Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/6714e9-3435-4e9e-a5ab-eb51949af446/1/L-e-zboOd0EExBXLvbSt2An9q3Q.roa
File: L-e-zboOd0EExBXLvbSt2An9q3Q.roa (raw, json)
Hash identifier: 0pabBp9L9dI7nk3zp1L+efYrvlvpBkJqxMVrUl1c6Tk=
Subject key identifier: 2F:E7:BE:CD:BA:0E:77:41:04:C4:15:CB:BD:B4:AD:D8:09:FD:AB:74
Certificate issuer: /CN=f2f7b9cbbb8952ac3f196e7cd0b8a4dba5de11c3
Certificate serial: 019A7DB70524181668FCF157E0ABFC67DF11
Authority key identifier: F2:F7:B9:CB:BB:89:52:AC:3F:19:6E:7C:D0:B8:A4:DB:A5:DE:11:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8ve5y7uJUqw_GW580Lik26XeEcM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/6714e9-3435-4e9e-a5ab-eb51949af446/1/L-e-zboOd0EExBXLvbSt2An9q3Q.roa
Signing time: Thu 13 Nov 2025 14:55:37 +0000
ROA not before: Thu 13 Nov 2025 14:55:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44974
IP address blocks: 89.38.112.0/23 maxlen: 23
2a04:7d82::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/73/6714e9-3435-4e9e-a5ab-eb51949af446/1/8ve5y7uJUqw_GW580Lik26XeEcM.crl
rsync://rpki.ripe.net/repository/DEFAULT/73/6714e9-3435-4e9e-a5ab-eb51949af446/1/8ve5y7uJUqw_GW580Lik26XeEcM.mft
rsync://rpki.ripe.net/repository/DEFAULT/8ve5y7uJUqw_GW580Lik26XeEcM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 18 Nov 2025 17:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:7d:b7:05:24:18:16:68:fc:f1:57:e0:ab:fc:67:df:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f2f7b9cbbb8952ac3f196e7cd0b8a4dba5de11c3
Validity
Not Before: Nov 13 14:55:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2fe7becdba0e774104c415cbbdb4add809fdab74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:39:33:73:27:ef:b3:58:82:99:11:a3:77:c8:
da:4b:63:3f:bf:e2:4b:c4:e3:d0:8b:5e:ab:d7:74:
80:eb:eb:53:d4:63:62:f2:38:53:ca:2a:8f:a7:6e:
8a:1b:88:40:45:58:09:59:e2:cd:bd:d3:2a:1c:84:
be:8b:f9:41:85:01:1b:1e:a8:67:96:20:a1:fb:4d:
ea:07:cb:2a:47:36:da:f7:07:b6:ff:aa:c4:ff:4f:
45:41:0c:31:e9:0c:e3:a7:5a:8a:59:72:64:bf:9f:
1c:7a:70:9e:74:b7:d7:d4:1a:5a:c3:90:03:30:fd:
7b:fd:6d:e5:3a:6d:94:59:72:84:29:e6:cc:44:ed:
df:97:a1:6e:d4:f7:db:86:1a:8e:53:72:13:5e:c3:
9a:3f:92:54:78:c5:21:9c:b3:a6:02:18:68:8f:06:
25:6f:52:40:ba:e6:0f:26:02:74:77:e8:43:82:80:
2f:96:fa:7b:31:96:f5:da:f7:89:56:76:88:ef:fe:
5b:98:35:dd:c3:ce:66:79:b2:42:cc:09:3e:e8:11:
1b:f5:7c:a8:e6:e1:c1:07:84:14:7a:50:f6:4a:01:
a6:d0:bc:98:17:b2:a9:6f:9c:bf:3c:5b:48:34:3a:
d9:f1:a8:7b:85:6f:e2:34:b5:05:4e:7b:07:7f:1c:
15:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:E7:BE:CD:BA:0E:77:41:04:C4:15:CB:BD:B4:AD:D8:09:FD:AB:74
X509v3 Authority Key Identifier:
keyid:F2:F7:B9:CB:BB:89:52:AC:3F:19:6E:7C:D0:B8:A4:DB:A5:DE:11:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8ve5y7uJUqw_GW580Lik26XeEcM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/6714e9-3435-4e9e-a5ab-eb51949af446/1/L-e-zboOd0EExBXLvbSt2An9q3Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/6714e9-3435-4e9e-a5ab-eb51949af446/1/8ve5y7uJUqw_GW580Lik26XeEcM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.38.112.0/23
IPv6:
2a04:7d82::/32
Signature Algorithm: sha256WithRSAEncryption
12:3d:6e:51:b6:00:cb:3a:24:36:03:de:82:9c:58:f7:4e:56:
23:4b:5b:fa:ca:64:0d:83:b8:8c:19:9c:6a:6e:2b:24:86:74:
14:cb:6c:4f:b1:ac:d2:c5:77:2a:b8:98:39:15:a0:be:02:ab:
8b:6f:5d:5e:31:a0:50:75:d5:0d:b4:8f:01:5d:d1:b9:19:39:
62:06:50:0d:f0:97:37:5d:1d:19:7f:bd:41:cb:0c:b9:f6:74:
9f:72:1b:bd:2d:f4:b9:43:da:cd:ca:47:55:c8:57:d6:2b:19:
2a:a7:b7:fc:61:e7:47:e5:d1:52:b2:e4:f6:b7:3e:b7:80:ad:
58:17:9f:86:8a:cf:11:3c:f0:5a:d7:91:89:da:db:da:5b:cd:
3f:fa:a9:1d:35:3b:1a:3b:8e:37:25:99:00:0e:8f:67:fa:e1:
bb:c8:2f:0f:51:78:aa:fa:6d:f3:09:0a:01:0c:05:da:1e:ab:
d8:6e:47:0d:52:53:0f:4e:2a:96:b4:ae:00:49:0a:ac:15:5e:
a5:03:cb:8d:be:8e:91:53:5c:3f:32:ef:3f:09:b6:be:3e:ce:
3c:ad:89:9d:4c:85:be:23:24:20:14:4a:44:18:f9:b1:ca:76:
2c:cc:d0:f5:7d:7f:56:03:8d:7f:19:8e:a7:10:26:26:64:0c:
c3:a9:29:3c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZp9twUkGBZo/PFX4Kv8Z98RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyZjdiOWNiYmI4OTUyYWMzZjE5NmU3Y2QwYjhhNGRiYTVk
ZTExYzMwHhcNMjUxMTEzMTQ1NTM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmU3YmVjZGJhMGU3NzQxMDRjNDE1Y2JiZGI0YWRkODA5ZmRhYjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApDkzcyfvs1iCmRGjd8jaS2M/v+JL
xOPQi16r13SA6+tT1GNi8jhTyiqPp26KG4hARVgJWeLNvdMqHIS+i/lBhQEbHqhn
liCh+03qB8sqRzba9we2/6rE/09FQQwx6Qzjp1qKWXJkv58cenCedLfX1Bpaw5AD
MP17/W3lOm2UWXKEKebMRO3fl6Fu1PfbhhqOU3ITXsOaP5JUeMUhnLOmAhhojwYl
b1JAuuYPJgJ0d+hDgoAvlvp7MZb12veJVnaI7/5bmDXdw85mebJCzAk+6BEb9Xyo
5uHBB4QUelD2SgGm0LyYF7Kpb5y/PFtINDrZ8ah7hW/iNLUFTnsHfxwV9QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFC/nvs26DndBBMQVy720rdgJ/at0MB8GA1UdIwQY
MBaAFPL3ucu7iVKsPxlufNC4pNul3hHDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHZlNXk3dUpVcXdfR1c1ODBMaWsyNlhlRWNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My82NzE0ZTktMzQzNS00ZTllLWE1YWIt
ZWI1MTk0OWFmNDQ2LzEvTC1lLXpib09kMEVFeEJYTHZiU3QyQW45cTNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My82NzE0ZTktMzQzNS00ZTllLWE1YWItZWI1MTk0OWFmNDQ2
LzEvOHZlNXk3dUpVcXdfR1c1ODBMaWsyNlhlRWNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBWSZwMA0E
AgACMAcDBQAqBH2CMA0GCSqGSIb3DQEBCwUAA4IBAQASPW5RtgDLOiQ2A96CnFj3
TlYjS1v6ymQNg7iMGZxqbiskhnQUy2xPsazSxXcquJg5FaC+AquLb11eMaBQddUN
tI8BXdG5GTliBlAN8Jc3XR0Zf71Bywy59nSfchu9LfS5Q9rNykdVyFfWKxkqp7f8
YedH5dFSsuT2tz63gK1YF5+Gis8RPPBa15GJ2tvaW80/+qkdNTsaO443JZkADo9n
+uG7yC8PUXiq+m3zCQoBDAXaHqvYbkcNUlMPTiqWtK4ASQqsFV6lA8uNvo6RU1w/
Mu8/Cba+Ps48rYmdTIW+IyQgFEpEGPmxynYszND1fX9WA41/GY6nECYmZAzDqSk8
-----END CERTIFICATE-----
Generated at Tue Nov 18 02:19:16 2025 by rpki-client