Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/d3be70-ddf1-48f5-866f-ea67a98625fe/1/lVa-24VWCHQmDEJbWR7B6KJ1tRo.roa
File: lVa-24VWCHQmDEJbWR7B6KJ1tRo.roa (raw, json)
Hash identifier: 81y0hH83wUXAyUOd41fagc6UtwZ3KwK9DoU2MJ6Rq9I=
Subject key identifier: 95:56:BE:DB:85:56:08:74:26:0C:42:5B:59:1E:C1:E8:A2:75:B5:1A
Certificate issuer: /CN=b914166b685ac015b94126cdb8b18c83a12ed862
Certificate serial: 0196393D23D43F57E1295913773767E17072
Authority key identifier: B9:14:16:6B:68:5A:C0:15:B9:41:26:CD:B8:B1:8C:83:A1:2E:D8:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uRQWa2hawBW5QSbNuLGMg6Eu2GI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/d3be70-ddf1-48f5-866f-ea67a98625fe/1/lVa-24VWCHQmDEJbWR7B6KJ1tRo.roa
Signing time: Tue 15 Apr 2025 11:37:10 +0000
ROA not before: Tue 15 Apr 2025 11:37:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47583
IP address blocks: 69.62.64.0/23 maxlen: 24
69.62.66.0/23 maxlen: 24
69.62.68.0/22 maxlen: 24
69.62.72.0/21 maxlen: 24
69.62.80.0/22 maxlen: 24
69.62.84.0/23 maxlen: 24
69.62.86.0/23 maxlen: 24
69.62.88.0/21 maxlen: 24
69.62.96.0/21 maxlen: 24
69.62.104.0/24 maxlen: 24
69.62.105.0/24 maxlen: 24
69.62.106.0/23 maxlen: 24
69.62.108.0/22 maxlen: 24
69.62.112.0/22 maxlen: 24
69.62.116.0/22 maxlen: 24
69.62.120.0/23 maxlen: 24
69.62.122.0/24 maxlen: 24
69.62.123.0/24 maxlen: 24
69.62.124.0/24 maxlen: 24
69.62.125.0/24 maxlen: 24
69.62.126.0/23 maxlen: 24
103.199.184.0/22 maxlen: 24
148.222.52.0/24 maxlen: 24
148.222.54.0/24 maxlen: 24
148.222.55.0/24 maxlen: 24
168.231.64.0/21 maxlen: 24
168.231.72.0/22 maxlen: 24
168.231.76.0/23 maxlen: 24
168.231.78.0/23 maxlen: 24
168.231.80.0/21 maxlen: 24
168.231.88.0/21 maxlen: 24
168.231.96.0/22 maxlen: 24
168.231.100.0/24 maxlen: 24
168.231.101.0/24 maxlen: 24
168.231.102.0/23 maxlen: 24
168.231.104.0/21 maxlen: 24
168.231.112.0/22 maxlen: 24
168.231.116.0/24 maxlen: 24
168.231.117.0/24 maxlen: 24
168.231.118.0/23 maxlen: 24
168.231.120.0/22 maxlen: 24
168.231.124.0/22 maxlen: 24
194.164.148.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/d3be70-ddf1-48f5-866f-ea67a98625fe/1/uRQWa2hawBW5QSbNuLGMg6Eu2GI.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/d3be70-ddf1-48f5-866f-ea67a98625fe/1/uRQWa2hawBW5QSbNuLGMg6Eu2GI.mft
rsync://rpki.ripe.net/repository/DEFAULT/uRQWa2hawBW5QSbNuLGMg6Eu2GI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 05:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:39:3d:23:d4:3f:57:e1:29:59:13:77:37:67:e1:70:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b914166b685ac015b94126cdb8b18c83a12ed862
Validity
Not Before: Apr 15 11:37:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9556bedb85560874260c425b591ec1e8a275b51a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:55:c0:74:db:75:68:60:19:95:f6:1b:e5:06:
86:a7:78:24:1b:55:af:91:23:4e:c9:74:3e:a3:a8:
88:da:38:b5:95:25:24:9c:df:fd:4e:af:59:14:b0:
af:97:15:7b:de:81:a7:26:36:46:f4:ea:6c:fc:5f:
7c:1f:3a:33:a5:df:8d:23:c6:10:fe:88:c4:ad:ac:
f8:f3:36:53:5f:99:af:7e:eb:1e:bb:9b:6a:13:47:
6c:9f:c9:29:f0:c7:f7:c3:a3:3b:b4:20:10:1a:cb:
61:c0:1a:42:82:87:9a:6e:0d:65:ed:c6:7c:93:72:
8b:f8:dd:de:8f:11:09:27:63:fd:9b:10:f8:0c:c1:
0a:27:75:6a:2a:07:d2:5a:d0:ce:9b:19:10:a6:34:
94:79:60:a2:db:ac:4d:b6:b6:93:28:85:5f:30:31:
c7:a5:48:fe:ac:b4:e4:0a:63:2a:6d:f6:3c:69:45:
16:c7:f0:8e:76:de:2d:22:eb:37:21:0a:ae:35:a3:
38:76:10:c0:fe:c4:6f:5a:7c:9f:ba:e3:fa:ef:22:
87:cf:84:cd:51:c8:c0:18:11:9f:b6:45:67:68:95:
c7:05:46:ca:3b:72:4f:fb:00:d3:6b:3c:45:b8:2c:
cd:05:ff:6a:ed:d0:32:09:f2:d5:61:3e:ec:5d:51:
f4:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:56:BE:DB:85:56:08:74:26:0C:42:5B:59:1E:C1:E8:A2:75:B5:1A
X509v3 Authority Key Identifier:
keyid:B9:14:16:6B:68:5A:C0:15:B9:41:26:CD:B8:B1:8C:83:A1:2E:D8:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uRQWa2hawBW5QSbNuLGMg6Eu2GI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/d3be70-ddf1-48f5-866f-ea67a98625fe/1/lVa-24VWCHQmDEJbWR7B6KJ1tRo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/d3be70-ddf1-48f5-866f-ea67a98625fe/1/uRQWa2hawBW5QSbNuLGMg6Eu2GI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
69.62.64.0/18
103.199.184.0/22
148.222.52.0/24
148.222.54.0/23
168.231.64.0/18
194.164.148.0/22
Signature Algorithm: sha256WithRSAEncryption
bf:ab:02:1c:e8:55:72:1f:a8:b7:79:46:7b:fd:88:ae:47:ad:
c4:e9:69:c2:4f:89:1d:37:6f:5b:ba:50:d0:8e:e3:50:39:8f:
d0:70:1c:52:fa:20:ca:9e:2d:be:d2:43:a4:0d:4f:ac:8e:82:
3e:14:25:0d:4c:dc:b0:82:70:7a:23:f5:87:cb:b3:a2:16:94:
4a:04:a6:52:09:84:0d:da:e1:14:79:fb:96:8f:a0:50:4f:56:
c5:28:eb:c9:f7:39:04:c4:f5:0f:e3:34:24:32:ea:35:f2:fe:
ed:ca:f1:12:66:7c:85:d2:8f:77:3a:c5:9d:dd:de:d4:c2:46:
c8:ef:97:42:d2:00:ed:0d:47:7d:6b:94:a0:1d:f3:67:9f:f4:
45:0d:1e:9d:22:39:c7:42:7c:f2:22:dd:c5:c4:54:fc:2a:15:
03:d6:a0:b9:d2:e6:31:d7:f2:e2:52:5f:c7:39:fa:e3:64:7e:
fc:10:b7:ed:e0:5a:70:f4:88:ae:0e:fb:c1:25:9b:85:75:35:
09:c2:08:77:51:44:07:46:c1:e1:31:ff:c7:4b:b5:e5:1a:ea:
05:7b:57:2f:d8:75:89:3b:38:40:1f:f9:da:91:c1:01:60:60:
c5:2c:7e:a0:c9:9c:0c:5b:a5:74:72:24:62:29:a5:74:1a:75:
fa:22:e7:bf
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZY5PSPUP1fhKVkTdzdn4XByMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5MTQxNjZiNjg1YWMwMTViOTQxMjZjZGI4YjE4YzgzYTEy
ZWQ4NjIwHhcNMjUwNDE1MTEzNzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTU2YmVkYjg1NTYwODc0MjYwYzQyNWI1OTFlYzFlOGEyNzViNTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArVXAdNt1aGAZlfYb5QaGp3gkG1Wv
kSNOyXQ+o6iI2ji1lSUknN/9Tq9ZFLCvlxV73oGnJjZG9Ops/F98Hzozpd+NI8YQ
/ojEraz48zZTX5mvfuseu5tqE0dsn8kp8Mf3w6M7tCAQGsthwBpCgoeabg1l7cZ8
k3KL+N3ejxEJJ2P9mxD4DMEKJ3VqKgfSWtDOmxkQpjSUeWCi26xNtraTKIVfMDHH
pUj+rLTkCmMqbfY8aUUWx/COdt4tIus3IQquNaM4dhDA/sRvWnyfuuP67yKHz4TN
UcjAGBGftkVnaJXHBUbKO3JP+wDTazxFuCzNBf9q7dAyCfLVYT7sXVH0IQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJVWvtuFVgh0JgxCW1keweiidbUaMB8GA1UdIwQY
MBaAFLkUFmtoWsAVuUEmzbixjIOhLthiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVJRV2EyaGF3Qlc1UVNiTnVMR01nNkV1MkdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi9kM2JlNzAtZGRmMS00OGY1LTg2NmYt
ZWE2N2E5ODYyNWZlLzEvbFZhLTI0VldDSFFtREVKYldSN0I2S0oxdFJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi9kM2JlNzAtZGRmMS00OGY1LTg2NmYtZWE2N2E5ODYyNWZl
LzEvdVJRV2EyaGF3Qlc1UVNiTnVMR01nNkV1MkdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQGRT5AAwQC
Z8e4AwQAlN40AwQBlN42AwQGqOdAAwQCwqSUMA0GCSqGSIb3DQEBCwUAA4IBAQC/
qwIc6FVyH6i3eUZ7/YiuR63E6WnCT4kdN29bulDQjuNQOY/QcBxS+iDKni2+0kOk
DU+sjoI+FCUNTNywgnB6I/WHy7OiFpRKBKZSCYQN2uEUefuWj6BQT1bFKOvJ9zkE
xPUP4zQkMuo18v7tyvESZnyF0o93OsWd3d7UwkbI75dC0gDtDUd9a5SgHfNnn/RF
DR6dIjnHQnzyIt3FxFT8KhUD1qC50uYx1/LiUl/HOfrjZH78ELft4Fpw9IiuDvvB
JZuFdTUJwgh3UUQHRsHhMf/HS7XlGuoFe1cv2HWJOzhAH/nakcEBYGDFLH6gyZwM
W6V0ciRiKaV0GnX6Iue/
-----END CERTIFICATE-----
Generated at Sun Apr 27 15:21:34 2025 by rpki-client