Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/2e543d-4ef7-4e85-867a-99f2004659d1/1/lujy_B0CgE3UQHNrtRpIDknhG84.roa
File: lujy_B0CgE3UQHNrtRpIDknhG84.roa (raw, json)
Hash identifier: HhEZYonW06tw2KSs5U9keAqL3PO1g1AoWXaLns6T1aM=
Subject key identifier: 96:E8:F2:FC:1D:02:80:4D:D4:40:73:6B:B5:1A:48:0E:49:E1:1B:CE
Certificate issuer: /CN=7cdc40c3dbdf819d7413e772bd875814c7eaf55e
Certificate serial: 0195056299AF4DB65A9CCE7D438586F30875
Authority key identifier: 7C:DC:40:C3:DB:DF:81:9D:74:13:E7:72:BD:87:58:14:C7:EA:F5:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fNxAw9vfgZ10E-dyvYdYFMfq9V4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/2e543d-4ef7-4e85-867a-99f2004659d1/1/lujy_B0CgE3UQHNrtRpIDknhG84.roa
Signing time: Fri 14 Feb 2025 16:55:02 +0000
ROA not before: Fri 14 Feb 2025 16:55:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44547
IP address blocks: 217.18.85.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9e/2e543d-4ef7-4e85-867a-99f2004659d1/1/fNxAw9vfgZ10E-dyvYdYFMfq9V4.crl
rsync://rpki.ripe.net/repository/DEFAULT/9e/2e543d-4ef7-4e85-867a-99f2004659d1/1/fNxAw9vfgZ10E-dyvYdYFMfq9V4.mft
rsync://rpki.ripe.net/repository/DEFAULT/fNxAw9vfgZ10E-dyvYdYFMfq9V4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 13:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:05:62:99:af:4d:b6:5a:9c:ce:7d:43:85:86:f3:08:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7cdc40c3dbdf819d7413e772bd875814c7eaf55e
Validity
Not Before: Feb 14 16:55:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=96e8f2fc1d02804dd440736bb51a480e49e11bce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:fc:34:ad:6d:e6:d4:04:92:1e:6c:1b:17:c9:
32:6b:fa:10:64:51:b2:34:a6:e9:95:c8:91:f7:09:
32:18:3a:3b:ca:49:35:fd:33:cc:75:49:f2:d0:9b:
60:da:01:38:37:68:7a:54:ba:a7:64:ab:80:c0:17:
5e:5e:cb:87:67:04:f1:9e:61:77:ec:18:42:b1:87:
8b:6f:4a:2c:9c:a9:75:22:b5:6a:51:6d:fd:0c:a4:
70:95:37:d7:15:8f:49:57:30:79:b3:ce:72:aa:4c:
a4:e9:f9:38:c6:c3:b6:14:23:e2:5c:8c:ba:1f:20:
ed:51:45:9b:d5:c0:5e:41:0a:f1:d6:ef:0c:54:5a:
c1:11:8e:f5:23:79:eb:12:18:2b:fa:d3:a1:f7:d6:
6c:0d:f6:27:8e:16:24:70:72:2b:dc:3f:e5:75:86:
c3:62:a5:41:03:d5:c4:f0:74:c0:60:bf:4b:89:1c:
f9:b3:c1:c6:bc:fa:5f:9d:d5:fc:5d:68:b9:9d:73:
ad:49:f6:5f:51:a8:d7:26:1f:03:7e:6a:28:b1:1a:
09:10:f0:98:03:90:fd:70:ec:ee:a7:5c:16:e1:64:
e0:cf:8d:0c:a7:d3:cd:65:04:af:76:a1:3b:6a:66:
24:42:1c:30:cb:00:bb:db:d9:8a:26:67:2f:9a:ab:
c8:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:E8:F2:FC:1D:02:80:4D:D4:40:73:6B:B5:1A:48:0E:49:E1:1B:CE
X509v3 Authority Key Identifier:
keyid:7C:DC:40:C3:DB:DF:81:9D:74:13:E7:72:BD:87:58:14:C7:EA:F5:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fNxAw9vfgZ10E-dyvYdYFMfq9V4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/2e543d-4ef7-4e85-867a-99f2004659d1/1/lujy_B0CgE3UQHNrtRpIDknhG84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/2e543d-4ef7-4e85-867a-99f2004659d1/1/fNxAw9vfgZ10E-dyvYdYFMfq9V4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.18.85.0/24
Signature Algorithm: sha256WithRSAEncryption
72:0d:fe:ca:5b:fc:be:c9:78:50:c3:18:85:2d:76:57:8f:c1:
c0:e3:a0:fd:5a:dd:d3:9c:2c:bc:57:aa:3f:08:b7:40:06:2a:
eb:f4:73:5d:a0:88:46:3e:ba:13:19:16:d3:6c:a9:d2:89:1f:
6d:34:dd:4d:ed:32:1f:cb:8e:f0:80:12:e6:18:16:b9:dc:f3:
6a:71:b1:22:95:77:77:a1:b2:c4:08:64:77:c5:af:8e:ab:e6:
1d:aa:cd:a0:92:70:b7:c3:17:53:39:35:f2:c7:09:14:31:52:
17:f0:cd:ef:cd:d8:57:37:61:c5:ce:51:fc:e7:78:99:54:47:
f7:12:08:ad:5d:35:ee:25:f9:e7:51:7e:7b:48:79:20:5d:19:
18:cb:99:a5:23:48:71:83:40:bc:5a:52:60:95:c6:ce:05:2f:
15:f7:34:f8:e6:31:3d:21:f9:91:ce:0d:c0:20:ca:6c:e8:c0:
5c:04:5a:18:44:79:69:c2:13:32:4a:ed:28:51:1d:21:c1:70:
14:fb:0f:c2:b4:23:e1:a8:02:73:b2:f8:97:4f:28:a9:5b:37:
68:ab:aa:38:85:50:45:86:9c:90:9a:5a:cd:e9:3f:ab:1a:6e:
c0:a9:88:3f:bb:df:da:b8:93:d1:80:91:1b:48:2a:ad:e3:e0:
47:25:09:20
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZUFYpmvTbZanM59Q4WG8wh1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjZGM0MGMzZGJkZjgxOWQ3NDEzZTc3MmJkODc1ODE0Yzdl
YWY1NWUwHhcNMjUwMjE0MTY1NTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmU4ZjJmYzFkMDI4MDRkZDQ0MDczNmJiNTFhNDgwZTQ5ZTExYmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsfw0rW3m1ASSHmwbF8kya/oQZFGy
NKbplciR9wkyGDo7ykk1/TPMdUny0Jtg2gE4N2h6VLqnZKuAwBdeXsuHZwTxnmF3
7BhCsYeLb0osnKl1IrVqUW39DKRwlTfXFY9JVzB5s85yqkyk6fk4xsO2FCPiXIy6
HyDtUUWb1cBeQQrx1u8MVFrBEY71I3nrEhgr+tOh99ZsDfYnjhYkcHIr3D/ldYbD
YqVBA9XE8HTAYL9LiRz5s8HGvPpfndX8XWi5nXOtSfZfUajXJh8DfmoosRoJEPCY
A5D9cOzup1wW4WTgz40Mp9PNZQSvdqE7amYkQhwwywC729mKJmcvmqvIdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJbo8vwdAoBN1EBza7UaSA5J4RvOMB8GA1UdIwQY
MBaAFHzcQMPb34GddBPncr2HWBTH6vVeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZk54QXc5dmZnWjEwRS1keXZZZFlGTWZxOVY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS8yZTU0M2QtNGVmNy00ZTg1LTg2N2Et
OTlmMjAwNDY1OWQxLzEvbHVqeV9CMENnRTNVUUhOcnRScElEa25oRzg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS8yZTU0M2QtNGVmNy00ZTg1LTg2N2EtOTlmMjAwNDY1OWQx
LzEvZk54QXc5dmZnWjEwRS1keXZZZFlGTWZxOVY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2RJVMA0G
CSqGSIb3DQEBCwUAA4IBAQByDf7KW/y+yXhQwxiFLXZXj8HA46D9Wt3TnCy8V6o/
CLdABirr9HNdoIhGProTGRbTbKnSiR9tNN1N7TIfy47wgBLmGBa53PNqcbEilXd3
obLECGR3xa+Oq+Ydqs2gknC3wxdTOTXyxwkUMVIX8M3vzdhXN2HFzlH853iZVEf3
EgitXTXuJfnnUX57SHkgXRkYy5mlI0hxg0C8WlJglcbOBS8V9zT45jE9IfmRzg3A
IMps6MBcBFoYRHlpwhMySu0oUR0hwXAU+w/CtCPhqAJzsviXTyipWzdoq6o4hVBF
hpyQmlrN6T+rGm7AqYg/u9/auJPRgJEbSCqt4+BHJQkg
-----END CERTIFICATE-----
Generated at Sat Apr 5 20:48:46 2025 by rpki-client