Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/lCWD-6NEoDnvSCVwbLbcBDq-TC0.roa
File: lCWD-6NEoDnvSCVwbLbcBDq-TC0.roa (raw, json)
Hash identifier: B0H4fkHAs8eOcqFL+JGghDNuBtsQW1lOP+x843hkLJI=
Subject key identifier: 94:25:83:FB:A3:44:A0:39:EF:48:25:70:6C:B6:DC:04:3A:BE:4C:2D
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 019424B2E89401995C4D764A538207EA3CE3
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/lCWD-6NEoDnvSCVwbLbcBDq-TC0.roa
Signing time: Thu 02 Jan 2025 01:48:12 +0000
ROA not before: Thu 02 Jan 2025 01:48:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21700
IP address blocks: 159.148.114.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.mft
rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:e8:94:01:99:5c:4d:76:4a:53:82:07:ea:3c:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 2 01:48:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=942583fba344a039ef4825706cb6dc043abe4c2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:4a:ad:0a:d7:6d:e5:cc:51:87:95:0a:2d:40:
6d:27:89:95:21:ce:88:56:ca:9f:d7:fc:06:71:ae:
cc:9c:9d:46:12:26:ac:38:74:f9:fb:c6:4c:df:c2:
40:66:c2:25:5d:31:be:4d:3f:77:d6:12:fe:da:92:
9f:ab:17:16:4a:63:11:81:f1:55:88:5e:a4:b0:03:
33:8d:a5:c7:70:c8:01:90:c4:20:50:70:58:05:59:
b6:a0:8d:37:e3:89:2d:78:f4:25:2a:7e:ad:cc:7a:
38:c9:62:e3:52:82:1c:22:18:24:83:02:50:b6:9b:
d0:ae:4b:d0:b6:8b:2f:1c:e3:a5:f5:6d:9b:f3:7e:
04:78:6e:99:9a:79:5f:05:ba:ad:95:4d:eb:05:3b:
51:91:ca:51:63:4c:e8:08:99:28:d9:6d:8d:99:f0:
f5:6c:18:dc:c9:83:3c:3f:68:7b:a9:2d:02:61:f9:
1b:c3:76:24:83:cb:dd:7c:06:17:a2:66:d7:a9:83:
42:1c:0a:7e:24:03:92:82:3d:b8:ff:45:cb:03:23:
21:24:35:07:e2:d9:25:d8:93:44:1c:1a:18:ef:d4:
72:38:10:11:19:84:0a:b7:43:d5:d5:66:c5:ab:cb:
cc:10:ae:57:4a:e2:68:36:eb:0e:5b:2c:fd:54:37:
2e:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:25:83:FB:A3:44:A0:39:EF:48:25:70:6C:B6:DC:04:3A:BE:4C:2D
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/lCWD-6NEoDnvSCVwbLbcBDq-TC0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.148.114.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:ad:81:42:41:2b:df:89:99:0c:2a:85:82:92:02:6a:32:b1:
0b:c7:2f:f1:3e:e1:1f:0e:13:69:24:87:ab:ad:7c:52:6d:eb:
27:27:fc:dd:30:37:92:6c:9a:97:6f:a0:31:e8:7f:52:58:64:
a2:8c:95:86:5c:35:66:47:4d:67:90:db:f3:1d:68:55:32:9d:
9e:bc:ed:6e:0a:d2:9d:dd:be:c1:67:32:76:9b:22:e2:1e:d6:
67:17:0d:e6:27:f9:08:1e:24:1a:5f:2f:b9:dd:49:43:9b:8b:
39:4d:7b:65:e5:d3:55:37:ae:e3:57:f5:b6:f7:70:6d:7d:14:
26:b9:1c:7a:56:c9:6b:2c:42:bb:19:33:5e:ef:1b:66:29:d7:
7c:30:20:5b:6b:c4:45:d4:3f:a0:a8:ae:3c:79:65:a4:c1:e1:
53:df:4d:39:2c:19:cf:32:6e:c6:46:30:0d:37:8d:e5:84:54:
f9:77:11:aa:07:f6:f2:51:0d:3c:df:79:83:23:f1:e0:4e:85:
50:ec:07:c2:36:03:d1:51:76:78:af:da:2e:58:44:3a:f0:e1:
34:5e:d1:a7:64:a7:b1:40:46:87:29:68:7a:45:06:b9:ef:31:
e7:94:7f:a4:fb:ab:c2:9c:7d:b2:11:d5:51:b9:32:bb:29:1f:
23:2f:de:da
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQksuiUAZlcTXZKU4IH6jzjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjUwMTAyMDE0ODEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDI1ODNmYmEzNDRhMDM5ZWY0ODI1NzA2Y2I2ZGMwNDNhYmU0YzJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8UqtCtdt5cxRh5UKLUBtJ4mVIc6I
Vsqf1/wGca7MnJ1GEiasOHT5+8ZM38JAZsIlXTG+TT931hL+2pKfqxcWSmMRgfFV
iF6ksAMzjaXHcMgBkMQgUHBYBVm2oI0344ktePQlKn6tzHo4yWLjUoIcIhgkgwJQ
tpvQrkvQtosvHOOl9W2b834EeG6ZmnlfBbqtlU3rBTtRkcpRY0zoCJko2W2NmfD1
bBjcyYM8P2h7qS0CYfkbw3Ykg8vdfAYXombXqYNCHAp+JAOSgj24/0XLAyMhJDUH
4tkl2JNEHBoY79RyOBARGYQKt0PV1WbFq8vMEK5XSuJoNusOWyz9VDcuYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJQlg/ujRKA570glcGy23AQ6vkwtMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvbENXRC02TkVvRG52U0NWd2JMYmNCRHEtVEMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAn5RyMA0G
CSqGSIb3DQEBCwUAA4IBAQB9rYFCQSvfiZkMKoWCkgJqMrELxy/xPuEfDhNpJIer
rXxSbesnJ/zdMDeSbJqXb6Ax6H9SWGSijJWGXDVmR01nkNvzHWhVMp2evO1uCtKd
3b7BZzJ2myLiHtZnFw3mJ/kIHiQaXy+53UlDm4s5TXtl5dNVN67jV/W293BtfRQm
uRx6VslrLEK7GTNe7xtmKdd8MCBba8RF1D+gqK48eWWkweFT3005LBnPMm7GRjAN
N43lhFT5dxGqB/byUQ0833mDI/HgToVQ7AfCNgPRUXZ4r9ouWEQ68OE0XtGnZKex
QEaHKWh6RQa57zHnlH+k+6vCnH2yEdVRuTK7KR8jL97a
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:21:38 2025 by rpki-client