Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/lv4HmOqEkoJhmZ694ZcdnLwYlAM.roa
File: lv4HmOqEkoJhmZ694ZcdnLwYlAM.roa (raw, json)
Hash identifier: jNXlLdUizmlPS7y4NkIFg6Z2F2lK4SSREn91C27cUCo=
Subject key identifier: 96:FE:07:98:EA:84:92:82:61:99:9E:BD:E1:97:1D:9C:BC:18:94:03
Certificate issuer: /CN=f82554a856a422b061ae64c577630f91d408cd4a
Certificate serial: 0199A9A2CC6DEACA56FED0A680FE5602736C
Authority key identifier: F8:25:54:A8:56:A4:22:B0:61:AE:64:C5:77:63:0F:91:D4:08:CD:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-CVUqFakIrBhrmTFd2MPkdQIzUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/lv4HmOqEkoJhmZ694ZcdnLwYlAM.roa
Signing time: Fri 03 Oct 2025 10:34:02 +0000
ROA not before: Fri 03 Oct 2025 10:34:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205669
IP address blocks: 89.234.160.0/21 maxlen: 24
2a00:5881:3040::/44 maxlen: 44
2a00:5881:3080::/44 maxlen: 44
2a00:5881:30c0::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/1-CVUqFakIrBhrmTFd2MPkdQIzUo.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/1-CVUqFakIrBhrmTFd2MPkdQIzUo.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-CVUqFakIrBhrmTFd2MPkdQIzUo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:a9:a2:cc:6d:ea:ca:56:fe:d0:a6:80:fe:56:02:73:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f82554a856a422b061ae64c577630f91d408cd4a
Validity
Not Before: Oct 3 10:34:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=96fe0798ea84928261999ebde1971d9cbc189403
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:b0:c2:b7:4d:b7:e7:89:ae:43:bc:5f:9a:0b:
01:2a:bd:05:d1:29:a3:10:5c:12:7a:03:28:33:28:
68:64:ca:78:b8:ec:0b:ee:8b:ce:9a:0f:aa:8b:d7:
00:b2:a4:34:e1:68:b1:33:c6:de:44:6e:b1:03:ab:
f3:eb:f5:4e:62:88:ae:72:7a:73:9a:e5:14:75:61:
e6:fd:0f:d9:34:cb:5a:de:78:f6:a3:71:77:17:10:
22:62:2c:13:8b:a8:3f:8b:da:0a:39:2e:b4:ad:1e:
b3:6a:17:a6:07:37:f4:08:cc:07:2d:a7:dc:1f:08:
a0:7e:a2:38:49:1d:9c:c6:16:ab:74:b1:c2:37:2f:
25:14:8a:3c:32:87:67:6d:b4:cb:5d:98:79:9b:5e:
c0:02:e6:be:ad:80:9c:ce:79:99:33:d8:ae:e4:d8:
48:12:00:5c:10:10:07:ef:e3:19:8c:00:66:d0:cb:
a1:ec:1a:ae:2d:b4:15:15:1e:72:a9:4c:21:79:65:
04:35:d8:c6:67:7c:a4:74:b2:31:d8:f5:d9:f9:8f:
b4:b4:9c:ca:48:7c:05:64:f2:b8:7d:7d:e2:71:36:
aa:35:16:d6:4d:80:4b:c4:8b:8d:b9:bc:c8:7f:a5:
69:66:d9:11:7f:95:c8:d5:2c:72:81:3d:d8:c2:a7:
48:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:FE:07:98:EA:84:92:82:61:99:9E:BD:E1:97:1D:9C:BC:18:94:03
X509v3 Authority Key Identifier:
keyid:F8:25:54:A8:56:A4:22:B0:61:AE:64:C5:77:63:0F:91:D4:08:CD:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-CVUqFakIrBhrmTFd2MPkdQIzUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/lv4HmOqEkoJhmZ694ZcdnLwYlAM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/1-CVUqFakIrBhrmTFd2MPkdQIzUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.234.160.0/21
IPv6:
2a00:5881:3040::/44
2a00:5881:3080::/44
2a00:5881:30c0::/44
Signature Algorithm: sha256WithRSAEncryption
40:02:b4:b5:34:c8:71:a1:b1:b1:ab:0b:b8:b3:cd:6c:0c:3c:
cc:2d:51:8c:01:1c:98:05:d6:d5:57:1c:a7:01:45:61:cd:dd:
74:d7:af:b7:1e:c8:46:a0:af:89:db:64:40:00:50:2e:35:44:
af:26:9f:e0:db:0a:f0:a5:ac:75:e9:e6:06:bd:72:0d:98:31:
57:b3:bc:2b:fa:4a:a4:fd:4c:dc:b1:bd:77:95:a6:50:cd:a0:
2b:92:47:a5:bf:c6:e1:fa:17:b5:8e:ee:85:0e:5f:0a:dd:9a:
f5:b9:07:c5:6d:cd:e9:19:ab:ac:fe:26:0a:63:62:43:75:04:
fa:ce:04:89:c0:5a:ad:f6:76:0b:9d:c3:75:5a:2d:1b:51:5e:
a2:be:19:11:30:c1:b9:31:39:24:67:d4:6f:be:b1:a1:74:65:
f6:3e:5a:f4:85:1a:54:0d:15:58:50:6d:64:01:e6:62:57:a8:
18:61:bf:41:06:95:dd:42:18:3e:45:f1:70:c7:8d:64:6b:9a:
ca:0f:3b:f8:ea:c2:28:a2:32:f8:db:93:d2:a8:0d:e6:d4:06:
9d:19:d9:fa:0e:8c:20:41:cd:d7:51:e1:57:2b:91:47:a1:7b:
9d:73:a5:1b:e1:8e:37:9f:e5:d1:c3:58:19:86:5a:cd:c8:77:
63:35:59:db
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAZmposxt6spW/tCmgP5WAnNsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4MjU1NGE4NTZhNDIyYjA2MWFlNjRjNTc3NjMwZjkxZDQw
OGNkNGEwHhcNMjUxMDAzMTAzNDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmZlMDc5OGVhODQ5MjgyNjE5OTllYmRlMTk3MWQ5Y2JjMTg5NDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3rDCt02354muQ7xfmgsBKr0F0Smj
EFwSegMoMyhoZMp4uOwL7ovOmg+qi9cAsqQ04WixM8beRG6xA6vz6/VOYoiucnpz
muUUdWHm/Q/ZNMta3nj2o3F3FxAiYiwTi6g/i9oKOS60rR6zahemBzf0CMwHLafc
HwigfqI4SR2cxhardLHCNy8lFIo8ModnbbTLXZh5m17AAua+rYCcznmZM9iu5NhI
EgBcEBAH7+MZjABm0Muh7BquLbQVFR5yqUwheWUENdjGZ3ykdLIx2PXZ+Y+0tJzK
SHwFZPK4fX3icTaqNRbWTYBLxIuNubzIf6VpZtkRf5XI1SxygT3YwqdI5wIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFJb+B5jqhJKCYZmeveGXHZy8GJQDMB8GA1UdIwQY
MBaAFPglVKhWpCKwYa5kxXdjD5HUCM1KMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1DVlVxRmFrSXJCaHJtVEZkMk1Qa2RRSXpVby5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGYvOTQzN2EyLTA3ZTYtNGU2YS1hYTNm
LTk2NWQ2ZDYwM2JmYS8xL2x2NEhtT3FFa29KaG1aNjk0WmNkbkx3WWxBTS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGYvOTQzN2EyLTA3ZTYtNGU2YS1hYTNmLTk2NWQ2ZDYwM2Jm
YS8xLzEtQ1ZVcUZha0lyQmhybVRGZDJNUGtkUUl6VW8uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwQgYIKwYBBQUHAQcBAf8EMzAxMAwEAgABMAYDBANZ6qAw
IQQCAAIwGwMHBCoAWIEwQAMHBCoAWIEwgAMHBCoAWIEwwDANBgkqhkiG9w0BAQsF
AAOCAQEAQAK0tTTIcaGxsasLuLPNbAw8zC1RjAEcmAXW1VccpwFFYc3ddNevtx7I
RqCvidtkQABQLjVEryaf4NsK8KWsdenmBr1yDZgxV7O8K/pKpP1M3LG9d5WmUM2g
K5JHpb/G4foXtY7uhQ5fCt2a9bkHxW3N6RmrrP4mCmNiQ3UE+s4EicBarfZ2C53D
dVotG1Feor4ZETDBuTE5JGfUb76xoXRl9j5a9IUaVA0VWFBtZAHmYleoGGG/QQaV
3UIYPkXxcMeNZGuayg87+OrCKKIy+NuT0qgN5tQGnRnZ+g6MIEHN11HhVyuRR6F7
nXOlG+GON5/l0cNYGYZazch3YzVZ2w==
-----END CERTIFICATE-----
Generated at Mon Oct 20 22:16:07 2025 by rpki-client