Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/LMWubVuf7cJuSG5rD2NRgzDK5TM.roa
File: LMWubVuf7cJuSG5rD2NRgzDK5TM.roa (raw, json)
Hash identifier: BApiahutiwbQpT3is1YK4Anf4y1KpsDk2PWh/oiETuo=
Subject key identifier: 2C:C5:AE:6D:5B:9F:ED:C2:6E:48:6E:6B:0F:63:51:83:30:CA:E5:33
Certificate issuer: /CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2
Certificate serial: 0197364CE304073079675006EBF506A61353
Authority key identifier: B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/LMWubVuf7cJuSG5rD2NRgzDK5TM.roa
Signing time: Tue 03 Jun 2025 14:58:17 +0000
ROA not before: Tue 03 Jun 2025 14:58:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12663
IP address blocks: 37.25.128.0/17 maxlen: 24
46.108.0.0/16 maxlen: 24
46.190.128.0/17 maxlen: 24
62.213.128.0/19 maxlen: 19
85.205.0.0/16 maxlen: 24
86.104.216.0/22 maxlen: 22
89.32.48.0/21 maxlen: 21
92.114.8.0/21 maxlen: 21
108.179.64.0/18 maxlen: 24
130.195.32.0/20 maxlen: 20
130.195.64.0/19 maxlen: 19
130.195.96.0/19 maxlen: 19
130.195.128.0/18 maxlen: 24
130.195.200.0/21 maxlen: 21
139.47.160.0/19 maxlen: 24
139.47.192.0/18 maxlen: 24
145.230.0.0/16 maxlen: 24
176.125.0.0/19 maxlen: 24
188.240.84.0/22 maxlen: 22
192.125.128.0/17 maxlen: 24
195.232.128.0/17 maxlen: 24
195.233.0.0/16 maxlen: 24
208.53.128.0/18 maxlen: 18
2a01:818:1000::/44 maxlen: 44
2a01:818:1060::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.mft
rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 17:19:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:36:4c:e3:04:07:30:79:67:50:06:eb:f5:06:a6:13:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2
Validity
Not Before: Jun 3 14:58:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2cc5ae6d5b9fedc26e486e6b0f63518330cae533
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:58:b5:d1:60:0d:19:a1:66:0c:7d:a3:b6:fb:
b5:dd:9b:bc:3b:8a:f9:c1:15:c4:bd:06:7e:a9:54:
7c:97:36:f5:5a:6e:a1:23:b2:19:ac:4a:4d:e8:73:
a2:19:3f:db:88:af:db:9c:e7:05:5f:d3:54:3b:87:
47:55:3c:ea:b7:82:1e:25:48:ea:bc:6b:d7:d9:50:
03:3e:b0:f2:56:89:77:00:0c:59:01:fc:d1:ee:fb:
5c:a4:4d:51:b5:45:19:b3:5b:28:80:4f:9f:98:5d:
ae:0e:55:46:35:86:87:6c:5f:ac:b0:e3:8f:94:9d:
66:d9:36:f4:c1:3d:2f:8d:f5:a3:bf:23:df:60:64:
17:b5:4c:25:61:ca:ae:aa:c8:b1:cb:44:64:ce:a6:
8a:0b:73:ab:5f:49:fe:dc:e5:d0:bd:87:c0:e6:ad:
d9:fc:50:4f:44:9f:3e:a8:7b:54:4b:e5:22:15:cc:
7c:72:6e:2f:b2:c5:78:54:bd:97:4c:c1:94:33:a6:
d2:e8:f0:fe:b0:36:77:6f:15:79:4a:18:37:78:2b:
a9:1c:fc:82:86:14:54:d6:4f:47:2f:6c:9a:53:82:
85:b1:a2:3f:93:45:bc:63:d7:79:e0:c6:1e:dc:15:
3e:24:84:44:b8:ed:8e:02:d8:8c:9b:86:e8:5e:1f:
2d:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:C5:AE:6D:5B:9F:ED:C2:6E:48:6E:6B:0F:63:51:83:30:CA:E5:33
X509v3 Authority Key Identifier:
keyid:B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/LMWubVuf7cJuSG5rD2NRgzDK5TM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.25.128.0/17
46.108.0.0/16
46.190.128.0/17
62.213.128.0/19
85.205.0.0/16
86.104.216.0/22
89.32.48.0/21
92.114.8.0/21
108.179.64.0/18
130.195.32.0/20
130.195.64.0-130.195.191.255
130.195.200.0/21
139.47.160.0-139.47.255.255
145.230.0.0/16
176.125.0.0/19
188.240.84.0/22
192.125.128.0/17
195.232.128.0-195.233.255.255
208.53.128.0/18
IPv6:
2a01:818:1000::/44
2a01:818:1060::/44
Signature Algorithm: sha256WithRSAEncryption
ac:67:b5:52:d4:c7:9e:f6:61:7c:77:55:1d:23:78:70:9b:14:
dd:c1:8d:ce:97:2b:9a:b3:54:7c:71:2e:71:8a:63:a6:11:54:
0a:dc:cd:fe:0e:51:69:59:ea:8c:49:f7:e4:77:51:16:49:d4:
98:48:a4:af:1f:7f:d8:27:65:91:7b:bb:aa:d0:c2:7d:fe:3f:
66:41:b5:a1:79:a2:c7:8f:da:98:cf:55:26:61:f0:81:0c:ee:
a3:66:40:29:45:d5:32:90:67:28:40:86:36:0a:b3:47:8f:1b:
52:f9:81:c1:e4:df:2e:4f:41:30:83:f4:43:ef:91:d8:72:11:
ae:8e:29:2e:be:5f:2d:77:cd:50:5c:52:97:11:87:0c:9d:a1:
05:7a:7c:7d:4a:72:77:d0:bf:e1:bb:b0:b7:46:d1:ba:96:1a:
3d:dc:14:ca:a3:04:8e:da:bb:53:3b:93:a7:b8:1e:a4:9b:25:
eb:48:2c:00:f9:6e:7d:91:99:f5:2d:48:8d:92:13:39:fb:c6:
b0:28:87:a8:26:6d:61:4a:9a:a6:bd:1f:52:ce:ca:8d:1a:49:
4c:f6:42:a7:8b:59:ef:d3:1f:f2:fa:00:73:d0:70:91:67:50:
a1:04:f0:c4:67:36:4b:b4:f2:76:f6:f9:03:66:a4:71:7b:fe:
a6:55:ae:10
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgISAZc2TOMEBzB5Z1AG6/UGphNTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzYTVkOTk4NjNkYjJlNDliNDRmNmMzMjRlYjA0Mzg4ZmM3
NTE1ZDIwHhcNMjUwNjAzMTQ1ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyY2M1YWU2ZDViOWZlZGMyNmU0ODZlNmIwZjYzNTE4MzMwY2FlNTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtVi10WANGaFmDH2jtvu13Zu8O4r5
wRXEvQZ+qVR8lzb1Wm6hI7IZrEpN6HOiGT/biK/bnOcFX9NUO4dHVTzqt4IeJUjq
vGvX2VADPrDyVol3AAxZAfzR7vtcpE1RtUUZs1sogE+fmF2uDlVGNYaHbF+ssOOP
lJ1m2Tb0wT0vjfWjvyPfYGQXtUwlYcquqsixy0RkzqaKC3OrX0n+3OXQvYfA5q3Z
/FBPRJ8+qHtUS+UiFcx8cm4vssV4VL2XTMGUM6bS6PD+sDZ3bxV5Shg3eCupHPyC
hhRU1k9HL2yaU4KFsaI/k0W8Y9d54MYe3BU+JIREuO2OAtiMm4boXh8t7QIDAQAB
o4ICpzCCAqMwHQYDVR0OBBYEFCzFrm1bn+3Cbkhuaw9jUYMwyuUzMB8GA1UdIwQY
MBaAFLOl2Zhj2y5JtE9sMk6wQ4j8dRXSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAt
ZWVjNWQ1MGVmYTk0LzEvTE1XdWJWdWY3Y0p1U0c1ckQyTlJnekRLNVRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAtZWVjNWQ1MGVmYTk0
LzEvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG8BggrBgEFBQcBBwEB/wSBrDCBqTCBjAQCAAEwgYUDBAcl
GYADAwAubAMEBy6+gAMEBT7VgAMDAFXNAwQCVmjYAwQDWSAwAwQDXHIIAwQGbLNA
AwQEgsMgMAwDBAaCw0ADBAaCw4ADBAOCw8gwCwMEBYsvoAMDBIsgAwMAkeYDBAWw
fQADBAK88FQDBAfAfYAwCwMEB8PogAMDAcPoAwQG0DWAMBgEAgACMBIDBwQqAQgY
EAADBwQqAQgYEGAwDQYJKoZIhvcNAQELBQADggEBAKxntVLUx572YXx3VR0jeHCb
FN3Bjc6XK5qzVHxxLnGKY6YRVArczf4OUWlZ6oxJ9+R3URZJ1JhIpK8ff9gnZZF7
u6rQwn3+P2ZBtaF5oseP2pjPVSZh8IEM7qNmQClF1TKQZyhAhjYKs0ePG1L5gcHk
3y5PQTCD9EPvkdhyEa6OKS6+Xy13zVBcUpcRhwydoQV6fH1KcnfQv+G7sLdG0bqW
Gj3cFMqjBI7au1M7k6e4HqSbJetILAD5bn2RmfUtSI2SEzn7xrAoh6gmbWFKmqa9
H1LOyo0aSUz2QqeLWe/TH/L6AHPQcJFnUKEE8MRnNku08nb2+QNmpHF7/qZVrhA=
-----END CERTIFICATE-----
Generated at Mon Jun 9 03:14:22 2025 by rpki-client