Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/54a65b-cf0b-498f-80d4-bc584b36cbef/1/li_xM5g8XJewiuFYtMbf41bP8yE.roa
File: li_xM5g8XJewiuFYtMbf41bP8yE.roa (raw, json)
Hash identifier: bzx5ILILMpyAQLHBTpz7/LBghOAS9mgsK0/iSD6VgTo=
Subject key identifier: 96:2F:F1:33:98:3C:5C:97:B0:8A:E1:58:B4:C6:DF:E3:56:CF:F3:21
Certificate issuer: /CN=79e24b47f8943cad6e04c9f646cb1077c140fdfb
Certificate serial: 019A141922F9D9C1718DD38CF9A41127367B
Authority key identifier: 79:E2:4B:47:F8:94:3C:AD:6E:04:C9:F6:46:CB:10:77:C1:40:FD:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eeJLR_iUPK1uBMn2RssQd8FA_fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/54a65b-cf0b-498f-80d4-bc584b36cbef/1/li_xM5g8XJewiuFYtMbf41bP8yE.roa
Signing time: Fri 24 Oct 2025 02:43:03 +0000
ROA not before: Fri 24 Oct 2025 02:43:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42532
IP address blocks: 77.73.64.0/23 maxlen: 23
77.73.71.0/24 maxlen: 24
94.158.218.0/24 maxlen: 24
94.158.219.0/24 maxlen: 24
94.242.48.0/24 maxlen: 24
94.242.49.0/24 maxlen: 24
94.242.58.0/23 maxlen: 23
94.242.63.0/24 maxlen: 24
185.22.172.0/22 maxlen: 22
185.145.245.0/24 maxlen: 24
185.155.119.0/24 maxlen: 24
185.242.104.0/22 maxlen: 22
185.242.106.0/23 maxlen: 23
212.6.44.0/24 maxlen: 24
2a0c:16c0::/32 maxlen: 32
2a0c:16c1::/32 maxlen: 32
2a0c:16c2::/32 maxlen: 32
2a0c:16c3::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/54a65b-cf0b-498f-80d4-bc584b36cbef/1/eeJLR_iUPK1uBMn2RssQd8FA_fs.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/54a65b-cf0b-498f-80d4-bc584b36cbef/1/eeJLR_iUPK1uBMn2RssQd8FA_fs.mft
rsync://rpki.ripe.net/repository/DEFAULT/eeJLR_iUPK1uBMn2RssQd8FA_fs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 02:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:14:19:22:f9:d9:c1:71:8d:d3:8c:f9:a4:11:27:36:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=79e24b47f8943cad6e04c9f646cb1077c140fdfb
Validity
Not Before: Oct 24 02:43:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=962ff133983c5c97b08ae158b4c6dfe356cff321
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:e4:5c:1d:a5:22:28:5b:8c:31:b8:86:cf:b2:
bc:48:ed:b5:20:a7:50:8b:e6:9a:52:de:d3:62:c5:
bd:bc:73:5e:35:a2:f1:29:f1:f3:cc:a0:84:b8:f6:
9c:2e:3d:6d:9c:ba:fa:bc:7d:fc:c7:af:3b:4d:26:
35:0d:66:b8:a3:4e:71:76:34:8c:2a:5b:e2:2b:f0:
86:6c:39:a2:26:55:b3:47:e0:34:e1:65:0e:23:a0:
72:0c:f0:7a:b0:8a:3c:41:52:09:3a:9e:5b:d9:0b:
09:25:36:2e:72:d6:02:2a:46:b9:f1:16:79:70:16:
a9:02:01:9f:37:f4:b4:59:d4:00:f0:30:c9:67:a5:
e4:9a:cd:c6:a2:8c:20:ee:9a:34:89:0b:f8:83:9d:
9e:ee:72:4d:eb:62:ed:4a:54:ed:bf:66:d2:61:59:
32:3f:98:3c:04:49:75:16:62:a7:4f:55:a6:78:d1:
33:9c:ba:86:5b:04:af:81:3e:2d:c8:c3:40:f0:63:
63:6c:88:c0:90:68:c0:d3:77:ac:c4:5b:d1:8e:09:
5c:94:92:8c:1b:4e:d2:11:7b:bd:cd:e8:8a:a9:f3:
e0:30:31:c8:82:ba:4b:31:8e:c3:28:84:78:37:e7:
51:e4:0d:8c:f7:36:4d:4c:8f:23:85:24:d2:fa:d4:
dd:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:2F:F1:33:98:3C:5C:97:B0:8A:E1:58:B4:C6:DF:E3:56:CF:F3:21
X509v3 Authority Key Identifier:
keyid:79:E2:4B:47:F8:94:3C:AD:6E:04:C9:F6:46:CB:10:77:C1:40:FD:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eeJLR_iUPK1uBMn2RssQd8FA_fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/54a65b-cf0b-498f-80d4-bc584b36cbef/1/li_xM5g8XJewiuFYtMbf41bP8yE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/54a65b-cf0b-498f-80d4-bc584b36cbef/1/eeJLR_iUPK1uBMn2RssQd8FA_fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.73.64.0/23
77.73.71.0/24
94.158.218.0/23
94.242.48.0/23
94.242.58.0/23
94.242.63.0/24
185.22.172.0/22
185.145.245.0/24
185.155.119.0/24
185.242.104.0/22
212.6.44.0/24
IPv6:
2a0c:16c0::/30
Signature Algorithm: sha256WithRSAEncryption
85:7d:05:a1:17:e5:19:49:54:b5:3e:81:7a:33:b1:0a:40:15:
40:94:ab:97:b0:df:0e:45:3b:c5:fc:15:ab:e5:20:c9:19:d0:
d7:09:02:0f:b5:cc:b0:d7:a4:2b:8a:05:0d:c2:49:12:a2:c1:
64:df:22:37:e5:e4:4a:d8:e7:d5:8f:46:4c:55:6d:8b:d4:ed:
b7:01:74:c2:19:76:9e:01:ab:5b:ad:74:18:c0:64:3a:43:14:
6d:94:fd:ba:a1:04:2c:b9:9c:d6:e1:5a:6c:71:ec:f5:41:1d:
b7:a6:f0:62:2e:be:69:8d:57:87:30:4d:bf:47:d0:8b:d8:36:
aa:a4:02:96:56:5b:a5:f5:92:9f:49:8a:b8:fa:30:8a:7f:cd:
7b:5c:68:5e:11:70:a8:3c:05:cf:22:80:cb:be:f4:ae:28:0f:
27:87:57:1e:a7:f4:ae:23:fb:33:73:e8:cb:36:5e:85:e2:20:
4f:ab:c1:00:84:93:dc:da:75:e7:a5:5c:5d:ad:73:04:40:84:
8f:eb:67:56:ea:8d:38:49:f1:78:43:61:4a:8c:8a:51:eb:81:
92:d1:77:4f:2c:4e:cb:8f:3b:c8:9c:84:70:d4:c0:f0:32:b1:
01:51:ea:ce:a8:37:3e:b8:28:2f:08:21:c1:de:3f:66:2e:81:
76:94:7f:8a
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAZoUGSL52cFxjdOM+aQRJzZ7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5ZTI0YjQ3Zjg5NDNjYWQ2ZTA0YzlmNjQ2Y2IxMDc3YzE0
MGZkZmIwHhcNMjUxMDI0MDI0MzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjJmZjEzMzk4M2M1Yzk3YjA4YWUxNThiNGM2ZGZlMzU2Y2ZmMzIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAweRcHaUiKFuMMbiGz7K8SO21IKdQ
i+aaUt7TYsW9vHNeNaLxKfHzzKCEuPacLj1tnLr6vH38x687TSY1DWa4o05xdjSM
KlviK/CGbDmiJlWzR+A04WUOI6ByDPB6sIo8QVIJOp5b2QsJJTYuctYCKka58RZ5
cBapAgGfN/S0WdQA8DDJZ6Xkms3Goowg7po0iQv4g52e7nJN62LtSlTtv2bSYVky
P5g8BEl1FmKnT1WmeNEznLqGWwSvgT4tyMNA8GNjbIjAkGjA03esxFvRjglclJKM
G07SEXu9zeiKqfPgMDHIgrpLMY7DKIR4N+dR5A2M9zZNTI8jhSTS+tTdmwIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFJYv8TOYPFyXsIrhWLTG3+NWz/MhMB8GA1UdIwQY
MBaAFHniS0f4lDytbgTJ9kbLEHfBQP37MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWVKTFJfaVVQSzF1Qk1uMlJzc1FkOEZBX2ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi81NGE2NWItY2YwYi00OThmLTgwZDQt
YmM1ODRiMzZjYmVmLzEvbGlfeE01ZzhYSmV3aXVGWXRNYmY0MWJQOHlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi81NGE2NWItY2YwYi00OThmLTgwZDQtYmM1ODRiMzZjYmVm
LzEvZWVKTFJfaVVQSzF1Qk1uMlJzc1FkOEZBX2ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBIBAIAATBCAwQBTUlAAwQA
TUlHAwQBXp7aAwQBXvIwAwQBXvI6AwQAXvI/AwQCuRasAwQAuZH1AwQAuZt3AwQC
ufJoAwQA1AYsMA0EAgACMAcDBQIqDBbAMA0GCSqGSIb3DQEBCwUAA4IBAQCFfQWh
F+UZSVS1PoF6M7EKQBVAlKuXsN8ORTvF/BWr5SDJGdDXCQIPtcyw16QrigUNwkkS
osFk3yI35eRK2OfVj0ZMVW2L1O23AXTCGXaeAatbrXQYwGQ6QxRtlP26oQQsuZzW
4Vpscez1QR23pvBiLr5pjVeHME2/R9CL2DaqpAKWVlul9ZKfSYq4+jCKf817XGhe
EXCoPAXPIoDLvvSuKA8nh1cep/SuI/szc+jLNl6F4iBPq8EAhJPc2nXnpVxdrXME
QISP62dW6o04SfF4Q2FKjIpR64GS0XdPLE7LjzvInIRw1MDwMrEBUerOqDc+uCgv
CCHB3j9mLoF2lH+K
-----END CERTIFICATE-----
Generated at Wed Nov 5 12:29:21 2025 by rpki-client