Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/LVx4HKgcWIAx396vyIJnNE4ePuI.roa
File: LVx4HKgcWIAx396vyIJnNE4ePuI.roa (raw, json)
Hash identifier: rjwIawjDoeXdj1yVpjEk4qjdVOMdb4bDHb4QfVsqSaE=
Subject key identifier: 2D:5C:78:1C:A8:1C:58:80:31:DF:DE:AF:C8:82:67:34:4E:1E:3E:E2
Certificate issuer: /CN=352f8919e6bc1ef5663489018fc875be34c0f24c
Certificate serial: 019A0ABE1F36C99769D343DAABED4DC1F56F
Authority key identifier: 35:2F:89:19:E6:BC:1E:F5:66:34:89:01:8F:C8:75:BE:34:C0:F2:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NS-JGea8HvVmNIkBj8h1vjTA8kw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/LVx4HKgcWIAx396vyIJnNE4ePuI.roa
Signing time: Wed 22 Oct 2025 07:07:03 +0000
ROA not before: Wed 22 Oct 2025 07:07:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35600
IP address blocks: 14.102.102.0/24 maxlen: 24
45.84.112.0/22 maxlen: 22
91.221.92.0/23 maxlen: 24
91.221.106.0/23 maxlen: 24
185.48.132.0/22 maxlen: 24
185.56.176.0/22 maxlen: 22
194.117.246.0/23 maxlen: 23
2001:67c:184c::/48 maxlen: 48
2a00:4780::/32 maxlen: 32
2a02:5520::/32 maxlen: 32
2a0e:ac80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/NS-JGea8HvVmNIkBj8h1vjTA8kw.crl
rsync://rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/NS-JGea8HvVmNIkBj8h1vjTA8kw.mft
rsync://rpki.ripe.net/repository/DEFAULT/NS-JGea8HvVmNIkBj8h1vjTA8kw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 Oct 2025 19:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:0a:be:1f:36:c9:97:69:d3:43:da:ab:ed:4d:c1:f5:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=352f8919e6bc1ef5663489018fc875be34c0f24c
Validity
Not Before: Oct 22 07:07:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2d5c781ca81c588031dfdeafc88267344e1e3ee2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:46:73:c9:f1:fc:2e:86:c4:ce:00:d8:1b:7a:
09:57:aa:c1:79:33:d3:5b:30:a6:5b:f3:c9:d6:71:
e5:3a:58:90:7d:41:e7:3d:04:ab:a5:82:62:d7:d4:
a5:35:77:01:20:9b:50:11:c4:88:29:73:5b:3d:ab:
b2:c6:fc:fd:10:53:89:bf:f6:df:12:45:61:4d:03:
6e:44:6e:ee:2b:7d:7f:c0:83:7c:c5:47:e4:59:3f:
0d:57:32:ba:42:2f:02:1d:95:6b:3c:df:a0:c1:a8:
5c:56:1b:f6:e0:59:97:00:4b:67:c4:2a:43:26:ba:
4a:4f:09:a4:5a:ed:c5:ce:44:96:15:4e:6e:48:4f:
e4:2b:86:14:1d:0f:10:b5:c3:9d:00:1b:b9:64:b7:
37:f9:e1:42:96:84:77:7e:d6:80:1d:e2:d1:fb:1f:
bc:c2:e8:73:45:60:7f:5f:3e:f1:ec:57:07:57:cc:
f6:b9:52:23:0f:d3:04:e3:4f:72:12:08:d9:02:05:
68:a6:7c:01:24:ea:96:46:ac:26:ea:cb:18:b6:00:
3c:1a:7c:a5:58:a0:07:41:2b:0d:17:75:91:4f:21:
ff:69:8d:cb:68:46:6d:17:87:f7:c5:42:86:86:98:
42:80:4d:5d:f3:7b:d2:d4:4c:8b:06:4d:6e:0c:40:
7c:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:5C:78:1C:A8:1C:58:80:31:DF:DE:AF:C8:82:67:34:4E:1E:3E:E2
X509v3 Authority Key Identifier:
keyid:35:2F:89:19:E6:BC:1E:F5:66:34:89:01:8F:C8:75:BE:34:C0:F2:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NS-JGea8HvVmNIkBj8h1vjTA8kw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/LVx4HKgcWIAx396vyIJnNE4ePuI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/NS-JGea8HvVmNIkBj8h1vjTA8kw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.102.0/24
45.84.112.0/22
91.221.92.0/23
91.221.106.0/23
185.48.132.0/22
185.56.176.0/22
194.117.246.0/23
IPv6:
2001:67c:184c::/48
2a00:4780::/32
2a02:5520::/32
2a0e:ac80::/29
Signature Algorithm: sha256WithRSAEncryption
5b:cd:3e:7d:47:dd:f5:ba:51:99:53:1d:b1:bb:ca:8a:2b:e7:
73:16:f1:40:75:5a:3e:bf:18:41:35:10:a8:90:43:a0:ca:98:
99:63:e6:82:e5:55:e4:a0:a0:0f:f9:00:6a:97:61:b1:92:d8:
31:82:7a:71:b5:12:c8:26:48:0f:3c:9c:0a:e5:7b:0d:89:df:
18:d5:a1:81:56:ab:7e:b3:ea:88:18:0b:0e:c6:20:e5:11:33:
3c:d6:51:50:7a:a2:9e:23:c2:4a:ac:87:41:d7:93:53:a7:9c:
f9:8c:91:b3:4f:a9:a5:5f:f0:80:18:f5:21:49:f3:bf:98:65:
17:3a:af:a9:83:8c:47:41:c6:f6:57:b4:62:b0:d4:50:e8:d8:
f8:07:d1:ba:e3:31:68:3e:24:0d:88:9e:6e:71:00:5c:07:9c:
ef:46:06:48:34:8d:66:57:f5:eb:db:fc:9d:55:3b:43:e2:a2:
93:0a:82:4c:fb:0c:e3:c2:15:16:ef:35:20:e9:a4:e0:e0:f4:
ae:4c:01:ca:aa:8b:fe:1b:b0:ac:b7:9b:0e:10:68:e7:2c:85:
32:25:14:78:f0:88:eb:0c:77:a8:91:b5:da:e8:4d:9a:86:b0:
e3:c6:6c:59:ce:c6:07:ca:24:41:0c:e4:88:51:65:10:e4:a3:
74:43:37:cf
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAZoKvh82yZdp00Paq+1NwfVvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MmY4OTE5ZTZiYzFlZjU2NjM0ODkwMThmYzg3NWJlMzRj
MGYyNGMwHhcNMjUxMDIyMDcwNzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDVjNzgxY2E4MWM1ODgwMzFkZmRlYWZjODgyNjczNDRlMWUzZWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnUZzyfH8LobEzgDYG3oJV6rBeTPT
WzCmW/PJ1nHlOliQfUHnPQSrpYJi19SlNXcBIJtQEcSIKXNbPauyxvz9EFOJv/bf
EkVhTQNuRG7uK31/wIN8xUfkWT8NVzK6Qi8CHZVrPN+gwahcVhv24FmXAEtnxCpD
JrpKTwmkWu3FzkSWFU5uSE/kK4YUHQ8QtcOdABu5ZLc3+eFCloR3ftaAHeLR+x+8
wuhzRWB/Xz7x7FcHV8z2uVIjD9ME409yEgjZAgVopnwBJOqWRqwm6ssYtgA8Gnyl
WKAHQSsNF3WRTyH/aY3LaEZtF4f3xUKGhphCgE1d83vS1EyLBk1uDEB8KwIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFC1ceByoHFiAMd/er8iCZzROHj7iMB8GA1UdIwQY
MBaAFDUviRnmvB71ZjSJAY/Idb40wPJMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlMtSkdlYThIdlZtTklrQmo4aDF2alRBOGt3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9jZjk0M2QtYzkyMS00ZWY3LTlhYTAt
ZTNmY2IyM2UzNDM4LzEvTFZ4NEhLZ2NXSUF4Mzk2dnlJSm5ORTRlUHVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9jZjk0M2QtYzkyMS00ZWY3LTlhYTAtZTNmY2IyM2UzNDM4
LzEvTlMtSkdlYThIdlZtTklrQmo4aDF2alRBOGt3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDAwBAIAATAqAwQADmZmAwQC
LVRwAwQBW91cAwQBW91qAwQCuTCEAwQCuTiwAwQBwnX2MCQEAgACMB4DBwAgAQZ8
GEwDBQAqAEeAAwUAKgJVIAMFAyoOrIAwDQYJKoZIhvcNAQELBQADggEBAFvNPn1H
3fW6UZlTHbG7yoor53MW8UB1Wj6/GEE1EKiQQ6DKmJlj5oLlVeSgoA/5AGqXYbGS
2DGCenG1EsgmSA88nArlew2J3xjVoYFWq36z6ogYCw7GIOURMzzWUVB6op4jwkqs
h0HXk1OnnPmMkbNPqaVf8IAY9SFJ87+YZRc6r6mDjEdBxvZXtGKw1FDo2PgH0brj
MWg+JA2Inm5xAFwHnO9GBkg0jWZX9evb/J1VO0PiopMKgkz7DOPCFRbvNSDppODg
9K5MAcqqi/4bsKy3mw4QaOcshTIlFHjwiOsMd6iRtdroTZqGsOPGbFnOxgfKJEEM
5IhRZRDko3RDN88=
-----END CERTIFICATE-----
Generated at Mon Oct 27 04:23:45 2025 by rpki-client