
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/abe134-0093-4652-9057-4f4c9b343e90/1/LFAtM68_QsypB1yZseRwlLJq2u4.roa
File: LFAtM68_QsypB1yZseRwlLJq2u4.roa (raw, json)
Hash identifier: /957wLIuErUNU/cVyq1KNPpSgWYbgRzlgVLc/r/yFdE=
Subject key identifier: 2C:50:2D:33:AF:3F:42:CC:A9:07:5C:99:B1:E4:70:94:B2:6A:DA:EE
Certificate issuer: /CN=d1de124e0f8adb4e7d9576ceae325f668dd224b1
Certificate serial: 0199B28D2D7C6D2181CEAB9478BDFB0752CA
Authority key identifier: D1:DE:12:4E:0F:8A:DB:4E:7D:95:76:CE:AE:32:5F:66:8D:D2:24:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0d4STg-K2059lXbOrjJfZo3SJLE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/abe134-0093-4652-9057-4f4c9b343e90/1/LFAtM68_QsypB1yZseRwlLJq2u4.roa
Signing time: Sun 05 Oct 2025 04:07:00 +0000
ROA not before: Sun 05 Oct 2025 04:07:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.140.246.0/24 maxlen: 24
45.140.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/abe134-0093-4652-9057-4f4c9b343e90/1/0d4STg-K2059lXbOrjJfZo3SJLE.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/abe134-0093-4652-9057-4f4c9b343e90/1/0d4STg-K2059lXbOrjJfZo3SJLE.mft
rsync://rpki.ripe.net/repository/DEFAULT/0d4STg-K2059lXbOrjJfZo3SJLE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:b2:8d:2d:7c:6d:21:81:ce:ab:94:78:bd:fb:07:52:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1de124e0f8adb4e7d9576ceae325f668dd224b1
Validity
Not Before: Oct 5 04:07:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2c502d33af3f42cca9075c99b1e47094b26adaee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:d4:01:af:a4:2f:b8:70:a5:13:7c:f3:14:b9:
3e:35:dc:46:f0:34:fe:7e:af:ee:52:29:d1:65:3e:
3f:78:e3:fc:e7:c1:97:04:98:48:a5:56:66:34:eb:
29:ae:29:ff:36:f3:b6:fc:69:67:6d:c2:73:77:e4:
f7:c6:ee:29:ff:7e:f0:d9:9b:94:fc:c3:ac:a0:26:
88:70:3e:92:51:b0:93:68:4e:b8:30:2a:02:ec:a7:
08:34:30:cc:a0:73:b7:7a:80:fa:fe:e4:29:27:1d:
eb:2d:bb:c1:a4:b6:f9:08:23:49:b7:eb:c5:da:aa:
48:85:49:26:4a:1c:a1:88:a9:11:4d:17:4c:05:52:
e4:13:e1:84:1b:c7:dc:11:63:b7:06:87:e5:9f:59:
7b:9c:a5:f3:12:61:cc:2b:7b:fa:6c:8c:e4:70:1d:
34:3e:33:b6:14:58:e3:bb:a6:98:17:6d:c4:2a:72:
fd:18:f6:67:4f:71:6b:05:ca:25:84:9a:66:91:f3:
7d:75:b5:ec:c2:8e:b5:89:89:c4:03:06:13:9b:37:
c2:dd:d5:1d:e1:f4:8f:ac:02:b7:51:78:b8:b9:ac:
d5:29:b9:ac:bf:c9:4c:aa:fe:b1:88:f1:9a:1d:ed:
88:2c:5f:b6:4a:d4:ff:f1:b4:de:6d:93:33:b3:6b:
42:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:50:2D:33:AF:3F:42:CC:A9:07:5C:99:B1:E4:70:94:B2:6A:DA:EE
X509v3 Authority Key Identifier:
keyid:D1:DE:12:4E:0F:8A:DB:4E:7D:95:76:CE:AE:32:5F:66:8D:D2:24:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d4STg-K2059lXbOrjJfZo3SJLE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/abe134-0093-4652-9057-4f4c9b343e90/1/LFAtM68_QsypB1yZseRwlLJq2u4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/abe134-0093-4652-9057-4f4c9b343e90/1/0d4STg-K2059lXbOrjJfZo3SJLE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.246.0/23
Signature Algorithm: sha256WithRSAEncryption
67:f6:67:52:61:5c:f1:df:c7:65:a5:ea:b5:31:b6:9e:34:8d:
cd:cf:0c:e2:df:4a:d0:41:33:4b:c5:5f:01:86:21:09:13:99:
3a:b0:66:4a:7e:87:f1:5b:b8:ab:59:7c:e7:f6:1c:1f:71:2a:
65:cf:48:5f:8b:5d:0f:76:64:4f:ad:ed:d9:4c:26:9a:b4:e6:
51:fc:48:82:8c:fd:09:52:94:48:63:af:61:97:ec:d0:a2:6b:
87:32:af:d4:89:54:3a:cb:9f:84:44:e3:0d:c5:0a:74:e9:c8:
bf:77:32:26:9e:9a:ef:87:53:ac:a3:17:9b:5a:f3:af:97:b2:
89:20:80:17:92:71:8a:5a:81:90:54:37:1f:85:9d:c3:d5:bd:
08:32:ab:16:73:19:d6:55:36:9c:d0:5d:b4:a6:9d:be:92:4d:
13:92:29:60:d7:87:a9:15:07:a7:4c:b1:67:d2:64:51:47:6b:
60:71:f1:ad:af:7c:8b:70:99:b9:3b:40:b1:59:c0:13:d5:ef:
76:9d:f4:6e:71:23:6a:aa:c8:49:b8:13:26:5e:5a:ae:a0:8c:
bb:1a:91:97:a8:2a:bc:14:a7:f9:24:c2:d7:26:9c:ad:ac:27:
4f:a6:e2:8c:02:76:a4:3d:8f:f4:f8:1d:3d:20:df:ff:f6:45:
03:01:47:1d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZmyjS18bSGBzquUeL37B1LKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxZGUxMjRlMGY4YWRiNGU3ZDk1NzZjZWFlMzI1ZjY2OGRk
MjI0YjEwHhcNMjUxMDA1MDQwNzAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzUwMmQzM2FmM2Y0MmNjYTkwNzVjOTliMWU0NzA5NGIyNmFkYWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5tQBr6QvuHClE3zzFLk+NdxG8DT+
fq/uUinRZT4/eOP858GXBJhIpVZmNOsprin/NvO2/GlnbcJzd+T3xu4p/37w2ZuU
/MOsoCaIcD6SUbCTaE64MCoC7KcINDDMoHO3eoD6/uQpJx3rLbvBpLb5CCNJt+vF
2qpIhUkmShyhiKkRTRdMBVLkE+GEG8fcEWO3Bofln1l7nKXzEmHMK3v6bIzkcB00
PjO2FFjju6aYF23EKnL9GPZnT3FrBcolhJpmkfN9dbXswo61iYnEAwYTmzfC3dUd
4fSPrAK3UXi4uazVKbmsv8lMqv6xiPGaHe2ILF+2StT/8bTebZMzs2tC7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCxQLTOvP0LMqQdcmbHkcJSyatruMB8GA1UdIwQY
MBaAFNHeEk4PittOfZV2zq4yX2aN0iSxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGQ0U1RnLUsyMDU5bFhiT3JqSmZabzNTSkxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9hYmUxMzQtMDA5My00NjUyLTkwNTct
NGY0YzliMzQzZTkwLzEvTEZBdE02OF9Rc3lwQjF5WnNlUndsTEpxMnU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9hYmUxMzQtMDA5My00NjUyLTkwNTctNGY0YzliMzQzZTkw
LzEvMGQ0U1RnLUsyMDU5bFhiT3JqSmZabzNTSkxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLYz2MA0G
CSqGSIb3DQEBCwUAA4IBAQBn9mdSYVzx38dlpeq1MbaeNI3Nzwzi30rQQTNLxV8B
hiEJE5k6sGZKfofxW7irWXzn9hwfcSplz0hfi10PdmRPre3ZTCaatOZR/EiCjP0J
UpRIY69hl+zQomuHMq/UiVQ6y5+EROMNxQp06ci/dzImnprvh1OsoxebWvOvl7KJ
IIAXknGKWoGQVDcfhZ3D1b0IMqsWcxnWVTac0F20pp2+kk0Tkilg14epFQenTLFn
0mRRR2tgcfGtr3yLcJm5O0CxWcAT1e92nfRucSNqqshJuBMmXlquoIy7GpGXqCq8
FKf5JMLXJpytrCdPpuKMAnakPY/0+B09IN//9kUDAUcd
-----END CERTIFICATE-----
Generated at Sun Oct 19 14:41:37 2025 by rpki-client