Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/1-LwpGeh40S2rnKxO-f21dB03v8U.roa
File: 1-LwpGeh40S2rnKxO-f21dB03v8U.roa (raw, json)
Hash identifier: kassyQnHY0gEO77qgrXK/JgbR2qrcWH6Fda4sBAescg=
Subject key identifier: F8:BC:29:19:E8:78:D1:2D:AB:9C:AC:4E:F9:FD:B5:74:1D:37:BF:C5
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 01999AA97DDD9F63CF23D212C798C036D285
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/1-LwpGeh40S2rnKxO-f21dB03v8U.roa
Signing time: Tue 30 Sep 2025 12:47:03 +0000
ROA not before: Tue 30 Sep 2025 12:47:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2a05:9a40::/29 maxlen: 29
2a06:5fc0::/29 maxlen: 29
2a0b:ac00::/29 maxlen: 29
2a10:3c80::/29 maxlen: 29
2a10:3f80::/29 maxlen: 29
2a10:77c0::/29 maxlen: 29
2a13:b4c1::/32 maxlen: 32
2a13:b9c0::/29 maxlen: 29
2a13:bb40::/29 maxlen: 29
2a13:c240::/29 maxlen: 29
2a13:c340::/29 maxlen: 29
2a14:1100::/32 maxlen: 32
2a14:1101::/32 maxlen: 32
2a14:1102::/32 maxlen: 32
2a14:1103::/32 maxlen: 32
2a14:1104::/32 maxlen: 32
2a14:1105::/32 maxlen: 32
2a14:1106::/32 maxlen: 32
2a14:1107::/32 maxlen: 32
2a14:42c0::/29 maxlen: 29
2a14:62c0::/29 maxlen: 29
2a14:6a40::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 Oct 2025 07:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:9a:a9:7d:dd:9f:63:cf:23:d2:12:c7:98:c0:36:d2:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Sep 30 12:47:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f8bc2919e878d12dab9cac4ef9fdb5741d37bfc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:ea:77:16:77:ce:7f:4f:96:23:69:8a:72:b6:
6b:3a:27:50:9d:a6:f2:3e:10:2d:e5:6c:6b:72:ae:
b0:40:68:66:41:7a:1f:59:7b:9a:d4:1d:3c:59:9e:
29:6b:7e:ea:d1:ca:a9:31:a6:e9:a9:79:32:2e:28:
70:7a:1a:50:a4:9c:ec:32:a3:fc:ee:0f:d4:ed:2e:
2b:b2:02:d9:97:dd:7c:c8:6e:22:d6:d4:cd:0e:0f:
27:2a:10:37:36:85:de:fe:00:07:99:4b:12:11:f2:
43:fb:a1:58:f9:ec:9e:a1:e0:db:19:1d:74:f0:0f:
3a:3a:34:79:3e:e0:9a:45:1c:5a:7c:64:26:40:50:
54:d2:16:6c:27:39:d1:5e:6f:71:b9:7d:b8:19:65:
5c:49:c5:d0:77:10:87:2f:fc:f8:a4:95:77:45:42:
1d:b3:b7:0b:2d:4c:bb:55:78:86:c8:f3:48:36:c0:
fb:ca:db:b2:4f:af:ab:47:9b:3f:e6:28:a3:e7:9b:
3c:14:7d:02:bc:32:2e:45:19:74:70:82:eb:5b:49:
3d:24:66:e3:42:9f:d6:61:11:e8:a3:2f:78:37:eb:
c5:db:e1:b7:6f:ce:56:d0:ff:ee:2c:25:7e:16:10:
99:65:73:ba:c8:4c:04:10:17:96:21:e9:4b:32:bd:
51:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:BC:29:19:E8:78:D1:2D:AB:9C:AC:4E:F9:FD:B5:74:1D:37:BF:C5
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/1-LwpGeh40S2rnKxO-f21dB03v8U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:9a40::/29
2a06:5fc0::/29
2a0b:ac00::/29
2a10:3c80::/29
2a10:3f80::/29
2a10:77c0::/29
2a13:b4c1::/32
2a13:b9c0::/29
2a13:bb40::/29
2a13:c240::/29
2a13:c340::/29
2a14:1100::/29
2a14:42c0::/29
2a14:62c0::/29
2a14:6a40::/32
Signature Algorithm: sha256WithRSAEncryption
b5:86:24:94:a5:4c:dc:11:45:9d:90:e2:3f:0d:98:9d:a4:ff:
fc:bf:c4:2b:09:ff:05:91:6c:bd:c8:7a:08:b6:5f:39:a6:e3:
1c:5b:a7:74:31:bc:7a:49:b2:64:ba:bd:81:d2:7a:e2:f9:ef:
47:84:89:e2:8d:70:f6:fe:95:16:c2:b8:63:77:9e:0f:c0:d5:
4b:d4:75:85:59:ba:b2:2b:c7:f9:28:c1:cd:25:0f:80:f6:4b:
12:69:5b:ff:3b:f4:0d:45:4e:ab:9c:a1:50:8e:59:50:2d:ae:
0d:86:53:08:68:8a:07:c8:84:b4:5a:e7:7e:19:ba:d0:94:74:
85:8a:e5:23:01:83:a1:9b:18:b2:85:c5:d7:00:4b:66:04:6f:
fe:0d:21:64:6a:d6:2e:1f:1a:b9:9a:8f:f1:b8:4b:51:29:36:
bf:18:df:91:5e:8f:5d:bd:33:2f:5f:fe:cd:d1:db:e3:94:db:
6e:84:0d:3d:b0:49:b3:13:25:ce:1f:99:3b:5d:5f:bf:df:17:
82:87:56:59:39:01:f7:eb:6e:9a:8c:44:11:7b:4c:71:4e:0f:
22:58:b7:7d:54:ff:cb:c8:d6:23:e6:6a:e7:13:ab:42:e5:42:
ab:c4:a6:23:15:22:0a:4d:6b:06:84:ba:29:e6:70:e7:55:53:
d2:59:5e:de
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAZmaqX3dn2PPI9ISx5jANtKFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjUwOTMwMTI0NzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGJjMjkxOWU4NzhkMTJkYWI5Y2FjNGVmOWZkYjU3NDFkMzdiZmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxup3FnfOf0+WI2mKcrZrOidQnaby
PhAt5Wxrcq6wQGhmQXofWXua1B08WZ4pa37q0cqpMabpqXkyLihwehpQpJzsMqP8
7g/U7S4rsgLZl918yG4i1tTNDg8nKhA3NoXe/gAHmUsSEfJD+6FY+eyeoeDbGR10
8A86OjR5PuCaRRxafGQmQFBU0hZsJznRXm9xuX24GWVcScXQdxCHL/z4pJV3RUId
s7cLLUy7VXiGyPNINsD7ytuyT6+rR5s/5iij55s8FH0CvDIuRRl0cILrW0k9JGbj
Qp/WYRHooy94N+vF2+G3b85W0P/uLCV+FhCZZXO6yEwEEBeWIelLMr1RHQIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFPi8KRnoeNEtq5ysTvn9tXQdN7/FMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvMS1Md3BHZWg0MFMycm5LeE8tZjIxZEIwM3Y4VS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMWUvM2NhYTUxLTdhMjEtNDk5ZC1hNTQ1LWJhZmJkZmM4MTMy
YS8xL1R4UVJMUVhwMkhZVW5TZDQxSTdhcWpKTnNLVS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBggYIKwYBBQUHAQcBAf8EczBxMG8EAgACMGkDBQMqBZpA
AwUDKgZfwAMFAyoLrAADBQMqEDyAAwUDKhA/gAMFAyoQd8ADBQAqE7TBAwUDKhO5
wAMFAyoTu0ADBQMqE8JAAwUDKhPDQAMFAyoUEQADBQMqFELAAwUDKhRiwAMFACoU
akAwDQYJKoZIhvcNAQELBQADggEBALWGJJSlTNwRRZ2Q4j8NmJ2k//y/xCsJ/wWR
bL3Iegi2Xzmm4xxbp3QxvHpJsmS6vYHSeuL570eEieKNcPb+lRbCuGN3ng/A1UvU
dYVZurIrx/kowc0lD4D2SxJpW/879A1FTqucoVCOWVAtrg2GUwhoigfIhLRa534Z
utCUdIWK5SMBg6GbGLKFxdcAS2YEb/4NIWRq1i4fGrmaj/G4S1EpNr8Y35Fej129
My9f/s3R2+OU226EDT2wSbMTJc4fmTtdX7/fF4KHVlk5AffrbpqMRBF7THFODyJY
t31U/8vI1iPmaucTq0LlQqvEpiMVIgpNawaEuinmcOdVU9JZXt4=
-----END CERTIFICATE-----
Generated at Wed Oct 8 14:06:39 2025 by rpki-client