Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/3daf7f-301d-423e-946e-43df47d5a1e7/1/LsjKvJfqEFM9fPtcTMmtOAbaLZo.roa
File: LsjKvJfqEFM9fPtcTMmtOAbaLZo.roa (raw, json)
Hash identifier: gN2HlTiepxEVT7qJh1ObS9vb0d8/kqy8eI9gfEpnRzk=
Subject key identifier: 2E:C8:CA:BC:97:EA:10:53:3D:7C:FB:5C:4C:C9:AD:38:06:DA:2D:9A
Certificate issuer: /CN=1b12120c351c14eec22109f603249fcdac1d3321
Certificate serial: 0199F904B3FA1CC02E542E34A43FB4678A83
Authority key identifier: 1B:12:12:0C:35:1C:14:EE:C2:21:09:F6:03:24:9F:CD:AC:1D:33:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GxISDDUcFO7CIQn2AySfzawdMyE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/3daf7f-301d-423e-946e-43df47d5a1e7/1/LsjKvJfqEFM9fPtcTMmtOAbaLZo.roa
Signing time: Sat 18 Oct 2025 20:30:58 +0000
ROA not before: Sat 18 Oct 2025 20:30:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48678
IP address blocks: 185.7.242.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/3daf7f-301d-423e-946e-43df47d5a1e7/1/GxISDDUcFO7CIQn2AySfzawdMyE.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/3daf7f-301d-423e-946e-43df47d5a1e7/1/GxISDDUcFO7CIQn2AySfzawdMyE.mft
rsync://rpki.ripe.net/repository/DEFAULT/GxISDDUcFO7CIQn2AySfzawdMyE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 05:01:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:f9:04:b3:fa:1c:c0:2e:54:2e:34:a4:3f:b4:67:8a:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b12120c351c14eec22109f603249fcdac1d3321
Validity
Not Before: Oct 18 20:30:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2ec8cabc97ea10533d7cfb5c4cc9ad3806da2d9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:ee:ae:64:ee:6a:eb:8d:a0:e5:03:26:fb:13:
f9:a3:99:e8:f1:ec:00:65:4a:3b:23:73:b1:af:ab:
30:df:7d:21:6c:0e:62:79:0f:db:f2:17:45:6e:b9:
dd:ff:74:a0:30:7b:94:e3:c3:5e:44:62:b5:a4:67:
f7:d1:cb:32:b3:68:05:ba:62:62:fe:e5:93:0b:d4:
00:be:4b:44:e4:88:1b:65:f5:e7:54:37:a6:09:8f:
d2:bf:72:b5:17:5f:1f:b9:35:2a:82:5e:98:18:30:
42:b6:22:a4:cd:6f:ac:70:ea:ea:61:72:ec:9c:31:
cd:ee:b0:f9:1c:b2:80:77:d7:07:cf:c9:cf:3a:25:
63:1e:95:bc:4e:20:4b:99:9a:58:6e:97:23:0c:e6:
8b:34:7b:08:01:33:2a:29:5c:e6:d0:08:13:58:bc:
73:6f:0a:cf:01:ec:5e:d0:fe:93:86:9f:40:e7:2d:
43:c2:94:2e:4b:e2:a6:d1:dc:90:54:e3:05:e1:cc:
e0:46:a6:0a:55:79:f6:8d:9a:6e:30:bd:11:f4:12:
2d:dd:8e:17:87:73:9c:52:97:fd:40:af:f7:24:c9:
c0:7b:f0:59:b1:ad:a1:84:47:99:16:bf:f2:b7:82:
5f:a3:ce:5c:60:0f:96:20:47:0c:00:51:4c:0c:04:
12:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:C8:CA:BC:97:EA:10:53:3D:7C:FB:5C:4C:C9:AD:38:06:DA:2D:9A
X509v3 Authority Key Identifier:
keyid:1B:12:12:0C:35:1C:14:EE:C2:21:09:F6:03:24:9F:CD:AC:1D:33:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GxISDDUcFO7CIQn2AySfzawdMyE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/3daf7f-301d-423e-946e-43df47d5a1e7/1/LsjKvJfqEFM9fPtcTMmtOAbaLZo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/3daf7f-301d-423e-946e-43df47d5a1e7/1/GxISDDUcFO7CIQn2AySfzawdMyE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.7.242.0/24
Signature Algorithm: sha256WithRSAEncryption
18:ec:cd:1b:85:8b:29:0f:8f:7f:fd:12:b9:55:84:1d:63:6d:
da:4f:cf:28:29:0b:45:f0:b5:0f:c0:a0:09:34:db:62:26:fb:
86:50:48:ae:b5:77:51:c8:98:35:bb:e9:5a:44:a7:8f:fa:a7:
4a:7c:c4:92:32:0a:69:c4:1d:2d:e7:81:6a:5d:be:f7:7e:ad:
de:1a:8e:df:fa:86:6f:3d:24:c7:b4:77:fc:03:93:40:60:ba:
21:42:c0:96:f7:0a:3b:85:2c:e4:30:98:94:73:d3:e0:08:69:
78:0c:11:b8:e0:2d:c9:2f:70:38:eb:7a:54:e8:25:1d:d5:7a:
98:40:06:6c:89:48:5c:1f:98:4f:e0:4b:44:f1:56:04:90:da:
53:ec:a4:7b:29:14:7f:1a:e3:10:b2:2e:ea:48:75:c7:79:12:
8b:92:d9:b6:c7:c2:76:70:5f:0c:da:17:02:1d:c0:66:d0:1b:
b0:41:b3:f0:f6:00:3a:f9:ac:d4:79:b1:dd:10:4f:bd:96:1a:
c7:42:9a:ce:bb:0e:11:67:01:86:82:61:0b:78:6a:2b:78:2e:
ef:9e:87:ba:81:67:56:bc:3d:ed:53:02:fe:39:32:73:e7:c9:
c2:93:8f:77:21:7f:30:e4:a2:c9:a1:54:f8:9c:4d:8c:cf:8b:
db:ff:ca:e9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZn5BLP6HMAuVC40pD+0Z4qDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMTIxMjBjMzUxYzE0ZWVjMjIxMDlmNjAzMjQ5ZmNkYWMx
ZDMzMjEwHhcNMjUxMDE4MjAzMDU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWM4Y2FiYzk3ZWExMDUzM2Q3Y2ZiNWM0Y2M5YWQzODA2ZGEyZDlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl+6uZO5q642g5QMm+xP5o5no8ewA
ZUo7I3Oxr6sw330hbA5ieQ/b8hdFbrnd/3SgMHuU48NeRGK1pGf30csys2gFumJi
/uWTC9QAvktE5IgbZfXnVDemCY/Sv3K1F18fuTUqgl6YGDBCtiKkzW+scOrqYXLs
nDHN7rD5HLKAd9cHz8nPOiVjHpW8TiBLmZpYbpcjDOaLNHsIATMqKVzm0AgTWLxz
bwrPAexe0P6Thp9A5y1DwpQuS+Km0dyQVOMF4czgRqYKVXn2jZpuML0R9BIt3Y4X
h3OcUpf9QK/3JMnAe/BZsa2hhEeZFr/yt4Jfo85cYA+WIEcMAFFMDAQSPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC7IyryX6hBTPXz7XEzJrTgG2i2aMB8GA1UdIwQY
MBaAFBsSEgw1HBTuwiEJ9gMkn82sHTMhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3hJU0REVWNGTzdDSVFuMkF5U2Z6YXdkTXlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8zZGFmN2YtMzAxZC00MjNlLTk0NmUt
NDNkZjQ3ZDVhMWU3LzEvTHNqS3ZKZnFFRk05ZlB0Y1RNbXRPQWJhTFpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8zZGFmN2YtMzAxZC00MjNlLTk0NmUtNDNkZjQ3ZDVhMWU3
LzEvR3hJU0REVWNGTzdDSVFuMkF5U2Z6YXdkTXlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuQfyMA0G
CSqGSIb3DQEBCwUAA4IBAQAY7M0bhYspD49//RK5VYQdY23aT88oKQtF8LUPwKAJ
NNtiJvuGUEiutXdRyJg1u+laRKeP+qdKfMSSMgppxB0t54FqXb73fq3eGo7f+oZv
PSTHtHf8A5NAYLohQsCW9wo7hSzkMJiUc9PgCGl4DBG44C3JL3A463pU6CUd1XqY
QAZsiUhcH5hP4EtE8VYEkNpT7KR7KRR/GuMQsi7qSHXHeRKLktm2x8J2cF8M2hcC
HcBm0BuwQbPw9gA6+azUebHdEE+9lhrHQprOuw4RZwGGgmELeGoreC7vnoe6gWdW
vD3tUwL+OTJz58nCk493IX8w5KLJoVT4nE2Mz4vb/8rp
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:02:17 2025 by rpki-client