Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/e862de-c46c-4f21-b38e-eb5bc7d97aa0/1/LqgMdLmzZfPPNVVL0TSKOfjuask.roa
File: LqgMdLmzZfPPNVVL0TSKOfjuask.roa (raw, json)
Hash identifier: WTZx7Qb69rQ7242yE9FQUcUlhccWz/PWLVTI8R3vG9Y=
Subject key identifier: 2E:A8:0C:74:B9:B3:65:F3:CF:35:55:4B:D1:34:8A:39:F8:EE:6A:C9
Certificate issuer: /CN=ea46963cc479dadbe3c52234ab9fabaa8122d25b
Certificate serial: 01978193D213BF9F19E02CF1AA7EF69F7AF3
Authority key identifier: EA:46:96:3C:C4:79:DA:DB:E3:C5:22:34:AB:9F:AB:AA:81:22:D2:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6kaWPMR52tvjxSI0q5-rqoEi0ls.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/e862de-c46c-4f21-b38e-eb5bc7d97aa0/1/LqgMdLmzZfPPNVVL0TSKOfjuask.roa
Signing time: Wed 18 Jun 2025 05:47:17 +0000
ROA not before: Wed 18 Jun 2025 05:47:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200291
IP address blocks: 193.16.224.0/23 maxlen: 23
2a00:fe00:a000::/36 maxlen: 36
2a00:fe00:a000::/38 maxlen: 38
2a00:fe00:a400::/38 maxlen: 38
2a00:fe00:a800::/38 maxlen: 38
2a00:fe00:ac00::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/e862de-c46c-4f21-b38e-eb5bc7d97aa0/1/6kaWPMR52tvjxSI0q5-rqoEi0ls.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/e862de-c46c-4f21-b38e-eb5bc7d97aa0/1/6kaWPMR52tvjxSI0q5-rqoEi0ls.mft
rsync://rpki.ripe.net/repository/DEFAULT/6kaWPMR52tvjxSI0q5-rqoEi0ls.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 02 Jul 2025 15:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:81:93:d2:13:bf:9f:19:e0:2c:f1:aa:7e:f6:9f:7a:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ea46963cc479dadbe3c52234ab9fabaa8122d25b
Validity
Not Before: Jun 18 05:47:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2ea80c74b9b365f3cf35554bd1348a39f8ee6ac9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:b8:aa:3f:45:86:f9:de:32:81:67:20:9a:65:
db:34:7c:d8:b5:2c:12:4d:68:7d:87:71:25:fc:c8:
57:5e:05:c6:74:4a:e3:29:7e:18:ec:a5:8d:81:9f:
db:9e:5d:e7:5e:af:5f:00:7a:00:30:87:4f:58:b4:
7f:29:cc:f2:1e:75:1a:70:c8:60:0b:3a:12:77:57:
0f:31:76:a3:06:9c:b7:61:45:26:65:13:a7:d5:64:
ad:2e:e5:87:c9:19:df:7d:1e:2d:5e:d1:10:b6:7a:
6b:37:e7:36:2e:ce:90:9f:6b:16:a9:40:52:40:dc:
a5:76:fe:21:a3:e5:09:7d:cc:00:e6:a8:86:1d:69:
95:24:66:c0:8a:df:e4:87:c2:55:ff:59:bb:c2:85:
6b:b9:6d:5f:98:d8:4d:ca:4c:14:f3:15:44:c7:98:
0c:71:a1:c5:af:41:c7:86:e0:fb:d1:8f:7f:39:a3:
e7:bc:b7:60:41:9b:c4:e8:77:e9:c8:86:f7:74:58:
d2:3b:9b:cb:02:73:97:28:e7:56:e7:dc:98:eb:fe:
9a:d4:9d:e9:9d:b7:84:e2:bf:b7:ef:16:cf:47:95:
a6:94:e2:ae:79:63:55:95:b9:be:02:42:dd:09:f4:
56:44:0e:24:f5:30:27:25:d7:d0:7e:15:3f:a4:2f:
61:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:A8:0C:74:B9:B3:65:F3:CF:35:55:4B:D1:34:8A:39:F8:EE:6A:C9
X509v3 Authority Key Identifier:
keyid:EA:46:96:3C:C4:79:DA:DB:E3:C5:22:34:AB:9F:AB:AA:81:22:D2:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6kaWPMR52tvjxSI0q5-rqoEi0ls.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/e862de-c46c-4f21-b38e-eb5bc7d97aa0/1/LqgMdLmzZfPPNVVL0TSKOfjuask.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/e862de-c46c-4f21-b38e-eb5bc7d97aa0/1/6kaWPMR52tvjxSI0q5-rqoEi0ls.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.16.224.0/23
IPv6:
2a00:fe00:a000::/36
Signature Algorithm: sha256WithRSAEncryption
4e:35:c2:a3:6f:d0:6c:49:02:a7:4e:64:82:3a:d9:e3:ee:12:
89:2b:3f:f4:53:a2:72:92:de:ff:5c:49:90:4f:c1:bd:30:69:
b8:bc:3f:fb:7b:7a:f2:4e:0b:7c:ba:d0:cd:07:c5:f4:45:65:
cb:2d:39:2c:4a:84:d7:13:22:58:af:e2:87:21:9a:dd:5c:92:
c9:8f:71:ca:9e:8f:39:53:9c:b5:ef:82:ba:0e:84:26:28:83:
49:da:86:fc:24:56:7d:2f:01:74:1f:1b:44:a2:48:a4:f1:5a:
c4:ab:be:48:4c:ba:34:f1:ae:e2:7f:c2:01:bc:2c:45:e4:88:
b9:e0:d1:c6:4e:11:2e:bc:65:5a:47:fc:c5:92:c2:1a:6b:ba:
93:fe:5a:11:a3:f6:78:44:07:0b:96:dc:2c:03:99:54:7a:4b:
c3:53:ad:e4:72:62:2f:76:04:93:05:2c:07:00:05:6b:7b:d5:
47:00:97:12:b1:d1:5b:f5:2b:f9:e8:3d:48:0f:61:d1:79:e3:
f9:1d:4e:c8:06:05:bd:d9:8f:d3:57:33:46:53:31:01:70:24:
15:b4:a8:66:af:d0:44:c5:68:aa:d7:a7:80:aa:35:3d:10:8a:
d5:19:9e:91:32:81:8c:46:55:7c:ee:ad:35:a5:b2:b3:cc:54:
53:8b:de:d8
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZeBk9ITv58Z4Czxqn72n3rzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhNDY5NjNjYzQ3OWRhZGJlM2M1MjIzNGFiOWZhYmFhODEy
MmQyNWIwHhcNMjUwNjE4MDU0NzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWE4MGM3NGI5YjM2NWYzY2YzNTU1NGJkMTM0OGEzOWY4ZWU2YWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA07iqP0WG+d4ygWcgmmXbNHzYtSwS
TWh9h3El/MhXXgXGdErjKX4Y7KWNgZ/bnl3nXq9fAHoAMIdPWLR/KczyHnUacMhg
CzoSd1cPMXajBpy3YUUmZROn1WStLuWHyRnffR4tXtEQtnprN+c2Ls6Qn2sWqUBS
QNyldv4ho+UJfcwA5qiGHWmVJGbAit/kh8JV/1m7woVruW1fmNhNykwU8xVEx5gM
caHFr0HHhuD70Y9/OaPnvLdgQZvE6HfpyIb3dFjSO5vLAnOXKOdW59yY6/6a1J3p
nbeE4r+37xbPR5WmlOKueWNVlbm+AkLdCfRWRA4k9TAnJdfQfhU/pC9hKwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFC6oDHS5s2XzzzVVS9E0ijn47mrJMB8GA1UdIwQY
MBaAFOpGljzEedrb48UiNKufq6qBItJbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmthV1BNUjUydHZqeFNJMHE1LXJxb0VpMGxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi9lODYyZGUtYzQ2Yy00ZjIxLWIzOGUt
ZWI1YmM3ZDk3YWEwLzEvTHFnTWRMbXpaZlBQTlZWTDBUU0tPZmp1YXNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi9lODYyZGUtYzQ2Yy00ZjIxLWIzOGUtZWI1YmM3ZDk3YWEw
LzEvNmthV1BNUjUydHZqeFNJMHE1LXJxb0VpMGxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQBwRDgMA4E
AgACMAgDBgQqAP4AoDANBgkqhkiG9w0BAQsFAAOCAQEATjXCo2/QbEkCp05kgjrZ
4+4SiSs/9FOicpLe/1xJkE/BvTBpuLw/+3t68k4LfLrQzQfF9EVlyy05LEqE1xMi
WK/ihyGa3VySyY9xyp6POVOcte+Cug6EJiiDSdqG/CRWfS8BdB8bRKJIpPFaxKu+
SEy6NPGu4n/CAbwsReSIueDRxk4RLrxlWkf8xZLCGmu6k/5aEaP2eEQHC5bcLAOZ
VHpLw1Ot5HJiL3YEkwUsBwAFa3vVRwCXErHRW/Ur+eg9SA9h0Xnj+R1OyAYFvdmP
01czRlMxAXAkFbSoZq/QRMVoqtengKo1PRCK1RmekTKBjEZVfO6tNaWys8xUU4ve
2A==
-----END CERTIFICATE-----
Generated at Tue Jul 1 23:23:36 2025 by rpki-client