Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/f37538-7f9f-4228-a31e-2dab43ac04b3/1/lOVXNjzpi8a1KpauebcG1qek3Rw.roa
File: lOVXNjzpi8a1KpauebcG1qek3Rw.roa (raw, json)
Hash identifier: lmKylougTZLm/1gqELvjEpFi4/W9FJdA8v6kdy+vP4Y=
Subject key identifier: 94:E5:57:36:3C:E9:8B:C6:B5:2A:96:AE:79:B7:06:D6:A7:A4:DD:1C
Certificate issuer: /CN=709f8f32082152359cdaf9aabd4a551f4fb40213
Certificate serial: 019A3F7D3C0D64BF7A133C8B0E73CF6DBB7B
Authority key identifier: 70:9F:8F:32:08:21:52:35:9C:DA:F9:AA:BD:4A:55:1F:4F:B4:02:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cJ-PMgghUjWc2vmqvUpVH0-0AhM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/f37538-7f9f-4228-a31e-2dab43ac04b3/1/lOVXNjzpi8a1KpauebcG1qek3Rw.roa
Signing time: Sat 01 Nov 2025 12:56:03 +0000
ROA not before: Sat 01 Nov 2025 12:56:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43815
IP address blocks: 176.111.34.0/23 maxlen: 24
193.30.244.0/24 maxlen: 24
2001:678:8b0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/73/f37538-7f9f-4228-a31e-2dab43ac04b3/1/cJ-PMgghUjWc2vmqvUpVH0-0AhM.crl
rsync://rpki.ripe.net/repository/DEFAULT/73/f37538-7f9f-4228-a31e-2dab43ac04b3/1/cJ-PMgghUjWc2vmqvUpVH0-0AhM.mft
rsync://rpki.ripe.net/repository/DEFAULT/cJ-PMgghUjWc2vmqvUpVH0-0AhM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:3f:7d:3c:0d:64:bf:7a:13:3c:8b:0e:73:cf:6d:bb:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=709f8f32082152359cdaf9aabd4a551f4fb40213
Validity
Not Before: Nov 1 12:56:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=94e557363ce98bc6b52a96ae79b706d6a7a4dd1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:55:d2:5a:28:9c:33:66:49:99:72:23:0b:07:
cc:89:28:64:27:34:c6:f1:61:d6:09:34:12:26:5b:
dd:09:16:57:6e:b5:6e:c4:d3:f4:f2:b1:ea:bb:db:
7f:1c:f0:5b:4b:f7:ac:36:40:8e:80:d7:65:e6:0e:
9b:c7:55:36:fb:f4:1b:ad:48:ca:a5:75:2a:7e:8f:
c4:e6:0f:e7:52:be:ee:34:62:35:ec:f2:c6:ae:34:
78:e3:16:78:c7:36:a9:7d:6b:f6:01:03:59:c2:9e:
1a:40:75:25:0b:fd:2e:c6:88:00:9a:fb:0b:9c:b1:
5d:fe:87:76:6c:86:5a:46:1c:f4:02:10:e8:de:a3:
3e:ba:a0:06:c4:0e:86:38:e2:9c:34:d1:42:2c:73:
a2:42:76:62:e2:ae:7b:ae:70:31:b3:ce:d9:4c:96:
05:2f:e1:d0:1d:bc:be:e7:a2:19:bb:30:a2:ed:1d:
0a:96:1e:2c:c2:d9:10:17:b2:33:ba:9c:e8:87:5e:
75:7e:6a:87:00:47:5e:85:ad:f5:e0:9f:b6:9d:dc:
aa:7d:83:3c:48:98:23:1b:27:f4:0b:40:a5:21:f8:
40:3b:74:f1:ca:68:0f:cf:b8:d7:41:48:47:67:2e:
0b:16:99:4b:e2:0d:63:38:7e:ac:51:3d:88:a6:26:
39:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:E5:57:36:3C:E9:8B:C6:B5:2A:96:AE:79:B7:06:D6:A7:A4:DD:1C
X509v3 Authority Key Identifier:
keyid:70:9F:8F:32:08:21:52:35:9C:DA:F9:AA:BD:4A:55:1F:4F:B4:02:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cJ-PMgghUjWc2vmqvUpVH0-0AhM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/f37538-7f9f-4228-a31e-2dab43ac04b3/1/lOVXNjzpi8a1KpauebcG1qek3Rw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/f37538-7f9f-4228-a31e-2dab43ac04b3/1/cJ-PMgghUjWc2vmqvUpVH0-0AhM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.111.34.0/23
193.30.244.0/24
IPv6:
2001:678:8b0::/48
Signature Algorithm: sha256WithRSAEncryption
6c:15:26:3f:1d:99:3a:39:66:c6:61:70:e1:69:eb:c6:a2:e1:
7a:73:cd:31:fb:5a:30:d6:10:a4:6e:7c:38:eb:02:4b:c1:4b:
4e:cf:8e:fc:6d:2d:be:ca:1c:0c:55:5d:6f:84:ba:48:db:8b:
17:e2:a0:8e:b4:98:e4:52:4f:d8:47:33:e0:27:b9:1f:82:cf:
9c:f2:b4:71:aa:30:fb:fc:a6:80:38:3f:ac:55:0d:69:53:6b:
fb:30:42:aa:31:df:58:43:67:a9:de:8d:d0:d5:2c:d0:d4:01:
f3:fc:02:de:cb:61:0c:22:be:89:3d:05:d2:8e:4f:29:fb:7d:
23:0c:26:5d:0c:04:08:82:bf:a6:c8:4e:45:1b:ae:f9:1c:a4:
5e:f2:62:e5:f3:a2:4a:4b:93:dc:af:b9:a8:19:cc:7a:ea:c9:
e6:3e:ca:f7:ba:4e:92:4a:29:0e:e8:63:4b:c4:58:e2:e8:aa:
01:92:40:54:a8:22:a2:0d:e4:cd:89:85:2c:63:d6:d1:cb:c3:
04:09:c1:b1:68:3a:62:bb:a6:24:7d:83:39:ff:13:cc:d4:80:
5c:2a:11:62:c1:15:13:3e:3e:d5:56:9c:f3:3f:c3:f6:3a:c1:
c5:87:78:28:0c:52:06:f3:1a:19:da:a2:bd:5c:21:54:4f:c8:
cb:91:be:b2
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZo/fTwNZL96EzyLDnPPbbt7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwOWY4ZjMyMDgyMTUyMzU5Y2RhZjlhYWJkNGE1NTFmNGZi
NDAyMTMwHhcNMjUxMTAxMTI1NjAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGU1NTczNjNjZTk4YmM2YjUyYTk2YWU3OWI3MDZkNmE3YTRkZDFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1XSWiicM2ZJmXIjCwfMiShkJzTG
8WHWCTQSJlvdCRZXbrVuxNP08rHqu9t/HPBbS/esNkCOgNdl5g6bx1U2+/QbrUjK
pXUqfo/E5g/nUr7uNGI17PLGrjR44xZ4xzapfWv2AQNZwp4aQHUlC/0uxogAmvsL
nLFd/od2bIZaRhz0AhDo3qM+uqAGxA6GOOKcNNFCLHOiQnZi4q57rnAxs87ZTJYF
L+HQHby+56IZuzCi7R0Klh4swtkQF7Izupzoh151fmqHAEdeha314J+2ndyqfYM8
SJgjGyf0C0ClIfhAO3TxymgPz7jXQUhHZy4LFplL4g1jOH6sUT2IpiY5VQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFJTlVzY86YvGtSqWrnm3BtanpN0cMB8GA1UdIwQY
MBaAFHCfjzIIIVI1nNr5qr1KVR9PtAITMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0otUE1nZ2hValdjMnZtcXZVcFZIMC0wQWhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My9mMzc1MzgtN2Y5Zi00MjI4LWEzMWUt
MmRhYjQzYWMwNGIzLzEvbE9WWE5qenBpOGExS3BhdWViY0cxcWVrM1J3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My9mMzc1MzgtN2Y5Zi00MjI4LWEzMWUtMmRhYjQzYWMwNGIz
LzEvY0otUE1nZ2hValdjMnZtcXZVcFZIMC0wQWhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBsG8iAwQA
wR70MA8EAgACMAkDBwAgAQZ4CLAwDQYJKoZIhvcNAQELBQADggEBAGwVJj8dmTo5
ZsZhcOFp68ai4XpzzTH7WjDWEKRufDjrAkvBS07PjvxtLb7KHAxVXW+Eukjbixfi
oI60mORST9hHM+AnuR+Cz5zytHGqMPv8poA4P6xVDWlTa/swQqox31hDZ6nejdDV
LNDUAfP8At7LYQwivok9BdKOTyn7fSMMJl0MBAiCv6bITkUbrvkcpF7yYuXzokpL
k9yvuagZzHrqyeY+yve6TpJKKQ7oY0vEWOLoqgGSQFSoIqIN5M2JhSxj1tHLwwQJ
wbFoOmK7piR9gzn/E8zUgFwqEWLBFRM+PtVWnPM/w/Y6wcWHeCgMUgbzGhnaor1c
IVRPyMuRvrI=
-----END CERTIFICATE-----
Generated at Wed Nov 5 20:42:29 2025 by rpki-client