
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/57e08c-ca3a-4099-ae74-e7daec194a69/1/Lf6vcZM6E_1tP6o7doX949DnBIU.roa
File: Lf6vcZM6E_1tP6o7doX949DnBIU.roa (raw, json)
Hash identifier: vbI3En+9WdVKNiswwjg34zuVUz/MYD/WjfUCcdABxHk=
Subject key identifier: 2D:FE:AF:71:93:3A:13:FD:6D:3F:AA:3B:76:85:FD:E3:D0:E7:04:85
Certificate issuer: /CN=25776c77f8ebe7094ca007ace1a9c0bfdc2b3aec
Certificate serial: 0199F0E2CB2DF68B3F07AFD487EF687C47CC
Authority key identifier: 25:77:6C:77:F8:EB:E7:09:4C:A0:07:AC:E1:A9:C0:BF:DC:2B:3A:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JXdsd_jr5wlMoAes4anAv9wrOuw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/57e08c-ca3a-4099-ae74-e7daec194a69/1/Lf6vcZM6E_1tP6o7doX949DnBIU.roa
Signing time: Fri 17 Oct 2025 06:36:58 +0000
ROA not before: Fri 17 Oct 2025 06:36:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62610
IP address blocks: 2a0b:21c1:600c::/46 maxlen: 46
2a0b:21c1:6013::/48 maxlen: 48
2a0b:21c1:6014::/48 maxlen: 48
2a0b:21c1:6015::/48 maxlen: 48
2a0b:21c1:6016::/48 maxlen: 48
2a0b:21c1:6017::/48 maxlen: 48
2a0b:21c1:6018::/48 maxlen: 48
2a0b:21c1:6019::/48 maxlen: 48
2a0b:21c1:601a::/48 maxlen: 48
2a0b:21c1:601d::/48 maxlen: 48
2a0b:21c1:601e::/48 maxlen: 48
2a0b:21c1:601f::/48 maxlen: 48
2a0b:21c1:6020::/48 maxlen: 48
2a0b:21c1:6021::/48 maxlen: 48
2a0b:21c1:6022::/48 maxlen: 48
2a0b:21c1:6024::/48 maxlen: 48
2a0b:21c1:6025::/48 maxlen: 48
2a0b:21c1:6026::/48 maxlen: 48
2a0b:21c1:6027::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/57e08c-ca3a-4099-ae74-e7daec194a69/1/JXdsd_jr5wlMoAes4anAv9wrOuw.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/57e08c-ca3a-4099-ae74-e7daec194a69/1/JXdsd_jr5wlMoAes4anAv9wrOuw.mft
rsync://rpki.ripe.net/repository/DEFAULT/JXdsd_jr5wlMoAes4anAv9wrOuw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:f0:e2:cb:2d:f6:8b:3f:07:af:d4:87:ef:68:7c:47:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25776c77f8ebe7094ca007ace1a9c0bfdc2b3aec
Validity
Not Before: Oct 17 06:36:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2dfeaf71933a13fd6d3faa3b7685fde3d0e70485
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:23:26:0a:7e:80:5d:2d:31:f3:9a:51:cc:86:
a6:fe:9d:d8:04:6b:00:43:48:45:0f:44:e9:3a:1c:
32:88:b6:83:b3:e9:43:fe:2e:a9:72:5c:1e:59:ed:
83:bb:5e:25:2b:3f:4c:8c:88:c7:38:b1:6c:66:90:
aa:ab:d3:b3:b6:a7:f5:c1:ec:0c:b8:92:69:3e:8b:
20:54:b6:38:ac:b5:62:b4:08:0f:e8:99:d3:b3:55:
74:e3:7c:d7:06:e1:f9:df:65:78:ee:4a:de:43:a5:
5b:c1:9d:19:ef:7d:78:30:23:ae:21:b8:af:bc:1a:
9c:c9:61:c9:0c:2a:bb:86:f7:46:3d:8b:3d:f1:ca:
ca:94:d9:d1:56:11:f8:1c:da:ef:36:a8:41:97:47:
fe:13:ce:24:ff:0f:08:d6:4a:07:d1:8e:aa:5b:a8:
43:d1:44:10:1d:9f:89:b8:ed:49:6b:08:11:76:19:
9e:89:73:73:8c:66:07:a5:68:b6:06:d6:57:06:23:
69:de:1d:48:31:cd:24:5b:7a:ac:da:19:19:4a:f1:
f1:97:4f:c4:82:cd:af:43:b6:c2:ae:23:79:ce:c5:
88:9d:ae:06:a8:62:41:9f:cf:8d:ab:13:4f:94:c1:
4d:df:48:08:da:7b:2a:97:73:9a:d9:a3:f4:6f:e9:
25:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:FE:AF:71:93:3A:13:FD:6D:3F:AA:3B:76:85:FD:E3:D0:E7:04:85
X509v3 Authority Key Identifier:
keyid:25:77:6C:77:F8:EB:E7:09:4C:A0:07:AC:E1:A9:C0:BF:DC:2B:3A:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JXdsd_jr5wlMoAes4anAv9wrOuw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/57e08c-ca3a-4099-ae74-e7daec194a69/1/Lf6vcZM6E_1tP6o7doX949DnBIU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/57e08c-ca3a-4099-ae74-e7daec194a69/1/JXdsd_jr5wlMoAes4anAv9wrOuw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:21c1:600c::/46
2a0b:21c1:6013::-2a0b:21c1:601a:ffff:ffff:ffff:ffff:ffff
2a0b:21c1:601d::-2a0b:21c1:6022:ffff:ffff:ffff:ffff:ffff
2a0b:21c1:6024::/46
Signature Algorithm: sha256WithRSAEncryption
0d:8f:8d:0f:f4:15:c3:af:56:77:f1:39:90:c8:12:7f:a8:f4:
16:62:e4:c1:65:5e:ee:50:4f:b4:d8:e6:7a:a3:a8:d8:7d:af:
20:fc:9e:7e:3a:e5:75:7e:9e:62:f2:64:9e:45:29:71:0a:33:
d7:17:82:99:67:45:e1:22:1e:f3:a9:65:11:f9:c4:a1:da:95:
e9:e5:51:9b:d6:47:e9:d8:59:1b:45:92:3d:6a:9e:26:b2:9a:
72:6f:48:cd:67:a5:33:5a:ff:bd:b5:71:4e:3c:c1:b3:c5:c4:
57:60:82:67:70:fb:0f:6c:69:39:dd:4d:77:dc:76:b3:f3:99:
7a:1c:b7:cf:53:d7:24:e3:30:81:de:38:af:d9:79:b3:ea:ac:
2a:bf:66:4c:91:7e:8f:2e:5a:7d:22:07:46:4d:d9:55:e6:e8:
75:5b:84:09:07:82:87:ff:26:cc:9f:f5:e5:d6:32:18:cc:c5:
c4:83:42:f0:ad:8d:4e:5a:f3:4b:d6:45:f1:b2:c2:74:65:f4:
ed:07:bf:1d:ae:08:d7:95:ca:a1:d4:d9:b1:13:59:d0:6b:a7:
8f:e2:9b:60:ef:c7:70:be:69:30:e9:61:be:9a:86:40:b1:b4:
40:f4:e9:3e:b1:95:57:98:1a:ba:51:c5:78:60:ba:56:46:ab:
17:c6:7c:16
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZnw4sst9os/B6/Uh+9ofEfMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1Nzc2Yzc3ZjhlYmU3MDk0Y2EwMDdhY2UxYTljMGJmZGMy
YjNhZWMwHhcNMjUxMDE3MDYzNjU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGZlYWY3MTkzM2ExM2ZkNmQzZmFhM2I3Njg1ZmRlM2QwZTcwNDg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4yMmCn6AXS0x85pRzIam/p3YBGsA
Q0hFD0TpOhwyiLaDs+lD/i6pclweWe2Du14lKz9MjIjHOLFsZpCqq9Oztqf1wewM
uJJpPosgVLY4rLVitAgP6JnTs1V043zXBuH532V47kreQ6VbwZ0Z7314MCOuIbiv
vBqcyWHJDCq7hvdGPYs98crKlNnRVhH4HNrvNqhBl0f+E84k/w8I1koH0Y6qW6hD
0UQQHZ+JuO1JawgRdhmeiXNzjGYHpWi2BtZXBiNp3h1IMc0kW3qs2hkZSvHxl0/E
gs2vQ7bCriN5zsWIna4GqGJBn8+NqxNPlMFN30gI2nsql3Oa2aP0b+kltwIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFC3+r3GTOhP9bT+qO3aF/ePQ5wSFMB8GA1UdIwQY
MBaAFCV3bHf46+cJTKAHrOGpwL/cKzrsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlhkc2RfanI1d2xNb0FlczRhbkF2OXdyT3V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS81N2UwOGMtY2EzYS00MDk5LWFlNzQt
ZTdkYWVjMTk0YTY5LzEvTGY2dmNaTTZFXzF0UDZvN2RvWDk0OURuQklVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS81N2UwOGMtY2EzYS00MDk5LWFlNzQtZTdkYWVjMTk0YTY5
LzEvSlhkc2RfanI1d2xNb0FlczRhbkF2OXdyT3V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAAjA6AwcCKgshwWAM
MBIDBwAqCyHBYBMDBwAqCyHBYBowEgMHACoLIcFgHQMHACoLIcFgIgMHAioLIcFg
JDANBgkqhkiG9w0BAQsFAAOCAQEADY+ND/QVw69Wd/E5kMgSf6j0FmLkwWVe7lBP
tNjmeqOo2H2vIPyefjrldX6eYvJknkUpcQoz1xeCmWdF4SIe86llEfnEodqV6eVR
m9ZH6dhZG0WSPWqeJrKacm9IzWelM1r/vbVxTjzBs8XEV2CCZ3D7D2xpOd1Nd9x2
s/OZehy3z1PXJOMwgd44r9l5s+qsKr9mTJF+jy5afSIHRk3ZVebodVuECQeCh/8m
zJ/15dYyGMzFxINC8K2NTlrzS9ZF8bLCdGX07Qe/Ha4I15XKodTZsRNZ0Gunj+Kb
YO/HcL5pMOlhvpqGQLG0QPTpPrGVV5gaulHFeGC6VkarF8Z8Fg==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:22:41 2025 by rpki-client