Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/7424c5-2c99-4952-86e7-073fb83abfc6/1/luS_MUgmzdMuGS76ZPW7jEugNFA.roa
File: luS_MUgmzdMuGS76ZPW7jEugNFA.roa (raw, json)
Hash identifier: zmYIzq2i+Cnfy8rt1xmt5c6X8SNFIcSJe0+Xd9kMxgE=
Subject key identifier: 96:E4:BF:31:48:26:CD:D3:2E:19:2E:FA:64:F5:BB:8C:4B:A0:34:50
Certificate issuer: /CN=cac9a1550d3db1ac0aeb11c16d63e48a683bca03
Certificate serial: 0197817B199B49D17836116BD3311CEEE3E3
Authority key identifier: CA:C9:A1:55:0D:3D:B1:AC:0A:EB:11:C1:6D:63:E4:8A:68:3B:CA:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ysmhVQ09sawK6xHBbWPkimg7ygM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/7424c5-2c99-4952-86e7-073fb83abfc6/1/luS_MUgmzdMuGS76ZPW7jEugNFA.roa
Signing time: Wed 18 Jun 2025 05:20:17 +0000
ROA not before: Wed 18 Jun 2025 05:20:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215624
IP address blocks: 45.87.224.0/24 maxlen: 24
45.87.225.0/24 maxlen: 24
2a14:5480:1012::/48 maxlen: 48
2a14:5480:1022::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/76/7424c5-2c99-4952-86e7-073fb83abfc6/1/ysmhVQ09sawK6xHBbWPkimg7ygM.crl
rsync://rpki.ripe.net/repository/DEFAULT/76/7424c5-2c99-4952-86e7-073fb83abfc6/1/ysmhVQ09sawK6xHBbWPkimg7ygM.mft
rsync://rpki.ripe.net/repository/DEFAULT/ysmhVQ09sawK6xHBbWPkimg7ygM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 11:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:81:7b:19:9b:49:d1:78:36:11:6b:d3:31:1c:ee:e3:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cac9a1550d3db1ac0aeb11c16d63e48a683bca03
Validity
Not Before: Jun 18 05:20:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=96e4bf314826cdd32e192efa64f5bb8c4ba03450
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:5e:69:5b:ed:7d:a2:39:97:27:bb:d9:fb:f8:
59:9e:b0:3e:9c:3d:45:05:5e:12:66:9a:b6:66:09:
7d:6f:85:a3:6e:9d:dc:0f:66:53:34:c2:66:89:44:
15:3b:99:8b:3e:38:1d:59:c2:6f:83:43:6f:be:05:
ed:37:b8:cd:ea:c8:60:88:ed:03:98:2d:0a:4d:76:
d8:6d:a8:1e:27:9c:1f:3b:d5:c0:ac:0d:ee:26:75:
13:c2:11:a0:fc:ad:59:67:72:de:ca:3a:f9:18:0e:
ad:eb:6c:fc:a8:af:b0:eb:4d:4b:1a:9f:67:3a:34:
3a:8d:3b:d5:7f:da:c9:ae:66:d9:e4:10:92:88:09:
02:3e:58:5b:d8:77:ba:fe:2f:e8:b5:6c:bf:81:ee:
10:1d:9d:b1:16:26:6a:a6:2a:3f:4b:1a:df:1e:ab:
cc:61:09:b4:1b:a6:6b:7e:3d:4f:06:98:51:5a:7b:
bf:1d:77:66:5a:48:8c:64:73:7d:bf:0e:5e:e5:41:
04:15:40:2f:75:5b:5c:10:73:47:5d:9e:2b:78:c4:
02:86:2d:e3:61:6c:e7:f6:8c:23:13:e9:d5:bc:47:
5b:21:20:a9:65:9a:3d:8b:60:59:a0:84:58:3b:56:
8a:78:95:af:41:95:af:db:f7:15:55:c1:09:eb:1f:
38:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:E4:BF:31:48:26:CD:D3:2E:19:2E:FA:64:F5:BB:8C:4B:A0:34:50
X509v3 Authority Key Identifier:
keyid:CA:C9:A1:55:0D:3D:B1:AC:0A:EB:11:C1:6D:63:E4:8A:68:3B:CA:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ysmhVQ09sawK6xHBbWPkimg7ygM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/7424c5-2c99-4952-86e7-073fb83abfc6/1/luS_MUgmzdMuGS76ZPW7jEugNFA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/7424c5-2c99-4952-86e7-073fb83abfc6/1/ysmhVQ09sawK6xHBbWPkimg7ygM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.224.0/23
IPv6:
2a14:5480:1012::/48
2a14:5480:1022::/48
Signature Algorithm: sha256WithRSAEncryption
76:13:ed:f6:fa:95:75:6d:57:9c:8d:8d:1e:59:b9:da:45:44:
fb:27:1b:27:72:e0:4f:fd:a1:73:af:87:39:fe:8b:ed:5d:a6:
4c:96:a3:7f:47:7c:b8:16:30:dc:3c:67:bb:1f:87:fb:1f:82:
ff:34:e7:bd:ee:7a:b8:8f:5c:5e:c9:03:db:e8:67:6c:a7:79:
89:b5:a2:9d:22:11:2f:93:ab:77:ac:a4:f5:66:ef:5a:3e:cc:
18:4f:db:27:5b:d8:28:98:ab:86:ed:18:82:40:4c:85:21:4b:
2b:c0:2b:0d:91:df:e3:23:f0:52:b4:84:8e:dd:58:15:50:78:
67:93:f7:cb:ac:e2:cd:63:b9:aa:5f:c7:ac:5f:20:b6:ec:c1:
f3:46:8d:03:9d:1d:cb:ab:ee:bd:37:69:6d:1e:f8:76:c0:cd:
7d:42:30:aa:b1:b8:cb:af:79:29:74:8b:7c:3f:6f:2a:b6:b7:
8e:db:60:a0:0b:17:99:37:e2:16:36:a2:e0:76:89:ac:37:29:
6b:62:cd:cc:88:55:69:77:15:88:84:a0:b6:28:3c:6a:ec:e0:
d3:91:44:3f:34:4d:aa:d8:e8:03:ef:83:60:56:39:70:74:c0:
32:61:c0:e5:73:5f:15:d6:cf:36:cb:17:20:63:89:45:48:46:
dd:ee:8f:53
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZeBexmbSdF4NhFr0zEc7uPjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhYzlhMTU1MGQzZGIxYWMwYWViMTFjMTZkNjNlNDhhNjgz
YmNhMDMwHhcNMjUwNjE4MDUyMDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmU0YmYzMTQ4MjZjZGQzMmUxOTJlZmE2NGY1YmI4YzRiYTAzNDUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn15pW+19ojmXJ7vZ+/hZnrA+nD1F
BV4SZpq2Zgl9b4Wjbp3cD2ZTNMJmiUQVO5mLPjgdWcJvg0NvvgXtN7jN6shgiO0D
mC0KTXbYbageJ5wfO9XArA3uJnUTwhGg/K1ZZ3Leyjr5GA6t62z8qK+w601LGp9n
OjQ6jTvVf9rJrmbZ5BCSiAkCPlhb2He6/i/otWy/ge4QHZ2xFiZqpio/SxrfHqvM
YQm0G6Zrfj1PBphRWnu/HXdmWkiMZHN9vw5e5UEEFUAvdVtcEHNHXZ4reMQChi3j
YWzn9owjE+nVvEdbISCpZZo9i2BZoIRYO1aKeJWvQZWv2/cVVcEJ6x84HQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFJbkvzFIJs3TLhku+mT1u4xLoDRQMB8GA1UdIwQY
MBaAFMrJoVUNPbGsCusRwW1j5IpoO8oDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXNtaFZRMDlzYXdLNnhIQmJXUGtpbWc3eWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni83NDI0YzUtMmM5OS00OTUyLTg2ZTct
MDczZmI4M2FiZmM2LzEvbHVTX01VZ216ZE11R1M3NlpQVzdqRXVnTkZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni83NDI0YzUtMmM5OS00OTUyLTg2ZTctMDczZmI4M2FiZmM2
LzEveXNtaFZRMDlzYXdLNnhIQmJXUGtpbWc3eWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQBLVfgMBgE
AgACMBIDBwAqFFSAEBIDBwAqFFSAECIwDQYJKoZIhvcNAQELBQADggEBAHYT7fb6
lXVtV5yNjR5ZudpFRPsnGydy4E/9oXOvhzn+i+1dpkyWo39HfLgWMNw8Z7sfh/sf
gv80573ueriPXF7JA9voZ2yneYm1op0iES+Tq3espPVm71o+zBhP2ydb2CiYq4bt
GIJATIUhSyvAKw2R3+Mj8FK0hI7dWBVQeGeT98us4s1juapfx6xfILbswfNGjQOd
Hcur7r03aW0e+HbAzX1CMKqxuMuveSl0i3w/byq2t47bYKALF5k34hY2ouB2iaw3
KWtizcyIVWl3FYiEoLYoPGrs4NORRD80TarY6APvg2BWOXB0wDJhwOVzXxXWzzbL
FyBjiUVIRt3uj1M=
-----END CERTIFICATE-----
Generated at Sat Jul 26 20:30:02 2025 by rpki-client