Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/L3miZv_CtPpguqIiqcWbsGSBH70.roa
File: L3miZv_CtPpguqIiqcWbsGSBH70.roa (raw, json)
Hash identifier: chmReLLtPVDHneAMVjdRBmMn8npZbp0myeVRl6KrMkU=
Subject key identifier: 2F:79:A2:66:FF:C2:B4:FA:60:BA:A2:22:A9:C5:9B:B0:64:81:1F:BD
Certificate issuer: /CN=ceb86983547113359bade1f3f38104091e3a6439
Certificate serial: 0199709D32E37718DFA05DC3B68A1DB3A3CC
Authority key identifier: CE:B8:69:83:54:71:13:35:9B:AD:E1:F3:F3:81:04:09:1E:3A:64:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zrhpg1RxEzWbreHz84EECR46ZDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/L3miZv_CtPpguqIiqcWbsGSBH70.roa
Signing time: Mon 22 Sep 2025 08:49:34 +0000
ROA not before: Mon 22 Sep 2025 08:49:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8612
IP address blocks: 193.207.24.0/23 maxlen: 23
193.207.26.0/24 maxlen: 24
193.207.48.0/20 maxlen: 24
193.207.64.0/18 maxlen: 24
193.207.96.0/20 maxlen: 21
193.207.128.0/17 maxlen: 22
195.130.224.0/19 maxlen: 19
212.123.64.0/19 maxlen: 19
213.205.0.0/18 maxlen: 18
213.205.0.251/32 maxlen: 32
2a01:7d0::/32 maxlen: 32
2a01:7d0:4800:1::/64 maxlen: 64
2a01:7d0:4811::/64 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/zrhpg1RxEzWbreHz84EECR46ZDk.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/zrhpg1RxEzWbreHz84EECR46ZDk.mft
rsync://rpki.ripe.net/repository/DEFAULT/zrhpg1RxEzWbreHz84EECR46ZDk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:70:9d:32:e3:77:18:df:a0:5d:c3:b6:8a:1d:b3:a3:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ceb86983547113359bade1f3f38104091e3a6439
Validity
Not Before: Sep 22 08:49:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2f79a266ffc2b4fa60baa222a9c59bb064811fbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:3a:33:04:c2:45:4a:9d:aa:5e:af:ae:3d:92:
36:2c:8c:fa:22:c0:e6:06:76:f8:81:24:31:d3:13:
c2:15:1b:51:95:55:00:9f:56:7d:19:84:f0:a1:e6:
25:a7:d1:75:de:b6:8c:b9:b2:7f:5a:20:65:8a:6b:
68:f7:02:41:e4:05:64:2e:60:00:e0:06:57:a4:5c:
a4:95:2a:d3:91:50:7c:e4:7a:35:be:95:36:55:81:
2b:52:5c:44:ae:c3:86:7d:51:65:9d:69:7c:f0:51:
59:56:f7:23:1a:55:37:38:bc:53:ce:fb:57:11:98:
f5:84:d2:07:72:51:40:6a:6d:df:d2:7e:87:87:1d:
02:75:2e:fa:0a:13:55:2e:8b:97:8b:94:64:a3:fa:
80:ea:64:79:5a:e7:7f:bc:af:c6:f7:75:b2:f0:4c:
70:a7:1d:45:ea:3c:ba:bd:b1:62:6f:e2:86:a8:cf:
65:0d:b4:b9:55:ca:f5:9f:5c:4b:4d:18:7f:a2:92:
81:6e:8b:d4:7d:71:d5:63:40:d7:15:a6:73:9f:3c:
e8:48:dc:63:d4:09:17:90:91:34:18:81:ee:3c:c3:
cb:89:8a:4a:8b:ef:b6:e4:d3:4e:12:6b:a3:da:ca:
d7:1e:e0:48:c2:14:2b:16:75:47:67:92:1b:fc:6c:
08:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:79:A2:66:FF:C2:B4:FA:60:BA:A2:22:A9:C5:9B:B0:64:81:1F:BD
X509v3 Authority Key Identifier:
keyid:CE:B8:69:83:54:71:13:35:9B:AD:E1:F3:F3:81:04:09:1E:3A:64:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zrhpg1RxEzWbreHz84EECR46ZDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/L3miZv_CtPpguqIiqcWbsGSBH70.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/zrhpg1RxEzWbreHz84EECR46ZDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.207.24.0-193.207.26.255
193.207.48.0-193.207.255.255
195.130.224.0/19
212.123.64.0/19
213.205.0.0/18
IPv6:
2a01:7d0::/32
Signature Algorithm: sha256WithRSAEncryption
28:78:e5:42:45:29:63:35:c5:7c:df:b3:1a:cd:aa:3f:9d:7a:
84:71:65:c6:34:39:e8:27:1d:f8:7e:96:d1:05:08:b0:37:d7:
96:90:d1:04:08:b4:b4:9a:c9:2c:34:9d:13:5c:cf:68:8c:e6:
44:01:f8:d5:e9:54:a0:36:da:15:fa:ea:fb:1a:ab:15:af:6e:
6f:9e:91:88:ca:16:0a:b4:4f:a3:ea:f0:73:e0:b8:59:79:9a:
a4:d0:52:d0:e3:ac:87:61:b3:c6:9a:a1:c4:55:9b:ef:4c:29:
68:b2:f0:62:dd:ef:27:bc:06:de:ce:60:27:b3:ae:15:a7:17:
77:40:79:d7:6b:e9:12:78:0f:cc:ac:8b:2b:bf:69:8e:c4:57:
9d:7f:8e:f7:b9:9c:2c:72:dd:f0:10:8e:5d:5b:f1:e9:c6:3f:
65:2f:53:33:17:a5:67:68:27:15:0b:65:1e:43:cb:bb:63:17:
e2:6f:d0:c4:e7:bf:b8:6d:67:2e:dd:e6:b9:19:13:36:db:b2:
e6:8f:88:8a:50:27:54:c3:28:e8:a3:bc:92:fa:48:00:d4:65:
31:67:04:00:f6:ac:98:1f:6f:db:a2:5f:ca:a9:6f:e3:f8:da:
cb:b3:90:f5:9a:06:26:30:86:e3:2e:3e:21:1e:e2:f6:9e:15:
68:d0:f7:a5
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZlwnTLjdxjfoF3Dtoods6PMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlYjg2OTgzNTQ3MTEzMzU5YmFkZTFmM2YzODEwNDA5MWUz
YTY0MzkwHhcNMjUwOTIyMDg0OTM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjc5YTI2NmZmYzJiNGZhNjBiYWEyMjJhOWM1OWJiMDY0ODExZmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsTozBMJFSp2qXq+uPZI2LIz6IsDm
Bnb4gSQx0xPCFRtRlVUAn1Z9GYTwoeYlp9F13raMubJ/WiBlimto9wJB5AVkLmAA
4AZXpFyklSrTkVB85Ho1vpU2VYErUlxErsOGfVFlnWl88FFZVvcjGlU3OLxTzvtX
EZj1hNIHclFAam3f0n6Hhx0CdS76ChNVLouXi5Rko/qA6mR5Wud/vK/G93Wy8Exw
px1F6jy6vbFib+KGqM9lDbS5Vcr1n1xLTRh/opKBbovUfXHVY0DXFaZznzzoSNxj
1AkXkJE0GIHuPMPLiYpKi++25NNOEmuj2srXHuBIwhQrFnVHZ5Ib/GwIQwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFC95omb/wrT6YLqiIqnFm7BkgR+9MB8GA1UdIwQY
MBaAFM64aYNUcRM1m63h8/OBBAkeOmQ5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenJocGcxUnhFeldicmVIejg0RUVDUjQ2WkRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9mMzUzOWQtMzhjZC00NjVlLWE1N2Qt
ZGVlMmY2NTBkZDg2LzEvTDNtaVp2X0N0UHBndXFJaXFjV2JzR1NCSDcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9mMzUzOWQtMzhjZC00NjVlLWE1N2QtZGVlMmY2NTBkZDg2
LzEvenJocGcxUnhFeldicmVIejg0RUVDUjQ2WkRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDAzBAIAATAtMAwDBAPBzxgD
BADBzxowCwMEBMHPMAMDBMHAAwQFw4LgAwQF1HtAAwQG1c0AMA0EAgACMAcDBQAq
AQfQMA0GCSqGSIb3DQEBCwUAA4IBAQAoeOVCRSljNcV837Mazao/nXqEcWXGNDno
Jx34fpbRBQiwN9eWkNEECLS0msksNJ0TXM9ojOZEAfjV6VSgNtoV+ur7GqsVr25v
npGIyhYKtE+j6vBz4LhZeZqk0FLQ46yHYbPGmqHEVZvvTClosvBi3e8nvAbezmAn
s64Vpxd3QHnXa+kSeA/MrIsrv2mOxFedf473uZwsct3wEI5dW/Hpxj9lL1MzF6Vn
aCcVC2UeQ8u7Yxfib9DE57+4bWcu3ea5GRM227Lmj4iKUCdUwyjoo7yS+kgA1GUx
ZwQA9qyYH2/bol/KqW/j+NrLs5D1mgYmMIbjLj4hHuL2nhVo0Pel
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:58:11 2025 by rpki-client