Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/LWD4-OU95_FRda-NCOb6W7qqhlk.roa
File: LWD4-OU95_FRda-NCOb6W7qqhlk.roa (raw, json)
Hash identifier: /68MHjyM7YGgptvnqCHIzlmysaHHp9CA6NYAUfenFig=
Subject key identifier: 2D:60:F8:F8:E5:3D:E7:F1:51:75:AF:8D:08:E6:FA:5B:BA:AA:86:59
Certificate issuer: /CN=297c508d23b38315bbf45b726d22050a46127b8c
Certificate serial: 01978755998B08EB5A007AC16878C4A9D599
Authority key identifier: 29:7C:50:8D:23:B3:83:15:BB:F4:5B:72:6D:22:05:0A:46:12:7B:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KXxQjSOzgxW79FtybSIFCkYSe4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/LWD4-OU95_FRda-NCOb6W7qqhlk.roa
Signing time: Thu 19 Jun 2025 08:37:03 +0000
ROA not before: Thu 19 Jun 2025 08:37:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34177
IP address blocks: 5.133.68.0/22 maxlen: 22
62.193.32.0/19 maxlen: 19
62.244.84.0/22 maxlen: 22
62.244.86.0/23 maxlen: 23
62.244.88.0/23 maxlen: 23
62.244.89.0/24 maxlen: 24
62.244.96.0/22 maxlen: 22
62.244.112.0/22 maxlen: 22
62.244.117.0/24 maxlen: 24
62.244.119.0/24 maxlen: 24
78.31.40.0/21 maxlen: 21
78.109.240.0/20 maxlen: 20
79.98.16.0/21 maxlen: 24
80.74.64.0/20 maxlen: 24
80.245.16.0/20 maxlen: 20
82.210.0.0/19 maxlen: 19
82.210.32.0/19 maxlen: 19
83.118.192.0/19 maxlen: 19
83.142.144.0/21 maxlen: 21
84.239.64.0/18 maxlen: 24
91.90.96.0/21 maxlen: 21
94.228.176.0/20 maxlen: 20
95.141.96.0/20 maxlen: 20
141.101.56.0/22 maxlen: 24
159.180.224.0/19 maxlen: 19
176.57.32.0/21 maxlen: 21
178.16.160.0/20 maxlen: 20
185.4.44.0/22 maxlen: 24
185.5.108.0/22 maxlen: 22
185.10.176.0/22 maxlen: 24
185.18.208.0/22 maxlen: 22
185.19.48.0/22 maxlen: 24
185.41.4.0/22 maxlen: 22
185.47.240.0/22 maxlen: 24
185.81.52.0/22 maxlen: 22
185.132.116.0/22 maxlen: 22
185.137.254.0/23 maxlen: 24
185.156.80.0/22 maxlen: 22
185.163.28.0/22 maxlen: 22
185.171.156.0/22 maxlen: 22
185.180.244.0/22 maxlen: 22
185.191.92.0/22 maxlen: 22
185.211.24.0/22 maxlen: 22
185.213.160.0/22 maxlen: 22
185.218.248.0/22 maxlen: 22
185.249.28.0/22 maxlen: 22
194.213.124.0/23 maxlen: 23
195.15.128.0/18 maxlen: 18
195.49.132.0/22 maxlen: 22
195.200.160.0/19 maxlen: 19
212.106.96.0/19 maxlen: 19
2001:ab8::/29 maxlen: 32
2a00:6900::/29 maxlen: 48
2a01:4e00::/32 maxlen: 32
2a03:5d40::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/KXxQjSOzgxW79FtybSIFCkYSe4w.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/KXxQjSOzgxW79FtybSIFCkYSe4w.mft
rsync://rpki.ripe.net/repository/DEFAULT/KXxQjSOzgxW79FtybSIFCkYSe4w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 00:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:87:55:99:8b:08:eb:5a:00:7a:c1:68:78:c4:a9:d5:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297c508d23b38315bbf45b726d22050a46127b8c
Validity
Not Before: Jun 19 08:37:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2d60f8f8e53de7f15175af8d08e6fa5bbaaa8659
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:79:f4:a7:23:1f:76:e6:b0:62:14:73:fd:c8:
13:36:3c:a1:ab:8c:6d:a1:da:60:2d:45:38:66:51:
83:c1:c1:97:5d:6a:ee:73:40:ee:fd:71:22:b6:73:
33:84:ca:7b:c4:cb:92:77:34:f0:e1:a5:b1:a6:96:
a5:c8:32:a2:de:18:8d:3f:b0:05:f9:af:82:be:e0:
8e:b6:3c:f2:c5:bc:e5:ad:1c:f3:b7:78:c4:71:b3:
2f:0a:70:3d:df:90:a7:f2:1f:7d:bb:f9:e6:a5:64:
5a:d7:2a:40:ab:ac:a5:6c:95:04:cc:82:34:bf:03:
4b:eb:7a:1d:88:a1:e0:8e:f4:55:7d:60:ca:af:98:
3b:3f:f5:cc:bb:a5:af:01:35:a8:79:27:23:fe:d3:
c9:2f:8c:93:81:8c:59:3e:b1:83:cd:ef:94:54:4f:
99:fb:44:26:67:12:03:db:29:db:a8:dc:c7:17:e9:
9d:33:5d:1f:03:c3:3a:05:08:70:9f:fb:96:e3:a4:
53:fd:87:98:48:bc:ce:1d:b0:fc:e5:97:e9:39:8d:
8d:48:6d:e3:8d:9f:64:dd:72:36:35:a7:5e:a6:b6:
35:03:ef:24:39:94:33:dc:b9:30:0e:49:d7:ff:fe:
e5:36:40:c2:7a:21:6e:78:33:96:6a:01:45:26:14:
21:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:60:F8:F8:E5:3D:E7:F1:51:75:AF:8D:08:E6:FA:5B:BA:AA:86:59
X509v3 Authority Key Identifier:
keyid:29:7C:50:8D:23:B3:83:15:BB:F4:5B:72:6D:22:05:0A:46:12:7B:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KXxQjSOzgxW79FtybSIFCkYSe4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/LWD4-OU95_FRda-NCOb6W7qqhlk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/KXxQjSOzgxW79FtybSIFCkYSe4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.68.0/22
62.193.32.0/19
62.244.84.0-62.244.89.255
62.244.96.0/22
62.244.112.0/22
62.244.117.0/24
62.244.119.0/24
78.31.40.0/21
78.109.240.0/20
79.98.16.0/21
80.74.64.0/20
80.245.16.0/20
82.210.0.0/18
83.118.192.0/19
83.142.144.0/21
84.239.64.0/18
91.90.96.0/21
94.228.176.0/20
95.141.96.0/20
141.101.56.0/22
159.180.224.0/19
176.57.32.0/21
178.16.160.0/20
185.4.44.0/22
185.5.108.0/22
185.10.176.0/22
185.18.208.0/22
185.19.48.0/22
185.41.4.0/22
185.47.240.0/22
185.81.52.0/22
185.132.116.0/22
185.137.254.0/23
185.156.80.0/22
185.163.28.0/22
185.171.156.0/22
185.180.244.0/22
185.191.92.0/22
185.211.24.0/22
185.213.160.0/22
185.218.248.0/22
185.249.28.0/22
194.213.124.0/23
195.15.128.0/18
195.49.132.0/22
195.200.160.0/19
212.106.96.0/19
IPv6:
2001:ab8::/29
2a00:6900::/29
2a01:4e00::/32
2a03:5d40::/32
Signature Algorithm: sha256WithRSAEncryption
62:50:67:ae:05:ac:dd:df:19:33:b4:30:03:5c:af:d8:f8:27:
22:ea:e0:3f:92:63:f4:0e:df:4c:7d:3e:ba:3f:28:df:28:4f:
61:0a:f7:60:a9:7c:62:19:18:31:50:6a:9f:1c:fe:cc:e9:48:
a1:ed:c5:d0:3d:b6:72:88:b8:a2:98:67:a6:72:bf:7c:3e:65:
d3:d1:11:45:30:ed:f3:88:7b:37:bc:12:9c:e6:3a:43:71:de:
38:f3:4a:da:ee:5a:0d:1e:d2:fb:cc:35:01:de:07:99:c9:a0:
e1:a1:f1:1c:06:e8:54:8f:3a:28:1e:4f:5d:70:03:cd:33:d7:
8e:a6:61:71:73:74:8b:e7:fa:20:80:57:c6:e8:35:a5:0f:85:
07:0d:78:a3:73:24:e1:9e:fb:60:8e:59:43:40:52:f6:ab:1f:
ce:11:2b:a7:7b:46:80:69:11:fb:03:21:6b:a9:ba:74:bc:3d:
75:59:c9:f9:b9:a5:e3:f2:7f:9c:2c:17:5e:be:32:af:ef:ba:
47:4c:f5:b5:4c:6b:84:90:8e:27:c0:89:4e:94:c8:83:30:63:
d3:1c:1c:a6:70:11:94:23:89:77:23:ba:b8:39:ff:bb:fd:c7:
85:66:be:c3:b0:53:3c:75:96:83:16:b0:7d:32:92:d8:5c:fa:
09:45:df:3a
-----BEGIN CERTIFICATE-----
MIIGRzCCBS+gAwIBAgISAZeHVZmLCOtaAHrBaHjEqdWZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5N2M1MDhkMjNiMzgzMTViYmY0NWI3MjZkMjIwNTBhNDYx
MjdiOGMwHhcNMjUwNjE5MDgzNzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDYwZjhmOGU1M2RlN2YxNTE3NWFmOGQwOGU2ZmE1YmJhYWE4NjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi3n0pyMfduawYhRz/cgTNjyhq4xt
odpgLUU4ZlGDwcGXXWruc0Du/XEitnMzhMp7xMuSdzTw4aWxppalyDKi3hiNP7AF
+a+CvuCOtjzyxbzlrRzzt3jEcbMvCnA935Cn8h99u/nmpWRa1ypAq6ylbJUEzII0
vwNL63odiKHgjvRVfWDKr5g7P/XMu6WvATWoeScj/tPJL4yTgYxZPrGDze+UVE+Z
+0QmZxID2ynbqNzHF+mdM10fA8M6BQhwn/uW46RT/YeYSLzOHbD85ZfpOY2NSG3j
jZ9k3XI2NadeprY1A+8kOZQz3LkwDknX//7lNkDCeiFueDOWagFFJhQhFQIDAQAB
o4IDUzCCA08wHQYDVR0OBBYEFC1g+PjlPefxUXWvjQjm+lu6qoZZMB8GA1UdIwQY
MBaAFCl8UI0js4MVu/Rbcm0iBQpGEnuMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1h4UWpTT3pneFc3OUZ0eWJTSUZDa1lTZTR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC84YWJlZWQtZjUzYi00Nzc2LWE4ZTIt
MzZlOWE3OWJkOTUwLzEvTFdENC1PVTk1X0ZSZGEtTkNPYjZXN3FxaGxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC84YWJlZWQtZjUzYi00Nzc2LWE4ZTItMzZlOWE3OWJkOTUw
LzEvS1h4UWpTT3pneFc3OUZ0eWJTSUZDa1lTZTR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBZwYIKwYBBQUHAQcBAf8EggFWMIIBUjCCASoEAgABMIIB
IgMEAgWFRAMEBT7BIDAMAwQCPvRUAwQBPvRYAwQCPvRgAwQCPvRwAwQAPvR1AwQA
PvR3AwQDTh8oAwQETm3wAwQDT2IQAwQEUEpAAwQEUPUQAwQGUtIAAwQFU3bAAwQD
U46QAwQGVO9AAwQDW1pgAwQEXuSwAwQEX41gAwQCjWU4AwQFn7TgAwQDsDkgAwQE
shCgAwQCuQQsAwQCuQVsAwQCuQqwAwQCuRLQAwQCuRMwAwQCuSkEAwQCuS/wAwQC
uVE0AwQCuYR0AwQBuYn+AwQCuZxQAwQCuaMcAwQCuaucAwQCubT0AwQCub9cAwQC
udMYAwQCudWgAwQCudr4AwQCufkcAwQBwtV8AwQGww+AAwQCwzGEAwQFw8igAwQF
1GpgMCIEAgACMBwDBQMgAQq4AwUDKgBpAAMFACoBTgADBQAqA11AMA0GCSqGSIb3
DQEBCwUAA4IBAQBiUGeuBazd3xkztDADXK/Y+Cci6uA/kmP0Dt9MfT66PyjfKE9h
CvdgqXxiGRgxUGqfHP7M6Uih7cXQPbZyiLiimGemcr98PmXT0RFFMO3ziHs3vBKc
5jpDcd4480ra7loNHtL7zDUB3geZyaDhofEcBuhUjzooHk9dcAPNM9eOpmFxc3SL
5/oggFfG6DWlD4UHDXijcyThnvtgjllDQFL2qx/OESune0aAaRH7AyFrqbp0vD11
Wcn5uaXj8n+cLBdevjKv77pHTPW1TGuEkI4nwIlOlMiDMGPTHBymcBGUI4l3I7q4
Of+7/ceFZr7DsFM8dZaDFrB9MpLYXPoJRd86
-----END CERTIFICATE-----
Generated at Sun Jun 29 06:15:48 2025 by rpki-client