Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/lxXVuzzUPXL8bs7W6nNiOwOCTwY.roa
File: lxXVuzzUPXL8bs7W6nNiOwOCTwY.roa (raw, json)
Hash identifier: 7u7enKytyDQUih6tJM5Hi2/pTgAISWsFOl93asd2vkI=
Subject key identifier: 97:15:D5:BB:3C:D4:3D:72:FC:6E:CE:D6:EA:73:62:3B:03:82:4F:06
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 0197F3EAA8A8D78022F62FDF92F254921E8B
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/lxXVuzzUPXL8bs7W6nNiOwOCTwY.roa
Signing time: Thu 10 Jul 2025 10:38:51 +0000
ROA not before: Thu 10 Jul 2025 10:38:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8772
IP address blocks: 62.205.128.0/19 maxlen: 20
62.205.132.0/24 maxlen: 24
62.205.134.0/24 maxlen: 24
62.205.144.0/20 maxlen: 20
62.205.152.0/24 maxlen: 24
62.205.159.0/24 maxlen: 24
94.131.0.0/23 maxlen: 23
94.131.0.0/24 maxlen: 24
94.131.4.0/24 maxlen: 24
94.131.6.0/24 maxlen: 24
94.131.7.0/24 maxlen: 24
94.131.21.0/24 maxlen: 24
94.131.22.0/24 maxlen: 24
94.131.124.0/24 maxlen: 24
94.131.127.0/24 maxlen: 24
195.214.212.0/22 maxlen: 22
2a01:d0::/29 maxlen: 48
2a01:d0::/32 maxlen: 32
2a01:d0:4::/48 maxlen: 48
2a01:d0:a::/48 maxlen: 48
2a01:d0:28::/48 maxlen: 48
2a01:d0:3b::/48 maxlen: 48
2a01:d0:43::/48 maxlen: 48
2a01:d0:105::/48 maxlen: 48
2a01:d0:303::/48 maxlen: 48
2a01:d0:305::/48 maxlen: 48
2a01:d0:308::/48 maxlen: 48
2a01:d0:317::/48 maxlen: 48
2a01:d0:31d::/48 maxlen: 48
2a01:d0:333::/48 maxlen: 48
2a01:d0:962::/48 maxlen: 48
2a01:d0:1657::/48 maxlen: 48
2a01:d0:7fff::/48 maxlen: 48
2a01:d0:8000::/33 maxlen: 33
2a01:d0:ffff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.mft
rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:f3:ea:a8:a8:d7:80:22:f6:2f:df:92:f2:54:92:1e:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Jul 10 10:38:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9715d5bb3cd43d72fc6eced6ea73623b03824f06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:9a:68:31:cc:2a:e8:04:f7:7c:1d:e5:c7:de:
96:d5:48:77:6a:5b:c4:7d:d9:be:88:c4:0c:7a:1f:
75:3e:05:2d:11:70:ff:12:7e:d2:19:05:6d:4a:72:
58:95:9a:6b:79:bd:dc:bd:87:f0:c2:62:9f:94:7a:
35:33:47:89:25:7e:13:0c:4e:33:9b:bc:da:37:a6:
5d:d6:77:ae:65:52:77:2c:f7:91:78:a1:e1:28:e0:
e1:00:42:aa:89:d2:de:a8:8c:b7:26:55:bd:e4:01:
59:fa:2a:3f:28:f6:27:1f:c7:38:40:11:44:ec:6b:
eb:e2:24:f5:f3:8e:8f:e6:a7:3a:78:b6:d6:a0:2e:
65:7d:87:e9:ad:35:91:98:46:63:1b:0f:5b:5c:91:
a7:6f:62:29:dd:cf:e7:05:ff:45:bc:c1:41:be:10:
84:3c:fb:cb:af:d9:50:9a:e9:73:8a:cc:d7:93:04:
0a:09:81:3d:93:60:9c:6b:7a:c8:70:27:2d:9e:b5:
cc:ef:23:c5:3f:fa:c2:ba:e2:10:67:4a:9d:aa:30:
35:51:58:e0:6c:93:e1:24:d0:37:9e:bc:cb:42:c9:
0f:59:f6:01:07:65:0a:81:d0:c9:a4:e3:ad:cb:99:
89:1b:af:38:e1:ee:91:26:4e:90:83:09:5d:7e:8f:
07:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:15:D5:BB:3C:D4:3D:72:FC:6E:CE:D6:EA:73:62:3B:03:82:4F:06
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/lxXVuzzUPXL8bs7W6nNiOwOCTwY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.205.128.0/19
94.131.0.0/23
94.131.4.0/24
94.131.6.0/23
94.131.21.0-94.131.22.255
94.131.124.0/24
94.131.127.0/24
195.214.212.0/22
IPv6:
2a01:d0::/29
Signature Algorithm: sha256WithRSAEncryption
a1:0a:57:0b:c3:f5:dc:f4:af:04:9b:32:08:7c:9b:1a:4b:bd:
73:d5:97:53:ff:7e:af:81:03:9e:5f:c8:e4:ec:c3:d3:1c:c5:
d7:16:79:1d:be:23:1d:06:91:60:92:fc:8c:f1:4f:9f:72:46:
25:44:ae:00:75:fb:74:55:86:0a:8d:7c:c8:44:56:c3:24:e9:
ba:e9:fd:1e:ff:fa:a2:fe:63:31:a9:78:ec:58:98:af:00:76:
f3:66:a8:11:65:d0:e6:68:68:23:b0:1a:96:08:7c:b7:63:36:
cb:7a:9f:da:f3:e9:ea:11:76:03:66:8f:2c:a4:3c:b9:7a:4d:
c5:ec:ce:0d:9e:36:ff:e7:e8:52:d8:bc:f6:25:61:60:9e:4a:
6e:f3:32:ad:43:0f:02:dd:d8:56:25:f5:74:17:63:9a:76:52:
14:95:17:ff:2f:07:7f:40:ac:f6:7f:a7:53:08:cb:c8:cf:3c:
bc:a2:d6:c0:7f:4b:2f:bc:22:1c:6a:20:97:83:83:e9:70:39:
8a:35:52:68:f1:7a:c3:c3:64:ff:db:17:71:95:a8:8d:79:3e:
ac:79:ef:64:14:47:18:63:02:de:31:a8:61:42:47:aa:85:c2:
7b:8f:bd:ad:1e:f5:01:9e:35:67:39:a9:c5:bd:d9:15:d3:a5:
07:af:18:94
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAZfz6qio14Ai9i/fkvJUkh6LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjUwNzEwMTAzODUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzE1ZDViYjNjZDQzZDcyZmM2ZWNlZDZlYTczNjIzYjAzODI0ZjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZpoMcwq6AT3fB3lx96W1Uh3alvE
fdm+iMQMeh91PgUtEXD/En7SGQVtSnJYlZpreb3cvYfwwmKflHo1M0eJJX4TDE4z
m7zaN6Zd1neuZVJ3LPeReKHhKODhAEKqidLeqIy3JlW95AFZ+io/KPYnH8c4QBFE
7Gvr4iT1846P5qc6eLbWoC5lfYfprTWRmEZjGw9bXJGnb2Ip3c/nBf9FvMFBvhCE
PPvLr9lQmulziszXkwQKCYE9k2Cca3rIcCctnrXM7yPFP/rCuuIQZ0qdqjA1UVjg
bJPhJNA3nrzLQskPWfYBB2UKgdDJpOOty5mJG6844e6RJk6Qgwldfo8HXwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFJcV1bs81D1y/G7O1upzYjsDgk8GMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvbHhYVnV6elVQWEw4YnM3VzZuTmlPd09DVHdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzA+BAIAATA4AwQFPs2AAwQB
XoMAAwQAXoMEAwQBXoMGMAwDBABegxUDBABegxYDBABeg3wDBABeg38DBALD1tQw
DQQCAAIwBwMFAyoBANAwDQYJKoZIhvcNAQELBQADggEBAKEKVwvD9dz0rwSbMgh8
mxpLvXPVl1P/fq+BA55fyOTsw9McxdcWeR2+Ix0GkWCS/IzxT59yRiVErgB1+3RV
hgqNfMhEVsMk6brp/R7/+qL+YzGpeOxYmK8AdvNmqBFl0OZoaCOwGpYIfLdjNst6
n9rz6eoRdgNmjyykPLl6TcXszg2eNv/n6FLYvPYlYWCeSm7zMq1DDwLd2FYl9XQX
Y5p2UhSVF/8vB39ArPZ/p1MIy8jPPLyi1sB/Sy+8IhxqIJeDg+lwOYo1UmjxesPD
ZP/bF3GVqI15Pqx572QURxhjAt4xqGFCR6qFwnuPva0e9QGeNWc5qcW92RXTpQev
GJQ=
-----END CERTIFICATE-----
Generated at Tue Jul 22 18:56:48 2025 by rpki-client