Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/LYw94c1kjQFFJc9uxjERWm3WaiA.roa
File: LYw94c1kjQFFJc9uxjERWm3WaiA.roa (raw, json)
Hash identifier: he3AE+sNOJeVLY8l0NuHKUkSnsQwCAuvucxQFM3oOPA=
Subject key identifier: 2D:8C:3D:E1:CD:64:8D:01:45:25:CF:6E:C6:31:11:5A:6D:D6:6A:20
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 01991FD51DC5ACF569826E8DDE4CE84951C9
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/LYw94c1kjQFFJc9uxjERWm3WaiA.roa
Signing time: Sat 06 Sep 2025 16:21:24 +0000
ROA not before: Sat 06 Sep 2025 16:21:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206077
IP address blocks: 45.80.81.0/24 maxlen: 24
201.49.191.0/24 maxlen: 24
217.26.188.0/22 maxlen: 22
217.26.188.0/23 maxlen: 23
217.26.188.0/24 maxlen: 24
217.26.189.0/24 maxlen: 24
217.76.252.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.mft
rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 22:03:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:1f:d5:1d:c5:ac:f5:69:82:6e:8d:de:4c:e8:49:51:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Sep 6 16:21:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2d8c3de1cd648d014525cf6ec631115a6dd66a20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:32:9e:63:22:e9:99:03:1e:74:81:30:db:3e:
49:a5:10:95:70:36:ba:f2:89:e0:c9:27:e2:cf:03:
e3:26:f2:03:ec:66:43:c8:37:9d:19:28:3e:54:b8:
76:b2:c4:2a:1f:61:9f:f5:05:bd:32:7f:f1:5d:e7:
9b:10:52:59:27:f5:a1:19:01:ea:f2:7a:3e:59:97:
4f:3f:7e:45:c2:4b:62:d3:e9:86:6a:eb:c4:98:f9:
9b:2e:88:26:a1:89:64:8d:2d:f9:ba:7c:93:0f:4c:
a0:4f:ac:9f:9e:68:a4:bb:f2:d4:b8:17:78:d8:5b:
77:6e:71:09:c8:43:16:57:ff:d4:5e:d2:8b:3b:49:
85:1b:04:c6:17:d1:6a:9c:7d:34:46:15:09:a6:01:
a3:f8:26:e4:03:58:dc:1a:8c:4a:3b:2a:ab:fb:55:
d0:aa:d7:5f:3e:eb:71:0b:de:9a:5a:a6:8a:23:00:
52:69:59:39:73:f5:33:5b:92:0f:3c:db:aa:21:fa:
63:06:7c:97:9f:14:8c:8e:3c:ff:e4:d3:a4:9f:60:
ca:37:42:44:17:65:f1:b4:4c:be:3d:df:fa:75:2e:
ab:36:7e:e0:3f:34:2d:8d:4c:d7:c9:a3:03:d2:0d:
6e:d2:71:55:7d:57:7e:e0:be:97:31:4c:0a:7f:c2:
fd:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:8C:3D:E1:CD:64:8D:01:45:25:CF:6E:C6:31:11:5A:6D:D6:6A:20
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/LYw94c1kjQFFJc9uxjERWm3WaiA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.80.81.0/24
201.49.191.0/24
217.26.188.0/22
217.76.252.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:b0:7a:f7:eb:bb:25:56:0c:53:8f:35:7b:8a:fe:b6:dd:3c:
73:f5:b8:60:88:37:00:08:52:d8:11:05:cc:fe:d7:8f:10:8f:
0b:f8:10:98:a7:84:54:35:e1:26:e5:69:23:9b:ef:de:fb:fc:
fb:5b:09:b4:53:ac:a8:ed:20:4e:1f:01:9e:e1:6c:63:34:41:
ac:3c:af:5c:64:a2:8d:45:76:f4:c2:f9:0a:15:10:17:c5:c7:
fe:2c:d4:ae:dd:6a:53:c4:3c:53:d4:10:5e:c5:2a:67:87:6d:
74:29:1d:3a:ff:45:d8:0f:6c:fd:5e:b7:a5:1c:e4:f4:b2:a8:
b0:8c:c3:e6:ea:e0:25:03:8e:2f:c5:1f:98:76:49:bb:a5:ab:
ea:70:ef:ab:7a:9d:be:a2:56:aa:44:4f:3f:02:e6:3b:83:c8:
1f:18:40:fc:4c:0d:fa:aa:7e:6c:22:6d:fd:2c:03:94:c9:4d:
62:d7:f1:e5:e0:f0:6d:f7:78:2d:54:47:d6:cb:9e:c3:7e:c9:
55:0d:05:ec:71:5d:7a:e1:c4:14:84:b0:01:d9:33:95:61:11:
2f:68:5d:b3:10:99:80:44:6a:82:d5:57:4b:77:62:54:d5:fe:
0e:57:fb:8d:09:74:86:64:96:17:d2:69:3a:0c:ee:de:e0:2b:
cb:7f:16:84
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZkf1R3FrPVpgm6N3kzoSVHJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjUwOTA2MTYyMTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDhjM2RlMWNkNjQ4ZDAxNDUyNWNmNmVjNjMxMTE1YTZkZDY2YTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArTKeYyLpmQMedIEw2z5JpRCVcDa6
8ongySfizwPjJvID7GZDyDedGSg+VLh2ssQqH2Gf9QW9Mn/xXeebEFJZJ/WhGQHq
8no+WZdPP35Fwkti0+mGauvEmPmbLogmoYlkjS35unyTD0ygT6yfnmiku/LUuBd4
2Ft3bnEJyEMWV//UXtKLO0mFGwTGF9FqnH00RhUJpgGj+CbkA1jcGoxKOyqr+1XQ
qtdfPutxC96aWqaKIwBSaVk5c/UzW5IPPNuqIfpjBnyXnxSMjjz/5NOkn2DKN0JE
F2XxtEy+Pd/6dS6rNn7gPzQtjUzXyaMD0g1u0nFVfVd+4L6XMUwKf8L9TwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFC2MPeHNZI0BRSXPbsYxEVpt1mogMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvTFl3OTRjMWtqUUZGSmM5dXhqRVJXbTNXYWlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALVBRAwQA
yTG/AwQC2Rq8AwQA2Uz8MA0GCSqGSIb3DQEBCwUAA4IBAQBKsHr367slVgxTjzV7
iv623Txz9bhgiDcACFLYEQXM/tePEI8L+BCYp4RUNeEm5Wkjm+/e+/z7Wwm0U6yo
7SBOHwGe4WxjNEGsPK9cZKKNRXb0wvkKFRAXxcf+LNSu3WpTxDxT1BBexSpnh210
KR06/0XYD2z9XrelHOT0sqiwjMPm6uAlA44vxR+Ydkm7pavqcO+rep2+olaqRE8/
AuY7g8gfGED8TA36qn5sIm39LAOUyU1i1/Hl4PBt93gtVEfWy57DfslVDQXscV16
4cQUhLAB2TOVYREvaF2zEJmARGqC1VdLd2JU1f4OV/uNCXSGZJYX0mk6DO7e4CvL
fxaE
-----END CERTIFICATE-----
Generated at Tue Sep 9 08:00:46 2025 by rpki-client