Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/LHFZ_8A1nB1N8zjUml3ZrGoW2eU.roa
File: LHFZ_8A1nB1N8zjUml3ZrGoW2eU.roa (raw, json)
Hash identifier: Oe+QcIqHf/AMmU3db+4I1/thFEAqfc4bB9KsP1qHtj8=
Subject key identifier: 2C:71:59:FF:C0:35:9C:1D:4D:F3:38:D4:9A:5D:D9:AC:6A:16:D9:E5
Certificate issuer: /CN=19426325acb8ce609a686fa655b058968809b346
Certificate serial: 019A4A9534CAAFC0A2F2626B48A2194BFEFA
Authority key identifier: 19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/LHFZ_8A1nB1N8zjUml3ZrGoW2eU.roa
Signing time: Mon 03 Nov 2025 16:38:03 +0000
ROA not before: Mon 03 Nov 2025 16:38:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 55154
IP address blocks: 77.47.142.0/24 maxlen: 24
77.47.152.0/22 maxlen: 24
77.47.210.0/23 maxlen: 23
77.47.242.0/24 maxlen: 24
185.143.56.0/22 maxlen: 24
195.178.136.0/24 maxlen: 24
195.178.146.0/24 maxlen: 24
195.178.149.0/24 maxlen: 24
195.178.156.0/24 maxlen: 24
212.111.217.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4a:95:34:ca:af:c0:a2:f2:62:6b:48:a2:19:4b:fe:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19426325acb8ce609a686fa655b058968809b346
Validity
Not Before: Nov 3 16:38:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2c7159ffc0359c1d4df338d49a5dd9ac6a16d9e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:51:72:77:a0:14:7e:bb:fb:66:d7:7f:94:b9:
a8:8e:66:58:20:6f:e5:21:b5:d0:24:ba:fb:5b:07:
fd:56:03:18:f8:11:2e:92:f1:bd:79:c9:08:c2:ac:
a8:6a:0e:00:b9:6b:6b:ad:ee:b5:ca:b0:45:05:f8:
8d:24:11:e4:3e:2e:a2:79:7b:51:0b:ef:64:1d:53:
6e:b2:2b:d6:01:94:f3:21:3f:d3:33:90:5c:30:0c:
85:48:d4:8a:40:c3:b1:61:a3:d1:11:c4:0f:4c:a4:
07:3f:9d:04:c6:c4:21:9c:39:0a:3f:5e:21:a6:86:
69:a0:96:97:a8:77:56:95:e8:4f:4f:29:87:c1:8d:
6f:fa:c5:bb:04:e9:4d:66:85:e3:cf:c8:5d:8f:ce:
87:45:7e:81:62:34:ce:c7:82:3d:0e:1d:a0:78:da:
c9:b0:5b:9b:e9:4c:70:69:c2:0c:79:64:db:88:a6:
0b:64:70:c6:7d:d0:c2:6e:aa:61:d0:8e:d1:91:8e:
1e:a4:b6:0e:bd:f4:1e:39:7b:d9:57:0c:6e:a8:b6:
21:fd:f9:6e:e7:72:69:3a:cb:c6:30:a8:46:83:53:
bc:52:1c:4d:34:4a:a5:a4:4f:5e:84:7a:c8:6a:ac:
73:97:af:c1:8a:f9:85:5b:c5:a6:6d:f2:bb:66:f8:
c4:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:71:59:FF:C0:35:9C:1D:4D:F3:38:D4:9A:5D:D9:AC:6A:16:D9:E5
X509v3 Authority Key Identifier:
keyid:19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/LHFZ_8A1nB1N8zjUml3ZrGoW2eU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.47.142.0/24
77.47.152.0/22
77.47.210.0/23
77.47.242.0/24
185.143.56.0/22
195.178.136.0/24
195.178.146.0/24
195.178.149.0/24
195.178.156.0/24
212.111.217.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:0b:ba:6a:b1:62:2d:dd:b0:a2:f5:1b:ff:29:e1:db:14:7b:
35:5e:7d:6c:a8:c3:8f:1d:54:62:98:d9:fc:2d:df:b4:90:58:
1e:dc:d9:04:7b:49:e0:86:0f:47:d5:f8:d9:fa:cb:76:15:b3:
c7:c3:72:b4:b3:2d:e6:81:19:ae:d9:e7:09:72:79:40:16:2e:
c8:68:c3:46:22:59:45:ea:82:e7:97:70:5e:8e:12:03:27:b0:
9e:e5:65:7b:4a:a1:b6:35:5e:c8:75:15:8c:eb:c6:45:b6:65:
35:b5:37:f6:d7:d8:fb:20:74:bb:c7:33:8d:0d:14:0f:0e:bd:
b0:a8:1e:06:24:60:aa:ce:69:02:6b:ef:92:bf:81:c2:40:22:
df:cd:08:ff:6a:3d:fd:d4:6c:5b:cb:4c:dd:bd:33:bc:5c:b2:
17:dc:85:d4:b8:3e:f7:43:e5:d0:00:a7:bd:68:58:ab:bb:18:
33:a6:0c:bd:63:4c:7b:a5:75:af:22:0a:8c:0b:00:8c:5c:06:
98:a4:bb:49:0e:ef:c1:5d:9d:d6:b0:43:46:a8:9f:da:c3:0b:
2e:11:82:65:1b:35:45:3c:8a:bb:aa:5c:04:11:04:14:7c:58:
90:ab:f0:7a:1e:e4:f0:ab:bc:09:81:f7:77:d8:4d:4f:aa:eb:
f5:72:07:4e
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZpKlTTKr8Ci8mJrSKIZS/76MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NDI2MzI1YWNiOGNlNjA5YTY4NmZhNjU1YjA1ODk2ODgw
OWIzNDYwHhcNMjUxMTAzMTYzODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzcxNTlmZmMwMzU5YzFkNGRmMzM4ZDQ5YTVkZDlhYzZhMTZkOWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwFFyd6AUfrv7Ztd/lLmojmZYIG/l
IbXQJLr7Wwf9VgMY+BEukvG9eckIwqyoag4AuWtrre61yrBFBfiNJBHkPi6ieXtR
C+9kHVNusivWAZTzIT/TM5BcMAyFSNSKQMOxYaPREcQPTKQHP50ExsQhnDkKP14h
poZpoJaXqHdWlehPTymHwY1v+sW7BOlNZoXjz8hdj86HRX6BYjTOx4I9Dh2geNrJ
sFub6UxwacIMeWTbiKYLZHDGfdDCbqph0I7RkY4epLYOvfQeOXvZVwxuqLYh/flu
53JpOsvGMKhGg1O8UhxNNEqlpE9ehHrIaqxzl6/BivmFW8WmbfK7ZvjEzwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFCxxWf/ANZwdTfM41Jpd2axqFtnlMB8GA1UdIwQY
MBaAFBlCYyWsuM5gmmhvplWwWJaICbNGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQt
MDNmNGM3MTEzYzM0LzEvTEhGWl84QTFuQjFOOHpqVW1sM1pyR29XMmVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQtMDNmNGM3MTEzYzM0
LzEvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQATS+OAwQC
TS+YAwQBTS/SAwQATS/yAwQCuY84AwQAw7KIAwQAw7KSAwQAw7KVAwQAw7KcAwQA
1G/ZMA0GCSqGSIb3DQEBCwUAA4IBAQAMC7pqsWIt3bCi9Rv/KeHbFHs1Xn1sqMOP
HVRimNn8Ld+0kFge3NkEe0nghg9H1fjZ+st2FbPHw3K0sy3mgRmu2ecJcnlAFi7I
aMNGIllF6oLnl3BejhIDJ7Ce5WV7SqG2NV7IdRWM68ZFtmU1tTf219j7IHS7xzON
DRQPDr2wqB4GJGCqzmkCa++Sv4HCQCLfzQj/aj391Gxby0zdvTO8XLIX3IXUuD73
Q+XQAKe9aFiruxgzpgy9Y0x7pXWvIgqMCwCMXAaYpLtJDu/BXZ3WsENGqJ/awwsu
EYJlGzVFPIq7qlwEEQQUfFiQq/B6HuTwq7wJgfd32E1Pquv1cgdO
-----END CERTIFICATE-----
Generated at Tue Nov 4 17:12:24 2025 by rpki-client