Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/lmi4kKkD-fm8PiwIfC8JLrzBw14.roa
File: lmi4kKkD-fm8PiwIfC8JLrzBw14.roa (raw, json)
Hash identifier: YX7AOdebhpFQSdPo9Jj8qzaopE6t4H529tPcuJmvtPc=
Subject key identifier: 96:68:B8:90:A9:03:F9:F9:BC:3E:2C:08:7C:2F:09:2E:BC:C1:C3:5E
Certificate issuer: /CN=835bc9bb547e27788d221bc8bbd5fb02e024480f
Certificate serial: 019881459C5EB4FDF2E0528B671467E507B3
Authority key identifier: 83:5B:C9:BB:54:7E:27:78:8D:22:1B:C8:BB:D5:FB:02:E0:24:48:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/lmi4kKkD-fm8PiwIfC8JLrzBw14.roa
Signing time: Wed 06 Aug 2025 21:24:39 +0000
ROA not before: Wed 06 Aug 2025 21:24:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39335
IP address blocks: 2a0b:6b81:2::/48 maxlen: 48
2a0b:6b86:1200::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/g1vJu1R-J3iNIhvIu9X7AuAkSA8.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/g1vJu1R-J3iNIhvIu9X7AuAkSA8.mft
rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 11 Aug 2025 15:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:81:45:9c:5e:b4:fd:f2:e0:52:8b:67:14:67:e5:07:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=835bc9bb547e27788d221bc8bbd5fb02e024480f
Validity
Not Before: Aug 6 21:24:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9668b890a903f9f9bc3e2c087c2f092ebcc1c35e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:e3:79:64:48:f0:8f:31:4e:78:fe:96:b2:28:
ce:a9:8e:58:30:bf:bb:b0:8a:0b:04:0f:24:1a:6d:
6a:ff:35:2d:54:57:b0:66:7d:c4:08:fa:17:b6:a3:
50:06:b5:2e:db:94:42:f5:7c:d1:95:ec:a6:20:2c:
01:ae:25:a8:4b:64:59:a9:68:3f:1c:f1:f7:d6:3d:
c8:37:16:4d:03:3c:94:63:88:c9:a6:0d:96:09:f4:
41:8b:6e:c1:ac:a3:d3:10:ab:87:3f:ff:52:e4:39:
9b:dd:de:4b:21:2e:8b:6c:78:eb:18:8d:9e:49:c8:
23:4d:11:73:8d:cb:7c:a6:0f:f1:85:ec:6a:1f:73:
6e:cc:fe:4a:52:e6:99:57:2d:d7:c4:a3:7e:55:38:
b7:8d:a2:f8:f7:53:52:f7:85:8b:d6:3b:e2:ee:53:
36:d5:20:2e:0c:7a:77:5e:99:73:6f:e1:f9:1a:b8:
b8:ac:59:91:84:82:88:cd:7f:87:13:77:77:e4:a4:
0d:e6:99:8c:a6:79:ce:e3:ba:7b:36:11:aa:99:25:
1d:45:dc:c6:b8:f6:e1:6e:6f:4d:89:c0:18:3c:c0:
7f:af:e0:4b:eb:74:40:d8:50:50:99:27:37:ed:7c:
c7:5e:f3:58:ef:85:9c:fb:70:5a:ce:a3:a9:b4:96:
8d:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:68:B8:90:A9:03:F9:F9:BC:3E:2C:08:7C:2F:09:2E:BC:C1:C3:5E
X509v3 Authority Key Identifier:
keyid:83:5B:C9:BB:54:7E:27:78:8D:22:1B:C8:BB:D5:FB:02:E0:24:48:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/lmi4kKkD-fm8PiwIfC8JLrzBw14.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/g1vJu1R-J3iNIhvIu9X7AuAkSA8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:6b81:2::/48
2a0b:6b86:1200::/40
Signature Algorithm: sha256WithRSAEncryption
d5:e3:1d:b6:a2:33:cc:d7:cd:97:57:e9:4e:36:7b:63:37:e7:
65:1d:1a:a8:af:42:f0:2f:e1:2d:70:18:f0:32:e6:fd:2e:f7:
fb:12:dc:03:8f:c6:7c:db:1c:46:3d:1c:00:0e:23:d1:93:89:
77:c2:b6:31:18:22:13:86:34:c4:b1:d9:d1:f8:f5:58:b2:41:
07:73:30:fa:14:eb:88:db:7b:68:f8:71:c7:79:93:ec:1c:b8:
da:64:00:93:b1:37:60:1c:21:e9:05:41:d4:a0:46:5e:5a:c7:
6c:ed:b4:d9:9c:ed:b2:01:37:79:15:74:03:73:99:52:4d:b8:
39:f8:07:5d:45:4c:c3:26:d5:c5:af:69:09:eb:42:93:2f:24:
3f:16:1b:72:26:e2:42:3b:22:fd:90:10:1a:c3:cf:14:22:7a:
0e:e4:8b:61:f1:ec:73:eb:67:dd:2f:c1:b6:8e:6c:a0:8c:b3:
f6:5c:2a:37:54:d9:50:41:2a:13:2e:6e:96:47:6c:89:b1:f8:
09:30:d0:ba:c9:a2:11:03:59:0a:68:60:35:d5:ca:67:a5:6b:
63:a6:bc:31:23:bb:17:77:64:cf:4d:35:8c:9b:82:70:88:4e:
1e:d4:5f:02:37:55:fb:b6:cc:88:93:dc:9a:bb:0c:0d:18:c8:
24:d4:cc:d6
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAZiBRZxetP3y4FKLZxRn5QezMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzNWJjOWJiNTQ3ZTI3Nzg4ZDIyMWJjOGJiZDVmYjAyZTAy
NDQ4MGYwHhcNMjUwODA2MjEyNDM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjY4Yjg5MGE5MDNmOWY5YmMzZTJjMDg3YzJmMDkyZWJjYzFjMzVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAseN5ZEjwjzFOeP6WsijOqY5YML+7
sIoLBA8kGm1q/zUtVFewZn3ECPoXtqNQBrUu25RC9XzRleymICwBriWoS2RZqWg/
HPH31j3INxZNAzyUY4jJpg2WCfRBi27BrKPTEKuHP/9S5Dmb3d5LIS6LbHjrGI2e
ScgjTRFzjct8pg/xhexqH3NuzP5KUuaZVy3XxKN+VTi3jaL491NS94WL1jvi7lM2
1SAuDHp3Xplzb+H5Gri4rFmRhIKIzX+HE3d35KQN5pmMpnnO47p7NhGqmSUdRdzG
uPbhbm9NicAYPMB/r+BL63RA2FBQmSc37XzHXvNY74Wc+3BazqOptJaNBQIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFJZouJCpA/n5vD4sCHwvCS68wcNeMB8GA1UdIwQY
MBaAFINbybtUfid4jSIbyLvV+wLgJEgPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzF2SnUxUi1KM2lOSWh2SXU5WDdBdUFrU0E4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC85NjJmYjEtM2RmMC00ZWMyLWI1MGEt
YjM2YTI0ZDM5NDI3LzEvbG1pNGtLa0QtZm04UGl3SWZDOEpMcnpCdzE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC85NjJmYjEtM2RmMC00ZWMyLWI1MGEtYjM2YTI0ZDM5NDI3
LzEvZzF2SnUxUi1KM2lOSWh2SXU5WDdBdUFrU0E4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwcAKgtrgQAC
AwYAKgtrhhIwDQYJKoZIhvcNAQELBQADggEBANXjHbaiM8zXzZdX6U42e2M352Ud
GqivQvAv4S1wGPAy5v0u9/sS3AOPxnzbHEY9HAAOI9GTiXfCtjEYIhOGNMSx2dH4
9ViyQQdzMPoU64jbe2j4ccd5k+wcuNpkAJOxN2AcIekFQdSgRl5ax2zttNmc7bIB
N3kVdANzmVJNuDn4B11FTMMm1cWvaQnrQpMvJD8WG3Im4kI7Iv2QEBrDzxQieg7k
i2Hx7HPrZ90vwbaObKCMs/ZcKjdU2VBBKhMubpZHbImx+Akw0LrJohEDWQpoYDXV
ymela2OmvDEjuxd3ZM9NNYybgnCITh7UXwI3Vfu2zIiT3Jq7DA0YyCTUzNY=
-----END CERTIFICATE-----
Generated at Sun Aug 10 19:50:31 2025 by rpki-client