Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/0251f2-a1bb-44fb-b908-48d5ff4ba255/1/3lMXvqEAcbLn_TGG01LICTbLW08.roa
File: 3lMXvqEAcbLn_TGG01LICTbLW08.roa (raw, json)
Hash identifier: JLchOQ88ldGsLdqg4fteLfsJxI+Ai8g0uoHIiX7T5co=
Subject key identifier: DE:53:17:BE:A1:00:71:B2:E7:FD:31:86:D3:52:C8:09:36:CB:5B:4F
Certificate issuer: /CN=9a24b27d9f3df6e14ebc79e146e8be32754bf800
Certificate serial: 0199952EE63927336D44CBF59D7A41606928
Authority key identifier: 9A:24:B2:7D:9F:3D:F6:E1:4E:BC:79:E1:46:E8:BE:32:75:4B:F8:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/miSyfZ899uFOvHnhRui-MnVL-AA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/0251f2-a1bb-44fb-b908-48d5ff4ba255/1/3lMXvqEAcbLn_TGG01LICTbLW08.roa
Signing time: Mon 29 Sep 2025 11:15:02 +0000
ROA not before: Mon 29 Sep 2025 11:15:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9009
IP address blocks: 2a09:a702:6e::/48 maxlen: 48
2a09:a702:6f::/48 maxlen: 48
2a09:a702:70::/48 maxlen: 48
2a09:a702:71::/48 maxlen: 48
2a09:a702:74::/48 maxlen: 48
2a09:a702:75::/48 maxlen: 48
2a09:a702:78::/48 maxlen: 48
2a09:a702:79::/48 maxlen: 48
2a09:a702:7a::/48 maxlen: 48
2a09:a702:7b::/48 maxlen: 48
2a09:a702:7c::/48 maxlen: 48
2a09:a702:7d::/48 maxlen: 48
2a09:a702:7e::/48 maxlen: 48
2a09:a702:7f::/48 maxlen: 48
2a09:a702:80::/48 maxlen: 48
2a09:a702:81::/48 maxlen: 48
2a09:a702:82::/48 maxlen: 48
2a09:a702:83::/48 maxlen: 48
2a09:a702:84::/48 maxlen: 48
2a09:a702:85::/48 maxlen: 48
2a09:a702:86::/48 maxlen: 48
2a09:a702:87::/48 maxlen: 48
2a09:a702:88::/48 maxlen: 48
2a09:a702:89::/48 maxlen: 48
2a09:a702:8a::/48 maxlen: 48
2a09:a702:8b::/48 maxlen: 48
2a09:a702:8c::/48 maxlen: 48
2a09:a702:8d::/48 maxlen: 48
2a09:a702:8e::/48 maxlen: 48
2a09:a702:8f::/48 maxlen: 48
2a09:a702:90::/48 maxlen: 48
2a09:a702:91::/48 maxlen: 48
2a09:a702:96::/48 maxlen: 48
2a09:a702:97::/48 maxlen: 48
2a09:a702:98::/48 maxlen: 48
2a09:a702:99::/48 maxlen: 48
2a09:a702:9a::/48 maxlen: 48
2a09:a702:9b::/48 maxlen: 48
2a09:a702:9c::/48 maxlen: 48
2a09:a702:9d::/48 maxlen: 48
2a09:a702:9e::/48 maxlen: 48
2a09:a702:9f::/48 maxlen: 48
2a09:a702:a2::/48 maxlen: 48
2a09:a702:a3::/48 maxlen: 48
2a09:a702:a4::/48 maxlen: 48
2a09:a702:a5::/48 maxlen: 48
2a09:a702:a6::/48 maxlen: 48
2a09:a702:a7::/48 maxlen: 48
2a09:a702:ac::/48 maxlen: 48
2a09:a702:ad::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/0251f2-a1bb-44fb-b908-48d5ff4ba255/1/miSyfZ899uFOvHnhRui-MnVL-AA.crl
rsync://rpki.ripe.net/repository/DEFAULT/da/0251f2-a1bb-44fb-b908-48d5ff4ba255/1/miSyfZ899uFOvHnhRui-MnVL-AA.mft
rsync://rpki.ripe.net/repository/DEFAULT/miSyfZ899uFOvHnhRui-MnVL-AA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 Oct 2025 21:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:95:2e:e6:39:27:33:6d:44:cb:f5:9d:7a:41:60:69:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a24b27d9f3df6e14ebc79e146e8be32754bf800
Validity
Not Before: Sep 29 11:15:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=de5317bea10071b2e7fd3186d352c80936cb5b4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:eb:bb:73:f4:a8:f5:01:fc:7e:35:0e:7d:f0:
ef:7b:be:08:86:d1:52:ec:a6:fe:89:1a:5d:38:0b:
a4:37:57:4e:6b:9e:f8:2a:7a:80:22:44:14:f6:26:
91:fd:01:a3:4d:3f:37:9a:d7:59:c3:f5:9b:96:95:
00:d4:49:91:ff:0b:28:f8:da:94:e6:a4:ae:fa:d7:
cc:02:cf:e3:06:93:15:e2:d6:b7:7e:5b:29:fd:a2:
e0:2e:64:bc:7f:44:30:e3:1a:b6:4d:16:96:c5:fe:
ff:34:51:82:be:95:8c:50:5a:1b:36:c0:78:c6:30:
24:cf:c9:e6:7c:2e:75:29:9e:02:43:0c:a8:d9:7b:
be:27:61:08:76:f9:ae:04:0e:05:60:0d:b9:17:fa:
44:ce:0b:f3:a6:74:3d:a5:78:96:1a:8f:bc:5f:7f:
6e:dd:01:33:20:8c:12:a9:b2:83:64:95:77:b1:e8:
c5:56:72:57:a4:cf:78:de:16:68:b7:c3:64:2b:3e:
63:0b:bb:04:82:9a:e7:eb:7b:f8:28:e5:86:d3:80:
f8:6b:03:8a:a6:2d:35:3d:57:aa:df:35:e3:cc:42:
e2:ff:71:d3:e2:11:d2:55:32:8a:77:a4:23:0c:52:
a2:45:4e:08:fa:1b:a3:14:f2:3b:b8:8a:b4:2b:14:
5c:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:53:17:BE:A1:00:71:B2:E7:FD:31:86:D3:52:C8:09:36:CB:5B:4F
X509v3 Authority Key Identifier:
keyid:9A:24:B2:7D:9F:3D:F6:E1:4E:BC:79:E1:46:E8:BE:32:75:4B:F8:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/miSyfZ899uFOvHnhRui-MnVL-AA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/0251f2-a1bb-44fb-b908-48d5ff4ba255/1/3lMXvqEAcbLn_TGG01LICTbLW08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/0251f2-a1bb-44fb-b908-48d5ff4ba255/1/miSyfZ899uFOvHnhRui-MnVL-AA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:a702:6e::-2a09:a702:71:ffff:ffff:ffff:ffff:ffff
2a09:a702:74::/47
2a09:a702:78::-2a09:a702:91:ffff:ffff:ffff:ffff:ffff
2a09:a702:96::-2a09:a702:9f:ffff:ffff:ffff:ffff:ffff
2a09:a702:a2::-2a09:a702:a7:ffff:ffff:ffff:ffff:ffff
2a09:a702:ac::/47
Signature Algorithm: sha256WithRSAEncryption
02:39:61:a3:f8:4a:35:d0:03:2a:64:ac:dd:23:0f:d8:60:48:
e0:47:f1:05:21:b1:c9:f7:b7:bc:71:7e:80:d6:89:68:60:9f:
9b:4f:c1:93:c0:a6:04:17:86:e6:a4:62:5c:a6:53:68:b5:0e:
04:c6:46:06:cb:59:aa:eb:d8:48:cd:9b:1a:a3:0f:81:c8:cd:
8f:3d:92:cf:f3:ff:23:93:07:14:e7:a7:b3:26:4e:6d:16:a2:
b0:25:bb:10:64:a3:44:c8:b5:b4:bf:80:73:8d:65:0d:1d:c3:
ef:80:36:26:1b:e6:66:2d:62:83:ed:5c:fd:e7:42:b4:75:19:
c0:d9:05:6c:96:84:db:16:8e:09:ff:78:5d:5a:f1:5b:89:1a:
b3:c5:32:6b:fc:e6:b7:41:df:4a:e4:18:67:c5:b4:e0:39:83:
da:e4:fe:e9:4b:ff:93:6b:66:4b:f8:14:b5:c6:04:86:01:de:
29:10:1d:55:f7:18:a9:19:42:3c:41:10:77:ab:47:44:3a:ff:
aa:c5:20:09:ef:03:b0:c0:96:d7:53:3a:a9:69:c1:f4:33:0f:
45:cb:5d:9a:5c:39:a3:a5:41:6c:5d:ff:e7:a1:2d:70:3a:82:
1f:f3:27:1d:90:41:af:be:ea:1f:43:cf:b1:9c:4c:3c:b6:8c:
4c:69:7e:71
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAZmVLuY5JzNtRMv1nXpBYGkoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMjRiMjdkOWYzZGY2ZTE0ZWJjNzllMTQ2ZThiZTMyNzU0
YmY4MDAwHhcNMjUwOTI5MTExNTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTUzMTdiZWExMDA3MWIyZTdmZDMxODZkMzUyYzgwOTM2Y2I1YjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw+u7c/So9QH8fjUOffDve74IhtFS
7Kb+iRpdOAukN1dOa574KnqAIkQU9iaR/QGjTT83mtdZw/WblpUA1EmR/wso+NqU
5qSu+tfMAs/jBpMV4ta3flsp/aLgLmS8f0Qw4xq2TRaWxf7/NFGCvpWMUFobNsB4
xjAkz8nmfC51KZ4CQwyo2Xu+J2EIdvmuBA4FYA25F/pEzgvzpnQ9pXiWGo+8X39u
3QEzIIwSqbKDZJV3sejFVnJXpM943hZot8NkKz5jC7sEgprn63v4KOWG04D4awOK
pi01PVeq3zXjzELi/3HT4hHSVTKKd6QjDFKiRU4I+hujFPI7uIq0KxRc1QIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFN5TF76hAHGy5/0xhtNSyAk2y1tPMB8GA1UdIwQY
MBaAFJoksn2fPfbhTrx54UbovjJ1S/gAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWlTeWZaODk5dUZPdkhuaFJ1aS1NblZMLUFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8wMjUxZjItYTFiYi00NGZiLWI5MDgt
NDhkNWZmNGJhMjU1LzEvM2xNWHZxRUFjYkxuX1RHRzAxTElDVGJMVzA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8wMjUxZjItYTFiYi00NGZiLWI5MDgtNDhkNWZmNGJhMjU1
LzEvbWlTeWZaODk5dUZPdkhuaFJ1aS1NblZMLUFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBoBAIAAjBiMBIDBwEqCacC
AG4DBwEqCacCAHADBwEqCacCAHQwEgMHAyoJpwIAeAMHASoJpwIAkDASAwcBKgmn
AgCWAwcFKgmnAgCAMBIDBwEqCacCAKIDBwMqCacCAKADBwEqCacCAKwwDQYJKoZI
hvcNAQELBQADggEBAAI5YaP4SjXQAypkrN0jD9hgSOBH8QUhscn3t7xxfoDWiWhg
n5tPwZPApgQXhuakYlymU2i1DgTGRgbLWarr2EjNmxqjD4HIzY89ks/z/yOTBxTn
p7MmTm0WorAluxBko0TItbS/gHONZQ0dw++ANiYb5mYtYoPtXP3nQrR1GcDZBWyW
hNsWjgn/eF1a8VuJGrPFMmv85rdB30rkGGfFtOA5g9rk/ulL/5NrZkv4FLXGBIYB
3ikQHVX3GKkZQjxBEHerR0Q6/6rFIAnvA7DAltdTOqlpwfQzD0XLXZpcOaOlQWxd
/+ehLXA6gh/zJx2QQa++6h9Dz7GcTDy2jExpfnE=
-----END CERTIFICATE-----
Generated at Sun Oct 19 07:13:40 2025 by rpki-client