Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/66d057-77e5-4241-80aa-21fd35cf4bb9/1/lWrjnOhkdLngH_rNw8_j4YqaRQo.roa
File: lWrjnOhkdLngH_rNw8_j4YqaRQo.roa (raw, json)
Hash identifier: K4bxS+l7j2oByKFzgDdI5RTjLvC4BrOSJXUtlpmQdfI=
Subject key identifier: 95:6A:E3:9C:E8:64:74:B9:E0:1F:FA:CD:C3:CF:E3:E1:8A:9A:45:0A
Certificate issuer: /CN=5f0211c91e9e0d35cb513345913e0a1a61bfd249
Certificate serial: 0198576EB22538F6C9C16ACAACF1EFCF396E
Authority key identifier: 5F:02:11:C9:1E:9E:0D:35:CB:51:33:45:91:3E:0A:1A:61:BF:D2:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XwIRyR6eDTXLUTNFkT4KGmG_0kk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/66d057-77e5-4241-80aa-21fd35cf4bb9/1/lWrjnOhkdLngH_rNw8_j4YqaRQo.roa
Signing time: Tue 29 Jul 2025 18:25:28 +0000
ROA not before: Tue 29 Jul 2025 18:25:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209845
IP address blocks: 167.150.86.0/24 maxlen: 24
2001:67c:ad4::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/66d057-77e5-4241-80aa-21fd35cf4bb9/1/XwIRyR6eDTXLUTNFkT4KGmG_0kk.crl
rsync://rpki.ripe.net/repository/DEFAULT/97/66d057-77e5-4241-80aa-21fd35cf4bb9/1/XwIRyR6eDTXLUTNFkT4KGmG_0kk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XwIRyR6eDTXLUTNFkT4KGmG_0kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 10 Aug 2025 14:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:57:6e:b2:25:38:f6:c9:c1:6a:ca:ac:f1:ef:cf:39:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f0211c91e9e0d35cb513345913e0a1a61bfd249
Validity
Not Before: Jul 29 18:25:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=956ae39ce86474b9e01ffacdc3cfe3e18a9a450a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:f5:48:a0:ae:9e:17:a0:24:73:2d:bd:ad:0a:
98:1e:52:bf:40:07:11:d0:ef:a6:17:c4:c7:06:2a:
ff:af:a9:16:fa:92:f5:d5:a0:74:9b:1d:75:3f:f6:
bc:df:4a:95:a3:9e:8e:8a:e6:6d:16:7a:80:37:60:
15:1f:50:7a:27:09:43:00:a0:23:1b:4c:64:b0:d2:
1f:aa:6a:76:f2:07:b6:0e:5c:20:a6:6d:37:47:3d:
0b:6e:a4:58:de:d9:3b:5e:32:58:61:bf:93:6e:16:
43:ce:f2:c2:d8:d5:bf:16:a7:0a:96:18:d7:eb:73:
ca:01:8a:66:0a:91:b4:34:0d:94:1c:5f:ae:f0:60:
fc:4f:2f:ab:2f:e4:b4:b1:3e:61:12:52:01:52:77:
9f:e8:1b:11:ab:bf:3b:9e:f4:d9:30:95:26:49:e5:
ba:59:51:0a:d5:a6:8f:3a:91:2c:bd:ef:9f:6d:cf:
f7:e7:8c:c1:51:79:45:7f:6f:13:30:fe:2c:01:68:
17:c5:aa:7a:b5:0f:63:5c:f7:c3:73:f5:f9:45:a6:
e9:5b:32:05:7c:46:8b:c0:13:9a:0a:d3:97:6a:ee:
2b:0f:2e:63:12:e6:86:90:0e:e0:53:7c:29:cc:fe:
eb:ca:0d:7e:6f:3c:81:c4:be:54:c1:7d:2e:83:c0:
b6:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:6A:E3:9C:E8:64:74:B9:E0:1F:FA:CD:C3:CF:E3:E1:8A:9A:45:0A
X509v3 Authority Key Identifier:
keyid:5F:02:11:C9:1E:9E:0D:35:CB:51:33:45:91:3E:0A:1A:61:BF:D2:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XwIRyR6eDTXLUTNFkT4KGmG_0kk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/66d057-77e5-4241-80aa-21fd35cf4bb9/1/lWrjnOhkdLngH_rNw8_j4YqaRQo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/66d057-77e5-4241-80aa-21fd35cf4bb9/1/XwIRyR6eDTXLUTNFkT4KGmG_0kk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
167.150.86.0/24
IPv6:
2001:67c:ad4::/48
Signature Algorithm: sha256WithRSAEncryption
27:d2:3c:96:d7:e4:ad:48:6f:88:03:60:e2:ee:fd:51:2d:69:
43:26:66:1c:52:9f:ca:23:01:d6:39:e7:76:00:c4:92:30:0f:
b6:41:44:cc:1c:ec:42:f4:09:cd:f8:f6:8d:ab:2c:8b:a0:41:
12:f0:c6:7a:c9:81:2b:ef:49:3e:4a:18:6f:5b:46:2e:70:90:
46:f3:91:dc:a9:e6:15:b8:1c:cf:d8:69:f6:78:8a:9d:e0:a9:
d9:22:ac:fb:85:77:b6:73:ee:80:21:46:24:20:14:9a:5c:a3:
41:7e:9b:c0:fe:c1:30:62:61:18:a6:e1:dc:38:49:46:46:5c:
b0:fe:a8:e1:0c:70:d7:58:aa:3a:50:f3:5a:ae:e1:7e:54:95:
0b:5b:47:53:18:f9:8b:34:28:8d:3b:2e:75:d9:6d:c6:45:77:
40:7d:b6:36:7c:f2:04:85:5d:92:b9:90:d5:10:88:0b:b6:be:
b8:a3:d2:6d:5b:2a:2b:49:3f:97:99:cb:34:f7:d4:bd:47:ed:
82:08:6f:0f:ac:81:ab:5e:63:c9:2c:cb:a3:11:aa:ef:ca:2e:
b2:6a:6c:06:14:6c:3e:65:0b:7c:da:4a:45:37:ec:1c:05:b4:
1e:b7:da:97:96:34:3e:a2:17:01:7d:d5:85:36:d2:4a:32:6b:
e5:a2:8a:b3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZhXbrIlOPbJwWrKrPHvzzluMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmMDIxMWM5MWU5ZTBkMzVjYjUxMzM0NTkxM2UwYTFhNjFi
ZmQyNDkwHhcNMjUwNzI5MTgyNTI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTZhZTM5Y2U4NjQ3NGI5ZTAxZmZhY2RjM2NmZTNlMThhOWE0NTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp/VIoK6eF6Akcy29rQqYHlK/QAcR
0O+mF8THBir/r6kW+pL11aB0mx11P/a830qVo56OiuZtFnqAN2AVH1B6JwlDAKAj
G0xksNIfqmp28ge2Dlwgpm03Rz0LbqRY3tk7XjJYYb+TbhZDzvLC2NW/FqcKlhjX
63PKAYpmCpG0NA2UHF+u8GD8Ty+rL+S0sT5hElIBUnef6BsRq787nvTZMJUmSeW6
WVEK1aaPOpEsve+fbc/354zBUXlFf28TMP4sAWgXxap6tQ9jXPfDc/X5RabpWzIF
fEaLwBOaCtOXau4rDy5jEuaGkA7gU3wpzP7ryg1+bzyBxL5UwX0ug8C27QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJVq45zoZHS54B/6zcPP4+GKmkUKMB8GA1UdIwQY
MBaAFF8CEckeng01y1EzRZE+Chphv9JJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHdJUnlSNmVEVFhMVVRORmtUNEtHbUdfMGtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny82NmQwNTctNzdlNS00MjQxLTgwYWEt
MjFmZDM1Y2Y0YmI5LzEvbFdyam5PaGtkTG5nSF9yTnc4X2o0WXFhUlFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny82NmQwNTctNzdlNS00MjQxLTgwYWEtMjFmZDM1Y2Y0YmI5
LzEvWHdJUnlSNmVEVFhMVVRORmtUNEtHbUdfMGtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAp5ZWMA8E
AgACMAkDBwAgAQZ8CtQwDQYJKoZIhvcNAQELBQADggEBACfSPJbX5K1Ib4gDYOLu
/VEtaUMmZhxSn8ojAdY553YAxJIwD7ZBRMwc7EL0Cc349o2rLIugQRLwxnrJgSvv
ST5KGG9bRi5wkEbzkdyp5hW4HM/YafZ4ip3gqdkirPuFd7Zz7oAhRiQgFJpco0F+
m8D+wTBiYRim4dw4SUZGXLD+qOEMcNdYqjpQ81qu4X5UlQtbR1MY+Ys0KI07LnXZ
bcZFd0B9tjZ88gSFXZK5kNUQiAu2vrij0m1bKitJP5eZyzT31L1H7YIIbw+sgate
Y8ksy6MRqu/KLrJqbAYUbD5lC3zaSkU37BwFtB632peWND6iFwF91YU20koya+Wi
irM=
-----END CERTIFICATE-----
Generated at Sat Aug 9 20:43:47 2025 by rpki-client