Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/lLZ5Io9qq5qjICXx9jv1SSbflTg.roa
File: lLZ5Io9qq5qjICXx9jv1SSbflTg.roa (raw, json)
Hash identifier: gaHQzxeVOCa2xWjBUWdAbn70cMT5ACXZ2OoKrZdMdSM=
Subject key identifier: 94:B6:79:22:8F:6A:AB:9A:A3:20:25:F1:F6:3B:F5:49:26:DF:95:38
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 01999FD57E622B1CC6398CE0D43067CD14E0
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/lLZ5Io9qq5qjICXx9jv1SSbflTg.roa
Signing time: Wed 01 Oct 2025 12:53:12 +0000
ROA not before: Wed 01 Oct 2025 12:53:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48147
IP address blocks: 212.16.86.0/24 maxlen: 24
212.80.18.0/23 maxlen: 23
212.80.18.0/24 maxlen: 24
212.80.19.0/24 maxlen: 24
212.80.20.0/22 maxlen: 22
212.80.20.0/24 maxlen: 24
212.80.21.0/24 maxlen: 24
212.80.22.0/24 maxlen: 24
212.80.23.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.mft
rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 14:01:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:9f:d5:7e:62:2b:1c:c6:39:8c:e0:d4:30:67:cd:14:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Oct 1 12:53:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=94b679228f6aab9aa32025f1f63bf54926df9538
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:8e:e6:32:97:46:c3:7b:22:c3:c9:31:59:f1:
b2:80:83:31:05:e4:88:60:ba:68:8a:f8:61:38:21:
ba:b8:11:08:14:58:a5:5e:f5:01:c7:60:ec:d0:81:
43:51:4f:03:97:4e:e3:f0:8f:bb:ae:1d:87:fa:59:
97:44:ca:62:d0:60:db:61:4f:dd:c3:c1:4c:70:cb:
98:02:bc:f6:5c:02:86:6b:e5:00:3c:5c:e9:42:7e:
0b:a2:00:16:39:68:8a:b9:61:ee:0e:e4:ff:cd:83:
af:23:e1:4e:8d:0b:d5:3e:b3:9e:c6:23:41:60:7f:
65:e1:18:e1:9c:60:60:13:76:d1:9d:99:7b:f1:40:
c6:8d:f9:ca:cb:c2:47:e5:bc:fd:48:db:d2:fa:fc:
72:a2:c8:04:89:b2:d7:1f:8a:8b:4f:1a:eb:b1:e4:
b2:83:a6:91:9c:12:f3:ea:ed:90:5f:ee:78:a5:14:
3c:3a:ca:37:f6:2c:a0:24:72:14:5c:9d:51:af:e2:
5b:d4:ae:6e:04:ec:34:3c:dd:84:42:de:1f:5a:54:
84:1d:56:6d:9b:3f:7f:23:ca:bd:64:49:aa:de:24:
0b:60:4c:04:d2:bb:9c:f6:18:62:37:cb:c6:21:1e:
e0:fd:28:c8:e5:4c:74:12:ef:5d:a0:72:61:f2:67:
53:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:B6:79:22:8F:6A:AB:9A:A3:20:25:F1:F6:3B:F5:49:26:DF:95:38
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/lLZ5Io9qq5qjICXx9jv1SSbflTg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.16.86.0/24
212.80.18.0-212.80.23.255
Signature Algorithm: sha256WithRSAEncryption
10:72:90:36:5f:fc:90:98:c5:01:73:8c:3c:2a:95:71:74:71:
35:26:70:4e:c1:3c:85:72:12:57:57:8f:0a:de:21:c6:3c:e1:
71:5f:3c:b5:01:2b:b0:6c:fb:68:02:d7:d5:bf:f8:47:ee:93:
4d:ff:b1:db:30:16:6d:20:5c:b6:a6:ea:90:e5:6e:d8:6a:92:
02:40:6a:62:b0:6b:6a:8e:22:1e:c7:3a:c1:b3:34:d7:89:dd:
98:29:f2:4b:03:02:59:bb:52:87:7d:81:c5:40:9f:95:4a:ac:
e6:e3:e3:f2:db:6c:c2:b0:e0:e9:50:09:92:97:b2:21:1c:aa:
20:f7:17:f2:61:22:46:78:5d:bb:1d:f7:c8:5f:67:d6:3c:e2:
7f:54:62:09:cf:7d:90:3a:32:35:36:4e:40:be:f3:15:30:f7:
f3:04:bb:5e:27:03:a3:f6:ba:49:50:0d:b2:3f:72:85:47:28:
1c:d7:d5:a9:0d:1d:37:d3:f3:0f:23:99:60:06:8c:83:e5:e7:
6d:6a:5a:49:42:25:1c:ed:98:f7:b7:b9:1b:ab:2d:cb:bf:f7:
a7:de:8d:c8:e7:3d:cd:c8:a2:ec:6a:85:e6:f6:e6:09:5f:30:
34:5d:ba:23:49:5c:19:e9:80:dd:31:08:c3:16:63:a4:9b:88:
9a:ae:f0:35
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZmf1X5iKxzGOYzg1DBnzRTgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjUxMDAxMTI1MzEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGI2NzkyMjhmNmFhYjlhYTMyMDI1ZjFmNjNiZjU0OTI2ZGY5NTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnY7mMpdGw3siw8kxWfGygIMxBeSI
YLpoivhhOCG6uBEIFFilXvUBx2Ds0IFDUU8Dl07j8I+7rh2H+lmXRMpi0GDbYU/d
w8FMcMuYArz2XAKGa+UAPFzpQn4LogAWOWiKuWHuDuT/zYOvI+FOjQvVPrOexiNB
YH9l4RjhnGBgE3bRnZl78UDGjfnKy8JH5bz9SNvS+vxyosgEibLXH4qLTxrrseSy
g6aRnBLz6u2QX+54pRQ8Oso39iygJHIUXJ1Rr+Jb1K5uBOw0PN2EQt4fWlSEHVZt
mz9/I8q9ZEmq3iQLYEwE0ruc9hhiN8vGIR7g/SjI5Ux0Eu9doHJh8mdTwQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFJS2eSKPaquaoyAl8fY79Ukm35U4MB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvbExaNUlvOXFxNXFqSUNYeDlqdjFTU2JmbFRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQA1BBWMAwD
BAHUUBIDBAPUUBAwDQYJKoZIhvcNAQELBQADggEBABBykDZf/JCYxQFzjDwqlXF0
cTUmcE7BPIVyEldXjwreIcY84XFfPLUBK7Bs+2gC19W/+Efuk03/sdswFm0gXLam
6pDlbthqkgJAamKwa2qOIh7HOsGzNNeJ3Zgp8ksDAlm7Uod9gcVAn5VKrObj4/Lb
bMKw4OlQCZKXsiEcqiD3F/JhIkZ4Xbsd98hfZ9Y84n9UYgnPfZA6MjU2TkC+8xUw
9/MEu14nA6P2uklQDbI/coVHKBzX1akNHTfT8w8jmWAGjIPl521qWklCJRztmPe3
uRurLcu/96fejcjnPc3Iouxqheb25glfMDRduiNJXBnpgN0xCMMWY6SbiJqu8DU=
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:55:36 2025 by rpki-client