Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/lBZNmXAUIUvwcj4U__siX-79eM8.roa
File: lBZNmXAUIUvwcj4U__siX-79eM8.roa (raw, json)
Hash identifier: rgE085rqUw7U+wbzLj+KoL/zK+PG3ikFJt+qYez0PPk=
Subject key identifier: 94:16:4D:99:70:14:21:4B:F0:72:3E:14:FF:FB:22:5F:EE:FD:78:CF
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 01975E938F441850E179886D16BF87F61B6C
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/lBZNmXAUIUvwcj4U__siX-79eM8.roa
Signing time: Wed 11 Jun 2025 10:40:17 +0000
ROA not before: Wed 11 Jun 2025 10:40:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207448
IP address blocks: 192.165.132.0/24 maxlen: 24
193.183.193.0/24 maxlen: 24
193.235.64.0/24 maxlen: 24
2a01:280:358::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:5e:93:8f:44:18:50:e1:79:88:6d:16:bf:87:f6:1b:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jun 11 10:40:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=94164d997014214bf0723e14fffb225feefd78cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:a3:54:3c:07:fd:df:ab:7e:2a:76:6f:46:50:
55:6b:2a:c5:cd:72:75:fe:7f:05:b1:49:0d:27:92:
fc:a9:1c:0e:00:46:04:6c:49:37:e8:27:35:f5:ff:
87:4e:29:bc:94:ad:d9:59:8a:c5:8b:54:ed:b2:5f:
ff:62:43:50:d3:97:64:ce:13:5f:2e:22:d3:05:46:
fa:b2:cf:f2:83:7c:06:d7:c7:d0:1f:b4:ff:76:cc:
88:aa:da:c6:10:1f:6e:18:2e:fe:dc:2e:f8:54:4e:
66:02:7c:f9:80:5e:fc:7f:89:6a:c5:5c:1f:00:84:
40:f1:a3:5f:e8:c5:1b:1d:be:9e:9d:78:c1:2e:22:
1e:21:25:44:61:d2:06:a7:e5:27:91:70:d5:c2:4f:
27:03:f4:82:02:ae:5f:3b:ad:16:c2:87:64:ad:a7:
f4:cb:b6:2a:da:5e:65:92:86:bb:9e:56:18:73:8c:
b3:81:31:b4:11:7a:4b:00:87:8f:10:dd:42:12:e5:
f0:19:59:06:03:00:99:f5:e8:a2:fd:6c:59:b1:aa:
6f:74:fa:f7:70:0c:fc:72:a2:b3:59:59:3d:f2:0c:
d6:b4:ed:a5:36:37:ed:2b:e7:78:12:92:ff:5b:20:
0a:71:91:1e:44:55:93:e2:38:92:c8:3d:b0:35:d0:
05:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:16:4D:99:70:14:21:4B:F0:72:3E:14:FF:FB:22:5F:EE:FD:78:CF
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/lBZNmXAUIUvwcj4U__siX-79eM8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.165.132.0/24
193.183.193.0/24
193.235.64.0/24
IPv6:
2a01:280:358::/48
Signature Algorithm: sha256WithRSAEncryption
56:e0:28:62:11:26:d6:6f:b9:6f:d0:3d:0a:26:91:b0:ef:b7:
06:b2:d4:96:5b:b3:fa:88:f2:9d:a0:b5:5c:68:af:b3:d0:99:
e2:86:6d:d2:2d:34:57:24:bd:9a:a5:d8:d5:25:5f:7f:02:6f:
71:ee:35:a9:4f:7c:a2:6a:e1:af:c9:d6:b4:1a:9b:74:74:a1:
7e:55:da:48:b9:60:9b:c7:e9:7e:af:bb:41:a2:a2:20:db:68:
bd:da:8c:1c:fe:40:bf:a7:72:97:a2:3d:a8:fb:24:f8:bc:20:
b2:65:e5:99:ee:ed:b8:41:7c:17:8a:74:07:9b:67:d1:d9:e4:
28:2d:7f:b2:c8:db:5c:e0:a7:a4:52:af:a6:c7:d0:0a:99:a0:
bb:d1:ce:0e:6a:6f:59:6d:f7:1b:a5:7b:ce:a7:fa:43:a6:ae:
c1:3b:45:75:94:5d:ba:32:d9:26:e0:b7:a5:21:ee:a9:35:ca:
fa:2c:69:5a:96:31:b6:ea:1c:d7:02:09:44:21:f1:6e:de:fc:
a7:10:5f:01:b7:80:61:19:42:ed:dc:fc:d0:54:61:62:54:7a:
c2:9b:04:ee:48:44:84:ae:e4:40:44:e6:12:f2:99:81:49:64:
44:70:cf:a3:b4:72:af:70:96:8b:80:03:56:5f:9d:c4:aa:0b:
f1:55:07:56
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZdek49EGFDheYhtFr+H9htsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjUwNjExMTA0MDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDE2NGQ5OTcwMTQyMTRiZjA3MjNlMTRmZmZiMjI1ZmVlZmQ3OGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwaNUPAf936t+KnZvRlBVayrFzXJ1
/n8FsUkNJ5L8qRwOAEYEbEk36Cc19f+HTim8lK3ZWYrFi1Ttsl//YkNQ05dkzhNf
LiLTBUb6ss/yg3wG18fQH7T/dsyIqtrGEB9uGC7+3C74VE5mAnz5gF78f4lqxVwf
AIRA8aNf6MUbHb6enXjBLiIeISVEYdIGp+UnkXDVwk8nA/SCAq5fO60Wwodkraf0
y7Yq2l5lkoa7nlYYc4yzgTG0EXpLAIePEN1CEuXwGVkGAwCZ9eii/WxZsapvdPr3
cAz8cqKzWVk98gzWtO2lNjftK+d4EpL/WyAKcZEeRFWT4jiSyD2wNdAFVwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFJQWTZlwFCFL8HI+FP/7Il/u/XjPMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvbEJaTm1YQVVJVXZ3Y2o0VV9fc2lYLTc5ZU04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAwKWEAwQA
wbfBAwQAwetAMA8EAgACMAkDBwAqAQKAA1gwDQYJKoZIhvcNAQELBQADggEBAFbg
KGIRJtZvuW/QPQomkbDvtway1JZbs/qI8p2gtVxor7PQmeKGbdItNFckvZql2NUl
X38Cb3HuNalPfKJq4a/J1rQam3R0oX5V2ki5YJvH6X6vu0GioiDbaL3ajBz+QL+n
cpeiPaj7JPi8ILJl5Znu7bhBfBeKdAebZ9HZ5Cgtf7LI21zgp6RSr6bH0AqZoLvR
zg5qb1lt9xule86n+kOmrsE7RXWUXboy2Sbgt6Uh7qk1yvosaVqWMbbqHNcCCUQh
8W7e/KcQXwG3gGEZQu3c/NBUYWJUesKbBO5IRISu5EBE5hLymYFJZERwz6O0cq9w
louAA1ZfncSqC/FVB1Y=
-----END CERTIFICATE-----
Generated at Sat Jun 14 12:16:20 2025 by rpki-client