Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/LNoNmGDFQklAar5TnT_a2DeUWek.roa
File: LNoNmGDFQklAar5TnT_a2DeUWek.roa (raw, json)
Hash identifier: wgI395g0pDizwgkf8Jbw1xgOK75FIU6UUEcPX6ofaYk=
Subject key identifier: 2C:DA:0D:98:60:C5:42:49:40:6A:BE:53:9D:3F:DA:D8:37:94:59:E9
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 019A271B2AC20CC4A68E43D72CA054B6D391
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/LNoNmGDFQklAar5TnT_a2DeUWek.roa
Signing time: Mon 27 Oct 2025 19:18:03 +0000
ROA not before: Mon 27 Oct 2025 19:18:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 46.29.24.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.mft
rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 31 Oct 2025 19:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:27:1b:2a:c2:0c:c4:a6:8e:43:d7:2c:a0:54:b6:d3:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Oct 27 19:18:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2cda0d9860c54249406abe539d3fdad8379459e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:c4:c6:bf:fa:3d:a3:24:a7:2d:bd:b5:b8:00:
f2:be:d0:1f:3d:a3:ca:db:12:09:c6:90:be:ed:1d:
38:c8:77:14:bc:b0:fb:93:fc:75:76:88:90:23:7f:
14:42:09:44:ea:af:0c:4d:cf:b5:11:3e:1e:99:7f:
1a:87:b4:f5:25:3c:02:bb:24:cd:42:a9:f3:c6:ee:
11:e8:42:e2:6c:83:9b:c8:ad:6f:0a:6a:e5:67:af:
2f:82:2f:07:96:9b:90:98:43:02:6c:35:ed:4d:d6:
0e:71:01:aa:9a:d7:86:9c:e2:43:09:4e:3c:3e:21:
57:98:c2:74:53:8b:00:02:5a:9d:43:b6:4f:e5:a1:
10:60:73:28:63:c9:a3:29:13:42:27:7b:55:46:13:
94:da:dc:be:4b:d6:67:73:75:a1:a5:de:81:f7:cd:
aa:6d:0f:b8:2a:e7:b7:5d:66:3d:18:1c:8e:7b:41:
ee:d7:fe:38:a4:48:f5:fe:bc:7b:29:63:85:70:36:
07:d3:99:4c:e5:dc:20:34:eb:fd:85:f4:9c:9e:1a:
d3:2b:98:35:ec:33:c6:99:0a:80:62:18:c3:2d:19:
71:63:99:ab:d0:72:94:07:e4:26:eb:e9:a2:58:6b:
97:2a:0f:70:68:c9:07:40:73:0a:d6:5e:5d:11:dc:
1a:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:DA:0D:98:60:C5:42:49:40:6A:BE:53:9D:3F:DA:D8:37:94:59:E9
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/LNoNmGDFQklAar5TnT_a2DeUWek.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.29.24.0/24
Signature Algorithm: sha256WithRSAEncryption
66:33:e2:2c:90:d6:a7:09:cc:8b:ff:a7:9e:2f:63:3b:02:48:
06:39:3b:25:78:4b:52:87:bd:2f:88:83:37:da:56:6e:8a:ba:
ab:85:65:31:c8:fa:c7:46:88:38:af:59:95:e4:82:3a:54:a4:
b3:f3:31:01:a4:e9:e4:b7:de:dd:63:81:96:4c:9a:69:0b:63:
bf:6a:91:d8:1d:a5:cb:72:10:29:82:27:6d:ec:6b:9f:09:b7:
9d:d6:53:7d:f7:70:de:ce:5e:88:e2:a5:f6:38:7d:a9:91:41:
44:51:fe:cb:22:9c:6f:39:46:49:ee:0d:31:f3:55:07:74:73:
51:8b:85:4e:29:22:e7:13:cf:71:bd:82:65:16:45:fb:ee:18:
fe:5f:6e:02:45:6f:7e:86:6c:9a:dd:18:cf:b9:70:ac:9f:08:
d5:93:13:36:0d:0a:43:69:b8:cc:8d:de:94:50:06:fa:56:86:
7d:5c:27:f4:83:b3:4d:9f:3c:97:90:ef:7c:e9:c5:5d:4a:15:
19:2d:41:6e:8a:c1:b2:1d:8c:42:5c:e5:72:88:91:91:a5:25:
fc:37:96:9f:a7:49:d3:42:15:ea:ad:a4:65:aa:fc:50:8f:53:
b4:77:e3:06:11:ad:bd:95:20:6e:7c:61:e8:20:31:57:51:c0:
e6:bd:5d:58
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZonGyrCDMSmjkPXLKBUttORMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjUxMDI3MTkxODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyY2RhMGQ5ODYwYzU0MjQ5NDA2YWJlNTM5ZDNmZGFkODM3OTQ1OWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmMTGv/o9oySnLb21uADyvtAfPaPK
2xIJxpC+7R04yHcUvLD7k/x1doiQI38UQglE6q8MTc+1ET4emX8ah7T1JTwCuyTN
Qqnzxu4R6ELibIObyK1vCmrlZ68vgi8HlpuQmEMCbDXtTdYOcQGqmteGnOJDCU48
PiFXmMJ0U4sAAlqdQ7ZP5aEQYHMoY8mjKRNCJ3tVRhOU2ty+S9Znc3Whpd6B982q
bQ+4Kue3XWY9GByOe0Hu1/44pEj1/rx7KWOFcDYH05lM5dwgNOv9hfScnhrTK5g1
7DPGmQqAYhjDLRlxY5mr0HKUB+Qm6+miWGuXKg9waMkHQHMK1l5dEdwaowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCzaDZhgxUJJQGq+U50/2tg3lFnpMB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvTE5vTm1HREZRa2xBYXI1VG5UX2EyRGVVV2VrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALh0YMA0G
CSqGSIb3DQEBCwUAA4IBAQBmM+IskNanCcyL/6eeL2M7AkgGOTsleEtSh70viIM3
2lZuirqrhWUxyPrHRog4r1mV5II6VKSz8zEBpOnkt97dY4GWTJppC2O/apHYHaXL
chApgidt7GufCbed1lN993Dezl6I4qX2OH2pkUFEUf7LIpxvOUZJ7g0x81UHdHNR
i4VOKSLnE89xvYJlFkX77hj+X24CRW9+hmya3RjPuXCsnwjVkxM2DQpDabjMjd6U
UAb6VoZ9XCf0g7NNnzyXkO986cVdShUZLUFuisGyHYxCXOVyiJGRpSX8N5afp0nT
QhXqraRlqvxQj1O0d+MGEa29lSBufGHoIDFXUcDmvV1Y
-----END CERTIFICATE-----
Generated at Fri Oct 31 05:28:39 2025 by rpki-client