Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/LNm0XrP2z6i6vLfmJYewvBT9PvU.roa
File: LNm0XrP2z6i6vLfmJYewvBT9PvU.roa (raw, json)
Hash identifier: YyvrtiGcoYu0+nlah0OZoeDTEpOHiu2k3Z8adq3H5Hk=
Subject key identifier: 2C:D9:B4:5E:B3:F6:CF:A8:BA:BC:B7:E6:25:87:B0:BC:14:FD:3E:F5
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0196CFAAF7F50D4D33B4E901855ED61BC366
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/LNm0XrP2z6i6vLfmJYewvBT9PvU.roa
Signing time: Wed 14 May 2025 16:40:10 +0000
ROA not before: Wed 14 May 2025 16:40:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6079
IP address blocks: 2a06:35c1::/32 maxlen: 32
2a07:a300::/29 maxlen: 29
2a0e:1a86::/32 maxlen: 32
2a0f:2100::/29 maxlen: 29
2a0f:31c0::/32 maxlen: 32
2a0f:dac0::/29 maxlen: 29
2a0f:e0c0::/29 maxlen: 29
2a13:8100::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 11 Jun 2025 23:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:cf:aa:f7:f5:0d:4d:33:b4:e9:01:85:5e:d6:1b:c3:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: May 14 16:40:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2cd9b45eb3f6cfa8babcb7e62587b0bc14fd3ef5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:1e:d6:90:4d:bd:92:54:96:24:89:62:ee:8d:
d5:bd:8d:64:f5:df:f3:10:2c:8b:0a:54:79:0b:30:
16:7a:4c:bf:4a:4a:02:29:ae:5c:2f:eb:f2:22:e7:
8c:f5:e2:66:93:25:27:e7:b6:0a:9e:06:c5:d2:4b:
7c:9b:b1:42:e4:b2:cb:40:d8:af:80:ca:0d:78:4b:
d0:b9:9e:47:41:11:07:38:39:b9:1d:d1:c1:0e:4e:
8f:7f:ef:1c:ee:1c:e5:3f:4a:7b:c2:1f:cd:71:90:
bf:90:fe:a7:63:51:e2:6c:37:d1:db:05:ab:a4:6a:
aa:8d:c4:76:ea:f8:c9:32:37:40:ca:e3:43:99:fa:
51:93:88:a5:4f:d0:41:02:e0:2b:b8:85:f5:4d:08:
81:26:c8:66:32:34:ad:7d:fc:74:ab:ba:0d:93:4e:
de:4a:47:10:5c:32:62:e2:38:ad:d2:03:78:95:0c:
39:f0:23:ed:44:4c:db:7f:e6:5f:8d:89:af:3f:db:
18:6f:75:71:3c:69:d5:78:c0:e7:0c:0b:d1:ae:f7:
d1:b6:ea:44:9c:c4:2f:84:4b:74:57:64:73:6b:6a:
3e:a1:46:ae:7c:3f:2a:0a:fe:ee:f8:ac:e1:e2:7f:
8d:96:01:05:c8:ed:40:7f:12:6e:67:4f:2b:70:11:
cc:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:D9:B4:5E:B3:F6:CF:A8:BA:BC:B7:E6:25:87:B0:BC:14:FD:3E:F5
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/LNm0XrP2z6i6vLfmJYewvBT9PvU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:35c1::/32
2a07:a300::/29
2a0e:1a86::/32
2a0f:2100::/29
2a0f:31c0::/32
2a0f:dac0::/29
2a0f:e0c0::/29
2a13:8100::/29
Signature Algorithm: sha256WithRSAEncryption
12:a8:d8:68:fd:58:a0:84:a4:33:c3:0c:cf:f3:e0:77:07:cd:
a1:e7:0d:a6:f3:14:25:df:df:94:2a:cb:5e:ac:a9:3e:06:cf:
2f:4c:22:c5:86:cf:87:4a:63:db:59:f3:a1:2f:a7:22:88:9d:
09:79:6d:e6:64:d8:ae:ec:11:ec:6d:11:a5:84:eb:00:2e:91:
87:bd:7a:f9:57:86:bd:0a:c2:2b:c6:63:30:56:cb:47:98:d7:
9b:e5:ec:55:58:75:05:36:91:f0:a6:9a:c8:cd:dd:fd:36:13:
d9:d9:80:0d:bc:7f:06:9a:09:de:fd:55:96:06:04:0d:d0:a0:
cb:f3:22:d3:e3:a7:1f:b2:a1:58:1e:39:d4:bd:6e:d6:d4:46:
57:fe:0f:a6:d1:ca:e4:fc:83:b2:78:b5:c5:5f:c6:6e:f6:bf:
9f:7f:54:bb:2e:81:35:2a:4c:b3:de:aa:b4:83:e6:e6:80:4b:
4a:09:70:f9:7a:7b:07:39:b2:db:5f:cf:97:4a:93:4c:0e:3f:
da:75:df:83:b0:98:64:51:f4:0d:b1:3e:28:9f:b4:24:30:cf:
ee:4c:c5:4f:ec:89:ae:82:56:97:b8:3a:99:e1:7e:61:a8:5e:
0b:e7:8c:f7:41:d6:4b:cb:93:49:3e:35:7a:bc:3c:de:55:79:
14:9b:91:5e
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZbPqvf1DU0ztOkBhV7WG8NmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwNTE0MTY0MDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyY2Q5YjQ1ZWIzZjZjZmE4YmFiY2I3ZTYyNTg3YjBiYzE0ZmQzZWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtB7WkE29klSWJIli7o3VvY1k9d/z
ECyLClR5CzAWeky/SkoCKa5cL+vyIueM9eJmkyUn57YKngbF0kt8m7FC5LLLQNiv
gMoNeEvQuZ5HQREHODm5HdHBDk6Pf+8c7hzlP0p7wh/NcZC/kP6nY1HibDfR2wWr
pGqqjcR26vjJMjdAyuNDmfpRk4ilT9BBAuAruIX1TQiBJshmMjStffx0q7oNk07e
SkcQXDJi4jit0gN4lQw58CPtREzbf+ZfjYmvP9sYb3VxPGnVeMDnDAvRrvfRtupE
nMQvhEt0V2Rza2o+oUaufD8qCv7u+Kzh4n+NlgEFyO1AfxJuZ08rcBHMqQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFCzZtF6z9s+oury35iWHsLwU/T71MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvTE5tMFhyUDJ6Nmk2dkxmbUpZZXd2QlQ5UHZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAAjA4AwUAKgY1wQMF
AyoHowADBQAqDhqGAwUDKg8hAAMFACoPMcADBQMqD9rAAwUDKg/gwAMFAyoTgQAw
DQYJKoZIhvcNAQELBQADggEBABKo2Gj9WKCEpDPDDM/z4HcHzaHnDabzFCXf35Qq
y16sqT4Gzy9MIsWGz4dKY9tZ86EvpyKInQl5beZk2K7sEextEaWE6wAukYe9evlX
hr0KwivGYzBWy0eY15vl7FVYdQU2kfCmmsjN3f02E9nZgA28fwaaCd79VZYGBA3Q
oMvzItPjpx+yoVgeOdS9btbURlf+D6bRyuT8g7J4tcVfxm72v59/VLsugTUqTLPe
qrSD5uaAS0oJcPl6ewc5sttfz5dKk0wOP9p134OwmGRR9A2xPiiftCQwz+5MxU/s
ia6CVpe4OpnhfmGoXgvnjPdB1kvLk0k+NXq8PN5VeRSbkV4=
-----END CERTIFICATE-----
Generated at Wed Jun 11 09:14:01 2025 by rpki-client