Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/edb4d3-33c8-45dc-a40e-c85b60fd8c8b/1/Lj7wNt42nDZMFrqwFNzaUflSi14.roa
File: Lj7wNt42nDZMFrqwFNzaUflSi14.roa (raw, json)
Hash identifier: 7lYXpxe/6x5jvaWmKlwV+88ghkrorZKCs1qdn0iPrpQ=
Subject key identifier: 2E:3E:F0:36:DE:36:9C:36:4C:16:BA:B0:14:DC:DA:51:F9:52:8B:5E
Certificate issuer: /CN=8e36117135f6b86d0a9e1fa67e04baf5bcd86169
Certificate serial: 019424B394E6CBE7D67F52E73FDD9A67B14C
Authority key identifier: 8E:36:11:71:35:F6:B8:6D:0A:9E:1F:A6:7E:04:BA:F5:BC:D8:61:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jjYRcTX2uG0Knh-mfgS69bzYYWk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/edb4d3-33c8-45dc-a40e-c85b60fd8c8b/1/Lj7wNt42nDZMFrqwFNzaUflSi14.roa
Signing time: Thu 02 Jan 2025 01:48:56 +0000
ROA not before: Thu 02 Jan 2025 01:48:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200064
IP address blocks: 45.156.40.0/22 maxlen: 24
79.98.216.0/21 maxlen: 24
92.118.172.0/22 maxlen: 22
92.118.172.0/24 maxlen: 24
92.118.173.0/24 maxlen: 24
92.118.174.0/24 maxlen: 24
92.118.175.0/24 maxlen: 24
92.118.252.0/22 maxlen: 24
139.28.56.0/22 maxlen: 24
141.105.96.0/20 maxlen: 24
185.28.140.0/22 maxlen: 24
2a02:2f80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/edb4d3-33c8-45dc-a40e-c85b60fd8c8b/1/jjYRcTX2uG0Knh-mfgS69bzYYWk.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/edb4d3-33c8-45dc-a40e-c85b60fd8c8b/1/jjYRcTX2uG0Knh-mfgS69bzYYWk.mft
rsync://rpki.ripe.net/repository/DEFAULT/jjYRcTX2uG0Knh-mfgS69bzYYWk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 15 Mar 2025 03:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:94:e6:cb:e7:d6:7f:52:e7:3f:dd:9a:67:b1:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e36117135f6b86d0a9e1fa67e04baf5bcd86169
Validity
Not Before: Jan 2 01:48:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2e3ef036de369c364c16bab014dcda51f9528b5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:a1:f9:37:33:b1:c3:2f:25:2e:c4:ed:24:17:
02:5c:a9:85:ef:3c:10:80:f4:6d:53:a5:59:cd:0e:
0f:ba:8e:c5:b4:69:4a:6b:0d:23:4e:97:f9:44:6a:
7b:9b:21:95:01:32:b1:2c:52:3e:d7:83:d5:ca:f1:
ab:ac:8c:49:dc:a4:23:55:5c:4e:d8:87:a2:94:c4:
33:a4:d8:06:67:d6:b8:2f:13:da:db:75:52:bc:ff:
41:b1:9d:c9:fa:aa:7b:88:7e:3d:69:22:3a:ba:53:
d1:83:3f:82:eb:dd:86:a8:0c:bb:46:92:56:60:e5:
79:08:2b:e9:cf:da:2a:e5:c5:dd:7f:06:a3:cb:e3:
31:3a:54:ad:d1:b8:2a:40:fc:b4:57:2c:b3:4c:5b:
2e:c1:ec:38:3e:73:6c:f5:49:ae:97:c8:22:af:f2:
87:83:d1:05:79:35:ed:f0:49:5e:a0:76:81:0a:61:
a0:74:2e:3a:c3:74:b0:db:c7:2a:87:5d:80:0d:a3:
97:09:e6:64:22:59:6b:88:7b:90:a2:66:9f:ca:37:
fe:71:fd:48:c2:11:a5:b9:50:c5:c4:eb:a6:54:cf:
eb:74:0e:2a:18:58:cb:1e:97:0a:57:e9:cd:05:4c:
da:98:57:6e:66:b6:ae:48:02:68:c6:36:33:96:73:
0a:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:3E:F0:36:DE:36:9C:36:4C:16:BA:B0:14:DC:DA:51:F9:52:8B:5E
X509v3 Authority Key Identifier:
keyid:8E:36:11:71:35:F6:B8:6D:0A:9E:1F:A6:7E:04:BA:F5:BC:D8:61:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jjYRcTX2uG0Knh-mfgS69bzYYWk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/edb4d3-33c8-45dc-a40e-c85b60fd8c8b/1/Lj7wNt42nDZMFrqwFNzaUflSi14.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/edb4d3-33c8-45dc-a40e-c85b60fd8c8b/1/jjYRcTX2uG0Knh-mfgS69bzYYWk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.40.0/22
79.98.216.0/21
92.118.172.0/22
92.118.252.0/22
139.28.56.0/22
141.105.96.0/20
185.28.140.0/22
IPv6:
2a02:2f80::/29
Signature Algorithm: sha256WithRSAEncryption
59:29:65:14:de:92:e7:8b:59:77:07:94:43:e4:ae:7f:3d:e2:
fe:b6:f3:d8:6a:ad:41:9c:37:94:97:0e:dd:e8:ff:48:cb:ef:
2e:02:23:de:dd:79:c0:6d:24:50:55:f2:1f:b2:57:c8:f4:72:
a1:6f:58:d9:65:be:de:b5:ff:f9:b8:b3:a8:b2:4c:3a:89:37:
50:28:8d:96:cc:af:ed:68:fa:e9:9e:d8:44:b9:0d:f6:aa:a0:
ff:cf:c1:48:f6:07:50:db:b3:8d:77:d9:29:f8:df:fa:bf:98:
72:14:4f:1a:97:db:ec:b0:0d:62:f6:1c:84:a9:c5:fd:18:d1:
13:55:9e:fc:c0:8f:3f:e7:cb:12:44:b1:a2:6c:91:b6:5d:6c:
f8:46:db:4e:14:2d:2e:f6:01:b7:1c:b4:d6:4e:35:ee:9e:57:
30:b3:62:da:a5:47:8b:c5:42:45:40:8c:85:92:21:50:25:ad:
ef:56:13:bb:a0:99:ff:50:f5:2a:07:e0:77:db:1e:12:93:89:
fc:08:3c:8b:74:06:97:f1:c7:6a:b5:66:d6:b9:29:c7:f4:6f:
63:df:71:41:f3:af:1e:0b:82:44:ac:52:d1:c2:13:90:5f:de:
1b:89:5c:d2:27:71:e7:8b:df:cb:e3:7c:34:e1:0a:eb:8a:de:
0c:91:e0:0f
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZQks5Tmy+fWf1LnP92aZ7FMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlMzYxMTcxMzVmNmI4NmQwYTllMWZhNjdlMDRiYWY1YmNk
ODYxNjkwHhcNMjUwMTAyMDE0ODU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTNlZjAzNmRlMzY5YzM2NGMxNmJhYjAxNGRjZGE1MWY5NTI4YjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmaH5NzOxwy8lLsTtJBcCXKmF7zwQ
gPRtU6VZzQ4Puo7FtGlKaw0jTpf5RGp7myGVATKxLFI+14PVyvGrrIxJ3KQjVVxO
2IeilMQzpNgGZ9a4LxPa23VSvP9BsZ3J+qp7iH49aSI6ulPRgz+C692GqAy7RpJW
YOV5CCvpz9oq5cXdfwajy+MxOlSt0bgqQPy0VyyzTFsuwew4PnNs9Umul8gir/KH
g9EFeTXt8EleoHaBCmGgdC46w3Sw28cqh12ADaOXCeZkIllriHuQomafyjf+cf1I
whGluVDFxOumVM/rdA4qGFjLHpcKV+nNBUzamFduZrauSAJoxjYzlnMKSwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFC4+8DbeNpw2TBa6sBTc2lH5UoteMB8GA1UdIwQY
MBaAFI42EXE19rhtCp4fpn4EuvW82GFpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvampZUmNUWDJ1RzBLbmgtbWZnUzY5YnpZWVdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS9lZGI0ZDMtMzNjOC00NWRjLWE0MGUt
Yzg1YjYwZmQ4YzhiLzEvTGo3d050NDJuRFpNRnJxd0ZOemFVZmxTaTE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS9lZGI0ZDMtMzNjOC00NWRjLWE0MGUtYzg1YjYwZmQ4Yzhi
LzEvampZUmNUWDJ1RzBLbmgtbWZnUzY5YnpZWVdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQCLZwoAwQD
T2LYAwQCXHasAwQCXHb8AwQCixw4AwQEjWlgAwQCuRyMMA0EAgACMAcDBQMqAi+A
MA0GCSqGSIb3DQEBCwUAA4IBAQBZKWUU3pLni1l3B5RD5K5/PeL+tvPYaq1BnDeU
lw7d6P9Iy+8uAiPe3XnAbSRQVfIfslfI9HKhb1jZZb7etf/5uLOoskw6iTdQKI2W
zK/taPrpnthEuQ32qqD/z8FI9gdQ27ONd9kp+N/6v5hyFE8al9vssA1i9hyEqcX9
GNETVZ78wI8/58sSRLGibJG2XWz4RttOFC0u9gG3HLTWTjXunlcws2LapUeLxUJF
QIyFkiFQJa3vVhO7oJn/UPUqB+B32x4Sk4n8CDyLdAaX8cdqtWbWuSnH9G9j33FB
868eC4JErFLRwhOQX94biVzSJ3Hni9/L43w04Qrrit4MkeAP
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:41:14 2025 by rpki-client