Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/af41cb-ff91-459c-9a64-aba113f3e3ae/1/LMkEUUPmGoZuPUNWmQ2XiYeBcrs.roa
File: LMkEUUPmGoZuPUNWmQ2XiYeBcrs.roa (raw, json)
Hash identifier: JI5490LKZUqVzR7xgSkkCad2N2PYoHeKvEKjKxUvFtA=
Subject key identifier: 2C:C9:04:51:43:E6:1A:86:6E:3D:43:56:99:0D:97:89:87:81:72:BB
Certificate issuer: /CN=48abf29fdef8570502f4b51be5ffc05c4d9b3465
Certificate serial: 0199D30FE4C69A342FDDA0C87622B46C1395
Authority key identifier: 48:AB:F2:9F:DE:F8:57:05:02:F4:B5:1B:E5:FF:C0:5C:4D:9B:34:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SKvyn974VwUC9LUb5f_AXE2bNGU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/af41cb-ff91-459c-9a64-aba113f3e3ae/1/LMkEUUPmGoZuPUNWmQ2XiYeBcrs.roa
Signing time: Sat 11 Oct 2025 11:37:38 +0000
ROA not before: Sat 11 Oct 2025 11:37:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43395
IP address blocks: 45.9.144.0/24 maxlen: 24
45.9.145.0/24 maxlen: 24
45.9.146.0/24 maxlen: 24
45.9.147.0/24 maxlen: 24
45.86.4.0/24 maxlen: 24
45.86.6.0/24 maxlen: 24
45.86.7.0/24 maxlen: 24
45.148.248.0/24 maxlen: 24
45.148.250.0/24 maxlen: 24
45.148.251.0/24 maxlen: 24
185.140.232.0/24 maxlen: 24
185.140.234.0/24 maxlen: 24
185.140.235.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/af41cb-ff91-459c-9a64-aba113f3e3ae/1/SKvyn974VwUC9LUb5f_AXE2bNGU.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/af41cb-ff91-459c-9a64-aba113f3e3ae/1/SKvyn974VwUC9LUb5f_AXE2bNGU.mft
rsync://rpki.ripe.net/repository/DEFAULT/SKvyn974VwUC9LUb5f_AXE2bNGU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:d3:0f:e4:c6:9a:34:2f:dd:a0:c8:76:22:b4:6c:13:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=48abf29fdef8570502f4b51be5ffc05c4d9b3465
Validity
Not Before: Oct 11 11:37:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2cc9045143e61a866e3d4356990d9789878172bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ec:86:db:58:b8:41:75:cc:01:c6:0a:10:94:
d4:50:bc:9f:bd:0b:0b:ac:41:19:3e:d6:c9:30:00:
2a:61:af:99:a2:cd:b5:a0:a3:e8:f3:5a:c0:87:ed:
02:d2:bc:b5:fe:34:cf:f8:29:bc:97:a1:1c:22:6c:
b8:0a:5e:87:bc:c7:14:8c:6a:7f:a0:76:cf:d9:38:
19:88:5a:10:e7:0d:37:36:a9:cd:21:d0:99:d4:ac:
15:b0:ef:a9:03:18:79:7a:10:25:c3:73:f8:81:90:
6a:aa:a8:50:13:11:ea:e2:62:d4:a5:5f:e2:09:31:
bc:be:d4:65:ac:80:f6:c9:97:9b:62:73:d4:95:01:
44:c0:80:80:1e:e6:3b:99:71:8b:cf:79:bf:ea:6c:
93:95:36:d0:2a:1d:aa:18:f2:44:32:84:f2:08:dd:
3c:5e:96:05:50:aa:fe:b8:a4:f3:f7:1e:a0:ab:68:
cd:b1:37:90:13:3c:9f:77:2b:34:eb:1a:ff:ad:13:
38:2c:fe:0f:f3:85:76:0d:c9:b9:57:3b:88:6d:7e:
dc:93:ad:32:e7:b4:f5:f3:60:b8:f7:03:04:e0:d8:
0b:86:e6:20:13:3c:c9:2d:ef:28:99:17:77:e3:fb:
07:2c:9b:8f:f8:d2:22:9c:a7:8f:91:c8:b5:28:41:
ae:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:C9:04:51:43:E6:1A:86:6E:3D:43:56:99:0D:97:89:87:81:72:BB
X509v3 Authority Key Identifier:
keyid:48:AB:F2:9F:DE:F8:57:05:02:F4:B5:1B:E5:FF:C0:5C:4D:9B:34:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SKvyn974VwUC9LUb5f_AXE2bNGU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/af41cb-ff91-459c-9a64-aba113f3e3ae/1/LMkEUUPmGoZuPUNWmQ2XiYeBcrs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/af41cb-ff91-459c-9a64-aba113f3e3ae/1/SKvyn974VwUC9LUb5f_AXE2bNGU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.144.0/22
45.86.4.0/24
45.86.6.0/23
45.148.248.0/24
45.148.250.0/23
185.140.232.0/24
185.140.234.0/23
Signature Algorithm: sha256WithRSAEncryption
82:ff:14:f4:8d:3d:f8:57:eb:6a:a0:5e:4c:96:c3:55:96:38:
03:ad:5a:32:41:e2:f8:82:93:48:1e:91:a6:ab:46:13:d8:38:
cb:b0:56:de:5f:b4:50:ce:2d:39:d8:4d:a1:c7:e6:59:6f:13:
20:e7:98:81:38:5e:c6:0a:f9:e9:03:4a:7b:c9:9d:f1:f8:26:
60:2c:bd:4b:c7:c0:d4:0e:9d:b1:2b:95:32:09:e0:84:0d:6a:
fb:21:75:bf:28:bb:b0:f7:15:33:54:b7:f3:d6:11:2a:72:43:
ad:29:d2:b2:b3:02:9f:22:90:a6:83:54:01:d7:ee:ef:a5:bc:
16:2b:29:e7:b9:52:fe:97:25:66:a0:28:45:f2:25:5e:80:0f:
49:d5:09:54:ad:b4:52:8b:de:1d:c7:ef:5a:b2:62:e4:c9:0b:
65:a1:5d:0a:59:73:4d:cb:7a:fd:b7:68:8a:b8:c7:00:1f:a7:
1e:8a:14:4e:bd:53:97:3d:17:ba:4f:54:64:dc:c5:08:e6:f9:
7b:26:fe:0d:e0:8e:43:34:90:cb:b3:7b:a6:50:a6:9d:23:a5:
83:4e:ea:29:ca:2e:c7:66:e6:bd:14:f8:71:ba:a2:75:2e:11:
5e:20:cf:14:52:fa:7f:85:b2:44:f6:ad:10:b5:3b:9f:be:46:
a1:c5:f5:e6
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZnTD+TGmjQv3aDIdiK0bBOVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4YWJmMjlmZGVmODU3MDUwMmY0YjUxYmU1ZmZjMDVjNGQ5
YjM0NjUwHhcNMjUxMDExMTEzNzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyY2M5MDQ1MTQzZTYxYTg2NmUzZDQzNTY5OTBkOTc4OTg3ODE3MmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAueyG21i4QXXMAcYKEJTUULyfvQsL
rEEZPtbJMAAqYa+Zos21oKPo81rAh+0C0ry1/jTP+Cm8l6EcImy4Cl6HvMcUjGp/
oHbP2TgZiFoQ5w03NqnNIdCZ1KwVsO+pAxh5ehAlw3P4gZBqqqhQExHq4mLUpV/i
CTG8vtRlrID2yZebYnPUlQFEwICAHuY7mXGLz3m/6myTlTbQKh2qGPJEMoTyCN08
XpYFUKr+uKTz9x6gq2jNsTeQEzyfdys06xr/rRM4LP4P84V2Dcm5VzuIbX7ck60y
57T182C49wME4NgLhuYgEzzJLe8omRd34/sHLJuP+NIinKePkci1KEGuQwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFCzJBFFD5hqGbj1DVpkNl4mHgXK7MB8GA1UdIwQY
MBaAFEir8p/e+FcFAvS1G+X/wFxNmzRlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0t2eW45NzRWd1VDOUxVYjVmX0FYRTJiTkdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9hZjQxY2ItZmY5MS00NTljLTlhNjQt
YWJhMTEzZjNlM2FlLzEvTE1rRVVVUG1Hb1p1UFVOV21RMlhpWWVCY3JzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9hZjQxY2ItZmY5MS00NTljLTlhNjQtYWJhMTEzZjNlM2Fl
LzEvU0t2eW45NzRWd1VDOUxVYjVmX0FYRTJiTkdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCLQmQAwQA
LVYEAwQBLVYGAwQALZT4AwQBLZT6AwQAuYzoAwQBuYzqMA0GCSqGSIb3DQEBCwUA
A4IBAQCC/xT0jT34V+tqoF5MlsNVljgDrVoyQeL4gpNIHpGmq0YT2DjLsFbeX7RQ
zi052E2hx+ZZbxMg55iBOF7GCvnpA0p7yZ3x+CZgLL1Lx8DUDp2xK5UyCeCEDWr7
IXW/KLuw9xUzVLfz1hEqckOtKdKyswKfIpCmg1QB1+7vpbwWKynnuVL+lyVmoChF
8iVegA9J1QlUrbRSi94dx+9asmLkyQtloV0KWXNNy3r9t2iKuMcAH6ceihROvVOX
PRe6T1Rk3MUI5vl7Jv4N4I5DNJDLs3umUKadI6WDTuopyi7HZua9FPhxuqJ1LhFe
IM8UUvp/hbJE9q0QtTufvkahxfXm
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:22:37 2025 by rpki-client