Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/Lr1LzXyumOBPj_yIluNqPPEMwa0.roa
File: Lr1LzXyumOBPj_yIluNqPPEMwa0.roa (raw, json)
Hash identifier: sBT3UPTkIP+md17sRvstMzPi7rE3T6na02IalXU7HOU=
Subject key identifier: 2E:BD:4B:CD:7C:AE:98:E0:4F:8F:FC:88:96:E3:6A:3C:F1:0C:C1:AD
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 0199714754385AF835FF4DA02F5A176DCC19
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/Lr1LzXyumOBPj_yIluNqPPEMwa0.roa
Signing time: Mon 22 Sep 2025 11:55:24 +0000
ROA not before: Mon 22 Sep 2025 11:55:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200019
IP address blocks: 80.97.128.0/20 maxlen: 20
81.180.92.0/23 maxlen: 24
85.120.81.0/24 maxlen: 24
85.121.4.0/23 maxlen: 24
85.121.149.0/24 maxlen: 24
194.102.105.0/24 maxlen: 24
217.156.8.0/23 maxlen: 24
217.156.64.0/24 maxlen: 24
217.156.65.0/24 maxlen: 24
217.156.123.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.mft
rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:71:47:54:38:5a:f8:35:ff:4d:a0:2f:5a:17:6d:cc:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Sep 22 11:55:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2ebd4bcd7cae98e04f8ffc8896e36a3cf10cc1ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:8d:1a:04:b6:21:a3:9e:ea:7b:5e:ac:7a:ad:
8d:09:0b:d7:6c:9c:e1:dd:49:6d:eb:55:d9:4d:1d:
ca:3b:cb:92:27:1d:c0:b0:f0:6d:b6:82:06:15:83:
d3:93:2e:77:24:d3:7f:55:df:31:6c:6f:ef:d1:ea:
b9:ed:78:7c:2f:de:8d:9c:79:26:5a:ad:6e:35:c9:
3c:a0:c9:db:c3:7f:c4:de:97:01:0a:f5:0f:df:20:
ea:49:4b:d5:59:87:ea:58:4d:8a:e3:90:d2:c7:05:
4e:05:52:f7:57:aa:a0:7d:5a:1e:6c:4a:50:9f:5c:
1b:05:57:0d:59:17:75:19:d5:75:88:5a:41:99:16:
99:35:e0:56:82:49:4a:bc:00:0d:ff:c7:31:b2:48:
76:8d:eb:03:54:64:bb:27:e6:c7:c6:57:8c:78:79:
ff:10:58:04:e5:3a:48:91:64:02:e0:81:3e:53:f3:
e4:ed:b5:b3:89:e2:ae:cc:96:d8:ac:e1:cf:2b:07:
d3:8d:5e:6c:fa:bd:60:4d:b6:79:c8:21:66:88:1b:
31:f3:8a:a6:77:ed:9d:c0:9d:5e:8e:a0:3e:1d:4d:
07:5e:a3:24:f3:1c:8c:cd:5a:3e:e2:9e:c4:93:49:
69:55:e3:ab:34:32:80:32:47:57:31:83:98:f4:90:
44:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:BD:4B:CD:7C:AE:98:E0:4F:8F:FC:88:96:E3:6A:3C:F1:0C:C1:AD
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/Lr1LzXyumOBPj_yIluNqPPEMwa0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.97.128.0/20
81.180.92.0/23
85.120.81.0/24
85.121.4.0/23
85.121.149.0/24
194.102.105.0/24
217.156.8.0/23
217.156.64.0/23
217.156.123.0/24
Signature Algorithm: sha256WithRSAEncryption
00:dd:cf:54:94:1d:61:6c:a3:df:73:ff:cd:7e:ce:56:81:2c:
44:00:c7:e5:d2:64:c4:14:a6:9d:df:82:a9:7c:c7:5a:1f:e4:
c8:db:bb:fb:5a:b7:da:13:a5:83:45:4b:20:5d:d2:a0:f4:8e:
2d:12:65:a5:7f:d0:f0:ee:32:bd:28:f2:1d:2d:92:7b:57:30:
a3:14:ef:11:9d:ac:26:ea:a8:f2:e8:83:7f:a7:88:40:51:1f:
8d:63:e0:eb:41:89:58:5f:dd:2c:e6:6c:38:91:9f:02:f1:86:
4c:f3:32:06:67:9e:51:41:9a:e5:21:f9:94:0b:96:b8:ab:5c:
d1:b4:7f:ca:e8:94:5c:b1:79:0b:49:04:71:49:a3:70:a4:45:
18:af:a1:c3:f0:24:36:ac:f2:15:2c:ce:08:af:12:67:bf:b9:
06:0e:1a:46:51:cb:35:5a:71:aa:bd:a9:2b:10:c9:cb:19:10:
75:cf:f0:40:52:62:f5:55:49:b4:2c:61:9e:7f:15:62:b9:6b:
e0:e6:9b:4e:df:ef:68:8c:9a:ce:2f:e6:9d:d5:15:b9:c6:90:
57:92:ee:28:67:ac:fd:2f:29:78:24:9a:1a:9a:34:f3:65:0f:
95:0f:a2:ab:75:73:a0:e0:e4:9d:43:50:6d:bf:ed:99:f2:e4:
c5:ec:37:4d
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZlxR1Q4Wvg1/02gL1oXbcwZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjUwOTIyMTE1NTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWJkNGJjZDdjYWU5OGUwNGY4ZmZjODg5NmUzNmEzY2YxMGNjMWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyo0aBLYho57qe16seq2NCQvXbJzh
3Ult61XZTR3KO8uSJx3AsPBttoIGFYPTky53JNN/Vd8xbG/v0eq57Xh8L96NnHkm
Wq1uNck8oMnbw3/E3pcBCvUP3yDqSUvVWYfqWE2K45DSxwVOBVL3V6qgfVoebEpQ
n1wbBVcNWRd1GdV1iFpBmRaZNeBWgklKvAAN/8cxskh2jesDVGS7J+bHxleMeHn/
EFgE5TpIkWQC4IE+U/Pk7bWzieKuzJbYrOHPKwfTjV5s+r1gTbZ5yCFmiBsx84qm
d+2dwJ1ejqA+HU0HXqMk8xyMzVo+4p7Ek0lpVeOrNDKAMkdXMYOY9JBElQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFC69S818rpjgT4/8iJbjajzxDMGtMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvTHIxTHpYeXVtT0JQal95SWx1TnFQUEVNd2EwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQEUGGAAwQB
UbRcAwQAVXhRAwQBVXkEAwQAVXmVAwQAwmZpAwQB2ZwIAwQB2ZxAAwQA2Zx7MA0G
CSqGSIb3DQEBCwUAA4IBAQAA3c9UlB1hbKPfc//Nfs5WgSxEAMfl0mTEFKad34Kp
fMdaH+TI27v7WrfaE6WDRUsgXdKg9I4tEmWlf9Dw7jK9KPIdLZJ7VzCjFO8Rnawm
6qjy6IN/p4hAUR+NY+DrQYlYX90s5mw4kZ8C8YZM8zIGZ55RQZrlIfmUC5a4q1zR
tH/K6JRcsXkLSQRxSaNwpEUYr6HD8CQ2rPIVLM4IrxJnv7kGDhpGUcs1WnGqvakr
EMnLGRB1z/BAUmL1VUm0LGGefxViuWvg5ptO3+9ojJrOL+ad1RW5xpBXku4oZ6z9
Lyl4JJoamjTzZQ+VD6KrdXOg4OSdQ1Btv+2Z8uTF7DdN
-----END CERTIFICATE-----
Generated at Mon Oct 20 01:25:00 2025 by rpki-client