Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/a14d46-408a-470c-929d-1fc259bb7de2/1/Lr4RpZkpLhDPvgOVWwNTnRv7-RQ.roa
File: Lr4RpZkpLhDPvgOVWwNTnRv7-RQ.roa (raw, json)
Hash identifier: naREFgV4DFvngojbRTMd+xpA/XYzbvIGMFtbMUsVjzQ=
Subject key identifier: 2E:BE:11:A5:99:29:2E:10:CF:BE:03:95:5B:03:53:9D:1B:FB:F9:14
Certificate issuer: /CN=61374fc4eab00d41c1eee47fdfb001078c74fa85
Certificate serial: 019899A3C957DEEA35A2D3FB1BCC9C72AFB5
Authority key identifier: 61:37:4F:C4:EA:B0:0D:41:C1:EE:E4:7F:DF:B0:01:07:8C:74:FA:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YTdPxOqwDUHB7uR_37ABB4x0-oU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/a14d46-408a-470c-929d-1fc259bb7de2/1/Lr4RpZkpLhDPvgOVWwNTnRv7-RQ.roa
Signing time: Mon 11 Aug 2025 14:58:24 +0000
ROA not before: Mon 11 Aug 2025 14:58:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211381
IP address blocks: 45.131.182.0/24 maxlen: 24
213.134.31.0/24 maxlen: 24
2a13:4ac0::/46 maxlen: 46
2a13:4ac0:4::/46 maxlen: 46
2a13:4ac0:10::/46 maxlen: 46
2a13:4ac0:14::/46 maxlen: 46
2a13:4ac0:18::/46 maxlen: 46
2a13:4ac0:1c::/46 maxlen: 46
2a13:4ac0:20::/46 maxlen: 46
2a13:4ac0:24::/46 maxlen: 46
2a13:4ac0:28::/46 maxlen: 46
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/a14d46-408a-470c-929d-1fc259bb7de2/1/YTdPxOqwDUHB7uR_37ABB4x0-oU.crl
rsync://rpki.ripe.net/repository/DEFAULT/e6/a14d46-408a-470c-929d-1fc259bb7de2/1/YTdPxOqwDUHB7uR_37ABB4x0-oU.mft
rsync://rpki.ripe.net/repository/DEFAULT/YTdPxOqwDUHB7uR_37ABB4x0-oU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:99:a3:c9:57:de:ea:35:a2:d3:fb:1b:cc:9c:72:af:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61374fc4eab00d41c1eee47fdfb001078c74fa85
Validity
Not Before: Aug 11 14:58:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2ebe11a599292e10cfbe03955b03539d1bfbf914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:60:7d:ba:86:bf:23:ba:be:4b:29:51:46:ca:
c3:6d:d7:76:95:89:d2:ae:40:21:a2:a3:b6:63:5e:
38:c5:b3:4b:7f:c6:e6:a9:7b:30:21:e0:6a:20:53:
7d:6a:90:3f:45:7b:5d:86:f0:e3:d4:4e:ef:87:83:
49:5b:a4:5d:6d:02:95:1a:fe:7a:58:dd:33:08:e5:
1f:c3:be:c2:1c:fb:d9:8f:2d:35:be:7a:cc:d3:8b:
e0:20:23:19:ac:1c:11:93:8a:8f:64:1d:f9:45:ef:
60:76:2c:b8:ab:54:09:b3:76:cd:0b:eb:97:18:cc:
5a:9a:db:25:4f:81:23:ff:ab:e2:0c:11:12:fd:75:
71:71:af:ee:40:a2:a6:19:81:d6:b6:27:d7:74:92:
63:f1:ce:90:94:fd:7a:57:11:35:c2:4e:1f:e9:47:
ef:6a:f7:3c:7d:b2:cb:aa:26:b6:21:5b:a4:bd:7b:
8f:d1:ef:c1:9a:d8:f9:62:58:cc:56:28:54:7b:10:
8d:02:81:22:81:49:47:c9:af:3e:a1:d0:b2:72:f3:
bd:51:6c:34:11:bc:ea:71:9f:58:9b:bc:95:35:85:
af:1c:46:a4:ac:6b:41:ca:64:51:b4:c8:dd:27:08:
25:95:cb:3d:f3:a4:89:f5:04:26:27:80:cf:c0:e2:
7e:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:BE:11:A5:99:29:2E:10:CF:BE:03:95:5B:03:53:9D:1B:FB:F9:14
X509v3 Authority Key Identifier:
keyid:61:37:4F:C4:EA:B0:0D:41:C1:EE:E4:7F:DF:B0:01:07:8C:74:FA:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YTdPxOqwDUHB7uR_37ABB4x0-oU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/a14d46-408a-470c-929d-1fc259bb7de2/1/Lr4RpZkpLhDPvgOVWwNTnRv7-RQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/a14d46-408a-470c-929d-1fc259bb7de2/1/YTdPxOqwDUHB7uR_37ABB4x0-oU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.131.182.0/24
213.134.31.0/24
IPv6:
2a13:4ac0::/45
2a13:4ac0:10::-2a13:4ac0:2b:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
95:cd:b0:1f:91:56:05:a5:f4:9f:98:a8:e3:1a:de:b3:6d:5e:
6e:1f:58:13:fc:9b:9c:80:74:2c:6e:85:d9:55:85:bd:4e:e1:
74:bc:ee:16:d4:d2:94:92:e4:22:2b:65:9a:26:55:20:73:3b:
6e:73:e0:ed:04:41:10:de:e2:c6:b7:c6:4f:8b:e8:df:a9:2e:
be:a7:ae:4e:f5:53:d9:34:18:11:aa:72:98:34:c9:6e:2f:25:
2f:a1:3b:b1:bf:3b:e0:70:7b:e6:6d:5c:e5:fd:cc:fc:ab:da:
7b:13:e3:f8:73:fb:50:7c:16:36:a6:f3:63:61:28:05:e3:a4:
84:43:aa:85:06:57:ba:a8:bf:0b:75:f7:ba:7b:2a:a3:8b:86:
dd:6f:08:f9:a1:a8:97:5d:1f:56:f1:15:8f:56:db:a0:d8:65:
64:12:d0:29:4d:7c:a2:a0:5f:41:90:7f:18:5d:0c:0d:5c:c8:
db:24:da:a7:d6:ee:58:ea:6c:82:97:16:28:b1:56:b6:2e:d9:
26:95:78:56:ed:9a:af:6b:ec:c1:21:0b:9e:a5:c4:37:c2:81:
73:7a:75:52:f7:bf:01:fb:e1:f8:a7:2b:43:5d:c0:3b:9d:fa:
3d:70:3c:41:12:52:8d:9c:92:61:d2:1a:1c:ab:f5:68:53:b4:
f8:5f:f9:3f
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAZiZo8lX3uo1otP7G8yccq+1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxMzc0ZmM0ZWFiMDBkNDFjMWVlZTQ3ZmRmYjAwMTA3OGM3
NGZhODUwHhcNMjUwODExMTQ1ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWJlMTFhNTk5MjkyZTEwY2ZiZTAzOTU1YjAzNTM5ZDFiZmJmOTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArWB9uoa/I7q+SylRRsrDbdd2lYnS
rkAhoqO2Y144xbNLf8bmqXswIeBqIFN9apA/RXtdhvDj1E7vh4NJW6RdbQKVGv56
WN0zCOUfw77CHPvZjy01vnrM04vgICMZrBwRk4qPZB35Re9gdiy4q1QJs3bNC+uX
GMxamtslT4Ej/6viDBES/XVxca/uQKKmGYHWtifXdJJj8c6QlP16VxE1wk4f6Ufv
avc8fbLLqia2IVukvXuP0e/Bmtj5YljMVihUexCNAoEigUlHya8+odCycvO9UWw0
EbzqcZ9Ym7yVNYWvHEakrGtBymRRtMjdJwgllcs986SJ9QQmJ4DPwOJ+BwIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFC6+EaWZKS4Qz74DlVsDU50b+/kUMB8GA1UdIwQY
MBaAFGE3T8TqsA1Bwe7kf9+wAQeMdPqFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVRkUHhPcXdEVUhCN3VSXzM3QUJCNHgwLW9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hMTRkNDYtNDA4YS00NzBjLTkyOWQt
MWZjMjU5YmI3ZGUyLzEvTHI0UnBaa3BMaERQdmdPVld3TlRuUnY3LVJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hMTRkNDYtNDA4YS00NzBjLTkyOWQtMWZjMjU5YmI3ZGUy
LzEvWVRkUHhPcXdEVUhCN3VSXzM3QUJCNHgwLW9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTASBAIAATAMAwQALYO2AwQA
1YYfMCMEAgACMB0DBwMqE0rAAAAwEgMHBCoTSsAAEAMHAioTSsAAKDANBgkqhkiG
9w0BAQsFAAOCAQEAlc2wH5FWBaX0n5io4xres21ebh9YE/ybnIB0LG6F2VWFvU7h
dLzuFtTSlJLkIitlmiZVIHM7bnPg7QRBEN7ixrfGT4vo36kuvqeuTvVT2TQYEapy
mDTJbi8lL6E7sb874HB75m1c5f3M/KvaexPj+HP7UHwWNqbzY2EoBeOkhEOqhQZX
uqi/C3X3unsqo4uG3W8I+aGol10fVvEVj1bboNhlZBLQKU18oqBfQZB/GF0MDVzI
2yTap9buWOpsgpcWKLFWti7ZJpV4Vu2ar2vswSELnqXEN8KBc3p1Uve/Afvh+Kcr
Q13AO536PXA8QRJSjZySYdIaHKv1aFO0+F/5Pw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:04:20 2025 by rpki-client