Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/6b39bf-3640-4d2e-b22f-61cd618658c6/1/LZOyP8r3x8zItBlCJiR2Oe2hLRw.roa
File: LZOyP8r3x8zItBlCJiR2Oe2hLRw.roa (raw, json)
Hash identifier: ptlWNHRcQBtj91KkmUUskyC0BtqyIo6TBBD+R2rdU9Q=
Subject key identifier: 2D:93:B2:3F:CA:F7:C7:CC:C8:B4:19:42:26:24:76:39:ED:A1:2D:1C
Certificate issuer: /CN=0e110c97d5f2b1fb4d358288c0ea62af5f20c41a
Certificate serial: 019A2A00E9FB0F134D73404FB713683C2C88
Authority key identifier: 0E:11:0C:97:D5:F2:B1:FB:4D:35:82:88:C0:EA:62:AF:5F:20:C4:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DhEMl9XysftNNYKIwOpir18gxBo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/6b39bf-3640-4d2e-b22f-61cd618658c6/1/LZOyP8r3x8zItBlCJiR2Oe2hLRw.roa
Signing time: Tue 28 Oct 2025 08:48:14 +0000
ROA not before: Tue 28 Oct 2025 08:48:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58227
IP address blocks: 91.212.225.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/6b39bf-3640-4d2e-b22f-61cd618658c6/1/DhEMl9XysftNNYKIwOpir18gxBo.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/6b39bf-3640-4d2e-b22f-61cd618658c6/1/DhEMl9XysftNNYKIwOpir18gxBo.mft
rsync://rpki.ripe.net/repository/DEFAULT/DhEMl9XysftNNYKIwOpir18gxBo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:2a:00:e9:fb:0f:13:4d:73:40:4f:b7:13:68:3c:2c:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e110c97d5f2b1fb4d358288c0ea62af5f20c41a
Validity
Not Before: Oct 28 08:48:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2d93b23fcaf7c7ccc8b4194226247639eda12d1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:28:ab:85:15:f8:7e:bd:2a:00:41:fb:dc:08:
92:76:01:66:92:21:65:4d:6c:4b:a8:78:da:a8:59:
ba:43:d4:c9:2a:d5:3f:e2:6c:2f:97:0b:9c:24:40:
d7:87:99:14:06:68:ee:d7:a0:af:b9:13:05:e5:20:
15:25:f2:14:1d:ac:7e:37:e0:2f:66:36:e1:84:8d:
02:b2:1b:2c:40:51:a3:40:19:a0:c9:a8:8f:14:39:
e9:c7:10:95:74:c0:8b:3c:e8:cd:46:6f:5e:d9:4f:
e1:07:98:b8:69:d7:75:47:ca:a8:72:10:ca:df:c0:
c1:d2:67:17:de:f8:32:66:26:e8:f8:d3:e2:f9:28:
ba:8f:af:68:68:54:95:84:1e:4e:1f:d0:f3:47:aa:
20:5d:06:9b:54:15:b2:a8:c4:de:7f:e1:e2:c9:c2:
21:a1:40:26:69:6a:85:59:07:f3:1c:f4:b9:15:03:
8c:f8:75:69:62:7e:a4:ed:37:5a:af:ff:9c:24:c0:
f7:12:5c:55:7e:8b:07:3c:95:35:db:d1:79:d8:fa:
e1:be:bf:03:d1:f1:7b:73:53:e7:2e:b3:30:cc:b3:
55:88:35:81:4d:30:6b:64:f3:69:43:9a:cf:17:7c:
03:a9:af:0e:23:c5:47:29:f7:ed:41:e7:75:ca:a0:
59:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:93:B2:3F:CA:F7:C7:CC:C8:B4:19:42:26:24:76:39:ED:A1:2D:1C
X509v3 Authority Key Identifier:
keyid:0E:11:0C:97:D5:F2:B1:FB:4D:35:82:88:C0:EA:62:AF:5F:20:C4:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DhEMl9XysftNNYKIwOpir18gxBo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/6b39bf-3640-4d2e-b22f-61cd618658c6/1/LZOyP8r3x8zItBlCJiR2Oe2hLRw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/6b39bf-3640-4d2e-b22f-61cd618658c6/1/DhEMl9XysftNNYKIwOpir18gxBo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.212.225.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:85:71:9d:ad:ac:fe:be:71:d1:03:3d:44:6b:16:c5:e8:b2:
5f:08:3f:b5:e4:13:e3:93:da:92:a3:a7:ef:e9:4c:56:43:06:
da:eb:53:81:5e:6b:eb:ab:51:91:17:30:04:b0:93:eb:7b:85:
e7:8c:fc:7e:4e:41:e3:ba:aa:54:1d:86:fd:d7:78:58:7c:85:
1f:79:19:ea:30:7e:79:93:cf:27:58:c4:e2:3f:2e:e2:8c:6f:
82:d4:46:42:aa:84:df:d4:87:cf:03:ba:5e:13:20:71:2c:3d:
ed:17:3a:7a:82:25:08:50:f5:6d:4c:7b:ec:f2:3c:de:cd:64:
60:59:b6:31:20:76:a0:b9:b7:86:4c:26:6b:57:b3:b3:2f:e4:
cc:63:0b:06:ac:af:fc:8b:cc:ab:25:e1:b3:9e:74:ca:58:40:
bb:23:b4:63:34:60:b2:8f:c9:4b:4f:7c:e4:2b:08:7a:0e:a5:
ac:9f:c6:c5:f2:b6:7f:39:13:54:a9:e2:23:3f:18:26:84:28:
1e:ca:57:62:8f:21:1c:65:e7:d8:a9:2a:7a:9d:cd:cd:a8:4c:
40:19:1e:5c:bb:de:12:44:42:cc:9a:32:80:a8:ff:5b:52:a0:
33:4d:7f:e1:47:36:56:74:d5:6f:d0:2d:aa:e9:54:9e:b8:6d:
db:48:45:11
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZoqAOn7DxNNc0BPtxNoPCyIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlMTEwYzk3ZDVmMmIxZmI0ZDM1ODI4OGMwZWE2MmFmNWYy
MGM0MWEwHhcNMjUxMDI4MDg0ODE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDkzYjIzZmNhZjdjN2NjYzhiNDE5NDIyNjI0NzYzOWVkYTEyZDFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqCirhRX4fr0qAEH73AiSdgFmkiFl
TWxLqHjaqFm6Q9TJKtU/4mwvlwucJEDXh5kUBmju16CvuRMF5SAVJfIUHax+N+Av
ZjbhhI0CshssQFGjQBmgyaiPFDnpxxCVdMCLPOjNRm9e2U/hB5i4add1R8qochDK
38DB0mcX3vgyZibo+NPi+Si6j69oaFSVhB5OH9DzR6ogXQabVBWyqMTef+HiycIh
oUAmaWqFWQfzHPS5FQOM+HVpYn6k7Tdar/+cJMD3ElxVfosHPJU129F52Prhvr8D
0fF7c1PnLrMwzLNViDWBTTBrZPNpQ5rPF3wDqa8OI8VHKfftQed1yqBZdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC2Tsj/K98fMyLQZQiYkdjntoS0cMB8GA1UdIwQY
MBaAFA4RDJfV8rH7TTWCiMDqYq9fIMQaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGhFTWw5WHlzZnROTllLSXdPcGlyMThneEJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My82YjM5YmYtMzY0MC00ZDJlLWIyMmYt
NjFjZDYxODY1OGM2LzEvTFpPeVA4cjN4OHpJdEJsQ0ppUjJPZTJoTFJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My82YjM5YmYtMzY0MC00ZDJlLWIyMmYtNjFjZDYxODY1OGM2
LzEvRGhFTWw5WHlzZnROTllLSXdPcGlyMThneEJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9ThMA0G
CSqGSIb3DQEBCwUAA4IBAQBbhXGdraz+vnHRAz1EaxbF6LJfCD+15BPjk9qSo6fv
6UxWQwba61OBXmvrq1GRFzAEsJPre4XnjPx+TkHjuqpUHYb913hYfIUfeRnqMH55
k88nWMTiPy7ijG+C1EZCqoTf1IfPA7peEyBxLD3tFzp6giUIUPVtTHvs8jzezWRg
WbYxIHagubeGTCZrV7OzL+TMYwsGrK/8i8yrJeGznnTKWEC7I7RjNGCyj8lLT3zk
Kwh6DqWsn8bF8rZ/ORNUqeIjPxgmhCgeyldijyEcZefYqSp6nc3NqExAGR5cu94S
RELMmjKAqP9bUqAzTX/hRzZWdNVv0C2q6VSeuG3bSEUR
-----END CERTIFICATE-----
Generated at Tue Nov 11 16:49:22 2025 by rpki-client