Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/ee54d1-5b15-4f93-897b-0c909bf5be4d/1/LO8EPN-S3Pc72fViYyrMb6fJWDA.roa
File: LO8EPN-S3Pc72fViYyrMb6fJWDA.roa (raw, json)
Hash identifier: rAMQpq4xIPRJP3n+vjw8r64+rf/K3qCyA6DXg4GEc5c=
Subject key identifier: 2C:EF:04:3C:DF:92:DC:F7:3B:D9:F5:62:63:2A:CC:6F:A7:C9:58:30
Certificate issuer: /CN=b49bd84da17997cbb286af9022ab2e05ba08b442
Certificate serial: 01941FFA5CBF5AEA23FD1A943B1E3B2AAF47
Authority key identifier: B4:9B:D8:4D:A1:79:97:CB:B2:86:AF:90:22:AB:2E:05:BA:08:B4:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tJvYTaF5l8uyhq-QIqsuBboItEI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/ee54d1-5b15-4f93-897b-0c909bf5be4d/1/LO8EPN-S3Pc72fViYyrMb6fJWDA.roa
Signing time: Wed 01 Jan 2025 03:48:08 +0000
ROA not before: Wed 01 Jan 2025 03:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210008
IP address blocks: 185.230.181.0/24 maxlen: 24
185.230.182.0/24 maxlen: 24
185.230.183.0/24 maxlen: 24
2a13:d00:a680::/48 maxlen: 48
2a13:d00:c180::/48 maxlen: 48
2a13:d00:cf00::/40 maxlen: 48
2a13:d00:cf01::/48 maxlen: 48
2a13:d00:da30::/48 maxlen: 48
2a13:d00:da80::/48 maxlen: 48
2a13:d00:dc80::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/ee54d1-5b15-4f93-897b-0c909bf5be4d/1/tJvYTaF5l8uyhq-QIqsuBboItEI.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/ee54d1-5b15-4f93-897b-0c909bf5be4d/1/tJvYTaF5l8uyhq-QIqsuBboItEI.mft
rsync://rpki.ripe.net/repository/DEFAULT/tJvYTaF5l8uyhq-QIqsuBboItEI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 22:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:5c:bf:5a:ea:23:fd:1a:94:3b:1e:3b:2a:af:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b49bd84da17997cbb286af9022ab2e05ba08b442
Validity
Not Before: Jan 1 03:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2cef043cdf92dcf73bd9f562632acc6fa7c95830
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:29:81:98:9f:bf:e8:c2:99:dd:a3:af:51:7b:
7f:28:9c:55:3b:3d:83:2f:e1:dd:82:30:cd:92:87:
63:a6:56:55:4e:ce:ea:a2:b2:48:1c:04:18:2c:5a:
bc:56:34:cc:fb:fd:00:bb:aa:43:18:aa:ae:66:3f:
10:30:8e:00:53:d7:8f:8a:1b:42:77:09:71:7d:40:
bb:46:bb:8a:8b:8a:d2:68:cd:bc:a1:17:96:cc:8d:
b1:40:75:b4:f8:25:55:73:ee:6e:a1:26:7a:8d:f5:
59:85:84:8f:68:b1:46:70:b8:ba:3d:f8:04:c0:c1:
3c:ef:90:a2:3a:f4:fa:f6:35:5c:9f:31:66:e8:33:
b9:a5:d2:3d:25:d2:57:e6:d0:3f:96:3e:11:72:a8:
9c:5e:7b:33:09:c1:20:81:e3:ab:2a:16:b7:14:fd:
26:04:ff:44:a1:98:ed:f7:8d:db:78:ba:5f:eb:a7:
db:8a:6d:03:bf:01:8b:ee:1e:50:11:17:c7:75:5e:
8a:4d:c8:26:56:5f:f3:fe:d1:f0:4e:1e:f8:5f:d9:
8b:cc:b1:1d:0a:46:ec:7c:d4:61:90:84:c1:9b:03:
da:80:2a:96:28:64:4b:5b:fe:89:cc:32:1a:6d:94:
cc:4e:45:6a:05:0e:c5:ee:06:26:9c:ef:72:c4:aa:
bd:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:EF:04:3C:DF:92:DC:F7:3B:D9:F5:62:63:2A:CC:6F:A7:C9:58:30
X509v3 Authority Key Identifier:
keyid:B4:9B:D8:4D:A1:79:97:CB:B2:86:AF:90:22:AB:2E:05:BA:08:B4:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tJvYTaF5l8uyhq-QIqsuBboItEI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/ee54d1-5b15-4f93-897b-0c909bf5be4d/1/LO8EPN-S3Pc72fViYyrMb6fJWDA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/ee54d1-5b15-4f93-897b-0c909bf5be4d/1/tJvYTaF5l8uyhq-QIqsuBboItEI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.230.181.0-185.230.183.255
IPv6:
2a13:d00:a680::/48
2a13:d00:c180::/48
2a13:d00:cf00::/40
2a13:d00:da30::/48
2a13:d00:da80::/48
2a13:d00:dc80::/48
Signature Algorithm: sha256WithRSAEncryption
72:33:b9:73:a2:6c:cd:63:31:ee:4f:d0:f2:f5:f9:9a:63:93:
49:91:36:d6:24:3d:52:13:98:4d:4d:1b:be:d0:71:30:a6:da:
7d:4f:1a:56:b6:39:58:c0:2f:dc:e8:0e:6a:d0:9b:50:d7:b1:
27:67:31:35:66:29:8c:b3:23:fa:b2:b9:92:27:e1:9d:38:f3:
cb:8d:7a:3d:a7:a2:4d:ae:33:8b:56:06:6d:41:48:5f:f7:95:
44:35:9a:42:7f:50:28:13:1c:41:8b:db:b7:a5:a7:7b:05:d7:
5e:ac:60:3f:3f:19:c6:17:fb:f7:d4:b0:98:87:8d:3b:14:fc:
18:3b:82:48:06:ee:af:21:ab:18:0d:20:84:83:0e:10:56:20:
75:6b:dc:fc:e2:fd:bd:c5:39:b3:47:c2:90:88:03:a3:e6:38:
b0:52:b8:bd:f1:a2:22:29:42:75:4a:8d:83:ec:6b:ac:b9:5a:
e6:78:54:8c:89:ba:a8:30:95:2b:e6:b4:2c:1e:8c:86:4e:fc:
d6:ff:74:f1:e1:b8:62:d5:84:6d:a4:72:c6:60:3b:f0:6c:5e:
c3:0b:93:da:6a:c3:36:70:7f:61:d9:81:2c:0d:03:95:2e:8c:
5f:b3:99:a6:09:b6:a2:9d:26:a2:57:dd:3b:48:50:00:2f:43:
42:48:da:17
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAZQf+ly/Wuoj/RqUOx47Kq9HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0OWJkODRkYTE3OTk3Y2JiMjg2YWY5MDIyYWIyZTA1YmEw
OGI0NDIwHhcNMjUwMTAxMDM0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyY2VmMDQzY2RmOTJkY2Y3M2JkOWY1NjI2MzJhY2M2ZmE3Yzk1ODMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4SmBmJ+/6MKZ3aOvUXt/KJxVOz2D
L+HdgjDNkodjplZVTs7qorJIHAQYLFq8VjTM+/0Au6pDGKquZj8QMI4AU9ePihtC
dwlxfUC7RruKi4rSaM28oReWzI2xQHW0+CVVc+5uoSZ6jfVZhYSPaLFGcLi6PfgE
wME875CiOvT69jVcnzFm6DO5pdI9JdJX5tA/lj4RcqicXnszCcEggeOrKha3FP0m
BP9EoZjt943beLpf66fbim0DvwGL7h5QERfHdV6KTcgmVl/z/tHwTh74X9mLzLEd
CkbsfNRhkITBmwPagCqWKGRLW/6JzDIabZTMTkVqBQ7F7gYmnO9yxKq9cQIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFCzvBDzfktz3O9n1YmMqzG+nyVgwMB8GA1UdIwQY
MBaAFLSb2E2heZfLsoavkCKrLgW6CLRCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEp2WVRhRjVsOHV5aHEtUUlxc3VCYm9JdEVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lZTU0ZDEtNWIxNS00ZjkzLTg5N2It
MGM5MDliZjViZTRkLzEvTE84RVBOLVMzUGM3MmZWaVl5ck1iNmZKV0RBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lZTU0ZDEtNWIxNS00ZjkzLTg5N2ItMGM5MDliZjViZTRk
LzEvdEp2WVRhRjVsOHV5aHEtUUlxc3VCYm9JdEVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzAUBAIAATAOMAwDBAC55rUD
BAO55rAwOwQCAAIwNQMHACoTDQCmgAMHACoTDQDBgAMGACoTDQDPAwcAKhMNANow
AwcAKhMNANqAAwcAKhMNANyAMA0GCSqGSIb3DQEBCwUAA4IBAQByM7lzomzNYzHu
T9Dy9fmaY5NJkTbWJD1SE5hNTRu+0HEwptp9TxpWtjlYwC/c6A5q0JtQ17EnZzE1
ZimMsyP6srmSJ+GdOPPLjXo9p6JNrjOLVgZtQUhf95VENZpCf1AoExxBi9u3pad7
BdderGA/PxnGF/v31LCYh407FPwYO4JIBu6vIasYDSCEgw4QViB1a9z84v29xTmz
R8KQiAOj5jiwUri98aIiKUJ1So2D7GusuVrmeFSMibqoMJUr5rQsHoyGTvzW/3Tx
4bhi1YRtpHLGYDvwbF7DC5PaasM2cH9h2YEsDQOVLoxfs5mmCbainSaiV907SFAA
L0NCSNoX
-----END CERTIFICATE-----
Generated at Sun Apr 6 05:52:47 2025 by rpki-client