Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/Lg1L5lG72hKhH6nApiCn07tFKxE.roa
File: Lg1L5lG72hKhH6nApiCn07tFKxE.roa (raw, json)
Hash identifier: pPNQKJXlciECKvcUTVDbcsZWPb2WwwIUpqYFkNH1QOU=
Subject key identifier: 2E:0D:4B:E6:51:BB:DA:12:A1:1F:A9:C0:A6:20:A7:D3:BB:45:2B:11
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 019854A8CC0A9F110DF2EB22D7849C3C1DE7
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/Lg1L5lG72hKhH6nApiCn07tFKxE.roa
Signing time: Tue 29 Jul 2025 05:30:05 +0000
ROA not before: Tue 29 Jul 2025 05:30:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3758
IP address blocks: 45.144.198.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.mft
rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 03:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:54:a8:cc:0a:9f:11:0d:f2:eb:22:d7:84:9c:3c:1d:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Jul 29 05:30:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2e0d4be651bbda12a11fa9c0a620a7d3bb452b11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:f0:f1:31:e8:2d:aa:d1:a9:f8:8f:1f:d5:e2:
ed:58:99:56:3d:43:58:b1:fe:0f:fc:3d:cf:ca:b5:
53:3d:79:bb:92:32:da:b6:15:bb:59:61:fa:45:82:
2f:66:31:5e:b3:17:68:e7:78:85:fd:64:d8:27:b1:
1d:a5:b6:51:39:7e:2d:42:c7:aa:9e:ea:c3:e1:43:
09:95:0a:33:fb:8c:5a:e7:e4:81:a3:98:1a:ae:94:
b7:c6:df:e5:03:da:8b:3b:6d:6e:00:a4:bd:3f:89:
22:9d:32:54:d5:45:14:16:5c:5f:78:f8:05:2c:08:
fd:2e:f8:47:4a:33:8b:0d:b1:7b:cc:0c:96:2d:ce:
c1:f9:e4:0b:75:51:b3:2e:17:a7:ba:87:63:f7:f6:
06:e0:0a:74:85:93:12:f9:15:ef:96:02:7e:df:8f:
fd:0a:7c:bd:47:5c:8d:3a:5f:9c:53:4a:ba:15:69:
1b:ca:6a:8c:50:7e:5f:6e:f0:b3:4f:c8:64:db:cb:
d6:93:a8:cd:65:51:74:c5:68:92:90:ec:b4:be:42:
b2:9e:8f:a2:ec:06:10:b0:b1:d7:5b:0a:41:aa:4f:
00:39:1b:03:aa:ce:62:4d:d1:d1:43:e4:05:a2:4b:
3c:e6:56:76:53:ad:bd:a1:f0:db:b8:3f:30:3a:c8:
21:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:0D:4B:E6:51:BB:DA:12:A1:1F:A9:C0:A6:20:A7:D3:BB:45:2B:11
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/Lg1L5lG72hKhH6nApiCn07tFKxE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.198.0/23
Signature Algorithm: sha256WithRSAEncryption
2b:f1:93:49:cb:d2:a4:f3:ab:65:71:1f:24:fb:6e:24:4a:3b:
1f:b2:d5:35:34:b0:07:64:56:58:e0:30:6b:02:67:9e:e6:61:
0e:c6:ee:72:49:d8:dc:d6:b6:08:7e:3f:1a:5b:22:1e:5b:70:
3b:54:de:d6:36:a0:28:8d:74:8f:6f:e6:b9:99:b9:71:60:cf:
19:ba:d1:6a:61:d0:86:34:91:df:73:42:78:52:ed:57:fc:a6:
4f:c9:93:e4:32:90:8b:b6:6c:7f:64:fd:0e:66:01:59:e1:0a:
81:67:b9:7d:a7:e3:50:c7:85:25:0d:c8:2c:a7:33:ea:95:ee:
1a:d1:a8:8a:10:32:61:ea:29:a6:07:66:b2:0c:00:49:d8:9a:
2f:ab:ec:4d:e4:9f:cd:3f:00:32:f7:77:97:80:2d:cb:51:63:
ef:fb:54:b3:b7:cb:d7:2f:19:29:09:92:00:c6:2b:1a:e5:de:
29:26:ef:a3:b9:f3:58:84:4d:b8:ba:58:de:d9:ce:88:e7:2b:
58:80:41:e4:ff:a2:88:c9:2d:c6:27:87:72:e6:98:75:c4:a1:
92:5d:78:8c:f2:4e:84:75:b7:6d:9c:89:3d:19:87:9b:2e:01:
89:fe:5a:7e:62:49:18:f4:65:eb:da:b7:45:3e:3b:7b:73:41:
c9:40:ae:b6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZhUqMwKnxEN8usi14ScPB3nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjUwNzI5MDUzMDA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTBkNGJlNjUxYmJkYTEyYTExZmE5YzBhNjIwYTdkM2JiNDUyYjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0fDxMegtqtGp+I8f1eLtWJlWPUNY
sf4P/D3PyrVTPXm7kjLathW7WWH6RYIvZjFesxdo53iF/WTYJ7EdpbZROX4tQseq
nurD4UMJlQoz+4xa5+SBo5garpS3xt/lA9qLO21uAKS9P4kinTJU1UUUFlxfePgF
LAj9LvhHSjOLDbF7zAyWLc7B+eQLdVGzLhenuodj9/YG4Ap0hZMS+RXvlgJ+34/9
Cny9R1yNOl+cU0q6FWkbymqMUH5fbvCzT8hk28vWk6jNZVF0xWiSkOy0vkKyno+i
7AYQsLHXWwpBqk8AORsDqs5iTdHRQ+QFoks85lZ2U629ofDbuD8wOsghQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC4NS+ZRu9oSoR+pwKYgp9O7RSsRMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvTGcxTDVsRzcyaEtoSDZuQXBpQ24wN3RGS3hFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLZDGMA0G
CSqGSIb3DQEBCwUAA4IBAQAr8ZNJy9Kk86tlcR8k+24kSjsfstU1NLAHZFZY4DBr
Amee5mEOxu5ySdjc1rYIfj8aWyIeW3A7VN7WNqAojXSPb+a5mblxYM8ZutFqYdCG
NJHfc0J4Uu1X/KZPyZPkMpCLtmx/ZP0OZgFZ4QqBZ7l9p+NQx4UlDcgspzPqle4a
0aiKEDJh6immB2ayDABJ2Jovq+xN5J/NPwAy93eXgC3LUWPv+1Szt8vXLxkpCZIA
xisa5d4pJu+jufNYhE24ulje2c6I5ytYgEHk/6KIyS3GJ4dy5ph1xKGSXXiM8k6E
dbdtnIk9GYebLgGJ/lp+YkkY9GXr2rdFPjt7c0HJQK62
-----END CERTIFICATE-----
Generated at Mon Aug 4 07:55:35 2025 by rpki-client