeIOlepdAarvIlSb/mHNKvzpSx6
HIBPAI67BP0X0asS+kZ0Q0gCRB6Vn6HR8WQr5w9b9JbEhQWwJRJuhIyINd+4FZAZ
NdTl05Ly2/ZAiUYo60X+f8K+u1kNHAbKp8smnZcmwGee2hrB3vksgAhiIBtekm9k
5nk6388G/ASzuzdJMkOxK8ZMYHg37X1ijkoOPu3ZQThFOv+LXy1+aNyE1PN6BpOv
uCaxSeYlPcZKPyZnxt4mocGpK5yPBMvDvAQ2CTgO6KIr0L7Oqk9ysKB5pLJv8XB5
8n1CLIRV5Rrk
-----END CERTIFICATE-----
Generated at Sun Jul 27 13:58:06 2025 by rpki-client