Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/L2ou3KYC7aOW9h4MkxvmRdF9-XM.roa
File: L2ou3KYC7aOW9h4MkxvmRdF9-XM.roa (raw, json)
Hash identifier: HdnRHq9xsHsffUN6vf8PfjK/qp0rtSAt5eAQOAgASLA=
Subject key identifier: 2F:6A:2E:DC:A6:02:ED:A3:96:F6:1E:0C:93:1B:E6:45:D1:7D:F9:73
Certificate issuer: /CN=fd37cc8f16b3c6cbd3346aa3ed61771f3e83ac97
Certificate serial: 01942747A2CBC0CD7A8A723E57D22B026AAA
Authority key identifier: FD:37:CC:8F:16:B3:C6:CB:D3:34:6A:A3:ED:61:77:1F:3E:83:AC:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_TfMjxazxsvTNGqj7WF3Hz6DrJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/L2ou3KYC7aOW9h4MkxvmRdF9-XM.roa
Signing time: Thu 02 Jan 2025 13:49:53 +0000
ROA not before: Thu 02 Jan 2025 13:49:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213122
IP address blocks: 5.226.138.0/24 maxlen: 24
185.16.204.0/24 maxlen: 24
217.146.81.0/24 maxlen: 24
217.146.88.0/24 maxlen: 24
2a01:4020:15::/48 maxlen: 48
2a01:4020:16::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/_TfMjxazxsvTNGqj7WF3Hz6DrJc.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/_TfMjxazxsvTNGqj7WF3Hz6DrJc.mft
rsync://rpki.ripe.net/repository/DEFAULT/_TfMjxazxsvTNGqj7WF3Hz6DrJc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 12:01:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:a2:cb:c0:cd:7a:8a:72:3e:57:d2:2b:02:6a:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd37cc8f16b3c6cbd3346aa3ed61771f3e83ac97
Validity
Not Before: Jan 2 13:49:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2f6a2edca602eda396f61e0c931be645d17df973
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:67:01:7e:76:a1:6a:9c:34:b2:83:1b:c6:ae:
54:ac:a8:99:42:83:1b:a8:61:55:e2:7d:6a:7a:47:
42:03:83:ee:07:e5:86:56:9e:9f:78:47:98:87:81:
bf:7c:49:30:d0:56:9e:16:4f:6f:23:44:5a:1e:ff:
0f:df:39:75:61:37:d3:64:ee:c5:d9:9e:9b:69:ff:
ee:48:a0:03:c2:fb:ae:78:dd:5d:dc:e2:5f:c6:86:
a2:03:49:39:b3:7c:dc:4e:e6:b0:40:5b:2d:67:52:
11:b0:6d:0b:d5:34:ff:ed:8e:cc:43:9c:6c:f3:56:
9d:c1:2b:5a:d5:6f:90:9a:e1:05:89:5e:d2:aa:6a:
d9:3c:26:a1:79:60:2d:c7:de:74:77:17:3a:5e:7a:
fd:38:3b:81:2a:a7:ac:84:59:a5:11:bf:c8:22:3e:
42:bc:ec:32:ea:d9:28:9b:08:2f:3f:01:b5:bc:5b:
bc:f9:b5:71:f0:16:77:f8:b3:f4:90:42:1d:fb:b3:
42:4f:11:03:a5:97:f2:61:fb:10:38:70:8a:ee:1a:
34:95:09:9d:ac:60:65:e8:f4:b2:4e:0e:e6:a4:3f:
a8:8e:30:da:5e:7f:ad:2c:a2:62:4b:a1:c0:c3:18:
6a:cd:cf:32:53:37:2c:48:fc:aa:5c:ba:09:6e:5d:
92:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:6A:2E:DC:A6:02:ED:A3:96:F6:1E:0C:93:1B:E6:45:D1:7D:F9:73
X509v3 Authority Key Identifier:
keyid:FD:37:CC:8F:16:B3:C6:CB:D3:34:6A:A3:ED:61:77:1F:3E:83:AC:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_TfMjxazxsvTNGqj7WF3Hz6DrJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/L2ou3KYC7aOW9h4MkxvmRdF9-XM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/_TfMjxazxsvTNGqj7WF3Hz6DrJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.226.138.0/24
185.16.204.0/24
217.146.81.0/24
217.146.88.0/24
IPv6:
2a01:4020:15::-2a01:4020:16:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
53:f7:4a:8e:3d:0f:62:d5:60:6e:2b:84:58:23:b1:fe:1b:f7:
31:db:e1:64:a8:a3:f1:36:23:8c:19:08:03:eb:24:84:14:a5:
11:1d:14:c6:63:25:85:a2:ee:e6:78:ea:0b:ad:1c:56:49:99:
5f:91:5e:5a:05:9a:7d:b4:c3:b7:7e:40:34:af:f0:ad:d3:d9:
10:47:61:dd:ad:fe:a6:05:fb:ab:62:2e:43:6d:e7:46:04:fa:
ff:1f:4d:f8:42:c9:74:36:42:a1:bc:d4:0e:83:99:db:8e:3b:
aa:2f:97:24:17:89:fb:78:e7:38:96:bf:25:5d:a7:88:cf:50:
5a:85:04:13:21:76:d3:cd:65:77:92:19:32:72:ba:72:ec:46:
d7:8f:26:b4:26:37:2b:e2:8c:3c:cb:30:b2:ca:7f:1d:f4:57:
20:80:0e:3e:41:35:9d:20:ed:ee:c5:9c:c7:3a:c6:e6:bd:3a:
ff:bb:df:bf:f2:39:e9:5d:5c:a6:4a:0b:77:a5:0b:96:24:60:
56:db:a5:75:9a:42:05:b2:3f:fb:86:73:97:4d:c8:ef:af:ae:
51:a0:41:d6:07:0c:8a:b8:bc:75:9e:1d:7c:84:63:e2:1b:95:
0b:fa:7c:ef:e8:5a:eb:40:20:bd:fa:1a:5c:1f:5f:65:8c:9c:
97:48:72:55
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZQnR6LLwM16inI+V9IrAmqqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkMzdjYzhmMTZiM2M2Y2JkMzM0NmFhM2VkNjE3NzFmM2U4
M2FjOTcwHhcNMjUwMTAyMTM0OTUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjZhMmVkY2E2MDJlZGEzOTZmNjFlMGM5MzFiZTY0NWQxN2RmOTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA12cBfnahapw0soMbxq5UrKiZQoMb
qGFV4n1qekdCA4PuB+WGVp6feEeYh4G/fEkw0FaeFk9vI0RaHv8P3zl1YTfTZO7F
2Z6baf/uSKADwvuueN1d3OJfxoaiA0k5s3zcTuawQFstZ1IRsG0L1TT/7Y7MQ5xs
81adwSta1W+QmuEFiV7SqmrZPCaheWAtx950dxc6Xnr9ODuBKqeshFmlEb/IIj5C
vOwy6tkomwgvPwG1vFu8+bVx8BZ3+LP0kEId+7NCTxEDpZfyYfsQOHCK7ho0lQmd
rGBl6PSyTg7mpD+ojjDaXn+tLKJiS6HAwxhqzc8yUzcsSPyqXLoJbl2S3QIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFC9qLtymAu2jlvYeDJMb5kXRfflzMB8GA1UdIwQY
MBaAFP03zI8Ws8bL0zRqo+1hdx8+g6yXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1RmTWp4YXp4c3ZUTkdxajdXRjNIejZEckpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8wNWUxN2YtZDMxZi00MzFmLWE4YmMt
N2UwNWFiNDFiNmU0LzEvTDJvdTNLWUM3YU9XOWg0TWt4dm1SZEY5LVhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8wNWUxN2YtZDMxZi00MzFmLWE4YmMtN2UwNWFiNDFiNmU0
LzEvX1RmTWp4YXp4c3ZUTkdxajdXRjNIejZEckpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAeBAIAATAYAwQABeKKAwQA
uRDMAwQA2ZJRAwQA2ZJYMBoEAgACMBQwEgMHACoBQCAAFQMHACoBQCAAFjANBgkq
hkiG9w0BAQsFAAOCAQEAU/dKjj0PYtVgbiuEWCOx/hv3MdvhZKij8TYjjBkIA+sk
hBSlER0UxmMlhaLu5njqC60cVkmZX5FeWgWafbTDt35ANK/wrdPZEEdh3a3+pgX7
q2IuQ23nRgT6/x9N+ELJdDZCobzUDoOZ2447qi+XJBeJ+3jnOJa/JV2niM9QWoUE
EyF2081ld5IZMnK6cuxG148mtCY3K+KMPMswssp/HfRXIIAOPkE1nSDt7sWcxzrG
5r06/7vfv/I56V1cpkoLd6ULliRgVtuldZpCBbI/+4Zzl03I76+uUaBB1gcMiri8
dZ4dfIRj4huVC/p87+ha60AgvfoaXB9fZYycl0hyVQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 17:51:14 2025 by rpki-client