Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/lPSUj34nkT_K5j-sJpCtDtarJAw.roa
File: lPSUj34nkT_K5j-sJpCtDtarJAw.roa (raw, json)
Hash identifier: 5sUWPY9Y6gBlSd/1n2Bqk2PB2ZfQYCugVIDB6uxBzQk=
Subject key identifier: 94:F4:94:8F:7E:27:91:3F:CA:E6:3F:AC:26:90:AD:0E:D6:AB:24:0C
Certificate issuer: /CN=618478f198fe569010c3df6219142f530c4f5e56
Certificate serial: 0194258F8B2593B698033B6C49412C9EC1B5
Authority key identifier: 61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/lPSUj34nkT_K5j-sJpCtDtarJAw.roa
Signing time: Thu 02 Jan 2025 05:49:11 +0000
ROA not before: Thu 02 Jan 2025 05:49:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44477
IP address blocks: 45.142.212.0/24 maxlen: 24
45.142.213.0/24 maxlen: 24
45.142.214.0/24 maxlen: 24
45.142.215.0/24 maxlen: 24
188.119.112.0/24 maxlen: 24
188.119.113.0/24 maxlen: 24
213.226.100.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl
rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.mft
rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:8b:25:93:b6:98:03:3b:6c:49:41:2c:9e:c1:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=618478f198fe569010c3df6219142f530c4f5e56
Validity
Not Before: Jan 2 05:49:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=94f4948f7e27913fcae63fac2690ad0ed6ab240c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:1b:99:85:1e:26:35:f4:de:2e:ad:fc:da:e8:
37:18:d5:7b:a4:98:7a:95:09:47:0e:fb:61:6f:9a:
2c:54:ad:4d:3b:63:f3:78:a2:0a:9d:d6:5d:0a:b8:
6f:ac:7a:7c:6b:f2:c8:68:4f:77:8c:cd:7e:b3:68:
d5:58:76:37:04:54:48:4d:28:d0:3d:bc:75:ab:dd:
3d:01:5a:d7:73:b6:c3:2e:9a:72:11:6d:da:5b:6f:
5b:bc:a4:9d:6a:91:86:92:bd:9c:74:65:44:6e:05:
85:09:e7:fe:e8:2a:b9:97:e9:d1:90:49:6c:c0:ef:
a2:27:27:c7:02:1a:15:f5:02:00:f7:22:25:48:16:
a6:ca:a7:5d:b9:ec:05:48:2d:98:f8:50:5f:40:4c:
77:22:a0:86:21:34:e5:3d:3c:29:14:8f:55:c4:02:
84:46:3f:ba:f6:4c:72:48:69:36:28:4d:c0:d3:7c:
f0:c8:4a:a2:07:5b:c2:c9:81:6e:6f:a2:97:04:78:
f0:cd:ba:82:b2:8e:69:30:75:4a:b1:9e:4f:20:2e:
e5:05:ff:93:7b:fe:a0:d6:49:f3:11:ee:b0:99:54:
43:b2:84:b0:d2:ba:6d:c5:8a:2a:28:dc:60:5b:51:
83:c5:3f:7d:0e:f7:c1:9c:a2:bc:4e:79:21:f7:74:
b4:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:F4:94:8F:7E:27:91:3F:CA:E6:3F:AC:26:90:AD:0E:D6:AB:24:0C
X509v3 Authority Key Identifier:
keyid:61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/lPSUj34nkT_K5j-sJpCtDtarJAw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.212.0/22
188.119.112.0/23
213.226.100.0/24
Signature Algorithm: sha256WithRSAEncryption
18:1c:7d:76:4b:d5:c4:98:42:ba:c9:82:77:12:bc:99:6c:e3:
ee:03:69:da:4c:28:be:bb:58:da:14:de:7e:2b:db:fe:68:97:
a6:11:29:19:6c:b0:3e:66:13:1d:dc:da:8b:54:d9:f1:bc:ec:
41:e9:f9:32:45:b3:1a:26:ec:2a:79:de:c2:83:6b:28:55:a1:
18:8a:56:38:3f:a7:ae:b9:9e:db:14:95:6e:c0:2f:99:78:f1:
0d:9e:22:62:44:fd:3f:a7:a8:e4:34:34:be:fb:a3:a7:74:ce:
81:7a:ac:a7:87:39:5c:da:ce:13:16:a9:e6:d1:3c:80:8c:cb:
26:f4:98:cf:d8:ac:bf:46:8c:f7:97:f3:fb:26:94:b0:5a:74:
7a:be:f6:42:69:c2:96:58:60:bb:09:7d:38:4b:e9:c2:44:d5:
06:f1:2d:82:ba:be:71:f8:2a:e8:48:d3:8f:3f:50:be:e6:31:
61:c7:d7:33:8a:cc:b1:59:21:6e:13:9b:85:af:ba:ce:3d:44:
d6:78:84:6d:24:dd:67:4d:a5:64:77:f8:be:d2:ad:83:d0:f9:
c8:45:14:48:f2:e1:ae:fe:0e:82:ae:11:47:aa:de:c7:c3:93:
91:93:30:6c:ae:fa:fb:1f:07:bf:02:da:a5:29:74:ba:c9:03:
b5:a4:ca:2c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQlj4slk7aYAztsSUEsnsG1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxODQ3OGYxOThmZTU2OTAxMGMzZGY2MjE5MTQyZjUzMGM0
ZjVlNTYwHhcNMjUwMTAyMDU0OTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGY0OTQ4ZjdlMjc5MTNmY2FlNjNmYWMyNjkwYWQwZWQ2YWIyNDBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtBuZhR4mNfTeLq382ug3GNV7pJh6
lQlHDvthb5osVK1NO2PzeKIKndZdCrhvrHp8a/LIaE93jM1+s2jVWHY3BFRITSjQ
Pbx1q909AVrXc7bDLppyEW3aW29bvKSdapGGkr2cdGVEbgWFCef+6Cq5l+nRkEls
wO+iJyfHAhoV9QIA9yIlSBamyqdduewFSC2Y+FBfQEx3IqCGITTlPTwpFI9VxAKE
Rj+69kxySGk2KE3A03zwyEqiB1vCyYFub6KXBHjwzbqCso5pMHVKsZ5PIC7lBf+T
e/6g1knzEe6wmVRDsoSw0rptxYoqKNxgW1GDxT99DvfBnKK8Tnkh93S05wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJT0lI9+J5E/yuY/rCaQrQ7WqyQMMB8GA1UdIwQY
MBaAFGGEePGY/laQEMPfYhkUL1MMT15WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEt
YmE5OGYxMTIyMTIxLzEvbFBTVWozNG5rVF9LNWotc0pwQ3REdGFySkF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEtYmE5OGYxMTIyMTIx
LzEvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLY7UAwQB
vHdwAwQA1eJkMA0GCSqGSIb3DQEBCwUAA4IBAQAYHH12S9XEmEK6yYJ3EryZbOPu
A2naTCi+u1jaFN5+K9v+aJemESkZbLA+ZhMd3NqLVNnxvOxB6fkyRbMaJuwqed7C
g2soVaEYilY4P6euuZ7bFJVuwC+ZePENniJiRP0/p6jkNDS++6OndM6Beqynhzlc
2s4TFqnm0TyAjMsm9JjP2Ky/Roz3l/P7JpSwWnR6vvZCacKWWGC7CX04S+nCRNUG
8S2Cur5x+CroSNOPP1C+5jFhx9czisyxWSFuE5uFr7rOPUTWeIRtJN1nTaVkd/i+
0q2D0PnIRRRI8uGu/g6CrhFHqt7Hw5ORkzBsrvr7Hwe/AtqlKXS6yQO1pMos
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:23:35 2025 by rpki-client