Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/045820-3546-407c-83a5-0a0f3e78a493/1/lTAav4yQpZ87qw_zIchzIsq-5gM.roa
File: lTAav4yQpZ87qw_zIchzIsq-5gM.roa (raw, json)
Hash identifier: 3b9+qDTSwpfJP/SrqHspJoxR/TN3seQEWvBLhEVGMW0=
Subject key identifier: 95:30:1A:BF:8C:90:A5:9F:3B:AB:0F:F3:21:C8:73:22:CA:BE:E6:03
Certificate issuer: /CN=297364f502534e8771a0c6259794c26e26d4bca4
Certificate serial: 01942521CD2650F047817D13711A10C6087A
Authority key identifier: 29:73:64:F5:02:53:4E:87:71:A0:C6:25:97:94:C2:6E:26:D4:BC:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KXNk9QJTTodxoMYll5TCbibUvKQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/045820-3546-407c-83a5-0a0f3e78a493/1/lTAav4yQpZ87qw_zIchzIsq-5gM.roa
Signing time: Thu 02 Jan 2025 03:49:19 +0000
ROA not before: Thu 02 Jan 2025 03:49:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198504
IP address blocks: 141.105.166.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/045820-3546-407c-83a5-0a0f3e78a493/1/KXNk9QJTTodxoMYll5TCbibUvKQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/045820-3546-407c-83a5-0a0f3e78a493/1/KXNk9QJTTodxoMYll5TCbibUvKQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/KXNk9QJTTodxoMYll5TCbibUvKQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 06:01:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:cd:26:50:f0:47:81:7d:13:71:1a:10:c6:08:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297364f502534e8771a0c6259794c26e26d4bca4
Validity
Not Before: Jan 2 03:49:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=95301abf8c90a59f3bab0ff321c87322cabee603
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:7a:c4:57:c6:68:65:6f:1b:57:41:d2:6e:9b:
db:f2:7e:d6:9f:c1:07:2b:01:fb:fe:15:cd:c5:5a:
0c:a9:c7:e0:72:0f:21:2e:35:63:2e:67:01:d1:6b:
ce:ae:ca:47:a8:f3:f8:ab:bc:f9:83:75:72:4d:56:
91:35:30:10:82:56:3d:1a:e1:e9:6b:20:86:b2:e5:
6b:a7:b0:1a:25:cc:72:c8:91:e1:b7:94:b3:ed:d3:
b6:3e:38:05:6e:48:80:98:f0:85:b7:e4:9a:fe:96:
1a:ee:09:40:4d:58:2c:c9:00:70:8a:07:2f:1f:d0:
dc:fc:b5:59:65:8f:3f:fd:14:7f:6f:2e:f2:6b:d7:
fe:5a:a5:e4:aa:70:ad:05:53:d3:54:15:53:c8:37:
10:cc:2d:b7:15:68:e5:0d:8e:e5:c4:7d:e6:b1:25:
89:7b:3d:1b:43:dc:d4:11:85:7b:41:6b:45:b0:46:
fe:b3:45:f8:a2:ef:55:37:00:3d:fd:c6:5c:fc:b8:
0a:24:05:d5:16:c4:ec:e8:f6:75:92:21:3a:af:42:
b4:00:09:14:16:36:ca:65:47:b9:01:a9:30:47:f3:
9b:3e:ec:79:92:33:b7:32:ec:c4:7b:2f:34:be:51:
da:4a:01:00:5c:c4:2e:40:05:aa:a0:d4:58:4d:89:
04:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:30:1A:BF:8C:90:A5:9F:3B:AB:0F:F3:21:C8:73:22:CA:BE:E6:03
X509v3 Authority Key Identifier:
keyid:29:73:64:F5:02:53:4E:87:71:A0:C6:25:97:94:C2:6E:26:D4:BC:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KXNk9QJTTodxoMYll5TCbibUvKQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/045820-3546-407c-83a5-0a0f3e78a493/1/lTAav4yQpZ87qw_zIchzIsq-5gM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/045820-3546-407c-83a5-0a0f3e78a493/1/KXNk9QJTTodxoMYll5TCbibUvKQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.105.166.0/23
Signature Algorithm: sha256WithRSAEncryption
58:9b:62:e5:7a:a5:96:a2:00:f5:61:25:65:ef:bc:9e:7a:9a:
eb:6d:f0:fd:38:dd:be:e1:7c:5e:a6:1f:c1:5e:d6:98:94:e1:
01:43:8f:b0:51:ba:ed:2c:bf:f4:1f:bb:cd:ea:01:37:e9:cf:
ce:4a:9b:ca:1b:b4:d7:74:7b:e9:75:ef:08:9f:e2:8b:4a:bc:
d8:a5:60:8c:73:ce:e8:96:88:ad:21:b4:cc:62:85:01:11:b3:
9a:44:18:ea:01:eb:11:7c:76:8b:ed:23:4e:46:b7:20:e8:37:
37:eb:70:83:8e:40:a7:4f:8f:87:60:36:e7:88:96:60:55:4f:
24:8a:f4:99:cc:51:0c:08:d2:7e:b6:25:47:8a:9e:a8:0a:f8:
20:a4:ec:9e:8b:7a:f8:30:25:a2:fe:c0:b4:ce:ed:de:e9:ea:
90:d0:56:e8:9d:a8:e4:f2:e6:77:bc:ed:cb:2d:c2:2f:38:e8:
42:d9:ab:26:ba:c1:86:6a:12:17:c5:45:06:1f:c2:9f:84:d1:
d4:2c:e3:ce:7a:c3:3b:08:57:b7:62:43:c9:42:3b:d7:06:55:
85:59:5d:a5:d1:53:21:a4:97:af:cc:b1:b9:bc:ae:2f:76:ca:
0b:e4:f2:a2:57:58:30:4a:1e:73:df:bc:00:ab:bb:cc:1f:cc:
c9:92:86:82
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlIc0mUPBHgX0TcRoQxgh6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NzM2NGY1MDI1MzRlODc3MWEwYzYyNTk3OTRjMjZlMjZk
NGJjYTQwHhcNMjUwMTAyMDM0OTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTMwMWFiZjhjOTBhNTlmM2JhYjBmZjMyMWM4NzMyMmNhYmVlNjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxXrEV8ZoZW8bV0HSbpvb8n7Wn8EH
KwH7/hXNxVoMqcfgcg8hLjVjLmcB0WvOrspHqPP4q7z5g3VyTVaRNTAQglY9GuHp
ayCGsuVrp7AaJcxyyJHht5Sz7dO2PjgFbkiAmPCFt+Sa/pYa7glATVgsyQBwigcv
H9Dc/LVZZY8//RR/by7ya9f+WqXkqnCtBVPTVBVTyDcQzC23FWjlDY7lxH3msSWJ
ez0bQ9zUEYV7QWtFsEb+s0X4ou9VNwA9/cZc/LgKJAXVFsTs6PZ1kiE6r0K0AAkU
FjbKZUe5AakwR/ObPux5kjO3MuzEey80vlHaSgEAXMQuQAWqoNRYTYkE1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJUwGr+MkKWfO6sP8yHIcyLKvuYDMB8GA1UdIwQY
MBaAFClzZPUCU06HcaDGJZeUwm4m1LykMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1hOazlRSlRUb2R4b01ZbGw1VENiaWJVdktRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8wNDU4MjAtMzU0Ni00MDdjLTgzYTUt
MGEwZjNlNzhhNDkzLzEvbFRBYXY0eVFwWjg3cXdfekljaHpJc3EtNWdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi8wNDU4MjAtMzU0Ni00MDdjLTgzYTUtMGEwZjNlNzhhNDkz
LzEvS1hOazlRSlRUb2R4b01ZbGw1VENiaWJVdktRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBjWmmMA0G
CSqGSIb3DQEBCwUAA4IBAQBYm2LleqWWogD1YSVl77yeeprrbfD9ON2+4Xxeph/B
XtaYlOEBQ4+wUbrtLL/0H7vN6gE36c/OSpvKG7TXdHvpde8In+KLSrzYpWCMc87o
loitIbTMYoUBEbOaRBjqAesRfHaL7SNORrcg6Dc363CDjkCnT4+HYDbniJZgVU8k
ivSZzFEMCNJ+tiVHip6oCvggpOyei3r4MCWi/sC0zu3e6eqQ0Fbonajk8uZ3vO3L
LcIvOOhC2asmusGGahIXxUUGH8KfhNHULOPOesM7CFe3YkPJQjvXBlWFWV2l0VMh
pJevzLG5vK4vdsoL5PKiV1gwSh5z37wAq7vMH8zJkoaC
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:08:38 2025 by rpki-client