Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/Lz02jRbydFOXrXxrNni6xZrvZsY.roa
File: Lz02jRbydFOXrXxrNni6xZrvZsY.roa (raw, json)
Hash identifier: xsMNULiVcAk5PhUUZoZPd/HPjVt1se0gaZ5QPwiMvwQ=
Subject key identifier: 2F:3D:36:8D:16:F2:74:53:97:AD:7C:6B:36:78:BA:C5:9A:EF:66:C6
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 019720F93F018B9ADB9CD51A13EF4D3E0749
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/Lz02jRbydFOXrXxrNni6xZrvZsY.roa
Signing time: Fri 30 May 2025 11:34:54 +0000
ROA not before: Fri 30 May 2025 11:34:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48678
IP address blocks: 109.236.49.0/24 maxlen: 24
109.236.50.0/24 maxlen: 24
109.236.51.0/24 maxlen: 24
185.254.28.0/24 maxlen: 24
185.254.29.0/24 maxlen: 24
193.35.152.0/24 maxlen: 24
193.35.153.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.mft
rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 05:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:20:f9:3f:01:8b:9a:db:9c:d5:1a:13:ef:4d:3e:07:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: May 30 11:34:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2f3d368d16f2745397ad7c6b3678bac59aef66c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:53:5f:51:f8:f6:a5:0b:ae:94:d9:88:14:de:
e5:38:8d:6f:8c:ad:93:f4:58:d9:49:34:d1:71:ed:
92:b9:53:3a:e8:3b:74:25:55:f6:8f:be:c7:4d:6f:
a2:45:30:91:68:d1:3a:df:91:6f:1b:21:b8:c3:25:
fd:29:2b:27:a7:1e:a8:4f:e9:33:56:4d:5b:df:de:
08:ad:23:bf:ae:4e:93:5e:4f:8d:bd:77:32:a5:a4:
7f:07:64:88:54:41:14:7c:65:b2:67:08:9a:18:b0:
49:22:45:33:40:3d:3c:82:a5:68:0b:a7:3f:25:ac:
01:40:f8:98:dd:b7:dd:80:2f:36:c8:59:40:ad:d9:
1e:97:47:b4:04:33:7c:5c:e0:8b:6b:83:c2:d6:f3:
3e:63:73:b9:2b:a3:2f:cf:8e:85:b4:f7:a7:c1:56:
2b:57:cb:c8:1e:90:31:b3:77:39:ce:a5:60:3f:bd:
58:a3:ac:9f:1a:7e:c0:d9:18:08:79:d5:4b:7e:98:
62:f0:1f:36:6c:b4:6b:ed:d3:a3:09:10:8c:f9:f9:
cd:9f:74:bb:bb:f5:8c:22:f4:38:70:19:a7:b6:f7:
7a:3c:57:f7:7e:14:02:8b:dd:5b:26:78:e3:f4:b3:
c0:3f:74:00:7c:ef:ec:65:26:24:18:e6:8d:a1:c3:
0e:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:3D:36:8D:16:F2:74:53:97:AD:7C:6B:36:78:BA:C5:9A:EF:66:C6
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/Lz02jRbydFOXrXxrNni6xZrvZsY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.236.49.0-109.236.51.255
185.254.28.0/23
193.35.152.0/23
Signature Algorithm: sha256WithRSAEncryption
71:9c:19:9f:94:62:77:97:f8:bc:06:dd:02:61:81:f3:f0:00:
c6:61:cd:78:37:37:5f:f7:2c:33:75:8a:e2:b8:02:c0:95:66:
ed:3e:18:8c:83:4b:f4:3f:90:be:59:2f:01:e9:53:b4:a8:69:
ef:d9:98:9f:19:84:3b:85:46:1f:0c:a8:3e:1f:38:82:31:30:
12:79:44:32:35:77:b6:69:37:fa:86:4a:a2:0c:d3:53:d0:c1:
30:a2:87:e1:c1:4b:67:76:d0:07:8f:a9:a1:5e:54:3c:a6:7c:
1a:2f:c2:bc:5c:b8:a3:93:ff:9e:aa:df:67:84:4c:84:87:49:
c8:94:93:2d:0e:77:df:ae:bd:46:8f:bc:8e:79:65:4f:c5:39:
fe:c6:28:bd:42:fd:61:e7:65:c9:e2:7f:14:6e:48:10:e3:0a:
d7:90:b3:04:d1:78:61:85:a1:41:a2:f1:01:e5:3d:73:86:9c:
48:95:0d:64:c4:8b:9a:63:f4:36:31:af:4e:e0:da:da:cd:2a:
70:ce:c6:e2:37:66:3d:a7:c1:cf:20:16:60:73:6b:e8:3b:e4:
a1:ca:b4:ea:ef:22:b6:2f:0f:c4:a6:96:a1:25:de:05:6e:58:
55:2b:34:17:06:78:bc:b8:a5:83:b4:42:78:63:f0:d0:e6:54:
85:f3:0c:a4
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZcg+T8Bi5rbnNUaE+9NPgdJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjUwNTMwMTEzNDU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjNkMzY4ZDE2ZjI3NDUzOTdhZDdjNmIzNjc4YmFjNTlhZWY2NmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo1NfUfj2pQuulNmIFN7lOI1vjK2T
9FjZSTTRce2SuVM66Dt0JVX2j77HTW+iRTCRaNE635FvGyG4wyX9KSsnpx6oT+kz
Vk1b394IrSO/rk6TXk+NvXcypaR/B2SIVEEUfGWyZwiaGLBJIkUzQD08gqVoC6c/
JawBQPiY3bfdgC82yFlArdkel0e0BDN8XOCLa4PC1vM+Y3O5K6Mvz46FtPenwVYr
V8vIHpAxs3c5zqVgP71Yo6yfGn7A2RgIedVLfphi8B82bLRr7dOjCRCM+fnNn3S7
u/WMIvQ4cBmntvd6PFf3fhQCi91bJnjj9LPAP3QAfO/sZSYkGOaNocMOMwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFC89No0W8nRTl618azZ4usWa72bGMB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvTHowMmpSYnlkRk9Yclh4ck5uaTZ4WnJ2WnNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBABt7DED
BAJt7DADBAG5/hwDBAHBI5gwDQYJKoZIhvcNAQELBQADggEBAHGcGZ+UYneX+LwG
3QJhgfPwAMZhzXg3N1/3LDN1iuK4AsCVZu0+GIyDS/Q/kL5ZLwHpU7Soae/ZmJ8Z
hDuFRh8MqD4fOIIxMBJ5RDI1d7ZpN/qGSqIM01PQwTCih+HBS2d20AePqaFeVDym
fBovwrxcuKOT/56q32eETISHSciUky0Od9+uvUaPvI55ZU/FOf7GKL1C/WHnZcni
fxRuSBDjCteQswTReGGFoUGi8QHlPXOGnEiVDWTEi5pj9DYxr07g2trNKnDOxuI3
Zj2nwc8gFmBza+g75KHKtOrvIrYvD8SmlqEl3gVuWFUrNBcGeLy4pYO0Qnhj8NDm
VIXzDKQ=
-----END CERTIFICATE-----
Generated at Fri Jun 6 12:36:52 2025 by rpki-client