Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/1be999-5a59-4c10-92ff-da1b58618841/1/Lob4QDIP2dfLNefIfHCH-elGr6w.roa
File: Lob4QDIP2dfLNefIfHCH-elGr6w.roa (raw, json)
Hash identifier: gcr1vfLV1uOvIBLUDtdkrAdiHkI7eAoGXpU8ShFCIEA=
Subject key identifier: 2E:86:F8:40:32:0F:D9:D7:CB:35:E7:C8:7C:70:87:F9:E9:46:AF:AC
Certificate issuer: /CN=eefbe8369a7bbc03a86fbe639b7efaa02b717287
Certificate serial: 0197A784FFA0B928CA3EBB5AB007CAE79A39
Authority key identifier: EE:FB:E8:36:9A:7B:BC:03:A8:6F:BE:63:9B:7E:FA:A0:2B:71:72:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7vvoNpp7vAOob75jm376oCtxcoc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/1be999-5a59-4c10-92ff-da1b58618841/1/Lob4QDIP2dfLNefIfHCH-elGr6w.roa
Signing time: Wed 25 Jun 2025 14:36:40 +0000
ROA not before: Wed 25 Jun 2025 14:36:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207616
IP address blocks: 45.67.14.0/24 maxlen: 24
91.193.56.0/23 maxlen: 24
185.190.26.0/24 maxlen: 24
194.48.200.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/76/1be999-5a59-4c10-92ff-da1b58618841/1/7vvoNpp7vAOob75jm376oCtxcoc.crl
rsync://rpki.ripe.net/repository/DEFAULT/76/1be999-5a59-4c10-92ff-da1b58618841/1/7vvoNpp7vAOob75jm376oCtxcoc.mft
rsync://rpki.ripe.net/repository/DEFAULT/7vvoNpp7vAOob75jm376oCtxcoc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Jul 2025 11:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a7:84:ff:a0:b9:28:ca:3e:bb:5a:b0:07:ca:e7:9a:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eefbe8369a7bbc03a86fbe639b7efaa02b717287
Validity
Not Before: Jun 25 14:36:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2e86f840320fd9d7cb35e7c87c7087f9e946afac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:70:18:c6:85:e6:d8:a7:d9:ae:f5:a3:d4:b4:
e7:bd:db:17:86:a1:f5:07:e6:c9:67:3c:fb:30:41:
c2:b8:76:9c:df:b1:f2:12:6a:85:98:f5:80:6b:c0:
ca:a9:f4:61:33:91:77:94:98:34:8b:c8:f3:45:d0:
7f:10:63:ca:61:e0:16:19:51:ea:4b:a9:95:01:f9:
5f:4d:c8:84:d2:21:d4:89:3a:1c:06:85:b4:95:63:
fb:9d:6d:d6:7c:c9:6c:04:41:41:1a:f5:d5:eb:3e:
87:b6:c4:44:b7:52:95:9e:7c:88:52:54:48:0b:b0:
eb:23:95:0b:da:ca:e4:34:75:e4:b0:97:8b:39:7e:
02:9d:4c:d6:2f:3d:05:6d:25:3b:b9:2f:da:36:ab:
e5:31:80:69:81:4c:fd:b6:2f:7a:c2:d2:63:37:f2:
d2:f3:3b:de:66:d6:8f:af:75:26:e1:52:21:4a:b3:
bd:14:58:37:18:40:c3:36:de:81:58:4f:2d:8d:a7:
80:11:21:e1:4b:c2:3c:76:1c:e9:b9:09:38:c3:2c:
ef:b0:12:fd:0d:01:ed:f9:81:27:f8:0e:ab:f4:70:
7d:37:74:26:f6:88:15:ec:10:76:30:9f:60:9d:3e:
0b:de:11:d6:13:18:32:c6:62:c0:cf:ee:a3:4e:f7:
89:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:86:F8:40:32:0F:D9:D7:CB:35:E7:C8:7C:70:87:F9:E9:46:AF:AC
X509v3 Authority Key Identifier:
keyid:EE:FB:E8:36:9A:7B:BC:03:A8:6F:BE:63:9B:7E:FA:A0:2B:71:72:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7vvoNpp7vAOob75jm376oCtxcoc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1be999-5a59-4c10-92ff-da1b58618841/1/Lob4QDIP2dfLNefIfHCH-elGr6w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1be999-5a59-4c10-92ff-da1b58618841/1/7vvoNpp7vAOob75jm376oCtxcoc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.14.0/24
91.193.56.0/23
185.190.26.0/24
194.48.200.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:67:66:88:90:62:b0:9e:88:82:5c:f8:71:a7:dc:bf:86:6d:
e6:d6:06:33:55:28:32:d1:24:05:fc:00:ae:18:bc:09:82:eb:
7d:5a:7b:cf:b2:ca:77:a1:94:e7:9e:45:14:1e:38:fb:c9:a6:
ef:5c:7d:a3:4b:9f:72:df:88:18:aa:21:c5:48:cb:a5:0a:ac:
d6:e8:08:56:ea:2a:f4:d3:84:94:34:84:08:6b:c1:5d:ee:e8:
c3:46:e1:15:e2:07:5a:fd:ae:6b:ce:69:67:36:8b:98:5f:74:
2e:4f:bf:09:dc:9e:d7:c1:34:e8:ca:54:f1:0b:2e:3b:2e:65:
c3:1d:2e:e9:5c:23:09:6a:7d:c6:c9:c8:fc:5a:eb:30:3d:9d:
79:e5:11:9b:3e:00:27:1c:4b:36:8a:c3:ec:22:1b:7a:f7:07:
00:e3:9d:2a:8c:8f:20:dd:10:22:f8:86:ca:71:27:7d:2d:3c:
33:e1:10:6b:5a:d3:04:7b:4f:b0:c4:aa:79:9a:30:a6:b6:1b:
5e:8d:f3:a0:bb:b9:ce:32:db:38:8b:98:33:42:f4:2a:8f:2e:
ea:43:5f:e9:db:4f:50:e7:21:7a:d8:b0:91:34:34:4e:21:d4:
d7:0f:16:45:32:f9:3d:3d:9f:49:cd:2f:3d:bf:c4:49:cd:b5:
15:a2:bb:e6
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZenhP+guSjKPrtasAfK55o5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlZmJlODM2OWE3YmJjMDNhODZmYmU2MzliN2VmYWEwMmI3
MTcyODcwHhcNMjUwNjI1MTQzNjQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTg2Zjg0MDMyMGZkOWQ3Y2IzNWU3Yzg3YzcwODdmOWU5NDZhZmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHAYxoXm2KfZrvWj1LTnvdsXhqH1
B+bJZzz7MEHCuHac37HyEmqFmPWAa8DKqfRhM5F3lJg0i8jzRdB/EGPKYeAWGVHq
S6mVAflfTciE0iHUiTocBoW0lWP7nW3WfMlsBEFBGvXV6z6HtsREt1KVnnyIUlRI
C7DrI5UL2srkNHXksJeLOX4CnUzWLz0FbSU7uS/aNqvlMYBpgUz9ti96wtJjN/LS
8zveZtaPr3Um4VIhSrO9FFg3GEDDNt6BWE8tjaeAESHhS8I8dhzpuQk4wyzvsBL9
DQHt+YEn+A6r9HB9N3Qm9ogV7BB2MJ9gnT4L3hHWExgyxmLAz+6jTveJCwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFC6G+EAyD9nXyzXnyHxwh/npRq+sMB8GA1UdIwQY
MBaAFO776Daae7wDqG++Y5t++qArcXKHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3Z2b05wcDd2QU9vYjc1am0zNzZvQ3R4Y29jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni8xYmU5OTktNWE1OS00YzEwLTkyZmYt
ZGExYjU4NjE4ODQxLzEvTG9iNFFESVAyZGZMTmVmSWZIQ0gtZWxHcjZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni8xYmU5OTktNWE1OS00YzEwLTkyZmYtZGExYjU4NjE4ODQx
LzEvN3Z2b05wcDd2QU9vYjc1am0zNzZvQ3R4Y29jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALUMOAwQB
W8E4AwQAub4aAwQAwjDIMA0GCSqGSIb3DQEBCwUAA4IBAQALZ2aIkGKwnoiCXPhx
p9y/hm3m1gYzVSgy0SQF/ACuGLwJgut9WnvPssp3oZTnnkUUHjj7yabvXH2jS59y
34gYqiHFSMulCqzW6AhW6ir004SUNIQIa8Fd7ujDRuEV4gda/a5rzmlnNouYX3Qu
T78J3J7XwTToylTxCy47LmXDHS7pXCMJan3Gycj8WuswPZ155RGbPgAnHEs2isPs
Iht69wcA450qjI8g3RAi+IbKcSd9LTwz4RBrWtMEe0+wxKp5mjCmthtejfOgu7nO
Mts4i5gzQvQqjy7qQ1/p209Q5yF62LCRNDROIdTXDxZFMvk9PZ9JzS89v8RJzbUV
orvm
-----END CERTIFICATE-----
Generated at Wed Jul 2 20:16:09 2025 by rpki-client