Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/lUeMGUvifxqfUCAFLYXlgdOVXnQ.roa
File: lUeMGUvifxqfUCAFLYXlgdOVXnQ.roa (raw, json)
Hash identifier: YZXY7XzA/Pp5wzVHKKfRoVIvZXziRzQ02f/tlWE9kwQ=
Subject key identifier: 95:47:8C:19:4B:E2:7F:1A:9F:50:20:05:2D:85:E5:81:D3:95:5E:74
Certificate issuer: /CN=8338ef41b2c0105a91ccbb9c89337faeb129ff84
Certificate serial: 019929193DB4737ACC77B7B20B6F058B8A05
Authority key identifier: 83:38:EF:41:B2:C0:10:5A:91:CC:BB:9C:89:33:7F:AE:B1:29:FF:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/lUeMGUvifxqfUCAFLYXlgdOVXnQ.roa
Signing time: Mon 08 Sep 2025 11:32:24 +0000
ROA not before: Mon 08 Sep 2025 11:32:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39150
IP address blocks: 91.196.136.0/24 maxlen: 24
91.196.137.0/24 maxlen: 24
93.179.120.0/24 maxlen: 24
95.85.83.128/25 maxlen: 25
95.181.213.0/24 maxlen: 24
109.196.133.0/24 maxlen: 24
195.182.8.0/24 maxlen: 24
2a04:8680::/32 maxlen: 32
2a04:8681::/32 maxlen: 32
2a09:d5c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/gzjvQbLAEFqRzLuciTN_rrEp_4Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/gzjvQbLAEFqRzLuciTN_rrEp_4Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Sep 2025 17:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:29:19:3d:b4:73:7a:cc:77:b7:b2:0b:6f:05:8b:8a:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8338ef41b2c0105a91ccbb9c89337faeb129ff84
Validity
Not Before: Sep 8 11:32:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=95478c194be27f1a9f5020052d85e581d3955e74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:4e:af:72:2e:71:fc:0d:35:90:41:71:51:79:
7d:74:83:00:e1:e5:d0:95:ed:25:ea:9e:b2:a0:f8:
fd:b0:77:15:37:c6:36:d6:80:56:94:81:33:cd:df:
74:cd:ae:ae:9b:0f:1a:3b:44:2a:80:44:07:54:13:
9b:79:86:fc:40:4f:83:52:82:18:29:49:60:a3:2c:
18:27:38:54:9d:29:fc:e2:c4:6a:d1:46:8d:81:28:
43:9d:87:3b:9b:fa:b3:11:16:a0:3b:35:81:96:71:
0e:54:4d:74:d7:02:4d:51:d5:b8:c5:8b:89:71:24:
1e:c5:dd:34:3d:bb:7f:75:2d:28:1c:8b:c5:31:98:
85:5c:f9:43:39:b5:5a:4c:35:49:8c:33:ec:05:a0:
f4:46:33:56:ef:f3:c2:38:9a:3b:3d:f6:a6:14:24:
83:e2:dc:26:9a:04:10:8e:f3:75:6e:6e:7f:7e:63:
7f:17:e0:96:17:f5:41:d7:54:b6:37:a4:30:b7:37:
a8:9a:be:b9:e8:79:48:d3:2f:b0:1c:e3:60:5d:ec:
86:45:e8:28:ef:e0:1b:09:05:b4:89:e5:60:41:0f:
e3:95:8a:4d:ae:91:64:c5:19:3a:6a:b0:45:5e:75:
5a:8c:73:84:7e:6b:10:48:f6:6e:15:22:ac:29:9f:
a5:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:47:8C:19:4B:E2:7F:1A:9F:50:20:05:2D:85:E5:81:D3:95:5E:74
X509v3 Authority Key Identifier:
keyid:83:38:EF:41:B2:C0:10:5A:91:CC:BB:9C:89:33:7F:AE:B1:29:FF:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/lUeMGUvifxqfUCAFLYXlgdOVXnQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/gzjvQbLAEFqRzLuciTN_rrEp_4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.196.136.0/23
93.179.120.0/24
95.85.83.128/25
95.181.213.0/24
109.196.133.0/24
195.182.8.0/24
IPv6:
2a04:8680::/31
2a09:d5c0::/32
Signature Algorithm: sha256WithRSAEncryption
67:1f:30:e5:97:c8:9c:25:90:75:84:5c:86:fc:a6:97:16:0f:
0b:4d:c9:3b:05:03:04:a7:05:90:51:0d:6a:37:04:0e:9e:b0:
0d:2e:aa:e2:6a:e5:f6:58:33:f1:5c:cb:8d:ec:3c:38:65:69:
7b:b7:5f:61:8c:77:43:a8:9c:3f:63:b3:36:da:7a:bc:e0:8c:
68:61:52:9c:70:76:5f:4f:01:dd:e7:10:37:a2:94:f7:87:4b:
27:ab:a6:0d:05:0d:7d:0d:8f:8b:f5:58:a8:70:63:4c:c2:df:
45:4c:d1:ac:5d:a4:f5:eb:cf:18:58:d8:65:1c:37:23:02:4a:
f2:43:57:a9:29:5c:93:64:91:6c:fd:65:b8:27:a1:d9:07:1e:
a2:8c:0e:76:ea:30:fc:10:8f:de:17:03:25:53:eb:b3:4d:cd:
bd:51:9e:51:09:54:4c:be:b7:8e:db:bf:99:01:73:19:78:2d:
d4:c8:99:33:4e:01:9d:f8:68:f3:1e:75:87:f6:c6:65:d8:d1:
2c:57:b6:9f:74:63:9b:91:47:45:6d:a8:0e:06:3d:cf:4d:53:
b5:e0:1f:03:22:ae:45:df:ba:f8:cb:f4:02:74:0c:d3:1c:69:
fc:e7:33:4b:81:99:0f:5a:20:24:ec:36:18:6f:5a:27:68:f9:
87:1b:e9:84
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAZkpGT20c3rMd7eyC28Fi4oFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzMzhlZjQxYjJjMDEwNWE5MWNjYmI5Yzg5MzM3ZmFlYjEy
OWZmODQwHhcNMjUwOTA4MTEzMjI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTQ3OGMxOTRiZTI3ZjFhOWY1MDIwMDUyZDg1ZTU4MWQzOTU1ZTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwE6vci5x/A01kEFxUXl9dIMA4eXQ
le0l6p6yoPj9sHcVN8Y21oBWlIEzzd90za6umw8aO0QqgEQHVBObeYb8QE+DUoIY
KUlgoywYJzhUnSn84sRq0UaNgShDnYc7m/qzERagOzWBlnEOVE101wJNUdW4xYuJ
cSQexd00Pbt/dS0oHIvFMZiFXPlDObVaTDVJjDPsBaD0RjNW7/PCOJo7PfamFCSD
4twmmgQQjvN1bm5/fmN/F+CWF/VB11S2N6Qwtzeomr656HlI0y+wHONgXeyGRego
7+AbCQW0ieVgQQ/jlYpNrpFkxRk6arBFXnVajHOEfmsQSPZuFSKsKZ+lpwIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFJVHjBlL4n8an1AgBS2F5YHTlV50MB8GA1UdIwQY
MBaAFIM470GywBBakcy7nIkzf66xKf+EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3pqdlFiTEFFRnFSekx1Y2lUTl9yckVwXzRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS80MGQ5OTYtYTJjZC00MWYxLWE3Mzgt
MjhmYzc3OTY3NzYzLzEvbFVlTUdVdmlmeHFmVUNBRkxZWGxnZE9WWG5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS80MGQ5OTYtYTJjZC00MWYxLWE3MzgtMjhmYzc3OTY3NzYz
LzEvZ3pqdlFiTEFFRnFSekx1Y2lUTl9yckVwXzRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzArBAIAATAlAwQBW8SIAwQA
XbN4AwUHX1VTgAMEAF+11QMEAG3EhQMEAMO2CDAUBAIAAjAOAwUBKgSGgAMFACoJ
1cAwDQYJKoZIhvcNAQELBQADggEBAGcfMOWXyJwlkHWEXIb8ppcWDwtNyTsFAwSn
BZBRDWo3BA6esA0uquJq5fZYM/Fcy43sPDhlaXu3X2GMd0OonD9jszbaerzgjGhh
Upxwdl9PAd3nEDeilPeHSyerpg0FDX0Nj4v1WKhwY0zC30VM0axdpPXrzxhY2GUc
NyMCSvJDV6kpXJNkkWz9ZbgnodkHHqKMDnbqMPwQj94XAyVT67NNzb1RnlEJVEy+
t47bv5kBcxl4LdTImTNOAZ34aPMedYf2xmXY0SxXtp90Y5uRR0VtqA4GPc9NU7Xg
HwMirkXfuvjL9AJ0DNMcafznM0uBmQ9aICTsNhhvWido+Ycb6YQ=
-----END CERTIFICATE-----
Generated at Sun Sep 14 02:30:05 2025 by rpki-client