
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/3cb147-a7c3-44e9-adc8-9cd662bc8320/1/LX3OTkyoDxVaZPtiMRu4AJM_0HM.roa
File: LX3OTkyoDxVaZPtiMRu4AJM_0HM.roa (raw, json)
Hash identifier: rRmco46iM3rwfYnatxB53SSXErwXAR8mqcUhXYapGxc=
Subject key identifier: 2D:7D:CE:4E:4C:A8:0F:15:5A:64:FB:62:31:1B:B8:00:93:3F:D0:73
Certificate issuer: /CN=eb349af2af111361b29fcfef2e043d5be75e3f98
Certificate serial: 0199A0FD0DF99385817E68CDB258BA005E37
Authority key identifier: EB:34:9A:F2:AF:11:13:61:B2:9F:CF:EF:2E:04:3D:5B:E7:5E:3F:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6zSa8q8RE2Gyn8_vLgQ9W-deP5g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/3cb147-a7c3-44e9-adc8-9cd662bc8320/1/LX3OTkyoDxVaZPtiMRu4AJM_0HM.roa
Signing time: Wed 01 Oct 2025 18:16:02 +0000
ROA not before: Wed 01 Oct 2025 18:16:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 109.122.61.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/3cb147-a7c3-44e9-adc8-9cd662bc8320/1/6zSa8q8RE2Gyn8_vLgQ9W-deP5g.crl
rsync://rpki.ripe.net/repository/DEFAULT/70/3cb147-a7c3-44e9-adc8-9cd662bc8320/1/6zSa8q8RE2Gyn8_vLgQ9W-deP5g.mft
rsync://rpki.ripe.net/repository/DEFAULT/6zSa8q8RE2Gyn8_vLgQ9W-deP5g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:a0:fd:0d:f9:93:85:81:7e:68:cd:b2:58:ba:00:5e:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eb349af2af111361b29fcfef2e043d5be75e3f98
Validity
Not Before: Oct 1 18:16:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2d7dce4e4ca80f155a64fb62311bb800933fd073
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:08:d6:e3:e1:17:f3:6e:e3:c0:b0:13:72:5b:
37:57:74:a9:03:63:09:3d:94:62:1a:27:ce:e0:88:
75:ea:32:ba:40:46:53:6e:78:1d:87:64:20:1f:56:
69:cc:1c:68:3c:e5:4c:f1:c9:21:f5:a8:bd:86:6c:
2a:0c:9d:76:21:b6:d2:a6:6f:7c:3d:1e:25:b0:99:
bf:59:38:aa:fa:f8:dd:9c:14:44:1f:da:44:bd:47:
31:94:2f:1a:43:19:55:63:a7:3e:e0:f6:11:de:eb:
5f:f2:fb:f0:3c:c8:ea:65:ad:17:a2:7d:81:09:6b:
6a:b5:62:73:f6:de:23:29:70:75:c1:73:56:26:a7:
ba:51:30:3f:10:f9:75:28:8a:df:18:9c:b1:58:79:
2b:14:6b:f8:fc:18:c6:7f:70:48:87:d0:91:49:72:
60:a6:68:91:2d:90:23:6f:a9:d5:33:19:22:a5:f9:
e6:69:eb:c6:ee:7d:cd:5d:41:84:0c:61:9d:95:2e:
02:c4:44:0e:35:7d:cb:2a:11:49:31:32:6a:dd:f0:
96:0d:5e:4e:2a:24:98:36:a3:1b:16:e3:54:d0:98:
d0:15:a2:da:ea:a3:a1:d5:eb:4e:f2:57:df:ca:83:
a8:50:f2:32:7f:53:55:37:0f:a8:17:5d:8c:a8:11:
1c:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:7D:CE:4E:4C:A8:0F:15:5A:64:FB:62:31:1B:B8:00:93:3F:D0:73
X509v3 Authority Key Identifier:
keyid:EB:34:9A:F2:AF:11:13:61:B2:9F:CF:EF:2E:04:3D:5B:E7:5E:3F:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6zSa8q8RE2Gyn8_vLgQ9W-deP5g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/3cb147-a7c3-44e9-adc8-9cd662bc8320/1/LX3OTkyoDxVaZPtiMRu4AJM_0HM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/3cb147-a7c3-44e9-adc8-9cd662bc8320/1/6zSa8q8RE2Gyn8_vLgQ9W-deP5g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.61.0/24
Signature Algorithm: sha256WithRSAEncryption
06:cf:3b:d2:05:99:e1:df:3d:a9:d5:50:df:ee:c3:0b:80:52:
76:96:5f:2c:22:92:f3:f8:70:25:90:6a:45:2a:be:62:ae:64:
96:11:19:bc:2a:33:5b:c7:64:c5:50:41:74:18:0f:98:d9:56:
9e:90:6d:d1:67:c3:fb:7a:af:4e:eb:1f:95:82:d3:95:bf:22:
7a:17:21:1d:b0:89:cb:2a:0e:10:b0:88:1a:15:d0:aa:0b:be:
a0:82:9d:67:fa:c4:d3:96:f9:ed:07:df:8f:1e:46:fd:2d:57:
0d:2a:83:c4:71:28:d6:d4:6b:92:7a:fc:9e:bf:ae:1c:26:92:
8c:fa:38:2c:ef:6f:21:48:a8:f7:83:3b:d8:c2:b9:23:20:c6:
31:42:52:5d:c6:9e:24:95:ca:8e:84:9b:99:fa:54:5a:fd:f4:
67:c8:83:97:76:b6:67:b5:1a:d9:18:66:1c:8e:b6:f3:ae:09:
d2:1e:bb:9a:cb:af:1c:fb:c8:60:ac:b9:57:83:95:1d:31:46:
76:28:11:e2:74:4c:47:86:34:39:3f:49:6b:94:58:2a:04:46:
f5:0f:33:f9:90:61:85:b5:a3:67:d4:f5:98:3f:ec:87:10:d8:
be:89:a2:95:6a:66:b0:e4:fb:94:cf:d8:40:8d:c0:39:6e:12:
29:6e:97:76
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZmg/Q35k4WBfmjNsli6AF43MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViMzQ5YWYyYWYxMTEzNjFiMjlmY2ZlZjJlMDQzZDViZTc1
ZTNmOTgwHhcNMjUxMDAxMTgxNjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDdkY2U0ZTRjYTgwZjE1NWE2NGZiNjIzMTFiYjgwMDkzM2ZkMDczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnAjW4+EX827jwLATcls3V3SpA2MJ
PZRiGifO4Ih16jK6QEZTbngdh2QgH1ZpzBxoPOVM8ckh9ai9hmwqDJ12IbbSpm98
PR4lsJm/WTiq+vjdnBREH9pEvUcxlC8aQxlVY6c+4PYR3utf8vvwPMjqZa0Xon2B
CWtqtWJz9t4jKXB1wXNWJqe6UTA/EPl1KIrfGJyxWHkrFGv4/BjGf3BIh9CRSXJg
pmiRLZAjb6nVMxkipfnmaevG7n3NXUGEDGGdlS4CxEQONX3LKhFJMTJq3fCWDV5O
KiSYNqMbFuNU0JjQFaLa6qOh1etO8lffyoOoUPIyf1NVNw+oF12MqBEcFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC19zk5MqA8VWmT7YjEbuACTP9BzMB8GA1UdIwQY
MBaAFOs0mvKvERNhsp/P7y4EPVvnXj+YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnpTYThxOFJFMkd5bjhfdkxnUTlXLWRlUDVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8zY2IxNDctYTdjMy00NGU5LWFkYzgt
OWNkNjYyYmM4MzIwLzEvTFgzT1RreW9EeFZhWlB0aU1SdTRBSk1fMEhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8zY2IxNDctYTdjMy00NGU5LWFkYzgtOWNkNjYyYmM4MzIw
LzEvNnpTYThxOFJFMkd5bjhfdkxnUTlXLWRlUDVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXo9MA0G
CSqGSIb3DQEBCwUAA4IBAQAGzzvSBZnh3z2p1VDf7sMLgFJ2ll8sIpLz+HAlkGpF
Kr5irmSWERm8KjNbx2TFUEF0GA+Y2VaekG3RZ8P7eq9O6x+VgtOVvyJ6FyEdsInL
Kg4QsIgaFdCqC76ggp1n+sTTlvntB9+PHkb9LVcNKoPEcSjW1GuSevyev64cJpKM
+jgs728hSKj3gzvYwrkjIMYxQlJdxp4klcqOhJuZ+lRa/fRnyIOXdrZntRrZGGYc
jrbzrgnSHruay68c+8hgrLlXg5UdMUZ2KBHidExHhjQ5P0lrlFgqBEb1DzP5kGGF
taNn1PWYP+yHENi+iaKVamaw5PuUz9hAjcA5bhIpbpd2
-----END CERTIFICATE-----
Generated at Sun Oct 19 14:41:45 2025 by rpki-client