Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/229650-8a01-4370-991e-b504c9ae9bbc/1/LTNH687avS-GxvMdJ-HPx6cwop4.roa
File: LTNH687avS-GxvMdJ-HPx6cwop4.roa (raw, json)
Hash identifier: zxKrezY3Lljpe1LKksT2FsAbzIoVghn3cyjHiR1yO9U=
Subject key identifier: 2D:33:47:EB:CE:DA:BD:2F:86:C6:F3:1D:27:E1:CF:C7:A7:30:A2:9E
Certificate issuer: /CN=123c3de61011de07101e14dc0727395171cb03ab
Certificate serial: 0196E2C20D7AC632C73E4D7959685EA44AF1
Authority key identifier: 12:3C:3D:E6:10:11:DE:07:10:1E:14:DC:07:27:39:51:71:CB:03:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ejw95hAR3gcQHhTcByc5UXHLA6s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/229650-8a01-4370-991e-b504c9ae9bbc/1/LTNH687avS-GxvMdJ-HPx6cwop4.roa
Signing time: Sun 18 May 2025 09:38:10 +0000
ROA not before: Sun 18 May 2025 09:38:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203459
IP address blocks: 185.122.255.0/24 maxlen: 24
185.133.224.0/24 maxlen: 24
185.133.225.0/24 maxlen: 24
185.133.227.0/24 maxlen: 24
2a06:7fc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/229650-8a01-4370-991e-b504c9ae9bbc/1/Ejw95hAR3gcQHhTcByc5UXHLA6s.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/229650-8a01-4370-991e-b504c9ae9bbc/1/Ejw95hAR3gcQHhTcByc5UXHLA6s.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ejw95hAR3gcQHhTcByc5UXHLA6s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 11 Jun 2025 14:55:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:e2:c2:0d:7a:c6:32:c7:3e:4d:79:59:68:5e:a4:4a:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=123c3de61011de07101e14dc0727395171cb03ab
Validity
Not Before: May 18 09:38:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2d3347ebcedabd2f86c6f31d27e1cfc7a730a29e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:d7:f7:65:d0:9a:ec:35:aa:1a:50:2c:d1:96:
9d:0e:9a:26:29:84:9a:f9:c4:d6:54:3e:57:bb:c3:
47:93:76:68:c1:f4:4b:9a:4c:35:73:3e:1c:fb:9a:
5d:ea:a3:59:c6:b4:99:3c:04:5d:88:b4:4d:f0:86:
a9:48:d1:0c:6e:0c:95:b5:7a:f9:2a:27:2a:3b:df:
9c:ec:83:dd:a9:14:b8:72:be:f4:f5:7e:4f:e2:69:
74:5c:b3:57:0a:86:45:ed:30:9d:5c:7b:d9:07:c4:
7d:cd:8f:75:a4:1f:bf:6e:88:03:04:77:e4:74:f7:
b5:f6:c6:4e:8c:5c:e9:57:4f:9b:e4:3f:38:86:bb:
ce:1d:4b:69:d9:c0:ee:4a:66:88:3f:2d:c5:16:8f:
63:fc:65:05:41:08:7e:2d:a0:3a:a7:4c:e4:cb:ac:
5c:fc:1d:0a:8b:b5:c0:89:7e:79:d4:e2:9e:b4:f9:
8e:ea:96:f8:9a:b7:b0:ff:89:ee:48:ed:de:6c:79:
cb:2b:f4:33:51:46:c4:5e:93:30:47:b1:0c:13:eb:
52:9c:a7:cb:07:3b:7c:30:9c:fb:38:78:43:eb:0e:
cc:7f:b6:5f:32:86:fc:a5:66:d7:81:aa:8f:42:4c:
c8:37:30:3a:b1:11:2c:56:15:b9:67:8b:c1:1f:47:
b0:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:33:47:EB:CE:DA:BD:2F:86:C6:F3:1D:27:E1:CF:C7:A7:30:A2:9E
X509v3 Authority Key Identifier:
keyid:12:3C:3D:E6:10:11:DE:07:10:1E:14:DC:07:27:39:51:71:CB:03:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ejw95hAR3gcQHhTcByc5UXHLA6s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/229650-8a01-4370-991e-b504c9ae9bbc/1/LTNH687avS-GxvMdJ-HPx6cwop4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/229650-8a01-4370-991e-b504c9ae9bbc/1/Ejw95hAR3gcQHhTcByc5UXHLA6s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.122.255.0/24
185.133.224.0/23
185.133.227.0/24
IPv6:
2a06:7fc0::/29
Signature Algorithm: sha256WithRSAEncryption
92:cc:20:8c:86:c8:e2:9e:bb:d1:46:e4:76:6c:6b:6a:b9:8f:
af:ef:8b:dd:14:d7:10:04:07:d5:10:83:da:86:29:b3:9f:9f:
6f:d9:89:63:78:0d:be:f2:47:e2:36:3b:94:d7:9c:f2:4c:81:
50:6c:17:4f:0e:50:a0:54:08:14:8e:5f:0b:30:4b:5a:ff:38:
f1:45:32:02:86:b0:5e:62:ed:44:60:41:94:95:8d:b7:87:19:
8d:7f:9e:fc:68:e3:de:c3:d7:10:bd:43:ca:ad:be:cd:92:82:
01:12:94:e8:bd:14:4a:32:5b:b2:a2:f1:4b:1e:f0:dd:c3:20:
14:42:d0:b9:2b:54:73:27:18:fb:e1:63:ee:4b:90:68:89:24:
6e:d1:c9:e6:82:2d:b0:88:2e:82:c2:66:a8:87:01:9e:5f:7e:
ab:cd:5f:b0:19:82:a5:80:d8:68:19:e5:b9:98:d2:73:32:8a:
c3:e5:24:61:7a:6e:96:bc:04:86:41:94:1c:ec:c3:29:e0:cb:
ed:3e:32:e5:b6:f2:d1:62:8d:28:27:7e:28:23:0f:f5:11:6c:
b0:4d:6c:7f:0a:ac:13:a5:bf:5b:37:03:82:fd:75:38:98:df:
88:1e:67:59:a4:2e:91:94:41:9f:e0:c5:97:e0:8a:ce:14:52:
35:40:f0:48
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZbiwg16xjLHPk15WWhepErxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyM2MzZGU2MTAxMWRlMDcxMDFlMTRkYzA3MjczOTUxNzFj
YjAzYWIwHhcNMjUwNTE4MDkzODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDMzNDdlYmNlZGFiZDJmODZjNmYzMWQyN2UxY2ZjN2E3MzBhMjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkNf3ZdCa7DWqGlAs0ZadDpomKYSa
+cTWVD5Xu8NHk3ZowfRLmkw1cz4c+5pd6qNZxrSZPARdiLRN8IapSNEMbgyVtXr5
KicqO9+c7IPdqRS4cr709X5P4ml0XLNXCoZF7TCdXHvZB8R9zY91pB+/bogDBHfk
dPe19sZOjFzpV0+b5D84hrvOHUtp2cDuSmaIPy3FFo9j/GUFQQh+LaA6p0zky6xc
/B0Ki7XAiX551OKetPmO6pb4mrew/4nuSO3ebHnLK/QzUUbEXpMwR7EME+tSnKfL
Bzt8MJz7OHhD6w7Mf7ZfMob8pWbXgaqPQkzINzA6sREsVhW5Z4vBH0ewVQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFC0zR+vO2r0vhsbzHSfhz8enMKKeMB8GA1UdIwQY
MBaAFBI8PeYQEd4HEB4U3AcnOVFxywOrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWp3OTVoQVIzZ2NRSGhUY0J5YzVVWEhMQTZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi8yMjk2NTAtOGEwMS00MzcwLTk5MWUt
YjUwNGM5YWU5YmJjLzEvTFROSDY4N2F2Uy1HeHZNZEotSFB4NmN3b3A0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi8yMjk2NTAtOGEwMS00MzcwLTk5MWUtYjUwNGM5YWU5YmJj
LzEvRWp3OTVoQVIzZ2NRSGhUY0J5YzVVWEhMQTZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAuXr/AwQB
uYXgAwQAuYXjMA0EAgACMAcDBQMqBn/AMA0GCSqGSIb3DQEBCwUAA4IBAQCSzCCM
hsjinrvRRuR2bGtquY+v74vdFNcQBAfVEIPahimzn59v2YljeA2+8kfiNjuU15zy
TIFQbBdPDlCgVAgUjl8LMEta/zjxRTIChrBeYu1EYEGUlY23hxmNf578aOPew9cQ
vUPKrb7NkoIBEpTovRRKMluyovFLHvDdwyAUQtC5K1RzJxj74WPuS5BoiSRu0cnm
gi2wiC6CwmaohwGeX36rzV+wGYKlgNhoGeW5mNJzMorD5SRhem6WvASGQZQc7MMp
4MvtPjLltvLRYo0oJ34oIw/1EWywTWx/CqwTpb9bNwOC/XU4mN+IHmdZpC6RlEGf
4MWX4IrOFFI1QPBI
-----END CERTIFICATE-----
Generated at Tue Jun 10 23:47:28 2025 by rpki-client