Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/7c70f4-5f3a-4fd3-883c-eb9415ec548a/1/LG2MEPQP4SA0RYNet0_i-TbLVOA.roa
File: LG2MEPQP4SA0RYNet0_i-TbLVOA.roa (raw, json)
Hash identifier: Q0AqpzK5pnfc1Ye6ZvO737eSRCPhdfmTWDd+EoGA7/k=
Subject key identifier: 2C:6D:8C:10:F4:0F:E1:20:34:45:83:5E:B7:4F:E2:F9:36:CB:54:E0
Certificate issuer: /CN=836528e152b6dcba1571241ac55be5bce01118b7
Certificate serial: 01941F8C02A46D6BE982055975C4888E4F0C
Authority key identifier: 83:65:28:E1:52:B6:DC:BA:15:71:24:1A:C5:5B:E5:BC:E0:11:18:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g2Uo4VK23LoVcSQaxVvlvOARGLc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/7c70f4-5f3a-4fd3-883c-eb9415ec548a/1/LG2MEPQP4SA0RYNet0_i-TbLVOA.roa
Signing time: Wed 01 Jan 2025 01:47:36 +0000
ROA not before: Wed 01 Jan 2025 01:47:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29286
IP address blocks: 178.132.56.0/23 maxlen: 24
178.132.58.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/7c70f4-5f3a-4fd3-883c-eb9415ec548a/1/g2Uo4VK23LoVcSQaxVvlvOARGLc.crl
rsync://rpki.ripe.net/repository/DEFAULT/04/7c70f4-5f3a-4fd3-883c-eb9415ec548a/1/g2Uo4VK23LoVcSQaxVvlvOARGLc.mft
rsync://rpki.ripe.net/repository/DEFAULT/g2Uo4VK23LoVcSQaxVvlvOARGLc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 06:58:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:02:a4:6d:6b:e9:82:05:59:75:c4:88:8e:4f:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=836528e152b6dcba1571241ac55be5bce01118b7
Validity
Not Before: Jan 1 01:47:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2c6d8c10f40fe1203445835eb74fe2f936cb54e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:95:34:0b:53:14:44:6c:16:7c:c1:a3:a3:73:
f0:f3:5d:70:cc:c3:24:83:2e:44:ec:40:d6:3a:ae:
fe:51:02:c8:50:7d:ed:f9:cd:09:9a:3c:c7:14:5a:
b7:7a:aa:82:30:db:e2:cd:c7:94:51:3a:9f:27:8b:
6e:89:28:c4:a2:34:7c:b8:a4:1b:b3:60:9f:c8:72:
36:30:2c:15:da:08:1d:e5:32:bc:fd:18:71:3d:10:
8b:ab:74:ce:76:41:45:ea:12:2e:e6:2d:42:0a:a6:
da:12:7c:ac:2c:89:54:67:ab:31:94:6d:35:00:c4:
68:de:d7:52:f8:16:22:16:44:a3:fa:9d:32:8b:e9:
18:7d:0a:44:b9:7b:5a:7d:4d:b5:f7:b4:3e:ed:0f:
61:6f:c0:ba:34:bb:27:aa:11:dc:1e:72:3e:e6:1d:
9e:a6:d9:cf:a1:2f:74:40:b4:6c:e4:07:39:13:03:
3b:ea:54:8c:27:24:bf:62:bf:c8:b2:7c:86:0c:5c:
48:b3:c5:83:f7:ae:dd:af:f6:6d:7e:01:3c:8b:35:
cf:a8:a1:db:d7:6a:52:93:1f:6e:7f:6e:46:9f:26:
ac:3e:10:94:c1:54:77:c8:38:41:0e:71:93:fc:ff:
e4:5c:54:f5:31:13:59:66:ea:06:0e:8d:17:fa:04:
e0:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:6D:8C:10:F4:0F:E1:20:34:45:83:5E:B7:4F:E2:F9:36:CB:54:E0
X509v3 Authority Key Identifier:
keyid:83:65:28:E1:52:B6:DC:BA:15:71:24:1A:C5:5B:E5:BC:E0:11:18:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g2Uo4VK23LoVcSQaxVvlvOARGLc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/7c70f4-5f3a-4fd3-883c-eb9415ec548a/1/LG2MEPQP4SA0RYNet0_i-TbLVOA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/7c70f4-5f3a-4fd3-883c-eb9415ec548a/1/g2Uo4VK23LoVcSQaxVvlvOARGLc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.132.56.0-178.132.58.255
Signature Algorithm: sha256WithRSAEncryption
30:89:10:fc:77:98:a5:33:45:6b:33:45:bd:93:d4:31:0e:32:
a0:bb:90:d4:b9:a9:c2:44:15:7a:21:f6:28:0f:dc:4f:d1:30:
61:77:19:6c:f5:da:e8:3a:e3:8f:0d:8a:8a:0c:99:73:db:3c:
25:22:ba:16:db:4d:7d:8d:63:30:71:ce:19:5e:7e:94:5a:24:
a8:84:f6:0e:38:5f:63:c1:1c:bb:3b:c6:7b:c2:78:12:5b:31:
fe:ba:84:d0:fd:d8:8d:bd:e8:aa:32:ee:d7:72:d5:90:0f:ce:
0e:5d:ac:f3:99:f7:d9:56:87:89:13:77:5a:45:bc:68:72:03:
55:dd:fe:a5:12:16:8f:74:b9:e9:1a:50:6d:77:dc:0b:eb:35:
e7:9e:a7:a3:f3:b8:a7:5e:51:af:07:7b:d4:c7:72:f7:b6:d7:
19:8b:8e:78:11:11:be:4d:8d:36:0c:a2:cb:99:e4:7d:1b:d6:
88:82:99:17:8c:f8:eb:fa:67:55:f8:d8:fa:81:12:e0:b3:ed:
f6:44:08:37:96:08:63:ec:7b:7f:88:69:71:71:3a:04:4d:02:
2c:29:e8:1e:56:b0:23:5f:04:ab:7a:d1:6a:a5:62:1b:28:e2:
43:76:3c:ad:32:29:6c:54:ae:5c:c2:ba:f9:49:6c:5a:fd:67:
ee:48:b1:be
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQfjAKkbWvpggVZdcSIjk8MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzNjUyOGUxNTJiNmRjYmExNTcxMjQxYWM1NWJlNWJjZTAx
MTE4YjcwHhcNMjUwMTAxMDE0NzM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzZkOGMxMGY0MGZlMTIwMzQ0NTgzNWViNzRmZTJmOTM2Y2I1NGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzZU0C1MURGwWfMGjo3Pw811wzMMk
gy5E7EDWOq7+UQLIUH3t+c0JmjzHFFq3eqqCMNvizceUUTqfJ4tuiSjEojR8uKQb
s2CfyHI2MCwV2ggd5TK8/RhxPRCLq3TOdkFF6hIu5i1CCqbaEnysLIlUZ6sxlG01
AMRo3tdS+BYiFkSj+p0yi+kYfQpEuXtafU2197Q+7Q9hb8C6NLsnqhHcHnI+5h2e
ptnPoS90QLRs5Ac5EwM76lSMJyS/Yr/IsnyGDFxIs8WD967dr/ZtfgE8izXPqKHb
12pSkx9uf25GnyasPhCUwVR3yDhBDnGT/P/kXFT1MRNZZuoGDo0X+gTgoQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFCxtjBD0D+EgNEWDXrdP4vk2y1TgMB8GA1UdIwQY
MBaAFINlKOFStty6FXEkGsVb5bzgERi3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzJVbzRWSzIzTG9WY1NRYXhWdmx2T0FSR0xjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC83YzcwZjQtNWYzYS00ZmQzLTg4M2Mt
ZWI5NDE1ZWM1NDhhLzEvTEcyTUVQUVA0U0EwUllOZXQwX2ktVGJMVk9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC83YzcwZjQtNWYzYS00ZmQzLTg4M2MtZWI5NDE1ZWM1NDhh
LzEvZzJVbzRWSzIzTG9WY1NRYXhWdmx2T0FSR0xjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAOyhDgD
BACyhDowDQYJKoZIhvcNAQELBQADggEBADCJEPx3mKUzRWszRb2T1DEOMqC7kNS5
qcJEFXoh9igP3E/RMGF3GWz12ug6448NiooMmXPbPCUiuhbbTX2NYzBxzhlefpRa
JKiE9g44X2PBHLs7xnvCeBJbMf66hND92I296Koy7tdy1ZAPzg5drPOZ99lWh4kT
d1pFvGhyA1Xd/qUSFo90uekaUG133AvrNeeep6PzuKdeUa8He9THcve21xmLjngR
Eb5NjTYMosuZ5H0b1oiCmReM+Ov6Z1X42PqBEuCz7fZECDeWCGPse3+IaXFxOgRN
Aiwp6B5WsCNfBKt60WqlYhso4kN2PK0yKWxUrlzCuvlJbFr9Z+5Isb4=
-----END CERTIFICATE-----
Generated at Wed Apr 9 09:19:38 2025 by rpki-client