Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/LxGfS1EI6Z9EWxE5RJBeXTsuL0c.roa
File: LxGfS1EI6Z9EWxE5RJBeXTsuL0c.roa (raw, json)
Hash identifier: DBe+cW3QKgepldQcTrJ2zdn5oLGq25AwJ+N7aj0pLrY=
Subject key identifier: 2F:11:9F:4B:51:08:E9:9F:44:5B:11:39:44:90:5E:5D:3B:2E:2F:47
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0197A7FC0432746DDF2605065DE0798BF603
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/LxGfS1EI6Z9EWxE5RJBeXTsuL0c.roa
Signing time: Wed 25 Jun 2025 16:46:40 +0000
ROA not before: Wed 25 Jun 2025 16:46:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 28753
IP address blocks: 45.9.116.0/24 maxlen: 24
45.9.122.0/24 maxlen: 24
193.8.127.0/24 maxlen: 24
2a04:9f40::/29 maxlen: 29
2a06:1184:101::/48 maxlen: 48
2a06:3bc0::/29 maxlen: 29
2a07:8a40::/29 maxlen: 29
2a09:7b00::/29 maxlen: 29
2a0a:2d06:102::/48 maxlen: 48
2a0a:2d06:103::/48 maxlen: 48
2a0a:7d00::/29 maxlen: 29
2a0c:4880::/29 maxlen: 29
2a0c:7886:99::/48 maxlen: 48
2a0c:7886:100::/48 maxlen: 48
2a0e:15c7:99::/48 maxlen: 48
2a0f:17c0::/29 maxlen: 29
2a0f:2500::/29 maxlen: 29
2a0f:d200::/29 maxlen: 29
2a0f:db40::/29 maxlen: 29
2a11:8880::/29 maxlen: 29
2a12:d5c0::/29 maxlen: 29
2a12:ecc0:158::/48 maxlen: 48
2a12:f5c0::/29 maxlen: 29
2a13:1380::/29 maxlen: 29
2a13:18c6:66::/48 maxlen: 48
2a13:2cc0::/29 maxlen: 29
2a13:2d40::/29 maxlen: 29
2a13:2dc0::/29 maxlen: 29
2a13:2e40::/29 maxlen: 29
2a13:3380::/29 maxlen: 29
2a13:4900::/29 maxlen: 29
2a13:5b80::/29 maxlen: 29
2a13:7400::/29 maxlen: 29
2a13:7900::/29 maxlen: 29
2a13:7d80::/29 maxlen: 29
2a13:8200::/29 maxlen: 29
2a13:9080::/29 maxlen: 29
2a13:9180::/29 maxlen: 29
2a13:9580::/29 maxlen: 29
2a13:9680::/29 maxlen: 29
2a13:d100::/29 maxlen: 29
2a13:d700::/29 maxlen: 29
2a13:d900::/29 maxlen: 29
2a13:f900::/29 maxlen: 29
2a13:fb00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 01 Jul 2025 11:49:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a7:fc:04:32:74:6d:df:26:05:06:5d:e0:79:8b:f6:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jun 25 16:46:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2f119f4b5108e99f445b113944905e5d3b2e2f47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:06:99:43:e5:9c:5c:ee:37:39:f0:53:69:ab:
c4:af:c3:2b:24:ac:29:e7:93:8f:18:f0:fa:a2:85:
68:b5:05:fe:fc:01:a0:b9:db:1e:65:0c:4c:42:96:
68:5c:03:18:27:60:e0:e7:ff:1d:6e:2a:06:d3:f4:
52:61:48:44:15:99:3a:df:dc:93:be:46:d1:cd:a6:
6f:94:dd:12:e6:a7:99:93:9d:73:ee:1b:95:6c:6c:
0d:37:1a:b6:84:f5:fb:2d:77:d8:f5:73:bc:9e:a0:
a3:5f:c8:dd:81:ed:79:1d:e7:f4:cb:f4:f4:84:50:
ac:25:56:05:91:e5:eb:47:e6:f7:61:49:de:03:90:
68:64:f8:af:b4:50:9f:39:00:cd:ae:9c:04:66:ae:
95:7e:2d:fa:56:a3:9b:a9:17:12:39:50:6a:28:40:
41:6d:72:91:20:a9:94:ba:5d:c8:6a:ea:cc:6a:f6:
aa:91:de:76:0b:dd:6f:e3:83:cc:35:7c:cf:94:c8:
09:58:b0:55:05:9e:fc:11:27:4f:4f:6a:4a:6b:81:
de:75:d6:bc:08:a5:da:91:9a:d8:73:2a:73:a2:05:
fc:46:9f:62:f2:59:e9:a9:14:cd:ec:08:e5:cd:8a:
e7:52:42:a1:f2:f4:22:dd:3b:d1:86:5f:02:2d:8f:
3c:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:11:9F:4B:51:08:E9:9F:44:5B:11:39:44:90:5E:5D:3B:2E:2F:47
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/LxGfS1EI6Z9EWxE5RJBeXTsuL0c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.116.0/24
45.9.122.0/24
193.8.127.0/24
IPv6:
2a04:9f40::/29
2a06:1184:101::/48
2a06:3bc0::/29
2a07:8a40::/29
2a09:7b00::/29
2a0a:2d06:102::/47
2a0a:7d00::/29
2a0c:4880::/29
2a0c:7886:99::/48
2a0c:7886:100::/48
2a0e:15c7:99::/48
2a0f:17c0::/29
2a0f:2500::/29
2a0f:d200::/29
2a0f:db40::/29
2a11:8880::/29
2a12:d5c0::/29
2a12:ecc0:158::/48
2a12:f5c0::/29
2a13:1380::/29
2a13:18c6:66::/48
2a13:2cc0::/29
2a13:2d40::/29
2a13:2dc0::/29
2a13:2e40::/29
2a13:3380::/29
2a13:4900::/29
2a13:5b80::/29
2a13:7400::/29
2a13:7900::/29
2a13:7d80::/29
2a13:8200::/29
2a13:9080::/29
2a13:9180::/29
2a13:9580::/29
2a13:9680::/29
2a13:d100::/29
2a13:d700::/29
2a13:d900::/29
2a13:f900::/29
2a13:fb00::/29
Signature Algorithm: sha256WithRSAEncryption
45:96:0f:43:d4:fe:fb:64:db:e0:56:12:30:8e:9f:31:9c:86:
9d:1a:6a:1c:b2:7e:06:6e:d8:c9:c3:5c:6c:78:98:b2:79:89:
f5:6f:54:d6:10:3f:03:7b:7d:19:e3:a9:db:68:ba:69:87:59:
c5:6c:da:09:02:aa:b6:fd:4a:a3:b6:7a:2d:23:2c:dd:5d:69:
89:6e:2f:5b:8a:89:34:75:75:1c:fc:b7:45:d8:ca:29:18:f5:
28:2c:be:5d:38:f1:9c:ca:83:fe:0b:6e:f5:fd:4b:a6:13:74:
20:5b:cd:bf:c7:fe:5d:a4:21:44:38:1f:7c:e1:25:35:29:6e:
21:7a:02:7f:b2:5a:65:51:e6:9f:7d:24:e9:8d:1c:93:90:ea:
78:6c:a2:4b:ae:5b:39:cd:9e:7c:ae:0e:71:95:90:b9:c5:e6:
91:4a:e8:3e:d6:e0:0f:6b:48:80:99:af:87:ce:cf:ee:ab:9e:
31:80:af:73:3c:f3:87:f7:a1:7e:05:51:d3:40:b1:6a:9e:bb:
98:03:5a:94:40:6e:0d:b3:5c:b6:fd:83:95:18:78:04:1a:3c:
5f:b7:61:c8:09:bb:a4:05:23:c4:ee:96:67:5e:b4:92:1a:9f:
b7:40:51:54:5b:e1:59:27:70:e5:bd:ef:e8:4f:ef:6b:67:16:
6a:ff:e4:f8
-----BEGIN CERTIFICATE-----
MIIGSDCCBTCgAwIBAgISAZen/AQydG3fJgUGXeB5i/YDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwNjI1MTY0NjQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjExOWY0YjUxMDhlOTlmNDQ1YjExMzk0NDkwNWU1ZDNiMmUyZjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkgaZQ+WcXO43OfBTaavEr8MrJKwp
55OPGPD6ooVotQX+/AGgudseZQxMQpZoXAMYJ2Dg5/8dbioG0/RSYUhEFZk639yT
vkbRzaZvlN0S5qeZk51z7huVbGwNNxq2hPX7LXfY9XO8nqCjX8jdge15Hef0y/T0
hFCsJVYFkeXrR+b3YUneA5BoZPivtFCfOQDNrpwEZq6Vfi36VqObqRcSOVBqKEBB
bXKRIKmUul3IaurMavaqkd52C91v44PMNXzPlMgJWLBVBZ78ESdPT2pKa4Hedda8
CKXakZrYcypzogX8Rp9i8lnpqRTN7AjlzYrnUkKh8vQi3TvRhl8CLY889wIDAQAB
o4IDVDCCA1AwHQYDVR0OBBYEFC8Rn0tRCOmfRFsROUSQXl07Li9HMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvTHhHZlMxRUk2WjlFV3hFNVJKQmVYVHN1TDBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBaAYIKwYBBQUHAQcBAf8EggFXMIIBUzAYBAIAATASAwQA
LQl0AwQALQl6AwQAwQh/MIIBNQQCAAIwggEtAwUDKgSfQAMHACoGEYQBAQMFAyoG
O8ADBQMqB4pAAwUDKgl7AAMHASoKLQYBAgMFAyoKfQADBQMqDEiAAwcAKgx4hgCZ
AwcAKgx4hgEAAwcAKg4VxwCZAwUDKg8XwAMFAyoPJQADBQMqD9IAAwUDKg/bQAMF
AyoRiIADBQMqEtXAAwcAKhLswAFYAwUDKhL1wAMFAyoTE4ADBwAqExjGAGYDBQMq
EyzAAwUDKhMtQAMFAyoTLcADBQMqEy5AAwUDKhMzgAMFAyoTSQADBQMqE1uAAwUD
KhN0AAMFAyoTeQADBQMqE32AAwUDKhOCAAMFAyoTkIADBQMqE5GAAwUDKhOVgAMF
AyoTloADBQMqE9EAAwUDKhPXAAMFAyoT2QADBQMqE/kAAwUDKhP7ADANBgkqhkiG
9w0BAQsFAAOCAQEARZYPQ9T++2Tb4FYSMI6fMZyGnRpqHLJ+Bm7YycNcbHiYsnmJ
9W9U1hA/A3t9GeOp22i6aYdZxWzaCQKqtv1Ko7Z6LSMs3V1piW4vW4qJNHV1HPy3
RdjKKRj1KCy+XTjxnMqD/gtu9f1LphN0IFvNv8f+XaQhRDgffOElNSluIXoCf7Ja
ZVHmn30k6Y0ck5DqeGyiS65bOc2efK4OcZWQucXmkUroPtbgD2tIgJmvh87P7que
MYCvczzzh/ehfgVR00Cxap67mANalEBuDbNctv2DlRh4BBo8X7dhyAm7pAUjxO6W
Z160khqft0BRVFvhWSdw5b3v6E/va2cWav/k+A==
-----END CERTIFICATE-----
Generated at Mon Jun 30 15:53:08 2025 by rpki-client