Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/LIC3STelcrfl4bL4XV6mk2EF5gs.roa
File: LIC3STelcrfl4bL4XV6mk2EF5gs.roa (raw, json)
Hash identifier: TsnmCWwiPl/H+p8XG+7zV685WXv+1dP8TSpotioYigI=
Subject key identifier: 2C:80:B7:49:37:A5:72:B7:E5:E1:B2:F8:5D:5E:A6:93:61:05:E6:0B
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 019900F58D533C5737A4A8958318D0340328
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/LIC3STelcrfl4bL4XV6mk2EF5gs.roa
Signing time: Sun 31 Aug 2025 16:28:36 +0000
ROA not before: Sun 31 Aug 2025 16:28:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41546
IP address blocks: 185.119.253.0/24 maxlen: 24
2a06:82c7::/48 maxlen: 48
2a06:8dc2::/44 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.mft
rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 07:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:00:f5:8d:53:3c:57:37:a4:a8:95:83:18:d0:34:03:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Aug 31 16:28:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2c80b74937a572b7e5e1b2f85d5ea6936105e60b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:89:a6:43:f9:37:d3:13:1f:a4:dc:fd:58:be:
26:d1:40:d7:82:2b:e4:65:30:1c:dc:0a:ac:0e:1d:
b2:f2:55:84:38:78:08:60:e2:ba:d2:95:f1:3d:04:
b8:39:3d:d7:df:88:7f:f9:23:51:34:8b:33:c3:f8:
34:96:10:5c:b4:4a:7b:90:12:a0:f1:4e:a4:41:13:
c6:81:19:74:9b:f5:b3:20:c9:45:c3:4d:7e:77:98:
46:07:dc:64:86:43:62:44:12:16:18:d6:0c:ba:79:
cd:40:00:75:c8:d0:8f:5b:bb:98:e0:f6:66:cb:d1:
52:bc:fd:44:1e:bf:a2:56:fb:fe:cf:d2:3c:34:c5:
4f:aa:aa:04:12:ef:7c:15:3a:22:90:de:37:8a:b5:
86:da:d6:9f:9a:41:00:0f:a4:37:14:3d:5e:aa:d0:
a4:9d:92:6f:ff:3f:56:4c:53:fd:71:93:b9:74:ac:
bf:a4:ff:f0:5b:c6:4e:22:89:84:17:e2:9a:8c:bc:
a0:b4:62:d8:e8:45:18:00:36:a1:2f:e0:33:14:0a:
43:b0:5c:8e:6b:bd:dc:5b:12:44:9d:ae:07:4a:1b:
a7:d5:ed:d3:9d:d2:c4:7b:d9:ab:69:a8:24:b1:16:
ce:f5:d4:07:47:af:dd:60:16:71:db:89:52:69:1e:
5f:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:80:B7:49:37:A5:72:B7:E5:E1:B2:F8:5D:5E:A6:93:61:05:E6:0B
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/LIC3STelcrfl4bL4XV6mk2EF5gs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.119.253.0/24
IPv6:
2a06:82c7::/48
2a06:8dc2::/44
Signature Algorithm: sha256WithRSAEncryption
91:f5:49:13:6d:a3:13:73:73:fc:78:a9:db:2d:32:d7:42:37:
86:68:40:0b:31:3b:e3:f9:c4:9d:70:44:af:f2:0d:68:57:5c:
2c:56:27:88:14:20:18:3e:91:d6:52:25:29:81:43:60:95:71:
5f:72:08:44:e6:d8:ab:43:13:61:12:6e:bb:cf:f2:41:a9:06:
98:e6:ed:27:af:11:e6:ba:40:ff:52:c6:c7:93:41:a6:f2:23:
74:d7:cd:9e:bc:ea:35:e0:7f:a6:a7:5a:9e:7c:4c:f9:d9:a4:
26:27:89:f9:b7:f4:2d:10:04:30:db:31:13:c3:57:20:29:af:
d0:55:71:93:c6:93:06:13:75:a9:05:ca:34:ed:95:8d:c2:22:
bf:be:71:c6:af:9b:f7:77:c1:e7:ba:8d:83:8a:7a:73:22:b6:
89:30:19:10:54:09:a8:73:c9:79:d0:c0:05:9a:03:f1:ae:ff:
d8:dd:86:91:1f:b5:fd:2e:92:0b:8e:c1:5c:38:b4:92:76:ea:
f9:f8:29:48:bf:86:0d:55:1f:57:05:0e:67:6d:4d:1f:70:0f:
87:59:3b:41:03:85:5d:7f:80:68:3f:d4:b3:43:d3:42:b4:9c:
5b:0a:40:4a:b5:db:79:f3:75:08:c3:e2:a6:23:d3:47:d4:89:
a8:37:31:18
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZkA9Y1TPFc3pKiVgxjQNAMoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjUwODMxMTYyODM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzgwYjc0OTM3YTU3MmI3ZTVlMWIyZjg1ZDVlYTY5MzYxMDVlNjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoImmQ/k30xMfpNz9WL4m0UDXgivk
ZTAc3AqsDh2y8lWEOHgIYOK60pXxPQS4OT3X34h/+SNRNIszw/g0lhBctEp7kBKg
8U6kQRPGgRl0m/WzIMlFw01+d5hGB9xkhkNiRBIWGNYMunnNQAB1yNCPW7uY4PZm
y9FSvP1EHr+iVvv+z9I8NMVPqqoEEu98FToikN43irWG2tafmkEAD6Q3FD1eqtCk
nZJv/z9WTFP9cZO5dKy/pP/wW8ZOIomEF+KajLygtGLY6EUYADahL+AzFApDsFyO
a73cWxJEna4HShun1e3TndLEe9mraagksRbO9dQHR6/dYBZx24lSaR5fgwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFCyAt0k3pXK35eGy+F1eppNhBeYLMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvTElDM1NUZWxjcmZsNGJMNFhWNm1rMkVGNWdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQAuXf9MBgE
AgACMBIDBwAqBoLHAAADBwQqBo3CAAAwDQYJKoZIhvcNAQELBQADggEBAJH1SRNt
oxNzc/x4qdstMtdCN4ZoQAsxO+P5xJ1wRK/yDWhXXCxWJ4gUIBg+kdZSJSmBQ2CV
cV9yCETm2KtDE2ESbrvP8kGpBpjm7SevEea6QP9SxseTQabyI3TXzZ686jXgf6an
Wp58TPnZpCYnifm39C0QBDDbMRPDVyApr9BVcZPGkwYTdakFyjTtlY3CIr++ccav
m/d3wee6jYOKenMitokwGRBUCahzyXnQwAWaA/Gu/9jdhpEftf0ukguOwVw4tJJ2
6vn4KUi/hg1VH1cFDmdtTR9wD4dZO0EDhV1/gGg/1LND00K0nFsKQEq123nzdQjD
4qYj00fUiag3MRg=
-----END CERTIFICATE-----
Generated at Sun Sep 7 16:24:42 2025 by rpki-client