Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7de65c-90f5-4def-b873-d2adeed755d8/1/LBcWD5ou-JbEcbsEhGVYMzrhTNI.roa
File: LBcWD5ou-JbEcbsEhGVYMzrhTNI.roa (raw, json)
Hash identifier: PDVa1GkzZvgxEeJen689y5nFnyXEpbCDgAusR0McEqE=
Subject key identifier: 2C:17:16:0F:9A:2E:F8:96:C4:71:BB:04:84:65:58:33:3A:E1:4C:D2
Certificate issuer: /CN=5954b6183e459748c89ee5431b8f31de692ae3b7
Certificate serial: 01991A3411D0ED4D04DC5C3E29ED98173883
Authority key identifier: 59:54:B6:18:3E:45:97:48:C8:9E:E5:43:1B:8F:31:DE:69:2A:E3:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WVS2GD5Fl0jInuVDG48x3mkq47c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7de65c-90f5-4def-b873-d2adeed755d8/1/LBcWD5ou-JbEcbsEhGVYMzrhTNI.roa
Signing time: Fri 05 Sep 2025 14:07:23 +0000
ROA not before: Fri 05 Sep 2025 14:07:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3257
IP address blocks: 212.11.0.0/24 maxlen: 24
212.11.6.0/24 maxlen: 24
212.11.9.0/24 maxlen: 24
212.11.10.0/24 maxlen: 24
212.11.13.0/24 maxlen: 24
212.11.44.0/24 maxlen: 24
212.11.48.0/24 maxlen: 24
212.11.49.0/24 maxlen: 24
212.11.52.0/24 maxlen: 24
212.11.55.0/24 maxlen: 24
212.11.56.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7de65c-90f5-4def-b873-d2adeed755d8/1/WVS2GD5Fl0jInuVDG48x3mkq47c.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7de65c-90f5-4def-b873-d2adeed755d8/1/WVS2GD5Fl0jInuVDG48x3mkq47c.mft
rsync://rpki.ripe.net/repository/DEFAULT/WVS2GD5Fl0jInuVDG48x3mkq47c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Sep 2025 04:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:1a:34:11:d0:ed:4d:04:dc:5c:3e:29:ed:98:17:38:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5954b6183e459748c89ee5431b8f31de692ae3b7
Validity
Not Before: Sep 5 14:07:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2c17160f9a2ef896c471bb04846558333ae14cd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:0d:c9:df:fa:99:ff:27:f1:b0:69:1b:ac:84:
c5:0a:af:1c:6b:17:d3:8e:63:5b:c4:78:40:f2:df:
83:a7:83:75:cc:16:68:6c:9f:bf:8e:de:b9:ce:25:
7e:13:40:dd:d0:ef:ca:d6:cf:59:b3:10:4b:b4:76:
12:2e:21:8a:94:f2:9f:69:cc:b0:b8:ef:b2:91:75:
89:23:48:4c:df:03:73:a1:0c:b5:81:e0:b3:6a:38:
cb:df:20:99:b2:aa:8e:ea:50:6c:2c:ab:5a:bd:86:
e9:cb:ab:11:66:aa:15:c1:08:4b:e4:26:c7:df:4b:
cb:20:9f:84:ac:f6:5d:d9:61:b0:81:f6:85:f0:88:
3c:6e:e0:2f:41:9a:79:e5:18:9b:41:3c:64:03:8d:
f3:17:dd:df:81:15:03:89:e3:3b:62:75:c2:e6:d5:
c8:37:c9:18:04:dc:36:27:1c:ef:4e:42:3e:15:0c:
6b:09:f2:32:03:6b:c8:a0:83:d2:6f:18:81:ff:fb:
d2:d7:65:d3:27:db:20:96:39:54:0b:c1:05:80:c0:
7e:13:c4:9d:d9:2d:4c:d8:a1:03:b5:7a:8b:29:07:
28:d1:9c:08:79:55:19:1d:87:e6:c7:2e:87:13:87:
91:ef:94:78:0c:5e:6b:2e:79:3b:a9:72:6e:85:77:
02:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:17:16:0F:9A:2E:F8:96:C4:71:BB:04:84:65:58:33:3A:E1:4C:D2
X509v3 Authority Key Identifier:
keyid:59:54:B6:18:3E:45:97:48:C8:9E:E5:43:1B:8F:31:DE:69:2A:E3:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WVS2GD5Fl0jInuVDG48x3mkq47c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7de65c-90f5-4def-b873-d2adeed755d8/1/LBcWD5ou-JbEcbsEhGVYMzrhTNI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7de65c-90f5-4def-b873-d2adeed755d8/1/WVS2GD5Fl0jInuVDG48x3mkq47c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.11.0.0/24
212.11.6.0/24
212.11.9.0-212.11.10.255
212.11.13.0/24
212.11.44.0/24
212.11.48.0/23
212.11.52.0/24
212.11.55.0-212.11.56.255
Signature Algorithm: sha256WithRSAEncryption
44:de:53:ac:7c:69:7c:94:15:97:76:99:b3:6c:c5:f1:82:7b:
89:76:bb:0d:66:f5:ca:ef:a6:8b:5b:6c:3f:fb:4f:4b:c5:2c:
4c:91:e9:fa:4a:84:23:11:82:66:bd:71:01:c1:95:3d:63:d4:
b1:59:86:14:2f:07:2c:ba:29:6c:53:9d:5b:f3:aa:6b:2b:a9:
81:b6:dd:ad:56:be:b4:33:84:9e:3d:4d:13:48:1e:0a:a7:92:
2b:dd:e7:a7:39:4d:70:86:cc:67:65:bc:0f:94:1a:2b:ff:04:
2b:fc:22:2f:43:d9:c8:27:e6:12:55:c1:a7:c8:0c:17:ca:65:
f3:ea:e3:88:96:06:0d:8b:4d:63:aa:4c:43:a4:16:7f:03:e0:
8b:bd:6d:fb:86:e1:c6:d6:dd:59:70:03:38:08:14:dd:c2:c2:
fb:43:17:be:20:5c:96:62:4b:95:d9:49:00:60:92:28:af:28:
ec:e8:09:20:e8:ed:ec:c0:c9:e4:d6:a8:43:fb:a9:55:06:9e:
8e:df:36:e4:e2:52:f1:b6:33:9a:01:e8:9e:3a:f0:52:d8:8c:
d1:33:46:41:17:1c:5b:ac:03:07:26:77:58:8c:60:46:6f:11:
10:a0:c1:2a:bc:0e:43:87:1d:76:ec:6b:ab:63:64:32:b4:ca:
7e:d3:f7:24
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAZkaNBHQ7U0E3Fw+Ke2YFziDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5NTRiNjE4M2U0NTk3NDhjODllZTU0MzFiOGYzMWRlNjky
YWUzYjcwHhcNMjUwOTA1MTQwNzIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzE3MTYwZjlhMmVmODk2YzQ3MWJiMDQ4NDY1NTgzMzNhZTE0Y2QyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsA3J3/qZ/yfxsGkbrITFCq8caxfT
jmNbxHhA8t+Dp4N1zBZobJ+/jt65ziV+E0Dd0O/K1s9ZsxBLtHYSLiGKlPKfacyw
uO+ykXWJI0hM3wNzoQy1geCzajjL3yCZsqqO6lBsLKtavYbpy6sRZqoVwQhL5CbH
30vLIJ+ErPZd2WGwgfaF8Ig8buAvQZp55RibQTxkA43zF93fgRUDieM7YnXC5tXI
N8kYBNw2JxzvTkI+FQxrCfIyA2vIoIPSbxiB//vS12XTJ9sgljlUC8EFgMB+E8Sd
2S1M2KEDtXqLKQco0ZwIeVUZHYfmxy6HE4eR75R4DF5rLnk7qXJuhXcCGwIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFCwXFg+aLviWxHG7BIRlWDM64UzSMB8GA1UdIwQY
MBaAFFlUthg+RZdIyJ7lQxuPMd5pKuO3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1ZTMkdENUZsMGpJbnVWREc0OHgzbWtxNDdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83ZGU2NWMtOTBmNS00ZGVmLWI4NzMt
ZDJhZGVlZDc1NWQ4LzEvTEJjV0Q1b3UtSmJFY2JzRWhHVllNenJoVE5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83ZGU2NWMtOTBmNS00ZGVmLWI4NzMtZDJhZGVlZDc1NWQ4
LzEvV1ZTMkdENUZsMGpJbnVWREc0OHgzbWtxNDdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAATBAAwQA1AsAAwQA
1AsGMAwDBADUCwkDBADUCwoDBADUCw0DBADUCywDBAHUCzADBADUCzQwDAMEANQL
NwMEANQLODANBgkqhkiG9w0BAQsFAAOCAQEARN5TrHxpfJQVl3aZs2zF8YJ7iXa7
DWb1yu+mi1tsP/tPS8UsTJHp+kqEIxGCZr1xAcGVPWPUsVmGFC8HLLopbFOdW/Oq
ayupgbbdrVa+tDOEnj1NE0geCqeSK93npzlNcIbMZ2W8D5QaK/8EK/wiL0PZyCfm
ElXBp8gMF8pl8+rjiJYGDYtNY6pMQ6QWfwPgi71t+4bhxtbdWXADOAgU3cLC+0MX
viBclmJLldlJAGCSKK8o7OgJIOjt7MDJ5NaoQ/upVQaejt825OJS8bYzmgHonjrw
UtiM0TNGQRccW6wDByZ3WIxgRm8REKDBKrwOQ4cdduxrq2NkMrTKftP3JA==
-----END CERTIFICATE-----
Generated at Sat Sep 6 13:54:21 2025 by rpki-client