Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/LMWHVctmfvvA2wgdJVAHRgQ50TI.roa
File: LMWHVctmfvvA2wgdJVAHRgQ50TI.roa (raw, json)
Hash identifier: 4Qw8ZH0YeLtu3JL9HyfQJb52vaJMYGvqmUzqj7paaS8=
Subject key identifier: 2C:C5:87:55:CB:66:7E:FB:C0:DB:08:1D:25:50:07:46:04:39:D1:32
Certificate issuer: /CN=dc94bb69453f139a60029e22db0fb3424a906cee
Certificate serial: 01992F72476C6E1160687DEB10A54DE997B8
Authority key identifier: DC:94:BB:69:45:3F:13:9A:60:02:9E:22:DB:0F:B3:42:4A:90:6C:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JS7aUU_E5pgAp4i2w-zQkqQbO4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/LMWHVctmfvvA2wgdJVAHRgQ50TI.roa
Signing time: Tue 09 Sep 2025 17:07:22 +0000
ROA not before: Tue 09 Sep 2025 17:07:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34661
IP address blocks: 91.200.248.0/22 maxlen: 24
94.45.32.0/21 maxlen: 24
94.45.32.0/22 maxlen: 24
94.45.36.0/22 maxlen: 24
94.45.60.0/22 maxlen: 24
193.43.224.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/3JS7aUU_E5pgAp4i2w-zQkqQbO4.crl
rsync://rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/3JS7aUU_E5pgAp4i2w-zQkqQbO4.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JS7aUU_E5pgAp4i2w-zQkqQbO4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 11 Sep 2025 20:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:2f:72:47:6c:6e:11:60:68:7d:eb:10:a5:4d:e9:97:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc94bb69453f139a60029e22db0fb3424a906cee
Validity
Not Before: Sep 9 17:07:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2cc58755cb667efbc0db081d255007460439d132
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:28:d8:5f:42:48:9d:4c:f4:5d:b7:40:a7:e7:
14:b9:3c:d6:e3:22:cf:6b:60:6b:1d:b4:9a:dd:a5:
7f:03:3f:85:3e:45:dd:86:ec:1b:8a:db:66:4b:81:
56:23:a7:76:9a:6d:24:78:19:95:32:b6:de:50:a4:
85:f0:64:91:f2:2c:c3:ca:d7:14:a0:1b:0d:1c:dd:
e8:ae:49:7a:7c:82:eb:1a:45:66:02:47:ce:be:4a:
89:e0:66:cc:97:0d:5f:57:43:f5:a4:a2:59:47:62:
d8:a4:7e:2e:b4:56:f5:49:b4:9c:c8:c7:04:47:b6:
8b:c1:58:fc:94:ff:9d:40:08:f6:ae:54:79:4c:9b:
11:dc:f4:3a:c1:f0:09:66:a2:70:30:71:e6:a1:dd:
bb:df:2b:33:5f:7a:c0:f0:d3:f4:2e:4d:36:43:7e:
09:54:4e:6b:c2:0b:18:e8:1d:8a:d0:a1:f7:5c:e9:
7d:2f:2d:67:75:2b:76:bc:8e:bd:99:5e:8d:6e:b4:
c7:f7:c7:f7:bf:fb:a3:68:d9:41:6c:27:d2:c8:1c:
a0:b1:21:5c:87:29:70:27:4c:0d:ef:9f:c9:1b:f6:
e9:84:e3:57:f6:2e:29:a7:4c:87:a7:fb:41:14:b5:
1e:a4:31:70:a8:59:44:83:d6:cb:10:8b:af:b8:2a:
9c:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:C5:87:55:CB:66:7E:FB:C0:DB:08:1D:25:50:07:46:04:39:D1:32
X509v3 Authority Key Identifier:
keyid:DC:94:BB:69:45:3F:13:9A:60:02:9E:22:DB:0F:B3:42:4A:90:6C:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JS7aUU_E5pgAp4i2w-zQkqQbO4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/LMWHVctmfvvA2wgdJVAHRgQ50TI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/3JS7aUU_E5pgAp4i2w-zQkqQbO4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.248.0/22
94.45.32.0/21
94.45.60.0/22
193.43.224.0/22
Signature Algorithm: sha256WithRSAEncryption
67:8f:b2:5d:42:81:66:55:36:be:63:3f:b2:ad:95:ab:86:5d:
62:16:fa:4b:5b:c6:27:da:8f:9f:6f:4f:5d:db:68:d9:55:a0:
c1:32:0b:ee:23:5c:68:a9:ba:13:ae:cc:70:13:ec:d4:72:fd:
f9:85:8f:dd:70:fe:97:83:34:31:91:22:73:0c:73:c7:e3:cc:
b4:1a:5b:c8:d0:ff:a7:a0:b6:0d:b1:7e:9d:b8:c6:2d:ad:2d:
d0:f0:64:43:f9:22:79:37:1f:b9:a8:16:a9:ff:40:99:35:3b:
c7:f2:82:8e:e8:a7:b5:16:2c:35:d5:63:0d:64:26:eb:98:76:
3c:a0:c8:15:42:a4:0d:7a:e7:90:4f:e1:5e:8b:f9:0a:c3:80:
c4:6f:b5:d7:0e:32:96:20:a1:85:9c:b1:96:f7:c0:28:84:fe:
3c:18:c5:b5:40:6c:6c:aa:53:11:11:bb:a2:93:18:57:e4:1f:
a2:b5:c0:a3:8a:10:a9:4e:5f:98:5d:ff:ff:2b:29:8e:94:49:
15:3c:bd:67:f2:c7:28:f2:0c:25:53:73:d0:2b:c0:85:c6:a7:
9e:9f:08:07:fb:54:29:ae:a6:83:f2:e8:af:1e:6c:5c:77:25:
35:1d:f3:3a:4e:7b:e0:a1:db:42:16:8a:0d:7c:14:1c:e4:f6:
06:ec:85:64
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZkvckdsbhFgaH3rEKVN6Ze4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjOTRiYjY5NDUzZjEzOWE2MDAyOWUyMmRiMGZiMzQyNGE5
MDZjZWUwHhcNMjUwOTA5MTcwNzIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyY2M1ODc1NWNiNjY3ZWZiYzBkYjA4MWQyNTUwMDc0NjA0MzlkMTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoyjYX0JInUz0XbdAp+cUuTzW4yLP
a2BrHbSa3aV/Az+FPkXdhuwbittmS4FWI6d2mm0keBmVMrbeUKSF8GSR8izDytcU
oBsNHN3orkl6fILrGkVmAkfOvkqJ4GbMlw1fV0P1pKJZR2LYpH4utFb1SbScyMcE
R7aLwVj8lP+dQAj2rlR5TJsR3PQ6wfAJZqJwMHHmod273yszX3rA8NP0Lk02Q34J
VE5rwgsY6B2K0KH3XOl9Ly1ndSt2vI69mV6NbrTH98f3v/ujaNlBbCfSyBygsSFc
hylwJ0wN75/JG/bphONX9i4pp0yHp/tBFLUepDFwqFlEg9bLEIuvuCqcnwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCzFh1XLZn77wNsIHSVQB0YEOdEyMB8GA1UdIwQY
MBaAFNyUu2lFPxOaYAKeItsPs0JKkGzuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0pTN2FVVV9FNXBnQXA0aTJ3LXpRa3FRYk80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9kMDQ1Y2EtYzFmNy00ZWQ5LWFmZGIt
MDkwYzQ2ZTlmMmVkLzEvTE1XSFZjdG1mdnZBMndnZEpWQUhSZ1E1MFRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9kMDQ1Y2EtYzFmNy00ZWQ5LWFmZGItMDkwYzQ2ZTlmMmVk
LzEvM0pTN2FVVV9FNXBnQXA0aTJ3LXpRa3FRYk80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCW8j4AwQD
Xi0gAwQCXi08AwQCwSvgMA0GCSqGSIb3DQEBCwUAA4IBAQBnj7JdQoFmVTa+Yz+y
rZWrhl1iFvpLW8Yn2o+fb09d22jZVaDBMgvuI1xoqboTrsxwE+zUcv35hY/dcP6X
gzQxkSJzDHPH48y0GlvI0P+noLYNsX6duMYtrS3Q8GRD+SJ5Nx+5qBap/0CZNTvH
8oKO6Ke1Fiw11WMNZCbrmHY8oMgVQqQNeueQT+Fei/kKw4DEb7XXDjKWIKGFnLGW
98AohP48GMW1QGxsqlMREbuikxhX5B+itcCjihCpTl+YXf//KymOlEkVPL1n8sco
8gwlU3PQK8CFxqeenwgH+1QprqaD8uivHmxcdyU1HfM6TnvgodtCFooNfBQc5PYG
7IVk
-----END CERTIFICATE-----
Generated at Wed Sep 10 22:36:46 2025 by rpki-client