Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/7d3565-7b00-4d81-9ab3-919eaba61b94/1/Lg69_8_Hwhk8sLJu5EjPC6QyXmo.roa
File: Lg69_8_Hwhk8sLJu5EjPC6QyXmo.roa (raw, json)
Hash identifier: KXCYGeobuTRdhwIdNvFIRapr7Co2MUanxSVUEVx8L70=
Subject key identifier: 2E:0E:BD:FF:CF:C7:C2:19:3C:B0:B2:6E:E4:48:CF:0B:A4:32:5E:6A
Certificate issuer: /CN=ebbd22afb80dfada2003d40e546dafd37ff869fd
Certificate serial: 0194228D81CC71E7DBC3792D323036EE4827
Authority key identifier: EB:BD:22:AF:B8:0D:FA:DA:20:03:D4:0E:54:6D:AF:D3:7F:F8:69:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/670ir7gN-togA9QOVG2v03_4af0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/7d3565-7b00-4d81-9ab3-919eaba61b94/1/Lg69_8_Hwhk8sLJu5EjPC6QyXmo.roa
Signing time: Wed 01 Jan 2025 15:48:06 +0000
ROA not before: Wed 01 Jan 2025 15:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212609
IP address blocks: 45.88.225.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/7d3565-7b00-4d81-9ab3-919eaba61b94/1/670ir7gN-togA9QOVG2v03_4af0.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/7d3565-7b00-4d81-9ab3-919eaba61b94/1/670ir7gN-togA9QOVG2v03_4af0.mft
rsync://rpki.ripe.net/repository/DEFAULT/670ir7gN-togA9QOVG2v03_4af0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 18:01:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:81:cc:71:e7:db:c3:79:2d:32:30:36:ee:48:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebbd22afb80dfada2003d40e546dafd37ff869fd
Validity
Not Before: Jan 1 15:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2e0ebdffcfc7c2193cb0b26ee448cf0ba4325e6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:b8:dd:aa:a5:a2:dc:3a:ed:f1:94:97:50:0a:
ca:ea:8f:bf:0a:eb:6a:a5:ca:19:6b:0a:35:81:df:
6b:e5:dd:5b:d9:86:45:ae:b7:1b:af:c6:28:18:ea:
c4:83:e2:4e:ee:5b:63:a2:85:f1:46:9e:06:68:22:
11:7a:d0:f5:99:a6:ee:d4:23:4e:08:ed:6b:df:88:
0c:41:00:f0:70:4e:92:0b:c0:72:af:12:f8:97:49:
9e:97:fe:6d:18:00:c1:c2:0d:20:1e:28:e4:d4:4b:
92:59:a8:50:97:c7:85:8f:9d:e0:e6:62:fb:f7:f4:
38:e4:17:91:e7:ae:22:83:d6:27:53:49:61:6e:46:
a9:e8:1d:79:a8:a0:22:a5:71:11:d4:cd:22:41:1a:
5f:82:17:e9:d0:25:2d:d0:07:1e:48:23:39:d7:19:
e8:e5:e3:09:33:bc:1f:4c:76:d7:23:a9:a6:40:94:
5b:ba:22:c6:f9:08:6a:1b:e1:6e:83:bb:96:2c:3f:
44:a3:3c:05:ae:0c:a0:bd:72:66:a4:f5:83:a5:9c:
76:92:64:d3:31:ca:b5:73:89:b3:fd:eb:0e:40:08:
3d:22:e6:c1:6c:b0:e1:d6:c1:d8:62:00:cc:06:c1:
0b:ac:be:40:c0:ba:9b:85:44:10:1b:9c:ed:f4:28:
5b:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:0E:BD:FF:CF:C7:C2:19:3C:B0:B2:6E:E4:48:CF:0B:A4:32:5E:6A
X509v3 Authority Key Identifier:
keyid:EB:BD:22:AF:B8:0D:FA:DA:20:03:D4:0E:54:6D:AF:D3:7F:F8:69:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/670ir7gN-togA9QOVG2v03_4af0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/7d3565-7b00-4d81-9ab3-919eaba61b94/1/Lg69_8_Hwhk8sLJu5EjPC6QyXmo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/7d3565-7b00-4d81-9ab3-919eaba61b94/1/670ir7gN-togA9QOVG2v03_4af0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.225.0/24
Signature Algorithm: sha256WithRSAEncryption
bf:9e:61:8c:f8:2a:80:d1:ce:ab:62:fa:b8:82:02:b7:e2:db:
cd:d4:33:d3:55:5e:96:60:01:de:7a:71:20:dc:b7:e0:53:4a:
37:79:30:59:ac:9e:a4:13:ba:c6:05:42:9e:18:0c:34:3f:5c:
73:8f:b2:e4:53:c2:11:8e:cd:91:0e:89:21:d6:3a:bf:7d:b4:
10:93:dd:ba:5d:f8:85:8f:26:a4:88:62:33:72:30:3d:72:8d:
0b:c7:7b:1a:e2:c9:d2:64:4e:66:5f:8e:8e:9b:bb:25:96:51:
2b:07:fc:e9:d2:b4:57:48:b8:0b:c8:59:db:16:f5:ed:1b:68:
40:65:cc:23:de:d5:d8:5c:e3:6d:ff:5f:9a:ad:cd:28:42:39:
0c:be:ef:58:7f:28:c8:09:75:6a:70:91:0a:5d:3a:e9:72:f9:
7b:b5:a9:90:d7:34:33:e6:5b:ad:1a:b7:26:b3:97:db:5b:14:
0f:eb:97:55:59:35:34:3b:74:76:25:63:a6:be:bf:52:80:81:
f4:3a:05:6c:12:81:09:a3:93:99:05:7e:2e:a9:ca:2d:d3:7a:
04:d4:50:81:7f:e5:ec:5e:73:09:8f:85:7d:b5:35:08:4a:27:
80:48:80:d3:60:b2:4a:2d:85:fd:af:43:6b:dc:7f:2e:da:27:
11:f2:44:45
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijYHMcefbw3ktMjA27kgnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViYmQyMmFmYjgwZGZhZGEyMDAzZDQwZTU0NmRhZmQzN2Zm
ODY5ZmQwHhcNMjUwMTAxMTU0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTBlYmRmZmNmYzdjMjE5M2NiMGIyNmVlNDQ4Y2YwYmE0MzI1ZTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLjdqqWi3Drt8ZSXUArK6o+/Cutq
pcoZawo1gd9r5d1b2YZFrrcbr8YoGOrEg+JO7ltjooXxRp4GaCIRetD1mabu1CNO
CO1r34gMQQDwcE6SC8ByrxL4l0mel/5tGADBwg0gHijk1EuSWahQl8eFj53g5mL7
9/Q45BeR564ig9YnU0lhbkap6B15qKAipXER1M0iQRpfghfp0CUt0AceSCM51xno
5eMJM7wfTHbXI6mmQJRbuiLG+QhqG+Fug7uWLD9EozwFrgygvXJmpPWDpZx2kmTT
Mcq1c4mz/esOQAg9IubBbLDh1sHYYgDMBsELrL5AwLqbhUQQG5zt9Chb9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC4Ovf/Px8IZPLCybuRIzwukMl5qMB8GA1UdIwQY
MBaAFOu9Iq+4DfraIAPUDlRtr9N/+Gn9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNjcwaXI3Z04tdG9nQTlRT1ZHMnYwM180YWYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC83ZDM1NjUtN2IwMC00ZDgxLTlhYjMt
OTE5ZWFiYTYxYjk0LzEvTGc2OV84X0h3aGs4c0xKdTVFalBDNlF5WG1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC83ZDM1NjUtN2IwMC00ZDgxLTlhYjMtOTE5ZWFiYTYxYjk0
LzEvNjcwaXI3Z04tdG9nQTlRT1ZHMnYwM180YWYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVjhMA0G
CSqGSIb3DQEBCwUAA4IBAQC/nmGM+CqA0c6rYvq4ggK34tvN1DPTVV6WYAHeenEg
3LfgU0o3eTBZrJ6kE7rGBUKeGAw0P1xzj7LkU8IRjs2RDokh1jq/fbQQk926XfiF
jyakiGIzcjA9co0Lx3sa4snSZE5mX46Om7slllErB/zp0rRXSLgLyFnbFvXtG2hA
Zcwj3tXYXONt/1+arc0oQjkMvu9YfyjICXVqcJEKXTrpcvl7tamQ1zQz5lutGrcm
s5fbWxQP65dVWTU0O3R2JWOmvr9SgIH0OgVsEoEJo5OZBX4uqcot03oE1FCBf+Xs
XnMJj4V9tTUISieASIDTYLJKLYX9r0Nr3H8u2icR8kRF
-----END CERTIFICATE-----
Generated at Sun Apr 6 00:03:04 2025 by rpki-client