Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c6929d-ac53-48f0-9afe-2c9679ace9b1/1/L18LfUdDFMe4UbMpcGQhNbyBBFA.roa
File: L18LfUdDFMe4UbMpcGQhNbyBBFA.roa (raw, json)
Hash identifier: qvvnhzQads/EsFKpKYrOSE0oyBJYg5HQKOC8BoIIN9s=
Subject key identifier: 2F:5F:0B:7D:47:43:14:C7:B8:51:B3:29:70:64:21:35:BC:81:04:50
Certificate issuer: /CN=e0e1bf53ebed7b548086f4af68034540f20a78ec
Certificate serial: 0198133D78FBC48DA147C1A62A0A0B1C96BE
Authority key identifier: E0:E1:BF:53:EB:ED:7B:54:80:86:F4:AF:68:03:45:40:F2:0A:78:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4OG_U-vte1SAhvSvaANFQPIKeOw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c6929d-ac53-48f0-9afe-2c9679ace9b1/1/L18LfUdDFMe4UbMpcGQhNbyBBFA.roa
Signing time: Wed 16 Jul 2025 12:37:32 +0000
ROA not before: Wed 16 Jul 2025 12:37:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 786
IP address blocks: 129.67.0.0/16 maxlen: 16
163.1.0.0/16 maxlen: 16
192.76.6.0/23 maxlen: 23
192.76.8.0/21 maxlen: 21
192.76.16.0/20 maxlen: 20
192.76.32.0/22 maxlen: 22
2a0a:200::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/c6929d-ac53-48f0-9afe-2c9679ace9b1/1/4OG_U-vte1SAhvSvaANFQPIKeOw.crl
rsync://rpki.ripe.net/repository/DEFAULT/a8/c6929d-ac53-48f0-9afe-2c9679ace9b1/1/4OG_U-vte1SAhvSvaANFQPIKeOw.mft
rsync://rpki.ripe.net/repository/DEFAULT/4OG_U-vte1SAhvSvaANFQPIKeOw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 22:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:13:3d:78:fb:c4:8d:a1:47:c1:a6:2a:0a:0b:1c:96:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0e1bf53ebed7b548086f4af68034540f20a78ec
Validity
Not Before: Jul 16 12:37:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2f5f0b7d474314c7b851b32970642135bc810450
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:ec:d3:5b:f8:66:b6:f0:ac:fd:1a:fc:09:ea:
68:ba:31:af:1f:56:f2:3a:de:69:e5:81:6c:28:84:
6f:de:53:b7:a5:ab:09:02:8e:f5:5f:57:1e:92:46:
94:c4:72:47:2d:87:c1:73:7f:59:03:be:80:29:bf:
8f:40:e3:8f:02:57:30:ea:e6:1b:3b:66:e0:16:0c:
27:91:d7:bb:31:7d:36:1f:d0:83:eb:f6:31:a5:aa:
04:ae:e4:7e:07:11:a8:83:06:00:b5:9e:00:6a:35:
c7:8b:3a:83:24:80:56:87:12:e7:42:cb:5e:0d:1c:
8a:cc:8f:90:bb:a9:bb:94:10:7a:f8:eb:aa:8c:ae:
0a:01:5d:45:8d:2e:45:79:06:7e:e3:99:62:6c:f2:
8f:cc:b7:c0:a5:92:f0:68:99:51:38:84:db:53:ab:
cb:88:08:df:08:62:d6:24:36:99:f9:51:54:ec:fe:
96:18:f1:8c:8e:0d:67:06:4d:8e:7e:a5:76:5b:6e:
c2:70:bb:1c:35:4e:29:39:85:33:7a:8e:ff:18:5f:
5d:5f:89:3d:6b:3f:42:dd:9b:00:70:e6:aa:6f:66:
d5:49:ff:03:1a:c2:11:e5:b6:0e:75:f9:82:09:72:
42:f3:7a:2b:02:3a:5a:c0:a7:06:57:4f:74:a7:24:
a1:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:5F:0B:7D:47:43:14:C7:B8:51:B3:29:70:64:21:35:BC:81:04:50
X509v3 Authority Key Identifier:
keyid:E0:E1:BF:53:EB:ED:7B:54:80:86:F4:AF:68:03:45:40:F2:0A:78:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4OG_U-vte1SAhvSvaANFQPIKeOw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c6929d-ac53-48f0-9afe-2c9679ace9b1/1/L18LfUdDFMe4UbMpcGQhNbyBBFA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c6929d-ac53-48f0-9afe-2c9679ace9b1/1/4OG_U-vte1SAhvSvaANFQPIKeOw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
129.67.0.0/16
163.1.0.0/16
192.76.6.0-192.76.35.255
IPv6:
2a0a:200::/29
Signature Algorithm: sha256WithRSAEncryption
a5:59:9f:91:41:92:28:4a:ea:f6:db:d4:6a:56:9c:11:e6:e4:
4b:f8:22:4c:16:5c:51:fc:88:e5:22:af:ba:cf:0b:ef:57:56:
8d:9d:a2:89:bc:4a:df:d7:03:a5:a7:61:c8:e2:33:f0:df:5c:
de:7f:7a:8f:1d:9e:42:70:37:f9:c8:b2:c4:78:dc:58:21:f5:
df:9e:40:a6:f9:62:60:60:f6:4e:39:b0:2d:ee:98:86:4b:00:
fc:7d:c4:57:60:4e:10:f5:ac:c5:42:fd:d4:3d:37:63:37:d1:
02:a7:ab:a8:75:c6:81:a9:54:14:bd:fc:0b:95:62:ee:45:dd:
68:a3:60:ea:d0:0a:91:60:2d:04:ab:f4:98:13:ea:b8:8a:a3:
79:e0:f9:66:79:f2:d5:a3:47:d7:61:ed:f0:0c:88:36:d9:99:
92:f8:cb:28:b7:0d:ec:b7:a9:57:8b:6d:c0:fb:41:70:0a:b9:
e5:2f:78:44:13:3a:02:32:ed:9a:66:8c:23:c4:21:06:2a:c9:
b9:1b:00:d8:2f:98:ac:11:70:dc:e8:a2:53:fb:e5:08:65:8f:
75:81:6d:a4:d1:86:7a:1a:ff:e9:02:04:ae:28:89:83:ec:e2:
82:67:b5:9a:60:5e:0f:e8:88:a4:b3:b0:9f:78:cb:55:04:2a:
9f:23:94:3e
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZgTPXj7xI2hR8GmKgoLHJa+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwZTFiZjUzZWJlZDdiNTQ4MDg2ZjRhZjY4MDM0NTQwZjIw
YTc4ZWMwHhcNMjUwNzE2MTIzNzMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjVmMGI3ZDQ3NDMxNGM3Yjg1MWIzMjk3MDY0MjEzNWJjODEwNDUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv+zTW/hmtvCs/Rr8CepoujGvH1by
Ot5p5YFsKIRv3lO3pasJAo71X1cekkaUxHJHLYfBc39ZA76AKb+PQOOPAlcw6uYb
O2bgFgwnkde7MX02H9CD6/YxpaoEruR+BxGogwYAtZ4AajXHizqDJIBWhxLnQste
DRyKzI+Qu6m7lBB6+OuqjK4KAV1FjS5FeQZ+45libPKPzLfApZLwaJlROITbU6vL
iAjfCGLWJDaZ+VFU7P6WGPGMjg1nBk2OfqV2W27CcLscNU4pOYUzeo7/GF9dX4k9
az9C3ZsAcOaqb2bVSf8DGsIR5bYOdfmCCXJC83orAjpawKcGV090pyShQQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFC9fC31HQxTHuFGzKXBkITW8gQRQMB8GA1UdIwQY
MBaAFODhv1Pr7XtUgIb0r2gDRUDyCnjsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNE9HX1UtdnRlMVNBaHZTdmFBTkZRUElLZU93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjkyOWQtYWM1My00OGYwLTlhZmUt
MmM5Njc5YWNlOWIxLzEvTDE4TGZVZERGTWU0VWJNcGNHUWhOYnlCQkZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjkyOWQtYWM1My00OGYwLTlhZmUtMmM5Njc5YWNlOWIx
LzEvNE9HX1UtdnRlMVNBaHZTdmFBTkZRUElLZU93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwMAgUMDAwCj
ATAMAwQBwEwGAwQCwEwgMA0EAgACMAcDBQMqCgIAMA0GCSqGSIb3DQEBCwUAA4IB
AQClWZ+RQZIoSur229RqVpwR5uRL+CJMFlxR/IjlIq+6zwvvV1aNnaKJvErf1wOl
p2HI4jPw31zef3qPHZ5CcDf5yLLEeNxYIfXfnkCm+WJgYPZOObAt7piGSwD8fcRX
YE4Q9azFQv3UPTdjN9ECp6uodcaBqVQUvfwLlWLuRd1oo2Dq0AqRYC0Eq/SYE+q4
iqN54PlmefLVo0fXYe3wDIg22ZmS+Msotw3st6lXi23A+0FwCrnlL3hEEzoCMu2a
ZowjxCEGKsm5GwDYL5isEXDc6KJT++UIZY91gW2k0YZ6Gv/pAgSuKImD7OKCZ7Wa
YF4P6Iiks7CfeMtVBCqfI5Q+
-----END CERTIFICATE-----
Generated at Mon Jul 21 07:29:23 2025 by rpki-client