Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/7011dd-c2d9-4341-9236-2167cf01cf4a/1/lbe3R6qsC7flHOItm2HZ_rtUMYs.roa
File: lbe3R6qsC7flHOItm2HZ_rtUMYs.roa (raw, json)
Hash identifier: v1yUIN+YIJofBB2LuxpKb3viTsG7VddaXzM7Y68aNOE=
Subject key identifier: 95:B7:B7:47:AA:AC:0B:B7:E5:1C:E2:2D:9B:61:D9:FE:BB:54:31:8B
Certificate issuer: /CN=c12ac9b14fd261a8d2763aad417432bebc49a0d6
Certificate serial: 019940E5F18DF47BE7B3C55A180B49EC695E
Authority key identifier: C1:2A:C9:B1:4F:D2:61:A8:D2:76:3A:AD:41:74:32:BE:BC:49:A0:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wSrJsU_SYajSdjqtQXQyvrxJoNY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/7011dd-c2d9-4341-9236-2167cf01cf4a/1/lbe3R6qsC7flHOItm2HZ_rtUMYs.roa
Signing time: Sat 13 Sep 2025 02:27:15 +0000
ROA not before: Sat 13 Sep 2025 02:27:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212191
IP address blocks: 2a0e:e0c0::/32 maxlen: 32
2a0e:e0c1::/32 maxlen: 32
2a0e:e0c2::/32 maxlen: 32
2a0e:e0c3::/32 maxlen: 32
2a0e:e0c4::/32 maxlen: 32
2a0e:e0c5::/32 maxlen: 32
2a0e:e0c6::/32 maxlen: 32
2a0e:e0c7::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2e/7011dd-c2d9-4341-9236-2167cf01cf4a/1/wSrJsU_SYajSdjqtQXQyvrxJoNY.crl
rsync://rpki.ripe.net/repository/DEFAULT/2e/7011dd-c2d9-4341-9236-2167cf01cf4a/1/wSrJsU_SYajSdjqtQXQyvrxJoNY.mft
rsync://rpki.ripe.net/repository/DEFAULT/wSrJsU_SYajSdjqtQXQyvrxJoNY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:40:e5:f1:8d:f4:7b:e7:b3:c5:5a:18:0b:49:ec:69:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c12ac9b14fd261a8d2763aad417432bebc49a0d6
Validity
Not Before: Sep 13 02:27:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=95b7b747aaac0bb7e51ce22d9b61d9febb54318b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:d0:98:8c:ea:d0:22:fd:99:dc:aa:85:5e:7e:
de:f0:27:78:1f:20:14:05:5a:e0:ed:21:5e:93:50:
62:5a:a3:26:57:58:9a:72:c8:83:dd:98:35:46:b3:
6a:ba:a3:71:ca:1e:63:f8:65:60:60:62:80:69:62:
3e:16:ac:41:a8:f4:ee:dc:cf:fc:78:61:98:b3:6f:
48:fc:69:92:74:c3:d8:89:88:7c:e0:b3:26:32:df:
7b:d0:99:ab:c1:d1:05:a6:5d:66:df:af:6a:84:8c:
5e:3e:1f:1c:0d:8b:bd:52:58:fc:bc:ca:d5:d0:3a:
77:bf:ba:cb:b8:f4:1a:ef:1e:14:25:41:95:0e:7f:
c5:84:b6:a4:bc:8b:5f:40:19:6b:07:38:0f:64:4b:
12:35:86:6e:8d:35:2f:c3:26:a5:19:73:de:c7:5e:
0e:75:bf:bf:3e:8b:47:af:0e:7b:f2:b4:6e:c0:2b:
86:c4:4f:fe:b6:66:6c:17:d4:89:88:30:0a:84:ea:
fc:32:3d:40:ca:5e:e0:d9:56:3c:72:c2:18:77:84:
b4:07:c3:c5:de:33:b4:89:0e:be:7f:8c:42:ee:fa:
7c:53:cb:70:fb:4b:7f:88:1b:d3:b4:40:6b:95:5e:
a8:99:cc:70:c7:96:3b:4e:0b:0e:3c:ea:18:ff:bf:
73:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:B7:B7:47:AA:AC:0B:B7:E5:1C:E2:2D:9B:61:D9:FE:BB:54:31:8B
X509v3 Authority Key Identifier:
keyid:C1:2A:C9:B1:4F:D2:61:A8:D2:76:3A:AD:41:74:32:BE:BC:49:A0:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wSrJsU_SYajSdjqtQXQyvrxJoNY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/7011dd-c2d9-4341-9236-2167cf01cf4a/1/lbe3R6qsC7flHOItm2HZ_rtUMYs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/7011dd-c2d9-4341-9236-2167cf01cf4a/1/wSrJsU_SYajSdjqtQXQyvrxJoNY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:e0c0::/29
Signature Algorithm: sha256WithRSAEncryption
d0:ca:83:2e:30:9f:ae:ca:11:a5:72:67:a4:20:d9:26:86:8b:
4c:64:02:7f:98:c6:1b:76:13:bb:0f:af:f8:17:66:b5:9c:7a:
bb:4a:bb:ec:31:7e:e9:35:e2:6c:c6:70:8f:36:b2:ee:ff:f6:
3a:e4:cd:a4:1d:79:ea:a8:51:6c:d8:7f:ee:14:6c:4b:9e:21:
bc:d2:85:81:01:6a:ab:5e:31:c1:80:98:7b:f5:9c:2e:be:78:
b1:d9:e8:01:5a:a4:23:f7:e6:22:e7:17:65:37:7c:d4:47:00:
89:f9:c8:1a:b9:b2:aa:ad:7c:28:a1:6c:f6:9b:06:f1:a9:87:
3e:e1:64:9d:cc:8f:9a:85:a3:71:4b:86:50:a4:e1:66:10:fd:
ea:d0:71:c1:db:1a:4d:62:81:8c:6e:76:5e:cd:5e:3d:df:50:
e7:b4:12:4b:89:4a:3a:73:84:7e:4f:49:51:ec:18:55:09:6b:
a5:0d:b1:87:6a:05:e7:91:f2:47:f4:af:32:20:9a:2f:38:89:
c9:d9:96:c1:4d:97:44:39:6d:2b:6f:17:11:a4:15:aa:15:ea:
51:9d:85:fa:44:63:2b:9f:11:77:e3:96:17:c7:c4:9b:2f:d4:
90:20:06:f3:e5:95:28:38:f6:bb:54:d1:80:72:5c:98:30:72:
63:d8:c9:3a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZlA5fGN9Hvns8VaGAtJ7GleMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxMmFjOWIxNGZkMjYxYThkMjc2M2FhZDQxNzQzMmJlYmM0
OWEwZDYwHhcNMjUwOTEzMDIyNzE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWI3Yjc0N2FhYWMwYmI3ZTUxY2UyMmQ5YjYxZDlmZWJiNTQzMThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArdCYjOrQIv2Z3KqFXn7e8Cd4HyAU
BVrg7SFek1BiWqMmV1iacsiD3Zg1RrNquqNxyh5j+GVgYGKAaWI+FqxBqPTu3M/8
eGGYs29I/GmSdMPYiYh84LMmMt970JmrwdEFpl1m369qhIxePh8cDYu9Ulj8vMrV
0Dp3v7rLuPQa7x4UJUGVDn/FhLakvItfQBlrBzgPZEsSNYZujTUvwyalGXPex14O
db+/PotHrw578rRuwCuGxE/+tmZsF9SJiDAKhOr8Mj1Ayl7g2VY8csIYd4S0B8PF
3jO0iQ6+f4xC7vp8U8tw+0t/iBvTtEBrlV6omcxwx5Y7TgsOPOoY/79z2QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJW3t0eqrAu35RziLZth2f67VDGLMB8GA1UdIwQY
MBaAFMEqybFP0mGo0nY6rUF0Mr68SaDWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1NySnNVX1NZYWpTZGpxdFFYUXl2cnhKb05ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS83MDExZGQtYzJkOS00MzQxLTkyMzYt
MjE2N2NmMDFjZjRhLzEvbGJlM1I2cXNDN2ZsSE9JdG0ySFpfcnRVTVlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS83MDExZGQtYzJkOS00MzQxLTkyMzYtMjE2N2NmMDFjZjRh
LzEvd1NySnNVX1NZYWpTZGpxdFFYUXl2cnhKb05ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg7gwDAN
BgkqhkiG9w0BAQsFAAOCAQEA0MqDLjCfrsoRpXJnpCDZJoaLTGQCf5jGG3YTuw+v
+BdmtZx6u0q77DF+6TXibMZwjzay7v/2OuTNpB156qhRbNh/7hRsS54hvNKFgQFq
q14xwYCYe/WcLr54sdnoAVqkI/fmIucXZTd81EcAifnIGrmyqq18KKFs9psG8amH
PuFkncyPmoWjcUuGUKThZhD96tBxwdsaTWKBjG52Xs1ePd9Q57QSS4lKOnOEfk9J
UewYVQlrpQ2xh2oF55HyR/SvMiCaLziJydmWwU2XRDltK28XEaQVqhXqUZ2F+kRj
K58Rd+OWF8fEmy/UkCAG8+WVKDj2u1TRgHJcmDByY9jJOg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 09:59:39 2025 by rpki-client