Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/4a293d-2ad3-4114-a2b1-1cc505501a0f/1/LVIJD49T-mpIvZxU62MTl9m9hkE.roa
File: LVIJD49T-mpIvZxU62MTl9m9hkE.roa (raw, json)
Hash identifier: YaoE67iYSNEdVd0kQd7kfsjxfRQdded3vy+Kv/LAgPk=
Subject key identifier: 2D:52:09:0F:8F:53:FA:6A:48:BD:9C:54:EB:63:13:97:D9:BD:86:41
Certificate issuer: /CN=f811fa5eff370bc36d0e3929625e3414081a2392
Certificate serial: 0196CFB0765FB1DBFB5C969BD33AC56DAE18
Authority key identifier: F8:11:FA:5E:FF:37:0B:C3:6D:0E:39:29:62:5E:34:14:08:1A:23:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-BH6Xv83C8NtDjkpYl40FAgaI5I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/4a293d-2ad3-4114-a2b1-1cc505501a0f/1/LVIJD49T-mpIvZxU62MTl9m9hkE.roa
Signing time: Wed 14 May 2025 16:46:10 +0000
ROA not before: Wed 14 May 2025 16:46:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42187
IP address blocks: 78.41.88.0/22 maxlen: 22
78.41.92.0/22 maxlen: 24
91.190.232.0/22 maxlen: 24
94.127.92.0/24 maxlen: 24
94.127.94.0/24 maxlen: 24
94.127.95.0/24 maxlen: 24
185.33.120.0/22 maxlen: 22
2a01:9f00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/4a293d-2ad3-4114-a2b1-1cc505501a0f/1/1-BH6Xv83C8NtDjkpYl40FAgaI5I.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/4a293d-2ad3-4114-a2b1-1cc505501a0f/1/1-BH6Xv83C8NtDjkpYl40FAgaI5I.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-BH6Xv83C8NtDjkpYl40FAgaI5I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 01:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:cf:b0:76:5f:b1:db:fb:5c:96:9b:d3:3a:c5:6d:ae:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f811fa5eff370bc36d0e3929625e3414081a2392
Validity
Not Before: May 14 16:46:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2d52090f8f53fa6a48bd9c54eb631397d9bd8641
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:eb:e6:71:49:b9:97:44:94:12:ac:78:45:d5:
d6:0a:42:3c:87:eb:25:83:a9:57:4a:2d:fe:69:26:
96:67:21:dd:f8:dd:68:ed:0e:08:ce:ca:0b:17:a4:
be:55:93:8f:8b:a8:48:a4:7e:78:37:b5:33:f9:0c:
e2:b7:e8:2e:83:f2:e5:a9:8c:04:67:19:87:b9:a4:
8d:47:11:85:bc:f8:b8:4c:10:b0:8c:a1:3a:89:71:
ba:bc:63:fb:0b:52:d0:84:d5:ab:2e:e3:89:b6:59:
59:ab:74:ed:e2:d8:70:1c:e9:9a:27:56:13:10:2d:
21:d9:df:07:42:dd:a8:ae:6a:1d:70:e6:b5:36:af:
5f:0f:a8:96:d5:bb:d7:6c:9d:0a:84:b7:98:d0:4a:
48:c6:fd:f9:2b:d5:f5:05:ad:9e:3e:6a:a6:fe:c5:
9a:4f:ac:d5:69:de:b6:09:73:cf:39:95:51:a5:7e:
96:32:26:9c:45:23:49:5c:38:4c:48:28:c2:8d:62:
96:57:ed:29:8a:8c:e0:82:37:d8:f0:64:5f:0b:9c:
32:a3:d2:37:f9:10:9b:49:30:e7:5d:4d:29:06:41:
b4:0a:c7:77:a1:7d:99:03:e5:e3:6c:49:d6:9f:1a:
6f:2f:63:e7:f5:c0:18:e2:29:cc:a8:3b:f5:d9:3d:
eb:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:52:09:0F:8F:53:FA:6A:48:BD:9C:54:EB:63:13:97:D9:BD:86:41
X509v3 Authority Key Identifier:
keyid:F8:11:FA:5E:FF:37:0B:C3:6D:0E:39:29:62:5E:34:14:08:1A:23:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-BH6Xv83C8NtDjkpYl40FAgaI5I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/4a293d-2ad3-4114-a2b1-1cc505501a0f/1/LVIJD49T-mpIvZxU62MTl9m9hkE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/4a293d-2ad3-4114-a2b1-1cc505501a0f/1/1-BH6Xv83C8NtDjkpYl40FAgaI5I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.41.88.0/21
91.190.232.0/22
94.127.92.0/24
94.127.94.0/23
185.33.120.0/22
IPv6:
2a01:9f00::/32
Signature Algorithm: sha256WithRSAEncryption
c1:4d:5f:8b:fa:9d:14:a5:18:ac:78:59:cd:22:49:2d:93:00:
de:31:7a:2d:61:ad:29:14:fb:59:cb:1e:58:4e:5e:b1:d0:85:
59:41:41:6e:46:13:22:2c:c2:55:31:fb:a3:5e:80:1d:f3:a2:
b5:08:b0:cc:c3:14:60:c1:3b:1e:2a:6c:f9:d3:03:9b:3e:c5:
d8:8c:ca:c7:e0:41:ef:eb:0e:dc:d9:bc:76:72:78:52:91:9c:
80:0f:c9:a9:32:a8:5a:de:65:ce:8d:9c:38:87:9a:d8:2b:55:
46:57:7d:49:5b:c0:fd:2b:39:2c:37:97:99:e1:25:64:43:5e:
74:1f:0e:e1:b4:c3:4c:e9:58:fb:fd:47:9f:bf:78:b4:d4:d4:
9a:f6:e4:97:f1:9a:13:e4:e2:37:08:aa:00:59:ec:18:f2:71:
7b:da:fa:8f:15:53:95:26:92:65:12:fe:74:93:f0:23:87:92:
af:25:d9:ac:30:02:86:01:6c:4e:e6:9b:21:6f:74:34:b1:d1:
ea:a0:c1:65:16:d5:ba:23:a7:ec:c9:1c:d0:a2:df:76:f2:c3:
d2:65:8c:53:aa:8a:1b:97:85:cb:e7:2b:f2:63:a3:2b:2e:7c:
a8:15:50:22:97:51:b1:d5:f0:01:69:b0:ca:b6:e4:0a:4c:d7:
9a:5b:b7:a6
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZbPsHZfsdv7XJab0zrFba4YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4MTFmYTVlZmYzNzBiYzM2ZDBlMzkyOTYyNWUzNDE0MDgx
YTIzOTIwHhcNMjUwNTE0MTY0NjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDUyMDkwZjhmNTNmYTZhNDhiZDljNTRlYjYzMTM5N2Q5YmQ4NjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuevmcUm5l0SUEqx4RdXWCkI8h+sl
g6lXSi3+aSaWZyHd+N1o7Q4IzsoLF6S+VZOPi6hIpH54N7Uz+Qzit+gug/LlqYwE
ZxmHuaSNRxGFvPi4TBCwjKE6iXG6vGP7C1LQhNWrLuOJtllZq3Tt4thwHOmaJ1YT
EC0h2d8HQt2ormodcOa1Nq9fD6iW1bvXbJ0KhLeY0EpIxv35K9X1Ba2ePmqm/sWa
T6zVad62CXPPOZVRpX6WMiacRSNJXDhMSCjCjWKWV+0piozggjfY8GRfC5wyo9I3
+RCbSTDnXU0pBkG0Csd3oX2ZA+XjbEnWnxpvL2Pn9cAY4inMqDv12T3rMQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFC1SCQ+PU/pqSL2cVOtjE5fZvYZBMB8GA1UdIwQY
MBaAFPgR+l7/NwvDbQ45KWJeNBQIGiOSMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1CSDZYdjgzQzhOdERqa3BZbDQwRkFnYUk1SS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmEvNGEyOTNkLTJhZDMtNDExNC1hMmIx
LTFjYzUwNTUwMWEwZi8xL0xWSUpENDlULW1wSXZaeFU2Mk1UbDltOWhrRS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNmEvNGEyOTNkLTJhZDMtNDExNC1hMmIxLTFjYzUwNTUwMWEw
Zi8xLzEtQkg2WHY4M0M4TnREamtwWWw0MEZBZ2FJNUkuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwRgYIKwYBBQUHAQcBAf8ENzA1MCQEAgABMB4DBANOKVgD
BAJbvugDBABef1wDBAFef14DBAK5IXgwDQQCAAIwBwMFACoBnwAwDQYJKoZIhvcN
AQELBQADggEBAMFNX4v6nRSlGKx4Wc0iSS2TAN4xei1hrSkU+1nLHlhOXrHQhVlB
QW5GEyIswlUx+6NegB3zorUIsMzDFGDBOx4qbPnTA5s+xdiMysfgQe/rDtzZvHZy
eFKRnIAPyakyqFreZc6NnDiHmtgrVUZXfUlbwP0rOSw3l5nhJWRDXnQfDuG0w0zp
WPv9R5+/eLTU1Jr25JfxmhPk4jcIqgBZ7BjycXva+o8VU5UmkmUS/nST8COHkq8l
2awwAoYBbE7mmyFvdDSx0eqgwWUW1bojp+zJHNCi33byw9JljFOqihuXhcvnK/Jj
oysufKgVUCKXUbHV8AFpsMq25ApM15pbt6Y=
-----END CERTIFICATE-----
Generated at Sun Jun 8 07:20:39 2025 by rpki-client