Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/7fa943-9ea6-4068-b6ae-a4d413d7f89c/1/lf-trLvA-qDd5zEdeoTS16VXX6g.roa
File: lf-trLvA-qDd5zEdeoTS16VXX6g.roa (raw, json)
Hash identifier: UkGZWMolhkbNSX35kZCtNaOnC+PwksQdwebe8XEM76U=
Subject key identifier: 95:FF:AD:AC:BB:C0:FA:A0:DD:E7:31:1D:7A:84:D2:D7:A5:57:5F:A8
Certificate issuer: /CN=93ece780dfda43ab4a841727eb20d71fc76528bc
Certificate serial: 0199BE0E731623B13DAEDEF04622406F7ADD
Authority key identifier: 93:EC:E7:80:DF:DA:43:AB:4A:84:17:27:EB:20:D7:1F:C7:65:28:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k-zngN_aQ6tKhBcn6yDXH8dlKLw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/7fa943-9ea6-4068-b6ae-a4d413d7f89c/1/lf-trLvA-qDd5zEdeoTS16VXX6g.roa
Signing time: Tue 07 Oct 2025 09:44:01 +0000
ROA not before: Tue 07 Oct 2025 09:44:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214438
IP address blocks: 62.169.158.0/23 maxlen: 24
69.19.137.0/24 maxlen: 24
69.19.138.0/24 maxlen: 24
185.216.20.0/24 maxlen: 24
185.216.21.0/24 maxlen: 24
185.216.22.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/7fa943-9ea6-4068-b6ae-a4d413d7f89c/1/k-zngN_aQ6tKhBcn6yDXH8dlKLw.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/7fa943-9ea6-4068-b6ae-a4d413d7f89c/1/k-zngN_aQ6tKhBcn6yDXH8dlKLw.mft
rsync://rpki.ripe.net/repository/DEFAULT/k-zngN_aQ6tKhBcn6yDXH8dlKLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 Oct 2025 21:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:be:0e:73:16:23:b1:3d:ae:de:f0:46:22:40:6f:7a:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93ece780dfda43ab4a841727eb20d71fc76528bc
Validity
Not Before: Oct 7 09:44:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=95ffadacbbc0faa0dde7311d7a84d2d7a5575fa8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:56:78:a5:c4:3e:fe:3e:ff:4c:3d:66:ad:36:
3c:66:3b:3c:c3:6f:26:31:e5:bd:e7:34:d7:46:80:
e2:d3:7a:f2:b5:52:9f:df:97:cf:b6:85:90:eb:04:
69:0c:15:2c:14:c1:f1:ee:0e:ac:28:bd:68:84:09:
5c:a5:a4:dd:ad:e5:3d:07:84:ce:78:86:f2:64:f5:
57:a7:e3:75:e0:60:2c:72:6d:cd:c3:13:ea:6a:11:
8b:d7:8b:f6:57:e7:71:56:5b:c9:1b:91:a1:c0:0c:
1f:42:c6:ce:58:1f:50:38:00:cc:13:cf:86:6b:97:
a2:eb:48:76:a7:ec:85:75:84:2d:17:35:55:71:b0:
e2:33:4b:d6:e3:7b:2f:25:3b:fa:be:77:01:e0:28:
5a:27:e7:df:4e:93:ed:41:9e:17:31:8b:17:be:78:
44:d1:00:78:e8:73:d4:95:99:e0:74:aa:be:d8:ca:
2c:60:6c:b2:43:ff:80:96:68:09:9b:3c:4a:b6:06:
f4:66:94:24:3e:ee:cc:2c:fc:64:5d:f9:13:bd:75:
2f:c9:17:2e:72:38:1c:db:43:b6:60:1d:a9:ca:29:
65:0a:3e:df:89:26:4b:51:15:d9:86:7d:55:71:bc:
62:ea:67:94:1e:1b:f9:8d:c7:c0:7a:01:8f:c7:67:
ba:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:FF:AD:AC:BB:C0:FA:A0:DD:E7:31:1D:7A:84:D2:D7:A5:57:5F:A8
X509v3 Authority Key Identifier:
keyid:93:EC:E7:80:DF:DA:43:AB:4A:84:17:27:EB:20:D7:1F:C7:65:28:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k-zngN_aQ6tKhBcn6yDXH8dlKLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7fa943-9ea6-4068-b6ae-a4d413d7f89c/1/lf-trLvA-qDd5zEdeoTS16VXX6g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7fa943-9ea6-4068-b6ae-a4d413d7f89c/1/k-zngN_aQ6tKhBcn6yDXH8dlKLw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.169.158.0/23
69.19.137.0-69.19.138.255
185.216.20.0-185.216.22.255
Signature Algorithm: sha256WithRSAEncryption
34:6a:8f:6b:39:53:f6:68:cd:8d:ff:f2:b7:1b:34:17:29:8b:
32:53:5a:b0:e0:71:91:56:a2:44:d4:b7:c7:90:f0:f4:eb:e4:
cf:5c:f3:8a:0e:6a:e4:d9:60:e6:58:de:29:78:4e:f4:f0:62:
20:0f:10:d2:e3:6a:88:1f:a1:94:02:2c:98:ed:33:16:60:c1:
1a:12:bf:64:bd:80:4d:2c:7b:83:ba:83:38:27:a0:3b:27:54:
0a:8c:6a:74:20:67:de:a7:9f:1a:38:74:5e:7a:f4:8e:13:dd:
29:5d:43:ac:f6:c7:c3:7f:d4:bc:09:b4:80:44:e9:77:07:f1:
90:b6:8e:ed:43:b8:8a:cc:97:1d:02:a8:35:2b:0a:f2:b2:5a:
60:64:95:fa:b1:74:b3:c8:5a:b2:5c:2e:e3:29:82:93:9f:40:
51:1a:62:a4:aa:ff:c4:d8:76:21:a2:b1:b5:da:f8:28:c1:b2:
33:0e:45:f9:65:0d:ef:fc:12:74:14:59:55:78:7e:50:7b:2a:
5a:31:c1:a2:ad:f0:43:b8:cc:4e:c5:cd:3c:d8:e0:13:84:f6:
34:be:31:1f:53:a1:27:d9:c8:be:0c:6f:f6:66:71:6a:82:0e:
4f:5a:e3:36:11:ae:5c:d9:5a:72:3a:95:44:16:08:dd:20:99:
71:52:83:11
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZm+DnMWI7E9rt7wRiJAb3rdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzZWNlNzgwZGZkYTQzYWI0YTg0MTcyN2ViMjBkNzFmYzc2
NTI4YmMwHhcNMjUxMDA3MDk0NDAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWZmYWRhY2JiYzBmYWEwZGRlNzMxMWQ3YTg0ZDJkN2E1NTc1ZmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqlZ4pcQ+/j7/TD1mrTY8Zjs8w28m
MeW95zTXRoDi03rytVKf35fPtoWQ6wRpDBUsFMHx7g6sKL1ohAlcpaTdreU9B4TO
eIbyZPVXp+N14GAscm3NwxPqahGL14v2V+dxVlvJG5GhwAwfQsbOWB9QOADME8+G
a5ei60h2p+yFdYQtFzVVcbDiM0vW43svJTv6vncB4ChaJ+ffTpPtQZ4XMYsXvnhE
0QB46HPUlZngdKq+2MosYGyyQ/+AlmgJmzxKtgb0ZpQkPu7MLPxkXfkTvXUvyRcu
cjgc20O2YB2pyillCj7fiSZLURXZhn1Vcbxi6meUHhv5jcfAegGPx2e61QIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFJX/ray7wPqg3ecxHXqE0telV1+oMB8GA1UdIwQY
MBaAFJPs54Df2kOrSoQXJ+sg1x/HZSi8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvay16bmdOX2FRNnRLaEJjbjZ5RFhIOGRsS0x3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy83ZmE5NDMtOWVhNi00MDY4LWI2YWUt
YTRkNDEzZDdmODljLzEvbGYtdHJMdkEtcURkNXpFZGVvVFMxNlZYWDZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy83ZmE5NDMtOWVhNi00MDY4LWI2YWUtYTRkNDEzZDdmODlj
LzEvay16bmdOX2FRNnRLaEJjbjZ5RFhIOGRsS0x3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiAwQBPqmeMAwD
BABFE4kDBABFE4owDAMEArnYFAMEALnYFjANBgkqhkiG9w0BAQsFAAOCAQEANGqP
azlT9mjNjf/ytxs0FymLMlNasOBxkVaiRNS3x5Dw9Ovkz1zzig5q5Nlg5ljeKXhO
9PBiIA8Q0uNqiB+hlAIsmO0zFmDBGhK/ZL2ATSx7g7qDOCegOydUCoxqdCBn3qef
Gjh0Xnr0jhPdKV1DrPbHw3/UvAm0gETpdwfxkLaO7UO4isyXHQKoNSsK8rJaYGSV
+rF0s8haslwu4ymCk59AURpipKr/xNh2IaKxtdr4KMGyMw5F+WUN7/wSdBRZVXh+
UHsqWjHBoq3wQ7jMTsXNPNjgE4T2NL4xH1OhJ9nIvgxv9mZxaoIOT1rjNhGuXNla
cjqVRBYI3SCZcVKDEQ==
-----END CERTIFICATE-----
Generated at Thu Oct 9 03:44:35 2025 by rpki-client