Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/LzFoDYPr7_0gEjtlfJ6xXw6t_lo.roa
File: LzFoDYPr7_0gEjtlfJ6xXw6t_lo.roa (raw, json)
Hash identifier: rXfhzDDWrE3BbdIp2NtDgdm3XDSADxRFIs8wy+p88S0=
Subject key identifier: 2F:31:68:0D:83:EB:EF:FD:20:12:3B:65:7C:9E:B1:5F:0E:AD:FE:5A
Certificate issuer: /CN=297c508d23b38315bbf45b726d22050a46127b8c
Certificate serial: 019425FD55646527B0DC5270843F5B82FBD4
Authority key identifier: 29:7C:50:8D:23:B3:83:15:BB:F4:5B:72:6D:22:05:0A:46:12:7B:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KXxQjSOzgxW79FtybSIFCkYSe4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/LzFoDYPr7_0gEjtlfJ6xXw6t_lo.roa
Signing time: Thu 02 Jan 2025 07:49:06 +0000
ROA not before: Thu 02 Jan 2025 07:49:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34177
IP address blocks: 5.133.68.0/22 maxlen: 22
62.193.32.0/19 maxlen: 19
62.244.84.0/22 maxlen: 22
62.244.86.0/23 maxlen: 23
62.244.88.0/23 maxlen: 23
62.244.89.0/24 maxlen: 24
62.244.96.0/22 maxlen: 22
62.244.112.0/22 maxlen: 22
62.244.117.0/24 maxlen: 24
62.244.119.0/24 maxlen: 24
78.31.40.0/21 maxlen: 21
78.109.240.0/20 maxlen: 20
80.245.16.0/20 maxlen: 20
82.210.0.0/19 maxlen: 19
82.210.32.0/19 maxlen: 19
83.118.192.0/19 maxlen: 19
83.142.144.0/21 maxlen: 21
91.90.96.0/21 maxlen: 21
94.228.176.0/20 maxlen: 20
95.141.96.0/20 maxlen: 20
159.180.224.0/19 maxlen: 19
176.57.32.0/21 maxlen: 21
178.16.160.0/20 maxlen: 20
185.4.44.0/22 maxlen: 22
185.5.108.0/22 maxlen: 22
185.18.208.0/22 maxlen: 22
185.19.48.0/22 maxlen: 22
185.41.4.0/22 maxlen: 22
185.81.52.0/22 maxlen: 22
185.132.116.0/22 maxlen: 22
185.156.80.0/22 maxlen: 22
185.163.28.0/22 maxlen: 22
185.171.156.0/22 maxlen: 22
185.180.244.0/22 maxlen: 22
185.191.92.0/22 maxlen: 22
185.211.24.0/22 maxlen: 22
185.213.160.0/22 maxlen: 22
185.218.248.0/22 maxlen: 22
185.249.28.0/22 maxlen: 22
194.213.124.0/23 maxlen: 23
195.15.128.0/18 maxlen: 18
195.49.132.0/22 maxlen: 22
195.200.160.0/19 maxlen: 19
212.106.96.0/19 maxlen: 19
2001:ab8::/29 maxlen: 32
2a01:4e00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/KXxQjSOzgxW79FtybSIFCkYSe4w.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/KXxQjSOzgxW79FtybSIFCkYSe4w.mft
rsync://rpki.ripe.net/repository/DEFAULT/KXxQjSOzgxW79FtybSIFCkYSe4w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 14 Apr 2025 17:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:55:64:65:27:b0:dc:52:70:84:3f:5b:82:fb:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297c508d23b38315bbf45b726d22050a46127b8c
Validity
Not Before: Jan 2 07:49:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2f31680d83ebeffd20123b657c9eb15f0eadfe5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:d1:bd:1a:50:20:f0:8b:e9:ac:17:d8:7b:10:
6f:67:02:e6:59:79:d4:b8:fa:05:12:f1:ba:f4:33:
f3:6d:82:36:63:84:09:f3:90:6e:31:8a:4a:3f:74:
9b:cb:28:2d:c6:9b:3f:22:81:2d:b6:b4:69:59:91:
e6:80:96:e2:79:be:b9:7e:22:ee:41:6f:eb:2c:0c:
79:34:5c:0b:f0:01:af:d8:4d:c9:ff:5a:f5:d4:24:
17:17:a1:08:7f:4b:bf:bf:64:80:68:b4:85:58:1c:
09:1b:7c:8b:3c:7b:7d:9a:43:29:88:22:c2:1f:16:
90:c3:00:95:59:02:66:35:1a:78:eb:4d:2b:e6:6c:
bc:f1:d1:26:e5:eb:11:b3:7e:97:3f:73:1c:85:4a:
14:42:95:a1:a0:f0:8d:a9:31:7b:fc:3e:8d:cb:e8:
89:b7:41:be:1b:60:a4:08:f2:27:0f:14:40:3e:25:
d2:e7:51:7b:3d:0a:ca:4f:20:3a:c3:63:bc:26:73:
bb:8f:b5:23:f1:76:4d:2e:3c:33:8f:35:32:26:2f:
38:7a:ce:37:e6:8b:81:2a:23:57:8d:8f:47:26:be:
02:4e:9a:b2:82:c1:cb:60:05:ed:24:b8:a9:0c:e1:
2c:a1:e4:31:ab:cd:79:8c:24:22:ab:9a:3c:9a:6b:
a4:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:31:68:0D:83:EB:EF:FD:20:12:3B:65:7C:9E:B1:5F:0E:AD:FE:5A
X509v3 Authority Key Identifier:
keyid:29:7C:50:8D:23:B3:83:15:BB:F4:5B:72:6D:22:05:0A:46:12:7B:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KXxQjSOzgxW79FtybSIFCkYSe4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/LzFoDYPr7_0gEjtlfJ6xXw6t_lo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/KXxQjSOzgxW79FtybSIFCkYSe4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.68.0/22
62.193.32.0/19
62.244.84.0-62.244.89.255
62.244.96.0/22
62.244.112.0/22
62.244.117.0/24
62.244.119.0/24
78.31.40.0/21
78.109.240.0/20
80.245.16.0/20
82.210.0.0/18
83.118.192.0/19
83.142.144.0/21
91.90.96.0/21
94.228.176.0/20
95.141.96.0/20
159.180.224.0/19
176.57.32.0/21
178.16.160.0/20
185.4.44.0/22
185.5.108.0/22
185.18.208.0/22
185.19.48.0/22
185.41.4.0/22
185.81.52.0/22
185.132.116.0/22
185.156.80.0/22
185.163.28.0/22
185.171.156.0/22
185.180.244.0/22
185.191.92.0/22
185.211.24.0/22
185.213.160.0/22
185.218.248.0/22
185.249.28.0/22
194.213.124.0/23
195.15.128.0/18
195.49.132.0/22
195.200.160.0/19
212.106.96.0/19
IPv6:
2001:ab8::/29
2a01:4e00::/32
Signature Algorithm: sha256WithRSAEncryption
2e:fb:42:cd:df:ba:7d:16:b8:92:0a:9d:b4:30:8b:bd:02:f0:
bc:16:5c:11:21:69:e6:33:4a:fb:f4:2a:ff:e7:8f:62:14:3d:
03:8f:1f:1d:48:f8:88:06:e4:c5:cf:38:a7:de:33:ab:e7:a0:
c4:74:d0:cf:b6:31:52:d2:9f:5e:09:a9:f8:65:20:5d:43:ba:
00:41:86:e3:97:1a:36:10:25:44:fa:cf:f3:a2:6f:2c:bb:70:
58:b6:9f:84:3c:28:9a:9f:c1:f0:f3:e1:d3:42:fc:70:72:dc:
c1:a9:89:ef:76:73:77:dc:9f:00:90:fd:ec:4d:26:48:fa:22:
54:b7:96:28:38:0b:9d:6d:96:48:8a:ef:f5:00:54:45:b2:b4:
f7:08:97:f5:41:3a:c6:9e:48:b2:6a:30:04:80:4f:93:f4:ca:
6b:0d:b7:44:95:39:e2:17:5a:9d:f3:95:ba:09:81:65:1a:44:
9c:1c:67:36:c9:5b:96:69:80:55:4d:ef:ea:76:7c:a3:3a:6a:
ee:fd:c4:65:b7:f6:21:89:bb:37:70:29:0f:04:2f:15:5f:33:
10:82:ac:26:66:97:8f:92:d4:74:bd:61:2b:3e:cc:a5:f7:de:
8c:2a:9e:85:f8:82:fb:86:b4:05:f1:9c:0e:bf:99:9c:18:3d:
83:6b:ac:d7
-----BEGIN CERTIFICATE-----
MIIGDTCCBPWgAwIBAgISAZQl/VVkZSew3FJwhD9bgvvUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5N2M1MDhkMjNiMzgzMTViYmY0NWI3MjZkMjIwNTBhNDYx
MjdiOGMwHhcNMjUwMTAyMDc0OTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjMxNjgwZDgzZWJlZmZkMjAxMjNiNjU3YzllYjE1ZjBlYWRmZTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqdG9GlAg8IvprBfYexBvZwLmWXnU
uPoFEvG69DPzbYI2Y4QJ85BuMYpKP3Sbyygtxps/IoEttrRpWZHmgJbieb65fiLu
QW/rLAx5NFwL8AGv2E3J/1r11CQXF6EIf0u/v2SAaLSFWBwJG3yLPHt9mkMpiCLC
HxaQwwCVWQJmNRp4600r5my88dEm5esRs36XP3MchUoUQpWhoPCNqTF7/D6Ny+iJ
t0G+G2CkCPInDxRAPiXS51F7PQrKTyA6w2O8JnO7j7Uj8XZNLjwzjzUyJi84es43
5ouBKiNXjY9HJr4CTpqygsHLYAXtJLipDOEsoeQxq815jCQiq5o8mmukIQIDAQAB
o4IDGTCCAxUwHQYDVR0OBBYEFC8xaA2D6+/9IBI7ZXyesV8Orf5aMB8GA1UdIwQY
MBaAFCl8UI0js4MVu/Rbcm0iBQpGEnuMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1h4UWpTT3pneFc3OUZ0eWJTSUZDa1lTZTR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC84YWJlZWQtZjUzYi00Nzc2LWE4ZTIt
MzZlOWE3OWJkOTUwLzEvTHpGb0RZUHI3XzBnRWp0bGZKNnhYdzZ0X2xvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC84YWJlZWQtZjUzYi00Nzc2LWE4ZTItMzZlOWE3OWJkOTUw
LzEvS1h4UWpTT3pneFc3OUZ0eWJTSUZDa1lTZTR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBLQYIKwYBBQUHAQcBAf8EggEcMIIBGDCB/wQCAAEwgfgD
BAIFhUQDBAU+wSAwDAMEAj70VAMEAT70WAMEAj70YAMEAj70cAMEAD70dQMEAD70
dwMEA04fKAMEBE5t8AMEBFD1EAMEBlLSAAMEBVN2wAMEA1OOkAMEA1taYAMEBF7k
sAMEBF+NYAMEBZ+04AMEA7A5IAMEBLIQoAMEArkELAMEArkFbAMEArkS0AMEArkT
MAMEArkpBAMEArlRNAMEArmEdAMEArmcUAMEArmjHAMEArmrnAMEArm09AMEArm/
XAMEArnTGAMEArnVoAMEArna+AMEArn5HAMEAcLVfAMEBsMPgAMEAsMxhAMEBcPI
oAMEBdRqYDAUBAIAAjAOAwUDIAEKuAMFACoBTgAwDQYJKoZIhvcNAQELBQADggEB
AC77Qs3fun0WuJIKnbQwi70C8LwWXBEhaeYzSvv0Kv/nj2IUPQOPHx1I+IgG5MXP
OKfeM6vnoMR00M+2MVLSn14JqfhlIF1DugBBhuOXGjYQJUT6z/Oibyy7cFi2n4Q8
KJqfwfDz4dNC/HBy3MGpie92c3fcnwCQ/exNJkj6IlS3lig4C51tlkiK7/UAVEWy
tPcIl/VBOsaeSLJqMASAT5P0ymsNt0SVOeIXWp3zlboJgWUaRJwcZzbJW5ZpgFVN
7+p2fKM6au79xGW39iGJuzdwKQ8ELxVfMxCCrCZml4+S1HS9YSs+zKX33owqnoX4
gvuGtAXxnA6/mZwYPYNrrNc=
-----END CERTIFICATE-----
Generated at Mon Apr 14 02:18:01 2025 by rpki-client