Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/c011ca-456b-4f51-bc8b-005cb4dca63f/1/LAcLYgswdXBfgBZpgmI4v5l11G8.roa
File: LAcLYgswdXBfgBZpgmI4v5l11G8.roa (raw, json)
Hash identifier: 4F279XlGd3FdMtCNdNRt8dMwroWFaHLg6v4i36Nk99c=
Subject key identifier: 2C:07:0B:62:0B:30:75:70:5F:80:16:69:82:62:38:BF:99:75:D4:6F
Certificate issuer: /CN=5ff4bc6137c540a89b9173cc2de32eb04c9e6eae
Certificate serial: 019427B6061B15F7D919B5E4E9672FE036FA
Authority key identifier: 5F:F4:BC:61:37:C5:40:A8:9B:91:73:CC:2D:E3:2E:B0:4C:9E:6E:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X_S8YTfFQKibkXPMLeMusEyebq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/c011ca-456b-4f51-bc8b-005cb4dca63f/1/LAcLYgswdXBfgBZpgmI4v5l11G8.roa
Signing time: Thu 02 Jan 2025 15:50:28 +0000
ROA not before: Thu 02 Jan 2025 15:50:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15644
IP address blocks: 5.61.64.0/21 maxlen: 21
5.61.68.0/24 maxlen: 24
5.61.69.0/24 maxlen: 24
5.61.70.0/24 maxlen: 24
5.61.71.0/24 maxlen: 24
2a01:52c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/26/c011ca-456b-4f51-bc8b-005cb4dca63f/1/X_S8YTfFQKibkXPMLeMusEyebq4.crl
rsync://rpki.ripe.net/repository/DEFAULT/26/c011ca-456b-4f51-bc8b-005cb4dca63f/1/X_S8YTfFQKibkXPMLeMusEyebq4.mft
rsync://rpki.ripe.net/repository/DEFAULT/X_S8YTfFQKibkXPMLeMusEyebq4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 10:07:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:06:1b:15:f7:d9:19:b5:e4:e9:67:2f:e0:36:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ff4bc6137c540a89b9173cc2de32eb04c9e6eae
Validity
Not Before: Jan 2 15:50:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2c070b620b3075705f801669826238bf9975d46f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:b1:5d:ce:f6:50:c2:db:4f:77:05:9e:b1:63:
f6:70:9f:d6:c0:c1:c0:56:a0:b7:0f:26:ca:b4:1b:
d3:e4:32:d4:03:8d:35:4a:3b:2a:8f:f8:2e:ed:42:
c6:c2:46:a7:96:31:ff:95:30:b1:e5:01:6e:d4:a2:
bd:87:13:c2:c5:f2:0e:e2:62:10:fb:1f:3a:bd:2f:
90:70:9a:28:e9:70:e4:fd:fb:98:2c:8c:d6:8a:9b:
2a:c4:f3:18:0c:81:be:83:99:25:41:be:ef:2d:7d:
0d:18:9c:d0:f3:a2:cc:16:78:7d:99:03:bf:63:55:
ff:96:50:4c:f1:c4:ca:fe:4d:70:cf:c1:ef:af:e8:
75:52:ab:9d:88:ed:70:a8:9f:5b:36:f2:03:a8:a1:
74:53:aa:44:15:0a:25:d8:02:e9:5a:98:5a:1b:e6:
ae:93:0b:f4:fd:91:70:ef:bc:01:b7:d0:ec:aa:01:
d9:e2:8e:20:ac:e4:be:dd:1f:b7:f9:9c:ff:36:23:
68:56:28:32:f8:ab:bb:99:3b:19:93:dc:13:7c:3f:
34:c9:02:c3:16:0e:66:a0:8f:fe:46:3b:c4:6c:44:
02:ea:3d:4c:3e:7f:bb:f2:1a:6f:a2:f6:7e:5e:7e:
bc:eb:4c:ae:45:13:8c:87:c0:92:3b:28:b5:05:df:
25:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:07:0B:62:0B:30:75:70:5F:80:16:69:82:62:38:BF:99:75:D4:6F
X509v3 Authority Key Identifier:
keyid:5F:F4:BC:61:37:C5:40:A8:9B:91:73:CC:2D:E3:2E:B0:4C:9E:6E:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X_S8YTfFQKibkXPMLeMusEyebq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/c011ca-456b-4f51-bc8b-005cb4dca63f/1/LAcLYgswdXBfgBZpgmI4v5l11G8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/c011ca-456b-4f51-bc8b-005cb4dca63f/1/X_S8YTfFQKibkXPMLeMusEyebq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.64.0/21
IPv6:
2a01:52c0::/32
Signature Algorithm: sha256WithRSAEncryption
78:cf:1b:68:b5:d3:ab:99:de:01:27:06:9a:53:7a:75:d2:7d:
cb:48:2c:b9:48:7d:8e:ea:ae:9a:ff:6c:af:65:2e:7f:cc:7f:
2d:e1:00:53:ee:47:8b:6f:73:9c:ae:1c:c5:72:b9:7c:43:cf:
7f:3a:ab:23:e8:00:ba:b7:97:be:99:34:5b:df:e7:b8:a9:48:
ff:5e:16:59:92:e8:bc:9f:fa:e0:a3:85:40:11:78:f4:5a:6c:
8c:39:a7:3f:df:6f:4d:94:03:7f:bb:54:d5:50:87:7c:e7:8c:
28:10:63:da:ba:f1:94:8d:2e:38:1a:d3:82:5b:33:79:70:ab:
29:67:04:2a:04:2b:30:a9:15:29:cc:82:dd:c2:f1:c0:95:50:
db:51:f2:05:8e:f6:d3:98:c2:ef:bb:81:dc:df:80:45:d9:cb:
b1:49:fb:e4:d2:bd:54:2a:a9:49:c2:f9:db:1d:d1:95:ce:38:
08:d2:56:21:87:3a:92:5f:ff:9d:17:7e:0b:f0:73:78:ff:ad:
48:9f:e7:79:44:66:75:1a:0a:e8:b3:11:0d:0d:91:98:e0:d5:
6d:63:6a:d8:23:c5:85:31:e8:9a:41:0f:2a:62:ed:aa:f6:a8:
0b:66:07:7c:34:11:4d:b5:64:d3:f1:d7:fb:0e:35:7b:5c:ee:
59:98:28:f9
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQntgYbFffZGbXk6Wcv4Db6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmZjRiYzYxMzdjNTQwYTg5YjkxNzNjYzJkZTMyZWIwNGM5
ZTZlYWUwHhcNMjUwMTAyMTU1MDI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzA3MGI2MjBiMzA3NTcwNWY4MDE2Njk4MjYyMzhiZjk5NzVkNDZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwLFdzvZQwttPdwWesWP2cJ/WwMHA
VqC3DybKtBvT5DLUA401Sjsqj/gu7ULGwkanljH/lTCx5QFu1KK9hxPCxfIO4mIQ
+x86vS+QcJoo6XDk/fuYLIzWipsqxPMYDIG+g5klQb7vLX0NGJzQ86LMFnh9mQO/
Y1X/llBM8cTK/k1wz8Hvr+h1UqudiO1wqJ9bNvIDqKF0U6pEFQol2ALpWphaG+au
kwv0/ZFw77wBt9DsqgHZ4o4grOS+3R+3+Zz/NiNoVigy+Ku7mTsZk9wTfD80yQLD
Fg5moI/+RjvEbEQC6j1MPn+78hpvovZ+Xn6860yuRROMh8CSOyi1Bd8lTwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCwHC2ILMHVwX4AWaYJiOL+ZddRvMB8GA1UdIwQY
MBaAFF/0vGE3xUCom5FzzC3jLrBMnm6uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWF9TOFlUZkZRS2lia1hQTUxlTXVzRXllYnE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi9jMDExY2EtNDU2Yi00ZjUxLWJjOGIt
MDA1Y2I0ZGNhNjNmLzEvTEFjTFlnc3dkWEJmZ0JacGdtSTR2NWwxMUc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi9jMDExY2EtNDU2Yi00ZjUxLWJjOGItMDA1Y2I0ZGNhNjNm
LzEvWF9TOFlUZkZRS2lia1hQTUxlTXVzRXllYnE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDBT1AMA0E
AgACMAcDBQAqAVLAMA0GCSqGSIb3DQEBCwUAA4IBAQB4zxtotdOrmd4BJwaaU3p1
0n3LSCy5SH2O6q6a/2yvZS5/zH8t4QBT7keLb3OcrhzFcrl8Q89/Oqsj6AC6t5e+
mTRb3+e4qUj/XhZZkui8n/rgo4VAEXj0WmyMOac/329NlAN/u1TVUId854woEGPa
uvGUjS44GtOCWzN5cKspZwQqBCswqRUpzILdwvHAlVDbUfIFjvbTmMLvu4Hc34BF
2cuxSfvk0r1UKqlJwvnbHdGVzjgI0lYhhzqSX/+dF34L8HN4/61In+d5RGZ1Ggro
sxENDZGY4NVtY2rYI8WFMeiaQQ8qYu2q9qgLZgd8NBFNtWTT8df7DjV7XO5ZmCj5
-----END CERTIFICATE-----
Generated at Sun Apr 6 20:46:40 2025 by rpki-client