Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/13f5f1-45b6-4bc1-b5a5-521fa41dfc96/1/leLbvZk-ZLOHTx35H1teEVZvq_w.roa
File: leLbvZk-ZLOHTx35H1teEVZvq_w.roa (raw, json)
Hash identifier: CF/SxDg4bOjmx2R5usAUeBgqRx+iarFbP3We+RdFgrY=
Subject key identifier: 95:E2:DB:BD:99:3E:64:B3:87:4F:1D:F9:1F:5B:5E:11:56:6F:AB:FC
Certificate issuer: /CN=f970049cba7f39aeed31d65313c7b953f3fda135
Certificate serial: 019957B9C2F1DD2C70ACF3A4B9553C4F7036
Authority key identifier: F9:70:04:9C:BA:7F:39:AE:ED:31:D6:53:13:C7:B9:53:F3:FD:A1:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-XAEnLp_Oa7tMdZTE8e5U_P9oTU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/13f5f1-45b6-4bc1-b5a5-521fa41dfc96/1/leLbvZk-ZLOHTx35H1teEVZvq_w.roa
Signing time: Wed 17 Sep 2025 12:50:15 +0000
ROA not before: Wed 17 Sep 2025 12:50:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203953
IP address blocks: 2.110.64.0/18 maxlen: 18
2.110.128.0/17 maxlen: 17
89.150.128.0/18 maxlen: 18
90.184.0.0/15 maxlen: 15
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/13f5f1-45b6-4bc1-b5a5-521fa41dfc96/1/1-XAEnLp_Oa7tMdZTE8e5U_P9oTU.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/13f5f1-45b6-4bc1-b5a5-521fa41dfc96/1/1-XAEnLp_Oa7tMdZTE8e5U_P9oTU.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-XAEnLp_Oa7tMdZTE8e5U_P9oTU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 17:01:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:57:b9:c2:f1:dd:2c:70:ac:f3:a4:b9:55:3c:4f:70:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f970049cba7f39aeed31d65313c7b953f3fda135
Validity
Not Before: Sep 17 12:50:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=95e2dbbd993e64b3874f1df91f5b5e11566fabfc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:3b:c8:01:d2:92:3a:a5:6b:b1:5a:3a:12:f8:
a9:3e:4b:fe:f9:e8:db:63:83:f6:61:9d:44:49:4b:
4e:e5:65:f5:dc:66:dd:ab:47:29:f1:ca:be:56:55:
e4:ca:fb:82:10:71:b5:b8:8a:9c:39:7b:b5:2c:e4:
f2:f6:bd:69:bf:92:9f:94:56:48:99:06:db:73:46:
0d:29:18:67:b5:7c:87:54:1d:a5:74:e2:e9:71:3b:
e2:2d:a4:f0:c2:35:87:6b:06:a4:19:cc:17:c8:88:
7c:6f:d8:63:d6:3d:d2:9d:d7:9d:e2:fe:19:25:5a:
90:f6:69:44:63:50:b8:71:fc:b6:d8:a3:d5:22:bb:
a4:b1:7b:40:ff:e8:00:57:c2:71:8c:be:49:fa:ed:
94:d0:a4:61:0f:22:c3:60:83:b2:a0:97:86:4a:da:
89:1b:04:93:8f:36:82:7a:df:a1:db:e0:0f:6c:26:
1a:97:c1:e8:d9:1b:13:a6:94:4e:ef:af:1f:6d:61:
2a:fb:2a:52:73:f7:24:65:77:54:47:4d:ad:58:56:
03:20:13:b7:17:31:58:3c:b7:76:73:44:b4:19:b4:
17:e7:2f:e7:10:38:be:61:93:03:2f:e2:76:8c:4c:
dc:03:8a:5e:a4:7a:8f:66:87:9e:83:7d:22:9f:37:
b6:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:E2:DB:BD:99:3E:64:B3:87:4F:1D:F9:1F:5B:5E:11:56:6F:AB:FC
X509v3 Authority Key Identifier:
keyid:F9:70:04:9C:BA:7F:39:AE:ED:31:D6:53:13:C7:B9:53:F3:FD:A1:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-XAEnLp_Oa7tMdZTE8e5U_P9oTU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/13f5f1-45b6-4bc1-b5a5-521fa41dfc96/1/leLbvZk-ZLOHTx35H1teEVZvq_w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/13f5f1-45b6-4bc1-b5a5-521fa41dfc96/1/1-XAEnLp_Oa7tMdZTE8e5U_P9oTU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.110.64.0-2.110.255.255
89.150.128.0/18
90.184.0.0/15
Signature Algorithm: sha256WithRSAEncryption
0d:3c:d6:12:21:18:79:fe:94:01:8c:0c:7d:d1:7e:14:3f:e1:
93:4e:eb:8d:44:0f:e6:2a:3e:e4:dd:1d:ae:ea:23:0d:e9:57:
aa:09:40:68:c3:18:8e:74:cb:5f:c1:7c:f8:cc:9a:6c:d4:36:
81:37:18:d1:b0:df:70:f6:e1:53:66:d8:77:1f:4b:42:64:8c:
f4:b6:02:de:4b:c7:99:b0:13:d2:25:81:e7:84:db:6d:a8:d7:
3a:ce:5c:3e:9d:3a:6e:7b:1a:56:79:5e:a4:6f:84:3d:7d:8d:
c8:ba:42:3e:6d:4e:b5:8b:5b:55:7b:ca:b1:f9:05:33:59:0b:
46:6d:1b:ba:ea:89:b6:0d:4e:7c:cc:9a:36:fd:bc:17:90:7f:
59:29:6f:6f:f0:03:d4:2e:57:b0:5e:22:49:3f:8a:c4:84:ec:
6e:df:3e:e6:82:7d:a5:94:6f:9a:d8:e3:60:6f:5c:c3:e1:08:
8b:1d:90:2a:7f:3a:72:00:3b:15:a2:51:66:6f:f0:b5:7a:49:
9d:f8:4d:e7:90:7b:64:fa:0b:f3:34:fd:29:6e:67:01:8d:08:
06:71:1e:4c:d8:ea:7c:00:38:f0:86:f2:c6:34:d0:7d:1c:88:
fe:43:bc:70:33:e0:d0:27:c9:0d:cb:7c:4a:de:0d:7d:10:b2:
82:ef:e0:e4
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZlXucLx3SxwrPOkuVU8T3A2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5NzAwNDljYmE3ZjM5YWVlZDMxZDY1MzEzYzdiOTUzZjNm
ZGExMzUwHhcNMjUwOTE3MTI1MDE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWUyZGJiZDk5M2U2NGIzODc0ZjFkZjkxZjViNWUxMTU2NmZhYmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsDvIAdKSOqVrsVo6EvipPkv++ejb
Y4P2YZ1ESUtO5WX13Gbdq0cp8cq+VlXkyvuCEHG1uIqcOXu1LOTy9r1pv5KflFZI
mQbbc0YNKRhntXyHVB2ldOLpcTviLaTwwjWHawakGcwXyIh8b9hj1j3Snded4v4Z
JVqQ9mlEY1C4cfy22KPVIruksXtA/+gAV8JxjL5J+u2U0KRhDyLDYIOyoJeGStqJ
GwSTjzaCet+h2+APbCYal8Ho2RsTppRO768fbWEq+ypSc/ckZXdUR02tWFYDIBO3
FzFYPLd2c0S0GbQX5y/nEDi+YZMDL+J2jEzcA4pepHqPZoeeg30inze2EQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFJXi272ZPmSzh08d+R9bXhFWb6v8MB8GA1UdIwQY
MBaAFPlwBJy6fzmu7THWUxPHuVPz/aE1MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1YQUVuTHBfT2E3dE1kWlRFOGU1VV9QOW9UVS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTIvMTNmNWYxLTQ1YjYtNGJjMS1iNWE1
LTUyMWZhNDFkZmM5Ni8xL2xlTGJ2WmstWkxPSFR4MzVIMXRlRVZadnFfdy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYTIvMTNmNWYxLTQ1YjYtNGJjMS1iNWE1LTUyMWZhNDFkZmM5
Ni8xLzEtWEFFbkxwX09hN3RNZFpURThlNVVfUDlvVFUuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgwCwMEBgJu
QAMDAAJuAwQGWZaAAwMBWrgwDQYJKoZIhvcNAQELBQADggEBAA081hIhGHn+lAGM
DH3RfhQ/4ZNO641ED+YqPuTdHa7qIw3pV6oJQGjDGI50y1/BfPjMmmzUNoE3GNGw
33D24VNm2HcfS0JkjPS2At5Lx5mwE9IlgeeE222o1zrOXD6dOm57GlZ5XqRvhD19
jci6Qj5tTrWLW1V7yrH5BTNZC0ZtG7rqibYNTnzMmjb9vBeQf1kpb2/wA9QuV7Be
Ikk/isSE7G7fPuaCfaWUb5rY42BvXMPhCIsdkCp/OnIAOxWiUWZv8LV6SZ34TeeQ
e2T6C/M0/SluZwGNCAZxHkzY6nwAOPCG8sY00H0ciP5DvHAz4NAnyQ3LfEreDX0Q
soLv4OQ=
-----END CERTIFICATE-----
Generated at Mon Oct 20 03:18:18 2025 by rpki-client