Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/235396-0e42-4377-855a-4565f04f8d85/1/LOAmRNgz3AR78bC-CKjKBqCJY3M.roa
File: LOAmRNgz3AR78bC-CKjKBqCJY3M.roa (raw, json)
Hash identifier: xld+cbw2oRdP1v3iddUMoK+GuqeXMoAOXkKfJjjcrk8=
Subject key identifier: 2C:E0:26:44:D8:33:DC:04:7B:F1:B0:BE:08:A8:CA:06:A0:89:63:73
Certificate issuer: /CN=954a2aee086174b01272fae779ad431eb092aeb7
Certificate serial: 01978B936A050DE15457CB29349BE621B5C8
Authority key identifier: 95:4A:2A:EE:08:61:74:B0:12:72:FA:E7:79:AD:43:1E:B0:92:AE:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lUoq7ghhdLAScvrnea1DHrCSrrc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/235396-0e42-4377-855a-4565f04f8d85/1/LOAmRNgz3AR78bC-CKjKBqCJY3M.roa
Signing time: Fri 20 Jun 2025 04:23:03 +0000
ROA not before: Fri 20 Jun 2025 04:23:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44922
IP address blocks: 37.247.116.0/24 maxlen: 24
37.247.117.0/24 maxlen: 24
2a03:400::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ae/235396-0e42-4377-855a-4565f04f8d85/1/lUoq7ghhdLAScvrnea1DHrCSrrc.crl
rsync://rpki.ripe.net/repository/DEFAULT/ae/235396-0e42-4377-855a-4565f04f8d85/1/lUoq7ghhdLAScvrnea1DHrCSrrc.mft
rsync://rpki.ripe.net/repository/DEFAULT/lUoq7ghhdLAScvrnea1DHrCSrrc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 02 Jul 2025 01:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:8b:93:6a:05:0d:e1:54:57:cb:29:34:9b:e6:21:b5:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=954a2aee086174b01272fae779ad431eb092aeb7
Validity
Not Before: Jun 20 04:23:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2ce02644d833dc047bf1b0be08a8ca06a0896373
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:ad:48:a5:21:f0:8a:29:01:f1:df:b4:08:e8:
02:bb:4f:40:4f:74:c1:7b:8a:62:94:81:31:7b:1c:
69:14:f5:62:7e:a9:21:49:fd:df:35:8b:6f:c1:6b:
ef:cc:d2:d9:5e:23:7f:23:05:31:23:9a:c2:db:24:
45:bf:a4:dc:1e:62:2d:55:95:6c:ef:02:0e:7f:d4:
aa:13:63:3e:9e:75:46:0a:a8:ff:42:b6:eb:f0:29:
4e:db:9d:29:60:5c:7b:6e:7b:75:40:55:3f:db:ab:
6c:8b:17:d3:0d:c6:89:5a:dd:db:ba:24:0c:04:0c:
20:fe:fe:f4:d4:ed:fb:09:57:8d:2a:c4:b9:ab:bd:
df:64:94:40:9e:72:6c:7e:17:9d:aa:a9:50:73:0d:
c3:f7:5b:e3:0b:bd:40:89:b1:da:3f:22:68:dd:ad:
7c:82:77:6e:db:e7:49:77:54:3f:34:97:36:2c:04:
70:c7:8d:e2:9e:c6:fb:c7:44:95:04:ff:f1:6a:04:
e2:f2:ad:52:35:8d:dc:99:d6:89:5d:74:d6:12:48:
52:57:eb:cd:17:b0:e3:fd:87:28:1a:e4:e6:79:b0:
c3:07:49:70:e9:f4:1b:61:89:e8:0a:a7:ea:70:b2:
31:71:93:b6:7f:9a:e8:38:64:ea:6a:65:ed:7a:db:
67:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:E0:26:44:D8:33:DC:04:7B:F1:B0:BE:08:A8:CA:06:A0:89:63:73
X509v3 Authority Key Identifier:
keyid:95:4A:2A:EE:08:61:74:B0:12:72:FA:E7:79:AD:43:1E:B0:92:AE:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lUoq7ghhdLAScvrnea1DHrCSrrc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/235396-0e42-4377-855a-4565f04f8d85/1/LOAmRNgz3AR78bC-CKjKBqCJY3M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/235396-0e42-4377-855a-4565f04f8d85/1/lUoq7ghhdLAScvrnea1DHrCSrrc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.247.116.0/23
IPv6:
2a03:400::/32
Signature Algorithm: sha256WithRSAEncryption
0e:70:cc:a5:c3:f9:07:b8:d3:ea:6c:bf:01:64:59:4b:a7:63:
de:c5:9a:f9:05:78:a9:90:04:dd:3a:08:d4:12:80:7a:e5:ac:
b1:fd:cc:b3:d6:ad:20:68:c8:47:f3:6a:5c:d3:6c:27:12:bc:
ca:d6:e2:89:57:df:82:c7:c6:2f:c3:d8:9c:28:55:21:25:57:
2c:70:b1:98:7b:41:b2:b5:02:b7:05:cd:8f:4d:de:ae:42:54:
ab:f6:5c:30:14:36:44:2b:cd:d5:94:a9:a6:66:d8:7a:6e:a3:
86:48:08:5e:0b:e1:e5:55:ef:08:f4:62:3b:54:82:81:19:7c:
04:d1:82:86:42:da:3b:02:93:69:0a:11:43:fc:03:75:3c:fd:
70:c3:88:65:ee:45:d5:a4:56:6b:30:d9:94:79:eb:fe:64:e4:
54:98:f6:56:15:2f:a4:5d:33:73:0d:9e:d2:5b:98:f1:bd:cb:
a4:ce:b7:6a:cc:1c:0b:9a:e6:0d:7f:99:70:c2:8b:cc:3d:7a:
c4:e0:56:16:ee:ee:bb:40:b4:b0:5a:fc:a6:a3:57:58:41:07:
6d:5f:a8:21:c5:54:0f:b2:ae:c0:20:d9:6f:69:10:91:8c:eb:
82:c6:3b:74:d3:2b:94:31:55:d9:1c:4d:87:e7:53:cf:6b:d9:
f3:e7:ce:4f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZeLk2oFDeFUV8spNJvmIbXIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1NGEyYWVlMDg2MTc0YjAxMjcyZmFlNzc5YWQ0MzFlYjA5
MmFlYjcwHhcNMjUwNjIwMDQyMzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyY2UwMjY0NGQ4MzNkYzA0N2JmMWIwYmUwOGE4Y2EwNmEwODk2MzczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAla1IpSHwiikB8d+0COgCu09AT3TB
e4pilIExexxpFPVifqkhSf3fNYtvwWvvzNLZXiN/IwUxI5rC2yRFv6TcHmItVZVs
7wIOf9SqE2M+nnVGCqj/Qrbr8ClO250pYFx7bnt1QFU/26tsixfTDcaJWt3buiQM
BAwg/v701O37CVeNKsS5q73fZJRAnnJsfhedqqlQcw3D91vjC71AibHaPyJo3a18
gndu2+dJd1Q/NJc2LARwx43insb7x0SVBP/xagTi8q1SNY3cmdaJXXTWEkhSV+vN
F7Dj/YcoGuTmebDDB0lw6fQbYYnoCqfqcLIxcZO2f5roOGTqamXtettnzwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCzgJkTYM9wEe/GwvgioygagiWNzMB8GA1UdIwQY
MBaAFJVKKu4IYXSwEnL653mtQx6wkq63MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFVvcTdnaGhkTEFTY3ZybmVhMURIckNTcnJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS8yMzUzOTYtMGU0Mi00Mzc3LTg1NWEt
NDU2NWYwNGY4ZDg1LzEvTE9BbVJOZ3ozQVI3OGJDLUNLaktCcUNKWTNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS8yMzUzOTYtMGU0Mi00Mzc3LTg1NWEtNDU2NWYwNGY4ZDg1
LzEvbFVvcTdnaGhkTEFTY3ZybmVhMURIckNTcnJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBJfd0MA0E
AgACMAcDBQAqAwQAMA0GCSqGSIb3DQEBCwUAA4IBAQAOcMylw/kHuNPqbL8BZFlL
p2PexZr5BXipkATdOgjUEoB65ayx/cyz1q0gaMhH82pc02wnErzK1uKJV9+Cx8Yv
w9icKFUhJVcscLGYe0GytQK3Bc2PTd6uQlSr9lwwFDZEK83VlKmmZth6bqOGSAhe
C+HlVe8I9GI7VIKBGXwE0YKGQto7ApNpChFD/AN1PP1ww4hl7kXVpFZrMNmUeev+
ZORUmPZWFS+kXTNzDZ7SW5jxvcukzrdqzBwLmuYNf5lwwovMPXrE4FYW7u67QLSw
Wvymo1dYQQdtX6ghxVQPsq7AINlvaRCRjOuCxjt00yuUMVXZHE2H51PPa9nz585P
-----END CERTIFICATE-----
Generated at Tue Jul 1 10:28:00 2025 by rpki-client