Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/Ll8a4av9F_WCc02Z_m7Z6LrCBIs.roa
File: Ll8a4av9F_WCc02Z_m7Z6LrCBIs.roa (raw, json)
Hash identifier: j0lX+Ygmw9aduyhN4QitQlABcsH+/GAy8ttwJsSIeFE=
Subject key identifier: 2E:5F:1A:E1:AB:FD:17:F5:82:73:4D:99:FE:6E:D9:E8:BA:C2:04:8B
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 0197A137D5E956628FEE1CCB4AEE1FCECF44
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/Ll8a4av9F_WCc02Z_m7Z6LrCBIs.roa
Signing time: Tue 24 Jun 2025 09:14:40 +0000
ROA not before: Tue 24 Jun 2025 09:14:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210423
IP address blocks: 84.232.35.0/24 maxlen: 24
84.232.36.0/23 maxlen: 23
84.232.88.0/23 maxlen: 24
84.236.226.0/23 maxlen: 24
84.236.234.0/23 maxlen: 23
88.148.100.0/23 maxlen: 24
88.148.100.0/24 maxlen: 24
88.148.101.0/24 maxlen: 24
94.24.46.0/23 maxlen: 23
95.178.112.0/22 maxlen: 22
95.178.112.0/23 maxlen: 23
95.178.114.0/23 maxlen: 23
217.61.80.0/24 maxlen: 24
217.61.81.0/24 maxlen: 24
217.61.82.0/24 maxlen: 24
217.61.83.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.mft
rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a1:37:d5:e9:56:62:8f:ee:1c:cb:4a:ee:1f:ce:cf:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Jun 24 09:14:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2e5f1ae1abfd17f582734d99fe6ed9e8bac2048b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:4a:32:11:1e:7c:f5:a6:3e:a3:b5:2a:4c:f0:
23:82:16:ef:bc:67:65:92:a0:a2:67:b7:b0:64:54:
25:44:f7:fa:56:5b:58:f4:44:6d:b7:74:be:a6:cf:
b2:b0:0a:79:48:d0:cb:f2:f5:dd:e3:e5:e5:ac:bc:
73:eb:f6:9b:bd:77:be:31:11:a7:ef:49:b0:24:46:
8d:cd:d7:9a:05:3a:fb:d4:c8:7b:48:b1:c5:40:de:
18:09:eb:72:01:87:86:10:b8:5a:7a:37:06:99:1e:
a4:f6:af:8e:d3:66:fb:a1:2a:8c:28:94:95:65:a5:
65:93:c8:23:00:29:20:d8:6f:fc:16:80:d0:b8:4b:
17:64:2c:2d:c1:50:7c:74:4b:72:dc:50:57:52:0f:
fc:c9:ab:09:ca:90:c8:78:f7:db:a6:5a:75:65:22:
58:28:b7:94:58:30:eb:34:5a:be:8f:7d:7b:bb:1a:
d4:f5:10:18:d0:d1:50:a9:48:88:21:a7:7b:4e:b3:
92:16:69:bb:22:20:51:16:4c:5c:ee:fa:d6:19:8d:
14:8a:a6:7a:ea:24:e6:69:4e:3b:60:6e:f1:d2:2d:
09:e1:15:1d:3e:2a:14:bf:de:38:11:94:ce:89:f2:
91:82:4c:bc:9c:bb:9a:a6:ed:19:26:e3:ba:dc:c9:
a6:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:5F:1A:E1:AB:FD:17:F5:82:73:4D:99:FE:6E:D9:E8:BA:C2:04:8B
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/Ll8a4av9F_WCc02Z_m7Z6LrCBIs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.232.35.0-84.232.37.255
84.232.88.0/23
84.236.226.0/23
84.236.234.0/23
88.148.100.0/23
94.24.46.0/23
95.178.112.0/22
217.61.80.0/22
Signature Algorithm: sha256WithRSAEncryption
65:3a:48:46:0d:1d:f4:f3:e2:5e:da:52:20:9d:4c:3b:3e:73:
35:f1:50:f8:40:1f:f5:29:aa:d8:c4:23:6b:95:32:8f:39:88:
fd:da:47:3c:78:c6:c0:75:d0:d4:0f:d8:81:98:e7:91:c0:ba:
59:3d:22:f8:19:b7:87:39:25:97:f5:c3:12:d5:da:98:86:b0:
30:ba:17:a4:a9:de:a3:d0:c7:d2:dd:e0:58:56:1a:80:2e:da:
2a:33:d8:8e:b8:09:e5:62:a7:57:85:ff:be:24:21:1b:50:b6:
88:b8:35:03:a9:8c:34:d1:60:0e:35:7e:d9:fd:de:52:e3:b9:
b2:4e:aa:02:c0:9e:3d:1e:93:28:a6:82:f3:83:1a:9a:bb:c7:
b3:f3:cb:15:d5:d8:b5:3c:74:91:83:57:51:78:c7:84:02:55:
99:ad:07:cb:70:70:d6:64:fa:e5:38:bc:09:ac:67:42:6d:25:
45:68:af:74:fb:26:dd:72:c0:de:7e:8b:0e:1c:df:7a:2c:40:
a5:08:c6:20:31:52:3f:51:05:1a:8b:57:c8:46:3b:6d:b5:4a:
b2:98:54:e6:c8:de:b6:82:87:d6:d7:5a:eb:fc:d5:ec:b7:ba:
71:13:c8:ea:93:b2:30:85:28:f1:87:78:2d:fe:a4:fa:79:4e:
21:94:b1:96
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZehN9XpVmKP7hzLSu4fzs9EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjUwNjI0MDkxNDQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTVmMWFlMWFiZmQxN2Y1ODI3MzRkOTlmZTZlZDllOGJhYzIwNDhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuEoyER589aY+o7UqTPAjghbvvGdl
kqCiZ7ewZFQlRPf6VltY9ERtt3S+ps+ysAp5SNDL8vXd4+XlrLxz6/abvXe+MRGn
70mwJEaNzdeaBTr71Mh7SLHFQN4YCetyAYeGELhaejcGmR6k9q+O02b7oSqMKJSV
ZaVlk8gjACkg2G/8FoDQuEsXZCwtwVB8dEty3FBXUg/8yasJypDIePfbplp1ZSJY
KLeUWDDrNFq+j317uxrU9RAY0NFQqUiIIad7TrOSFmm7IiBRFkxc7vrWGY0UiqZ6
6iTmaU47YG7x0i0J4RUdPioUv944EZTOifKRgky8nLuapu0ZJuO63MmmkQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFC5fGuGr/Rf1gnNNmf5u2ei6wgSLMB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvTGw4YTRhdjlGX1dDYzAyWl9tN1o2THJDQklzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4MAwDBABU6CMD
BAFU6CQDBAFU6FgDBAFU7OIDBAFU7OoDBAFYlGQDBAFeGC4DBAJfsnADBALZPVAw
DQYJKoZIhvcNAQELBQADggEBAGU6SEYNHfTz4l7aUiCdTDs+czXxUPhAH/UpqtjE
I2uVMo85iP3aRzx4xsB10NQP2IGY55HAulk9IvgZt4c5JZf1wxLV2piGsDC6F6Sp
3qPQx9Ld4FhWGoAu2ioz2I64CeVip1eF/74kIRtQtoi4NQOpjDTRYA41ftn93lLj
ubJOqgLAnj0ekyimgvODGpq7x7PzyxXV2LU8dJGDV1F4x4QCVZmtB8twcNZk+uU4
vAmsZ0JtJUVor3T7Jt1ywN5+iw4c33osQKUIxiAxUj9RBRqLV8hGO221SrKYVObI
3raCh9bXWuv81ey3unETyOqTsjCFKPGHeC3+pPp5TiGUsZY=
-----END CERTIFICATE-----
Generated at Sun Jun 29 00:13:55 2025 by rpki-client