Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/c74a4f-4052-4c9b-a7f8-43aa4cce3f48/1/LCQo2NCbeYZ3q2w5uO1x82UrAS0.roa
File: LCQo2NCbeYZ3q2w5uO1x82UrAS0.roa (raw, json)
Hash identifier: /H5HChGZH77x2xCBhcZV4r2K/3suV56lFnfxUuSNtn0=
Subject key identifier: 2C:24:28:D8:D0:9B:79:86:77:AB:6C:39:B8:ED:71:F3:65:2B:01:2D
Certificate issuer: /CN=7ac623efbfc124712162240cba02a4da1d4dcea3
Certificate serial: 0199DDA01BD43FCC7CBCC635175BDEEB1ABE
Authority key identifier: 7A:C6:23:EF:BF:C1:24:71:21:62:24:0C:BA:02:A4:DA:1D:4D:CE:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/esYj77_BJHEhYiQMugKk2h1NzqM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/c74a4f-4052-4c9b-a7f8-43aa4cce3f48/1/LCQo2NCbeYZ3q2w5uO1x82UrAS0.roa
Signing time: Mon 13 Oct 2025 12:51:21 +0000
ROA not before: Mon 13 Oct 2025 12:51:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212661
IP address blocks: 185.123.148.0/24 maxlen: 24
193.3.37.0/24 maxlen: 24
212.146.160.0/22 maxlen: 22
212.146.160.0/24 maxlen: 24
212.146.161.0/24 maxlen: 24
212.146.164.0/22 maxlen: 22
212.146.164.0/23 maxlen: 23
212.146.166.0/23 maxlen: 23
212.146.172.0/24 maxlen: 24
212.146.175.0/24 maxlen: 24
212.146.176.0/22 maxlen: 22
212.146.180.0/22 maxlen: 22
212.146.180.0/23 maxlen: 23
212.146.182.0/23 maxlen: 23
212.146.188.0/24 maxlen: 24
212.146.190.0/24 maxlen: 24
2a06:dac0::/44 maxlen: 44
2a06:dac0:100::/44 maxlen: 44
2a06:dac0:200::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/c74a4f-4052-4c9b-a7f8-43aa4cce3f48/1/esYj77_BJHEhYiQMugKk2h1NzqM.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/c74a4f-4052-4c9b-a7f8-43aa4cce3f48/1/esYj77_BJHEhYiQMugKk2h1NzqM.mft
rsync://rpki.ripe.net/repository/DEFAULT/esYj77_BJHEhYiQMugKk2h1NzqM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:dd:a0:1b:d4:3f:cc:7c:bc:c6:35:17:5b:de:eb:1a:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ac623efbfc124712162240cba02a4da1d4dcea3
Validity
Not Before: Oct 13 12:51:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2c2428d8d09b798677ab6c39b8ed71f3652b012d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:31:db:11:7d:fa:c9:ce:e9:9a:4b:66:c1:2a:
4b:9c:7f:7f:4b:11:45:af:35:18:a2:ff:b6:07:e1:
a1:c1:0d:eb:22:c2:27:97:de:19:e9:44:69:7c:1d:
86:64:15:fb:e5:83:99:4a:78:63:08:12:77:51:62:
63:a9:86:be:8b:28:96:9f:d5:87:28:9e:1b:68:25:
d1:13:c6:54:ef:89:e9:23:c6:13:02:2f:8c:86:21:
1f:51:1f:6b:e8:32:76:be:42:3f:e7:12:30:a5:b6:
26:dc:d5:58:da:cd:5d:b3:2c:6d:f5:86:e5:8f:a1:
40:ec:60:ca:5b:96:7b:e8:6e:0d:4f:a8:9b:42:40:
fd:28:e2:f6:ee:df:dd:8b:70:db:11:24:01:fa:98:
11:9e:41:8e:04:da:2b:e6:45:b5:26:75:bf:8c:84:
a9:af:72:82:51:85:88:4e:d2:e3:7b:ac:6b:f9:93:
2c:b3:b7:51:ff:66:9b:77:c7:be:f7:36:b7:98:2f:
36:fa:7a:ca:4f:8f:22:d1:79:dd:2e:08:6b:25:c8:
ff:45:d5:80:d8:49:08:a1:1d:72:a1:56:4f:13:91:
1c:18:3b:6e:42:4a:25:08:7e:f7:7f:a4:0e:07:2e:
b0:73:15:45:4f:bc:39:18:b2:9d:cd:64:f2:de:7d:
d3:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:24:28:D8:D0:9B:79:86:77:AB:6C:39:B8:ED:71:F3:65:2B:01:2D
X509v3 Authority Key Identifier:
keyid:7A:C6:23:EF:BF:C1:24:71:21:62:24:0C:BA:02:A4:DA:1D:4D:CE:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/esYj77_BJHEhYiQMugKk2h1NzqM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/c74a4f-4052-4c9b-a7f8-43aa4cce3f48/1/LCQo2NCbeYZ3q2w5uO1x82UrAS0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/c74a4f-4052-4c9b-a7f8-43aa4cce3f48/1/esYj77_BJHEhYiQMugKk2h1NzqM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.123.148.0/24
193.3.37.0/24
212.146.160.0/21
212.146.172.0/24
212.146.175.0-212.146.183.255
212.146.188.0/24
212.146.190.0/24
IPv6:
2a06:dac0::/44
2a06:dac0:100::/44
2a06:dac0:200::/44
Signature Algorithm: sha256WithRSAEncryption
c7:e3:93:c9:cd:18:91:bd:e9:60:c8:23:67:91:f5:08:37:ee:
cd:17:a3:cb:74:4c:35:4b:e2:ec:42:b1:ad:a3:df:95:51:b2:
71:2f:a2:b4:75:c2:91:b0:ab:16:24:3a:a9:2f:d9:ed:a3:b7:
af:f0:c7:77:46:74:d6:e1:ce:81:5e:42:39:4a:47:68:dc:5a:
fb:93:ad:15:bb:76:5a:1e:12:ff:86:0d:d3:c4:ad:33:61:28:
0f:75:94:af:23:ee:d9:6d:04:94:3e:f6:ca:cc:18:12:9a:83:
c8:8c:fd:67:f6:ee:eb:93:a5:bb:97:e5:fb:6f:01:a0:32:68:
02:1d:ad:07:2b:01:d7:63:54:f9:a3:9c:75:1a:c3:1c:e6:7d:
8b:d7:81:5b:ff:21:d0:97:cc:1c:b9:c6:5f:f1:75:1e:49:7a:
c9:a2:3b:d2:63:fd:dc:e2:6e:b5:20:0a:ca:2f:21:0e:4a:9d:
92:82:ba:bf:c2:78:cb:de:94:2f:c5:4d:64:53:cf:b6:48:5c:
39:1b:fd:d4:9f:4a:d1:16:e6:9c:c8:b1:3a:eb:3b:96:dd:3f:
99:0d:d5:fa:59:e4:14:1a:e5:e2:51:59:55:d5:c7:70:0f:bf:
1e:24:f6:e5:eb:d4:b1:5b:9a:4a:60:e4:3d:78:61:dc:dd:a5:
b1:bb:81:74
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgISAZndoBvUP8x8vMY1F1ve6xq+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhYzYyM2VmYmZjMTI0NzEyMTYyMjQwY2JhMDJhNGRhMWQ0
ZGNlYTMwHhcNMjUxMDEzMTI1MTIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzI0MjhkOGQwOWI3OTg2NzdhYjZjMzliOGVkNzFmMzY1MmIwMTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlDHbEX36yc7pmktmwSpLnH9/SxFF
rzUYov+2B+GhwQ3rIsInl94Z6URpfB2GZBX75YOZSnhjCBJ3UWJjqYa+iyiWn9WH
KJ4baCXRE8ZU74npI8YTAi+MhiEfUR9r6DJ2vkI/5xIwpbYm3NVY2s1dsyxt9Ybl
j6FA7GDKW5Z76G4NT6ibQkD9KOL27t/di3DbESQB+pgRnkGOBNor5kW1JnW/jISp
r3KCUYWITtLje6xr+ZMss7dR/2abd8e+9za3mC82+nrKT48i0XndLghrJcj/RdWA
2EkIoR1yoVZPE5EcGDtuQkolCH73f6QOBy6wcxVFT7w5GLKdzWTy3n3TaQIDAQAB
o4ICWDCCAlQwHQYDVR0OBBYEFCwkKNjQm3mGd6tsObjtcfNlKwEtMB8GA1UdIwQY
MBaAFHrGI++/wSRxIWIkDLoCpNodTc6jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXNZajc3X0JKSEVoWWlRTXVnS2syaDFOenFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9jNzRhNGYtNDA1Mi00YzliLWE3Zjgt
NDNhYTRjY2UzZjQ4LzEvTENRbzJOQ2JlWVozcTJ3NXVPMXg4MlVyQVMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9jNzRhNGYtNDA1Mi00YzliLWE3ZjgtNDNhYTRjY2UzZjQ4
LzEvZXNZajc3X0JKSEVoWWlRTXVnS2syaDFOenFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG4GCCsGAQUFBwEHAQH/BF8wXTA4BAIAATAyAwQAuXuUAwQA
wQMlAwQD1JKgAwQA1JKsMAwDBADUkq8DBAPUkrADBADUkrwDBADUkr4wIQQCAAIw
GwMHBCoG2sAAAAMHBCoG2sABAAMHBCoG2sACADANBgkqhkiG9w0BAQsFAAOCAQEA
x+OTyc0Ykb3pYMgjZ5H1CDfuzRejy3RMNUvi7EKxraPflVGycS+itHXCkbCrFiQ6
qS/Z7aO3r/DHd0Z01uHOgV5COUpHaNxa+5OtFbt2Wh4S/4YN08StM2EoD3WUryPu
2W0ElD72yswYEpqDyIz9Z/bu65Olu5fl+28BoDJoAh2tBysB12NU+aOcdRrDHOZ9
i9eBW/8h0JfMHLnGX/F1Hkl6yaI70mP93OJutSAKyi8hDkqdkoK6v8J4y96UL8VN
ZFPPtkhcORv91J9K0RbmnMixOus7lt0/mQ3V+lnkFBrl4lFZVdXHcA+/HiT25evU
sVuaSmDkPXhh3N2lsbuBdA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 03:42:40 2025 by rpki-client