Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/a9fcc9-67b2-44d6-b566-100f84fe950c/1/LF_3HwZmRrCki2d-FP5TfnY-Yfo.roa
File: LF_3HwZmRrCki2d-FP5TfnY-Yfo.roa (raw, json)
Hash identifier: OqUUHUSkyKdGpgaBU1hHW7IYtyTJfajGz9ID3t644ac=
Subject key identifier: 2C:5F:F7:1F:06:66:46:B0:A4:8B:67:7E:14:FE:53:7E:76:3E:61:FA
Certificate issuer: /CN=f50b6b425600a25a6dc132de514797e2aa4b0247
Certificate serial: 0194266B7650D72DC8F0EC583B0526978A8E
Authority key identifier: F5:0B:6B:42:56:00:A2:5A:6D:C1:32:DE:51:47:97:E2:AA:4B:02:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9QtrQlYAolptwTLeUUeX4qpLAkc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/a9fcc9-67b2-44d6-b566-100f84fe950c/1/LF_3HwZmRrCki2d-FP5TfnY-Yfo.roa
Signing time: Thu 02 Jan 2025 09:49:24 +0000
ROA not before: Thu 02 Jan 2025 09:49:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199743
IP address blocks: 91.217.210.0/24 maxlen: 24
185.48.68.0/22 maxlen: 28
2a01:9660::/32 maxlen: 32
2a01:9660:19::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/a9fcc9-67b2-44d6-b566-100f84fe950c/1/9QtrQlYAolptwTLeUUeX4qpLAkc.crl
rsync://rpki.ripe.net/repository/DEFAULT/e4/a9fcc9-67b2-44d6-b566-100f84fe950c/1/9QtrQlYAolptwTLeUUeX4qpLAkc.mft
rsync://rpki.ripe.net/repository/DEFAULT/9QtrQlYAolptwTLeUUeX4qpLAkc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 12:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:76:50:d7:2d:c8:f0:ec:58:3b:05:26:97:8a:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f50b6b425600a25a6dc132de514797e2aa4b0247
Validity
Not Before: Jan 2 09:49:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2c5ff71f066646b0a48b677e14fe537e763e61fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:c9:af:ab:b9:d9:04:bb:a1:74:dc:f6:73:2d:
8d:20:4d:43:33:bf:95:86:53:87:d6:5b:70:ec:2d:
0d:45:17:60:a7:0e:b8:b7:fe:2f:a5:f2:5d:cc:8a:
86:3a:31:d6:31:d9:9a:9a:b5:23:91:27:39:31:63:
62:e3:24:8f:6c:fc:eb:2f:79:f6:ba:98:c5:ec:ac:
84:21:ed:45:40:9b:03:4c:1e:a0:02:58:b9:69:d7:
95:2f:95:e4:c5:d8:8c:8b:e1:c1:d9:6c:d0:6c:e4:
d0:17:ac:58:30:e8:93:6c:42:e2:a6:62:76:66:e2:
38:ff:50:20:d4:76:fb:11:0b:c1:e4:67:8d:17:00:
7c:4a:34:c4:f5:d7:aa:0b:35:fd:4e:a0:34:c0:f1:
6b:8d:ac:03:e7:f8:36:eb:e1:d8:eb:5f:66:cf:75:
17:96:03:74:9b:9e:cd:eb:25:51:b6:c5:a9:36:67:
b1:19:25:05:87:35:99:a5:ce:e2:8b:72:99:b1:de:
3b:58:6b:f9:38:f2:47:b5:65:ef:9c:57:05:b8:de:
50:c5:a5:f1:cf:fb:bc:35:be:12:ec:01:57:5e:20:
f5:ab:e1:00:0d:68:c9:69:80:cc:78:97:27:48:fc:
38:52:bd:41:e8:c2:f0:c2:e4:8e:57:1c:15:27:b8:
5f:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:5F:F7:1F:06:66:46:B0:A4:8B:67:7E:14:FE:53:7E:76:3E:61:FA
X509v3 Authority Key Identifier:
keyid:F5:0B:6B:42:56:00:A2:5A:6D:C1:32:DE:51:47:97:E2:AA:4B:02:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9QtrQlYAolptwTLeUUeX4qpLAkc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/a9fcc9-67b2-44d6-b566-100f84fe950c/1/LF_3HwZmRrCki2d-FP5TfnY-Yfo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/a9fcc9-67b2-44d6-b566-100f84fe950c/1/9QtrQlYAolptwTLeUUeX4qpLAkc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.210.0/24
185.48.68.0/22
IPv6:
2a01:9660::/32
Signature Algorithm: sha256WithRSAEncryption
23:f7:57:ff:65:75:83:4c:bc:03:9b:65:05:25:63:b1:ab:dc:
6d:e4:69:23:d8:3a:71:25:07:cc:f5:ba:27:86:dd:55:56:48:
89:83:00:ac:e7:af:2a:9e:d0:98:d3:3a:65:a6:b1:f4:9b:d5:
62:31:e6:73:a6:d2:25:6e:b0:b3:e6:39:18:1b:01:2a:62:a6:
9a:f1:a0:a7:4a:5b:6d:4e:5c:57:06:5f:e5:d2:03:b6:5d:6c:
a8:2d:c1:18:5a:59:7c:0b:f0:ed:39:64:60:81:c0:40:67:56:
a5:e9:90:85:6c:0d:64:56:02:dc:1a:82:7d:93:d2:29:5e:dc:
07:dd:34:41:b5:b7:81:1a:08:0f:91:33:74:3f:3a:e3:6f:ed:
59:32:cc:9c:a0:e2:09:85:73:7b:ab:fb:d2:b6:7c:d9:7e:9c:
41:10:95:e1:f7:a7:37:4f:a4:95:3e:7f:59:fe:8e:9f:ea:bc:
41:b4:a9:6e:5d:c2:20:be:4a:6f:fc:e0:b5:90:19:8b:79:67:
50:8e:4e:aa:f3:ab:22:91:02:47:c9:e4:08:cb:9c:9d:eb:fa:
5a:78:c3:f7:00:44:53:52:a2:89:c7:a5:9b:79:15:61:ff:c6:
30:f5:e1:22:68:d1:50:4a:d8:09:0d:e9:16:a5:cd:59:c0:7f:
b5:70:a7:43
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQma3ZQ1y3I8OxYOwUml4qOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1MGI2YjQyNTYwMGEyNWE2ZGMxMzJkZTUxNDc5N2UyYWE0
YjAyNDcwHhcNMjUwMTAyMDk0OTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzVmZjcxZjA2NjY0NmIwYTQ4YjY3N2UxNGZlNTM3ZTc2M2U2MWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA38mvq7nZBLuhdNz2cy2NIE1DM7+V
hlOH1ltw7C0NRRdgpw64t/4vpfJdzIqGOjHWMdmamrUjkSc5MWNi4ySPbPzrL3n2
upjF7KyEIe1FQJsDTB6gAli5adeVL5XkxdiMi+HB2WzQbOTQF6xYMOiTbELipmJ2
ZuI4/1Ag1Hb7EQvB5GeNFwB8SjTE9deqCzX9TqA0wPFrjawD5/g26+HY619mz3UX
lgN0m57N6yVRtsWpNmexGSUFhzWZpc7ii3KZsd47WGv5OPJHtWXvnFcFuN5QxaXx
z/u8Nb4S7AFXXiD1q+EADWjJaYDMeJcnSPw4Ur1B6MLwwuSOVxwVJ7hfoQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCxf9x8GZkawpItnfhT+U352PmH6MB8GA1UdIwQY
MBaAFPULa0JWAKJabcEy3lFHl+KqSwJHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVF0clFsWUFvbHB0d1RMZVVVZVg0cXBMQWtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9hOWZjYzktNjdiMi00NGQ2LWI1NjYt
MTAwZjg0ZmU5NTBjLzEvTEZfM0h3Wm1SckNraTJkLUZQNVRmblktWWZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC9hOWZjYzktNjdiMi00NGQ2LWI1NjYtMTAwZjg0ZmU5NTBj
LzEvOVF0clFsWUFvbHB0d1RMZVVVZVg0cXBMQWtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAW9nSAwQC
uTBEMA0EAgACMAcDBQAqAZZgMA0GCSqGSIb3DQEBCwUAA4IBAQAj91f/ZXWDTLwD
m2UFJWOxq9xt5Gkj2DpxJQfM9bonht1VVkiJgwCs568qntCY0zplprH0m9ViMeZz
ptIlbrCz5jkYGwEqYqaa8aCnSlttTlxXBl/l0gO2XWyoLcEYWll8C/DtOWRggcBA
Z1al6ZCFbA1kVgLcGoJ9k9IpXtwH3TRBtbeBGggPkTN0Pzrjb+1ZMsycoOIJhXN7
q/vStnzZfpxBEJXh96c3T6SVPn9Z/o6f6rxBtKluXcIgvkpv/OC1kBmLeWdQjk6q
86sikQJHyeQIy5yd6/paeMP3AERTUqKJx6WbeRVh/8Yw9eEiaNFQStgJDekWpc1Z
wH+1cKdD
-----END CERTIFICATE-----
Generated at Mon Apr 21 22:23:07 2025 by rpki-client