Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/f449b3-d8a8-493e-9bd7-e88465c46186/1/lxDEqFj6zW07SLHQjqVmomdaapE.roa
File: lxDEqFj6zW07SLHQjqVmomdaapE.roa (raw, json)
Hash identifier: lF5Ce2oOR8ADABZHpXBmLxZpyS2ZCE5Qt5VxQq3I6OY=
Subject key identifier: 97:10:C4:A8:58:FA:CD:6D:3B:48:B1:D0:8E:A5:66:A2:67:5A:6A:91
Certificate issuer: /CN=c27358682df3df8bdc7024507f92ecfc5ae097bb
Certificate serial: 019A2B1BFCAA23C4DF96369FFF063E986DCC
Authority key identifier: C2:73:58:68:2D:F3:DF:8B:DC:70:24:50:7F:92:EC:FC:5A:E0:97:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wnNYaC3z34vccCRQf5Ls_Frgl7s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/f449b3-d8a8-493e-9bd7-e88465c46186/1/lxDEqFj6zW07SLHQjqVmomdaapE.roa
Signing time: Tue 28 Oct 2025 13:57:25 +0000
ROA not before: Tue 28 Oct 2025 13:57:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15703
IP address blocks: 80.247.208.0/20 maxlen: 24
87.233.0.0/16 maxlen: 24
193.28.152.0/24 maxlen: 24
213.193.192.0/21 maxlen: 24
213.193.208.0/21 maxlen: 24
213.193.209.0/24 maxlen: 24
213.193.210.0/24 maxlen: 24
213.193.212.0/24 maxlen: 24
213.193.216.0/22 maxlen: 24
213.193.220.0/22 maxlen: 24
213.193.232.0/21 maxlen: 24
213.193.232.0/24 maxlen: 24
213.193.240.0/21 maxlen: 24
213.239.128.0/19 maxlen: 24
213.239.136.0/24 maxlen: 24
2001:990::/32 maxlen: 32
2001:9a8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2e/f449b3-d8a8-493e-9bd7-e88465c46186/1/wnNYaC3z34vccCRQf5Ls_Frgl7s.crl
rsync://rpki.ripe.net/repository/DEFAULT/2e/f449b3-d8a8-493e-9bd7-e88465c46186/1/wnNYaC3z34vccCRQf5Ls_Frgl7s.mft
rsync://rpki.ripe.net/repository/DEFAULT/wnNYaC3z34vccCRQf5Ls_Frgl7s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 07:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:2b:1b:fc:aa:23:c4:df:96:36:9f:ff:06:3e:98:6d:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c27358682df3df8bdc7024507f92ecfc5ae097bb
Validity
Not Before: Oct 28 13:57:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9710c4a858facd6d3b48b1d08ea566a2675a6a91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:df:9c:53:29:26:51:5f:4f:4f:21:22:66:68:
d6:b1:66:7b:54:da:55:55:29:6c:73:a7:db:ae:e1:
ad:75:ff:86:a5:61:49:72:d7:e6:9c:c4:45:0e:1f:
80:d4:4b:bf:6b:8c:da:71:18:4f:06:c0:ed:52:a6:
12:2a:d4:b9:1d:45:3a:42:a5:f2:fa:fb:11:01:3b:
95:a3:10:f5:b4:55:ab:e8:3c:be:7e:64:1e:29:d0:
b7:c6:9f:04:ba:54:e2:f3:5a:cc:59:a8:54:49:c2:
ed:13:9b:c4:59:43:b8:0d:72:98:0b:b7:d5:be:5b:
97:37:7f:93:41:f3:f5:4e:fb:20:93:d3:61:a7:b8:
6c:52:19:0a:44:6c:d2:72:13:5d:ad:f2:fb:cb:f7:
d9:19:3c:6a:ef:a9:57:6e:49:f1:da:bf:65:8c:7b:
b6:5c:37:a8:68:c8:4b:b1:58:4d:4d:27:68:fb:a6:
36:ce:42:89:0e:a0:50:0d:13:84:f4:dd:83:38:67:
88:25:b1:bd:6d:72:5a:95:d4:1e:fd:35:aa:03:79:
40:20:bc:6a:b4:d4:e7:4c:b5:71:ce:20:ae:dc:83:
64:dc:1f:6d:6c:69:2b:f8:48:6c:a8:9f:43:72:b0:
a3:a9:f3:95:cb:80:8b:18:6a:6a:fa:de:d3:63:20:
01:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:10:C4:A8:58:FA:CD:6D:3B:48:B1:D0:8E:A5:66:A2:67:5A:6A:91
X509v3 Authority Key Identifier:
keyid:C2:73:58:68:2D:F3:DF:8B:DC:70:24:50:7F:92:EC:FC:5A:E0:97:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wnNYaC3z34vccCRQf5Ls_Frgl7s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/f449b3-d8a8-493e-9bd7-e88465c46186/1/lxDEqFj6zW07SLHQjqVmomdaapE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/f449b3-d8a8-493e-9bd7-e88465c46186/1/wnNYaC3z34vccCRQf5Ls_Frgl7s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.247.208.0/20
87.233.0.0/16
193.28.152.0/24
213.193.192.0/21
213.193.208.0/20
213.193.232.0-213.193.247.255
213.239.128.0/19
IPv6:
2001:990::/32
2001:9a8::/32
Signature Algorithm: sha256WithRSAEncryption
0e:73:ef:1c:d1:84:0b:d6:33:ff:9c:81:11:e0:cc:5c:48:db:
3d:ee:34:d0:54:05:b4:de:61:79:00:47:a4:79:a9:19:09:e2:
70:18:0f:30:bc:db:78:c2:ea:ec:c4:67:4b:cc:6d:16:7d:6a:
7d:0f:5d:08:c0:00:47:ce:2d:12:50:72:07:78:3f:93:03:85:
ba:a4:c4:64:de:22:1c:f8:bd:68:2b:35:fb:9d:58:9e:2e:06:
52:93:e7:85:87:c4:25:79:4f:52:41:7f:27:fa:ee:30:14:b5:
f6:ae:84:46:71:ac:36:b8:9b:89:d4:c5:3b:e8:89:df:a9:a7:
fd:e7:f3:02:57:a8:69:a1:55:a4:08:bf:b3:e4:95:74:e2:74:
ba:4f:37:ff:87:50:2e:14:73:9b:c1:f6:5a:2c:b7:19:23:1c:
8c:66:89:10:2b:35:67:56:a5:f3:56:3c:a0:da:42:e2:be:0e:
ed:04:a2:86:cd:8d:38:0b:5c:5d:d9:9b:89:4a:8f:e5:7b:54:
c7:5b:fe:05:d4:5c:4b:79:73:63:ef:1a:3b:41:7b:a0:ad:7a:
e0:e5:df:e3:8c:26:42:03:a9:c0:44:98:42:91:69:0c:7c:72:
c4:27:45:b4:08:d1:7f:27:1d:c4:13:9e:20:5b:65:71:ec:30:
66:01:bc:7c
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAZorG/yqI8Tfljaf/wY+mG3MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzM1ODY4MmRmM2RmOGJkYzcwMjQ1MDdmOTJlY2ZjNWFl
MDk3YmIwHhcNMjUxMDI4MTM1NzI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzEwYzRhODU4ZmFjZDZkM2I0OGIxZDA4ZWE1NjZhMjY3NWE2YTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAut+cUykmUV9PTyEiZmjWsWZ7VNpV
VSlsc6fbruGtdf+GpWFJctfmnMRFDh+A1Eu/a4zacRhPBsDtUqYSKtS5HUU6QqXy
+vsRATuVoxD1tFWr6Dy+fmQeKdC3xp8EulTi81rMWahUScLtE5vEWUO4DXKYC7fV
vluXN3+TQfP1Tvsgk9Nhp7hsUhkKRGzSchNdrfL7y/fZGTxq76lXbknx2r9ljHu2
XDeoaMhLsVhNTSdo+6Y2zkKJDqBQDROE9N2DOGeIJbG9bXJaldQe/TWqA3lAILxq
tNTnTLVxziCu3INk3B9tbGkr+EhsqJ9DcrCjqfOVy4CLGGpq+t7TYyABiQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFJcQxKhY+s1tO0ix0I6lZqJnWmqRMB8GA1UdIwQY
MBaAFMJzWGgt89+L3HAkUH+S7Pxa4Je7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25OWWFDM3ozNHZjY0NSUWY1THNfRnJnbDdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9mNDQ5YjMtZDhhOC00OTNlLTliZDct
ZTg4NDY1YzQ2MTg2LzEvbHhERXFGajZ6VzA3U0xIUWpxVm1vbWRhYXBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9mNDQ5YjMtZDhhOC00OTNlLTliZDctZTg4NDY1YzQ2MTg2
LzEvd25OWWFDM3ozNHZjY0NSUWY1THNfRnJnbDdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzA3BAIAATAxAwQEUPfQAwMA
V+kDBADBHJgDBAPVwcADBATVwdAwDAMEA9XB6AMEA9XB8AMEBdXvgDAUBAIAAjAO
AwUAIAEJkAMFACABCagwDQYJKoZIhvcNAQELBQADggEBAA5z7xzRhAvWM/+cgRHg
zFxI2z3uNNBUBbTeYXkAR6R5qRkJ4nAYDzC823jC6uzEZ0vMbRZ9an0PXQjAAEfO
LRJQcgd4P5MDhbqkxGTeIhz4vWgrNfudWJ4uBlKT54WHxCV5T1JBfyf67jAUtfau
hEZxrDa4m4nUxTvoid+pp/3n8wJXqGmhVaQIv7PklXTidLpPN/+HUC4Uc5vB9los
txkjHIxmiRArNWdWpfNWPKDaQuK+Du0EoobNjTgLXF3Zm4lKj+V7VMdb/gXUXEt5
c2PvGjtBe6CteuDl3+OMJkIDqcBEmEKRaQx8csQnRbQI0X8nHcQTniBbZXHsMGYB
vHw=
-----END CERTIFICATE-----
Generated at Tue Nov 4 15:03:40 2025 by rpki-client