Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/lPTzeEC6SlsDOEXA7A79FujWsIo.roa
File: lPTzeEC6SlsDOEXA7A79FujWsIo.roa (raw, json)
Hash identifier: PpirqRAGBkl5coZfBkPSGgFl+pHtqZ6nQGRQ6SpzTvA=
Subject key identifier: 94:F4:F3:78:40:BA:4A:5B:03:38:45:C0:EC:0E:FD:16:E8:D6:B0:8A
Certificate issuer: /CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Certificate serial: 0199E26781378833703DAC69BC5EE9D33F65
Authority key identifier: 92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/lPTzeEC6SlsDOEXA7A79FujWsIo.roa
Signing time: Tue 14 Oct 2025 11:07:38 +0000
ROA not before: Tue 14 Oct 2025 11:07:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 55410
IP address blocks: 31.171.156.0/24 maxlen: 24
31.171.157.0/24 maxlen: 24
31.171.158.0/24 maxlen: 24
31.171.159.0/24 maxlen: 24
65.38.101.0/24 maxlen: 24
65.38.113.0/24 maxlen: 24
65.79.182.0/24 maxlen: 24
66.179.58.0/24 maxlen: 24
66.179.85.0/24 maxlen: 24
66.179.151.0/24 maxlen: 24
67.217.229.0/24 maxlen: 24
216.183.116.0/24 maxlen: 24
216.183.121.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.mft
rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:e2:67:81:37:88:33:70:3d:ac:69:bc:5e:e9:d3:3f:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Validity
Not Before: Oct 14 11:07:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=94f4f37840ba4a5b033845c0ec0efd16e8d6b08a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:f5:98:05:7f:19:a6:ae:9f:ef:74:68:74:15:
a0:f0:17:48:7c:ff:cd:62:ba:3a:16:77:d3:14:5d:
30:2b:33:e3:b6:1b:09:44:a8:fb:f8:44:36:9c:2b:
a0:69:83:e6:7c:d6:db:75:c1:86:56:0f:aa:91:f3:
9c:94:0c:5d:98:84:5e:3b:7f:7c:50:82:cd:3a:a0:
43:df:ca:07:73:82:95:e0:1c:fc:10:14:6f:20:f8:
e7:d2:36:7d:32:a7:f7:d1:18:cb:ce:f9:30:75:e5:
70:28:2a:3f:3f:85:4a:85:64:58:b0:b0:82:ec:be:
4b:bd:99:75:9f:cf:5a:ee:e8:77:6c:74:24:ca:9a:
f0:d2:d7:ab:50:e2:b7:32:6b:18:7e:88:6d:e6:38:
b4:4d:a8:08:c7:7b:a9:31:9e:92:d4:b6:2f:24:38:
cc:77:a5:9a:10:3e:a6:a2:43:72:67:1b:e8:3f:4f:
29:0e:e7:bc:05:01:2f:77:44:43:19:90:52:c2:55:
4e:e9:4a:cc:6c:55:bc:f5:e7:9e:ee:4c:0f:53:98:
e1:c5:fd:6f:af:b6:b3:e0:47:2b:96:43:a6:f0:c1:
44:29:5a:40:1f:09:eb:67:31:26:6a:91:f6:47:1f:
68:fa:d2:e0:63:6c:57:46:85:03:9e:9e:2c:eb:df:
d9:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:F4:F3:78:40:BA:4A:5B:03:38:45:C0:EC:0E:FD:16:E8:D6:B0:8A
X509v3 Authority Key Identifier:
keyid:92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/lPTzeEC6SlsDOEXA7A79FujWsIo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.171.156.0/22
65.38.101.0/24
65.38.113.0/24
65.79.182.0/24
66.179.58.0/24
66.179.85.0/24
66.179.151.0/24
67.217.229.0/24
216.183.116.0/24
216.183.121.0/24
Signature Algorithm: sha256WithRSAEncryption
34:40:66:c3:20:b4:43:ad:1e:17:0c:64:d2:f7:de:01:72:f9:
b1:49:22:42:ef:92:58:84:c8:f8:7a:ba:c0:28:81:bc:64:78:
c0:ad:cc:5d:83:61:e7:78:4f:dc:a1:2e:34:77:49:62:6d:08:
ae:6d:20:23:70:e1:f3:35:1c:25:de:01:33:1b:7b:30:71:96:
9b:67:b9:6b:ad:d3:5d:e0:11:a6:22:1a:b0:0a:21:b6:d4:44:
83:b0:dc:a2:1d:e8:0c:88:49:92:50:d8:8f:39:ff:72:d2:2f:
cf:f1:8f:24:f4:74:2f:ec:fa:47:3c:83:ba:c4:da:ef:45:8e:
3a:d1:75:72:23:50:12:66:de:4d:58:f2:b9:83:c1:49:6a:f9:
ad:e8:4a:51:76:ed:8f:2a:3d:ae:9d:b6:71:25:20:06:aa:b6:
cb:98:05:b1:46:d6:ef:d3:95:6c:a1:49:ea:58:8d:d8:59:fd:
18:7f:47:74:a8:67:7a:40:ac:c9:88:35:a5:c3:69:7b:c1:42:
31:00:d9:16:a0:59:2e:d3:41:1a:72:18:9e:38:84:5a:db:c2:
6c:63:91:b8:17:3f:e8:34:9c:dc:72:85:a3:fb:63:ba:86:5f:
04:d8:ac:0e:88:9c:0a:90:a2:ac:16:ba:62:d7:9c:8a:fc:97:
38:57:f3:ae
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZniZ4E3iDNwPaxpvF7p0z9lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMjIwOGI0N2I2YTg2NGQ5ZDFmZjMzZTA2YWE4MWQxMzgx
OWE3NGUwHhcNMjUxMDE0MTEwNzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGY0ZjM3ODQwYmE0YTViMDMzODQ1YzBlYzBlZmQxNmU4ZDZiMDhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzPWYBX8Zpq6f73RodBWg8BdIfP/N
Yro6FnfTFF0wKzPjthsJRKj7+EQ2nCugaYPmfNbbdcGGVg+qkfOclAxdmIReO398
UILNOqBD38oHc4KV4Bz8EBRvIPjn0jZ9Mqf30RjLzvkwdeVwKCo/P4VKhWRYsLCC
7L5LvZl1n89a7uh3bHQkyprw0terUOK3MmsYfoht5ji0TagIx3upMZ6S1LYvJDjM
d6WaED6mokNyZxvoP08pDue8BQEvd0RDGZBSwlVO6UrMbFW89eee7kwPU5jhxf1v
r7az4EcrlkOm8MFEKVpAHwnrZzEmapH2Rx9o+tLgY2xXRoUDnp4s69/Z7wIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFJT083hAukpbAzhFwOwO/Rbo1rCKMB8GA1UdIwQY
MBaAFJIiCLR7aoZNnR/zPgaqgdE4GadOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTct
OTViMDhlMzY2MGNmLzEvbFBUemVFQzZTbHNET0VYQTdBNzlGdWpXc0lvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTctOTViMDhlMzY2MGNm
LzEva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQCH6ucAwQA
QSZlAwQAQSZxAwQAQU+2AwQAQrM6AwQAQrNVAwQAQrOXAwQAQ9nlAwQA2Ld0AwQA
2Ld5MA0GCSqGSIb3DQEBCwUAA4IBAQA0QGbDILRDrR4XDGTS994BcvmxSSJC75JY
hMj4errAKIG8ZHjArcxdg2HneE/coS40d0libQiubSAjcOHzNRwl3gEzG3swcZab
Z7lrrdNd4BGmIhqwCiG21ESDsNyiHegMiEmSUNiPOf9y0i/P8Y8k9HQv7PpHPIO6
xNrvRY460XVyI1ASZt5NWPK5g8FJavmt6EpRdu2PKj2unbZxJSAGqrbLmAWxRtbv
05VsoUnqWI3YWf0Yf0d0qGd6QKzJiDWlw2l7wUIxANkWoFku00EachieOIRa28Js
Y5G4Fz/oNJzccoWj+2O6hl8E2KwOiJwKkKKsFrpi15yK/Jc4V/Ou
-----END CERTIFICATE-----
Generated at Mon Oct 20 01:30:27 2025 by rpki-client