Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/LYowuvokEdQNQKhClggzabEik4g.roa
File: LYowuvokEdQNQKhClggzabEik4g.roa (raw, json)
Hash identifier: Vu2D76F9stm0mKgc2i8j5apfmB2/MfJTyX3EYJpoVBo=
Subject key identifier: 2D:8A:30:BA:FA:24:11:D4:0D:40:A8:42:96:08:33:69:B1:22:93:88
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0199BF6DA6BBC4968B0403588C3560E701C9
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/LYowuvokEdQNQKhClggzabEik4g.roa
Signing time: Tue 07 Oct 2025 16:07:38 +0000
ROA not before: Tue 07 Oct 2025 16:07:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56361
IP address blocks: 31.148.40.0/21 maxlen: 24
31.148.52.0/22 maxlen: 24
31.148.56.0/21 maxlen: 24
31.148.104.0/21 maxlen: 24
31.148.112.0/21 maxlen: 24
31.148.192.0/22 maxlen: 24
93.170.166.0/23 maxlen: 24
93.170.192.0/21 maxlen: 24
93.171.34.0/23 maxlen: 24
93.171.36.0/22 maxlen: 24
95.46.166.0/23 maxlen: 24
95.46.168.0/22 maxlen: 24
95.46.172.0/22 maxlen: 24
146.158.48.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.mft
rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:bf:6d:a6:bb:c4:96:8b:04:03:58:8c:35:60:e7:01:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Oct 7 16:07:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2d8a30bafa2411d40d40a84296083369b1229388
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:bd:62:c8:0d:bb:35:84:30:13:ff:d4:5e:4d:
1f:e7:f8:e0:ec:8e:a5:cb:90:9f:53:d5:c3:d9:a0:
54:32:85:98:2b:79:62:42:71:b0:2c:db:22:77:9e:
84:f2:cc:32:cd:8a:4a:72:4b:93:31:8d:f4:67:f0:
23:ea:1e:02:5a:bf:ee:5f:0b:cc:1b:e6:e1:5a:01:
b4:a8:bc:eb:58:2c:66:e6:b0:13:31:eb:53:05:58:
88:29:8b:d0:75:45:41:82:26:9c:c2:eb:b9:d6:e3:
cb:a8:b6:0d:0f:ef:c3:31:1f:9f:86:19:db:e7:e4:
32:f0:36:3b:60:6b:6b:24:13:ca:c6:6b:33:62:b2:
8a:f4:24:9c:4c:18:9b:3d:8d:58:45:0b:52:f0:1a:
32:27:53:75:6a:c4:51:0c:2b:0a:29:ef:24:6c:d0:
1a:72:43:08:1b:c1:33:e3:72:07:8e:9a:62:3d:ea:
07:87:d6:02:d2:10:be:34:64:13:4e:e0:b5:17:8e:
67:97:d6:39:db:9c:df:b9:28:bf:1f:b6:28:4c:13:
ef:05:c2:ec:45:f4:1a:49:98:94:30:02:33:92:bd:
d2:b3:b1:0f:70:37:32:9b:5b:4c:35:12:21:2b:dd:
8d:26:55:6e:c2:60:39:aa:44:7c:56:0e:be:23:57:
ce:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:8A:30:BA:FA:24:11:D4:0D:40:A8:42:96:08:33:69:B1:22:93:88
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/LYowuvokEdQNQKhClggzabEik4g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.40.0/21
31.148.52.0-31.148.63.255
31.148.104.0-31.148.119.255
31.148.192.0/22
93.170.166.0/23
93.170.192.0/21
93.171.34.0-93.171.39.255
95.46.166.0-95.46.175.255
146.158.48.0/21
Signature Algorithm: sha256WithRSAEncryption
4a:a4:89:7f:7e:10:6e:99:e1:82:0e:38:95:42:ff:76:b3:fa:
06:c3:4d:e4:8e:e0:f3:16:3f:81:91:27:76:96:d0:b2:a3:5c:
74:6a:02:64:3b:2c:28:ed:34:31:5c:4d:c3:b0:3d:29:19:72:
4d:59:87:d8:38:5a:c1:06:3a:3e:26:1c:52:73:10:cc:94:d3:
d7:88:98:b9:bd:54:4f:ea:b8:67:23:06:c9:79:d3:46:d7:1a:
6f:0f:35:18:f7:26:d5:ec:19:28:d5:66:17:45:5e:23:ff:12:
66:51:d4:b5:c3:2f:9f:1d:a5:ab:5b:f0:d4:cd:27:13:e6:ad:
dc:94:47:c0:ca:3f:bd:de:7b:7e:ea:e2:f5:1f:3a:4a:ce:be:
a5:58:cd:4d:07:69:b2:ec:13:f1:82:eb:e6:6f:b1:d0:4b:4f:
96:9e:6e:e2:6d:a9:95:b3:b4:4f:48:93:fa:f2:4c:19:93:c8:
de:8c:34:38:53:3f:52:7c:06:e4:3b:bb:d7:25:ff:fa:59:c1:
15:cf:58:7e:15:d8:fd:54:94:74:45:75:1c:ca:13:31:87:d6:
86:4b:2a:11:1a:be:6f:25:68:1f:86:b8:36:2a:b3:72:7a:09:
0d:53:8a:95:d6:f2:6a:79:81:71:a0:81:b0:a7:71:05:e3:d5:
c9:44:4f:dd
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAZm/baa7xJaLBANYjDVg5wHJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjUxMDA3MTYwNzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDhhMzBiYWZhMjQxMWQ0MGQ0MGE4NDI5NjA4MzM2OWIxMjI5Mzg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn71iyA27NYQwE//UXk0f5/jg7I6l
y5CfU9XD2aBUMoWYK3liQnGwLNsid56E8swyzYpKckuTMY30Z/Aj6h4CWr/uXwvM
G+bhWgG0qLzrWCxm5rATMetTBViIKYvQdUVBgiacwuu51uPLqLYND+/DMR+fhhnb
5+Qy8DY7YGtrJBPKxmszYrKK9CScTBibPY1YRQtS8BoyJ1N1asRRDCsKKe8kbNAa
ckMIG8Ez43IHjppiPeoHh9YC0hC+NGQTTuC1F45nl9Y525zfuSi/H7YoTBPvBcLs
RfQaSZiUMAIzkr3Ss7EPcDcym1tMNRIhK92NJlVuwmA5qkR8Vg6+I1fOoQIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFC2KMLr6JBHUDUCoQpYIM2mxIpOIMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvTFlvd3V2b2tFZFFOUUtoQ2xnZ3phYkVpazRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWAwQDH5QoMAwD
BAIflDQDBAYflAAwDAMEAx+UaAMEAx+UcAMEAh+UwAMEAV2qpgMEA12qwDAMAwQB
XasiAwQDXasgMAwDBAFfLqYDBARfLqADBAOSnjAwDQYJKoZIhvcNAQELBQADggEB
AEqkiX9+EG6Z4YIOOJVC/3az+gbDTeSO4PMWP4GRJ3aW0LKjXHRqAmQ7LCjtNDFc
TcOwPSkZck1Zh9g4WsEGOj4mHFJzEMyU09eImLm9VE/quGcjBsl500bXGm8PNRj3
JtXsGSjVZhdFXiP/EmZR1LXDL58dpatb8NTNJxPmrdyUR8DKP73ee37q4vUfOkrO
vqVYzU0HabLsE/GC6+ZvsdBLT5aebuJtqZWztE9Ik/ryTBmTyN6MNDhTP1J8BuQ7
u9cl//pZwRXPWH4V2P1UlHRFdRzKEzGH1oZLKhEavm8laB+GuDYqs3J6CQ1TipXW
8mp5gXGggbCncQXj1clET90=
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:46:45 2025 by rpki-client