Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/488a2a-5964-461c-9ffc-6e4500ea4aa8/1/ljUmaJOEvMjFI5KpBw7OV5LTgwY.roa
File: ljUmaJOEvMjFI5KpBw7OV5LTgwY.roa (raw, json)
Hash identifier: kdzf45jF5P72y49hy1Ud9SGswimupljyU5tNp9nAHJg=
Subject key identifier: 96:35:26:68:93:84:BC:C8:C5:23:92:A9:07:0E:CE:57:92:D3:83:06
Certificate issuer: /CN=80bed5d05ceaafe47130e79e64c18eb92361fc8e
Certificate serial: 0198D7F2B4D699AFA19894DC4E03D6DFEE27
Authority key identifier: 80:BE:D5:D0:5C:EA:AF:E4:71:30:E7:9E:64:C1:8E:B9:23:61:FC:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gL7V0Fzqr-RxMOeeZMGOuSNh_I4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/488a2a-5964-461c-9ffc-6e4500ea4aa8/1/ljUmaJOEvMjFI5KpBw7OV5LTgwY.roa
Signing time: Sat 23 Aug 2025 17:21:04 +0000
ROA not before: Sat 23 Aug 2025 17:21:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48285
IP address blocks: 46.255.120.0/23 maxlen: 23
46.255.123.0/24 maxlen: 24
46.255.124.0/24 maxlen: 24
46.255.125.0/24 maxlen: 24
46.255.127.0/24 maxlen: 24
2a00:9c00:101::/48 maxlen: 48
2a00:9c00:120::/48 maxlen: 48
2a00:9c00:123::/48 maxlen: 48
2a00:9c00:124::/48 maxlen: 48
2a00:9c00:125::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ce/488a2a-5964-461c-9ffc-6e4500ea4aa8/1/gL7V0Fzqr-RxMOeeZMGOuSNh_I4.crl
rsync://rpki.ripe.net/repository/DEFAULT/ce/488a2a-5964-461c-9ffc-6e4500ea4aa8/1/gL7V0Fzqr-RxMOeeZMGOuSNh_I4.mft
rsync://rpki.ripe.net/repository/DEFAULT/gL7V0Fzqr-RxMOeeZMGOuSNh_I4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 07:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d7:f2:b4:d6:99:af:a1:98:94:dc:4e:03:d6:df:ee:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=80bed5d05ceaafe47130e79e64c18eb92361fc8e
Validity
Not Before: Aug 23 17:21:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=963526689384bcc8c52392a9070ece5792d38306
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:5b:77:ee:89:85:1e:1b:54:00:29:bc:a1:d3:
83:43:46:cf:75:d7:ee:f1:41:01:d2:6b:63:5d:02:
bc:8b:69:47:dd:87:43:28:ee:8a:56:e1:f0:42:17:
b8:ea:f6:86:24:8b:7b:13:ba:ce:58:4c:54:08:05:
87:48:e0:c4:29:43:6e:51:6e:aa:58:b3:f7:e7:bb:
63:e2:6a:8f:82:10:b7:35:ff:64:bc:51:a8:95:c4:
f7:3d:67:62:9a:12:0d:08:f1:9f:00:24:a6:83:68:
14:63:47:1a:d3:9d:57:67:e7:2f:78:32:cf:77:6a:
f3:ec:5b:2c:f3:42:3d:81:d2:04:a4:9d:86:7b:8d:
c7:e4:e6:71:3e:0e:da:27:40:fc:2a:2e:2e:a6:7f:
ec:b2:53:5f:c9:65:2a:df:da:f6:dd:61:23:16:50:
f1:b1:bd:da:11:0f:7b:33:7e:5e:f7:f0:cf:ae:5e:
cb:cc:12:1c:9d:9a:07:5c:f7:d8:fb:74:c7:36:09:
70:ef:32:e4:a0:0b:24:90:44:0e:28:01:d8:14:a4:
2b:97:73:46:df:e1:36:5b:db:52:17:1b:a3:ae:6c:
8a:33:d7:d9:6c:0c:ad:5d:de:7b:3d:fd:00:a8:10:
24:82:b0:d8:fb:4c:57:ae:a4:ad:77:ee:46:94:f6:
8e:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:35:26:68:93:84:BC:C8:C5:23:92:A9:07:0E:CE:57:92:D3:83:06
X509v3 Authority Key Identifier:
keyid:80:BE:D5:D0:5C:EA:AF:E4:71:30:E7:9E:64:C1:8E:B9:23:61:FC:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gL7V0Fzqr-RxMOeeZMGOuSNh_I4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/488a2a-5964-461c-9ffc-6e4500ea4aa8/1/ljUmaJOEvMjFI5KpBw7OV5LTgwY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/488a2a-5964-461c-9ffc-6e4500ea4aa8/1/gL7V0Fzqr-RxMOeeZMGOuSNh_I4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.255.120.0/23
46.255.123.0-46.255.125.255
46.255.127.0/24
IPv6:
2a00:9c00:101::/48
2a00:9c00:120::/48
2a00:9c00:123::-2a00:9c00:125:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
27:73:1f:40:ce:9c:bb:32:c7:16:a3:4c:62:dd:f0:5f:df:0e:
89:31:ff:e3:ca:4f:2f:60:98:7b:df:db:36:8a:de:67:aa:b8:
26:3c:d6:d1:6a:8e:53:d6:9f:f5:2f:a1:d7:65:8e:3b:34:1a:
d9:51:84:3e:97:32:60:d6:24:49:32:9e:b8:4e:ec:f9:71:49:
fc:1d:11:0e:01:ee:c9:d3:73:02:c3:fe:88:83:24:75:a4:75:
4a:e3:3d:99:4e:87:03:30:29:a3:d9:43:b1:84:de:fb:f3:a2:
20:1a:ad:63:33:0d:3e:54:e9:54:0f:be:c3:ec:ff:d7:25:e7:
4b:dc:02:2a:90:e7:2e:ab:3b:a3:51:47:35:f7:e1:e1:52:ef:
77:68:ea:ca:12:c8:51:85:4c:b1:b1:21:ac:1f:25:7f:c1:7c:
54:26:ac:00:fe:a7:5e:87:21:be:94:b2:88:20:49:d4:a6:f8:
de:09:cc:30:a9:84:a0:35:1c:20:37:a0:a7:83:a1:c1:ff:f8:
97:13:cb:a8:cc:f9:f0:70:2a:13:4d:38:cc:fc:03:b1:cf:6a:
05:24:5d:56:8e:3e:09:1f:32:09:e6:55:65:09:ad:ce:c8:69:
bd:16:e8:a0:9a:d1:c4:74:c4:53:67:cd:8b:c6:78:77:7e:92:
6b:57:57:7b
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZjX8rTWma+hmJTcTgPW3+4nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwYmVkNWQwNWNlYWFmZTQ3MTMwZTc5ZTY0YzE4ZWI5MjM2
MWZjOGUwHhcNMjUwODIzMTcyMTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjM1MjY2ODkzODRiY2M4YzUyMzkyYTkwNzBlY2U1NzkyZDM4MzA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApVt37omFHhtUACm8odODQ0bPddfu
8UEB0mtjXQK8i2lH3YdDKO6KVuHwQhe46vaGJIt7E7rOWExUCAWHSODEKUNuUW6q
WLP357tj4mqPghC3Nf9kvFGolcT3PWdimhINCPGfACSmg2gUY0ca051XZ+cveDLP
d2rz7Fss80I9gdIEpJ2Ge43H5OZxPg7aJ0D8Ki4upn/sslNfyWUq39r23WEjFlDx
sb3aEQ97M35e9/DPrl7LzBIcnZoHXPfY+3THNglw7zLkoAskkEQOKAHYFKQrl3NG
3+E2W9tSFxujrmyKM9fZbAytXd57Pf0AqBAkgrDY+0xXrqStd+5GlPaOiwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFJY1JmiThLzIxSOSqQcOzleS04MGMB8GA1UdIwQY
MBaAFIC+1dBc6q/kcTDnnmTBjrkjYfyOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0w3VjBGenFyLVJ4TU9lZVpNR091U05oX0k0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS80ODhhMmEtNTk2NC00NjFjLTlmZmMt
NmU0NTAwZWE0YWE4LzEvbGpVbWFKT0V2TWpGSTVLcEJ3N09WNUxUZ3dZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS80ODhhMmEtNTk2NC00NjFjLTlmZmMtNmU0NTAwZWE0YWE4
LzEvZ0w3VjBGenFyLVJ4TU9lZVpNR091U05oX0k0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDAgBAIAATAaAwQBLv94MAwD
BAAu/3sDBAEu/3wDBAAu/38wLAQCAAIwJgMHACoAnAABAQMHACoAnAABIDASAwcA
KgCcAAEjAwcBKgCcAAEkMA0GCSqGSIb3DQEBCwUAA4IBAQAncx9Azpy7MscWo0xi
3fBf3w6JMf/jyk8vYJh739s2it5nqrgmPNbRao5T1p/1L6HXZY47NBrZUYQ+lzJg
1iRJMp64Tuz5cUn8HREOAe7J03MCw/6IgyR1pHVK4z2ZTocDMCmj2UOxhN7786Ig
Gq1jMw0+VOlUD77D7P/XJedL3AIqkOcuqzujUUc19+HhUu93aOrKEshRhUyxsSGs
HyV/wXxUJqwA/qdehyG+lLKIIEnUpvjeCcwwqYSgNRwgN6Cng6HB//iXE8uozPnw
cCoTTTjM/AOxz2oFJF1Wjj4JHzIJ5lVlCa3OyGm9FuigmtHEdMRTZ82Lxnh3fpJr
V1d7
-----END CERTIFICATE-----
Generated at Sun Sep 7 13:52:52 2025 by rpki-client