Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/lupOL9qqLysg0mnUx6C8i2JeLHI.roa
File: lupOL9qqLysg0mnUx6C8i2JeLHI.roa (raw, json)
Hash identifier: EfyA+Sh8l0uPBdYnXAoYnr9+KW83Fnvqu/9CGcABYvo=
Subject key identifier: 96:EA:4E:2F:DA:AA:2F:2B:20:D2:69:D4:C7:A0:BC:8B:62:5E:2C:72
Certificate issuer: /CN=b35002ba088d5bd09c1553dced5b0bf3907ff736
Certificate serial: 0199543221ACDB48BC715518EA3A3577CC0A
Authority key identifier: B3:50:02:BA:08:8D:5B:D0:9C:15:53:DC:ED:5B:0B:F3:90:7F:F7:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s1ACugiNW9CcFVPc7VsL85B_9zY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/lupOL9qqLysg0mnUx6C8i2JeLHI.roa
Signing time: Tue 16 Sep 2025 20:23:15 +0000
ROA not before: Tue 16 Sep 2025 20:23:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48108
IP address blocks: 31.222.227.0/24 maxlen: 24
176.53.146.0/23 maxlen: 23
185.235.230.0/24 maxlen: 24
2001:678:e30::/48 maxlen: 48
2a0a:2e80::/32 maxlen: 32
2a0a:2e81::/32 maxlen: 32
2a0a:2e81::/36 maxlen: 36
2a0a:2e82::/32 maxlen: 32
2a11:7e40::/48 maxlen: 48
2a11:7e40:1::/48 maxlen: 48
2a11:7e40:2::/48 maxlen: 48
2a11:7e40:3::/48 maxlen: 48
2a11:8480::/32 maxlen: 32
2a11:8481::/32 maxlen: 32
2a11:8482::/32 maxlen: 32
2a12:6702::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/s1ACugiNW9CcFVPc7VsL85B_9zY.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/s1ACugiNW9CcFVPc7VsL85B_9zY.mft
rsync://rpki.ripe.net/repository/DEFAULT/s1ACugiNW9CcFVPc7VsL85B_9zY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 23 Oct 2025 02:00:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:54:32:21:ac:db:48:bc:71:55:18:ea:3a:35:77:cc:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b35002ba088d5bd09c1553dced5b0bf3907ff736
Validity
Not Before: Sep 16 20:23:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=96ea4e2fdaaa2f2b20d269d4c7a0bc8b625e2c72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:09:58:e3:94:46:ea:97:5a:3d:b4:07:e1:49:
e2:27:81:cf:7e:a3:2c:dc:7e:60:04:c2:a2:8d:f3:
a2:52:a5:dd:ef:f3:52:7e:f3:44:38:2e:7a:46:f1:
a4:a1:07:0c:4d:f9:99:61:52:bc:52:9c:1d:15:27:
44:7e:36:b2:fb:5b:83:9c:4b:77:11:4a:9e:49:e8:
fc:80:9c:f1:91:b8:98:fd:19:1e:bf:dd:81:0c:e4:
2e:52:c8:da:0e:7d:76:cc:d3:3c:3d:20:be:6b:cf:
88:fe:1b:d3:90:91:1d:d6:07:a5:d7:82:fa:53:9d:
da:5b:9c:c5:6d:43:37:97:a4:38:bd:56:52:9c:8a:
f8:2f:00:3d:a8:37:69:26:de:f8:ef:b3:93:b4:13:
01:5b:d1:94:b7:16:e5:b2:2c:e7:7e:86:48:ac:6c:
62:33:36:d6:65:30:9a:74:e9:8e:23:cc:1a:1e:fe:
10:c0:7f:c6:e4:c1:78:fa:b0:41:6a:22:3b:e0:0a:
90:b6:13:8d:0a:1e:ba:1d:36:4f:64:07:11:75:87:
19:f7:7a:da:cf:7d:ba:29:35:40:f0:22:f8:e4:eb:
3c:75:91:7e:06:60:1b:0d:19:c8:3b:9c:b9:4c:1a:
f5:99:ef:1d:31:d1:bc:f6:96:f1:e2:46:5a:f7:80:
2d:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:EA:4E:2F:DA:AA:2F:2B:20:D2:69:D4:C7:A0:BC:8B:62:5E:2C:72
X509v3 Authority Key Identifier:
keyid:B3:50:02:BA:08:8D:5B:D0:9C:15:53:DC:ED:5B:0B:F3:90:7F:F7:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s1ACugiNW9CcFVPc7VsL85B_9zY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/lupOL9qqLysg0mnUx6C8i2JeLHI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/s1ACugiNW9CcFVPc7VsL85B_9zY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.222.227.0/24
176.53.146.0/23
185.235.230.0/24
IPv6:
2001:678:e30::/48
2a0a:2e80::-2a0a:2e82:ffff:ffff:ffff:ffff:ffff:ffff
2a11:7e40::/46
2a11:8480::-2a11:8482:ffff:ffff:ffff:ffff:ffff:ffff
2a12:6702::/32
Signature Algorithm: sha256WithRSAEncryption
8c:f9:d2:5e:9e:69:60:ef:bf:e6:2b:43:ef:30:98:ae:28:a9:
a5:50:ce:5b:e1:14:12:20:8a:4d:2b:1e:54:dd:99:34:b0:53:
c0:25:4d:7b:2f:6b:39:30:e7:28:bf:1a:9c:39:67:f1:8f:50:
44:97:dc:52:b7:b1:5e:dc:57:23:bd:88:73:ef:d1:c3:c9:62:
e5:73:5e:cd:ae:97:bf:b0:18:06:27:8a:34:69:97:07:bc:75:
88:31:94:23:a4:db:58:fe:56:78:1d:77:20:f0:de:13:1e:55:
eb:d7:c7:ad:79:6b:f6:5e:a7:5e:a5:a4:8c:f0:f3:c3:75:db:
7d:c3:4a:af:1e:19:a8:4d:78:09:70:18:67:f9:71:02:d3:a5:
d9:f8:11:67:df:5a:18:57:80:86:26:7e:2f:bc:98:24:c8:7e:
55:44:0d:35:f8:12:8b:ed:9b:73:9d:02:f6:d0:bc:a6:11:29:
b0:68:90:be:0d:0f:90:21:c8:34:9c:18:1a:e1:0d:1f:c7:10:
db:40:14:0f:82:51:33:fd:af:67:b1:31:40:42:cd:47:42:bc:
98:d5:c7:5b:0a:63:b4:c4:ef:b0:0b:f5:d0:c4:86:99:ef:44:
14:b8:05:2b:2e:ec:68:1e:e4:46:5d:32:e0:a6:94:4f:c2:b1:
3e:f9:ec:0b
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgISAZlUMiGs20i8cVUY6jo1d8wKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzNTAwMmJhMDg4ZDViZDA5YzE1NTNkY2VkNWIwYmYzOTA3
ZmY3MzYwHhcNMjUwOTE2MjAyMzE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmVhNGUyZmRhYWEyZjJiMjBkMjY5ZDRjN2EwYmM4YjYyNWUyYzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvAlY45RG6pdaPbQH4UniJ4HPfqMs
3H5gBMKijfOiUqXd7/NSfvNEOC56RvGkoQcMTfmZYVK8UpwdFSdEfjay+1uDnEt3
EUqeSej8gJzxkbiY/Rkev92BDOQuUsjaDn12zNM8PSC+a8+I/hvTkJEd1gel14L6
U53aW5zFbUM3l6Q4vVZSnIr4LwA9qDdpJt7477OTtBMBW9GUtxblsiznfoZIrGxi
MzbWZTCadOmOI8waHv4QwH/G5MF4+rBBaiI74AqQthONCh66HTZPZAcRdYcZ93ra
z326KTVA8CL45Os8dZF+BmAbDRnIO5y5TBr1me8dMdG89pbx4kZa94AtKwIDAQAB
o4ICVjCCAlIwHQYDVR0OBBYEFJbqTi/aqi8rINJp1MegvItiXixyMB8GA1UdIwQY
MBaAFLNQAroIjVvQnBVT3O1bC/OQf/c2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczFBQ3VnaU5XOUNjRlZQYzdWc0w4NUJfOXpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9mZTRiMDYtZmMyZS00YmNiLTg3N2Ut
YWYxZWYxZDdhZmI4LzEvbHVwT0w5cXFMeXNnMG1uVXg2QzhpMkplTEhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9mZTRiMDYtZmMyZS00YmNiLTg3N2UtYWYxZWYxZDdhZmI4
LzEvczFBQ3VnaU5XOUNjRlZQYzdWc0w4NUJfOXpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGwGCCsGAQUFBwEHAQH/BF0wWzAYBAIAATASAwQAH97jAwQB
sDWSAwQAuevmMD8EAgACMDkDBwAgAQZ4DjAwDgMFByoKLoADBQAqCi6CAwcCKhF+
QAAAMA4DBQcqEYSAAwUAKhGEggMFACoSZwIwDQYJKoZIhvcNAQELBQADggEBAIz5
0l6eaWDvv+YrQ+8wmK4oqaVQzlvhFBIgik0rHlTdmTSwU8AlTXsvazkw5yi/Gpw5
Z/GPUESX3FK3sV7cVyO9iHPv0cPJYuVzXs2ul7+wGAYnijRplwe8dYgxlCOk21j+
VngddyDw3hMeVevXx615a/Zep16lpIzw88N1233DSq8eGahNeAlwGGf5cQLTpdn4
EWffWhhXgIYmfi+8mCTIflVEDTX4Eovtm3OdAvbQvKYRKbBokL4ND5AhyDScGBrh
DR/HENtAFA+CUTP9r2exMUBCzUdCvJjVx1sKY7TE77AL9dDEhpnvRBS4BSsu7Gge
5EZdMuCmlE/CsT757As=
-----END CERTIFICATE-----
Generated at Wed Oct 22 10:00:45 2025 by rpki-client