Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/d28fd4-c368-46b3-a17d-43187e29b0e3/1/LXcAIZsJjKqYcEZ-B4QhCzqX1y4.roa
File: LXcAIZsJjKqYcEZ-B4QhCzqX1y4.roa (raw, json)
Hash identifier: qXMNjFLmC2o8C7/tTBWAvWSGp3iRQoR6PHBawFPFtHc=
Subject key identifier: 2D:77:00:21:9B:09:8C:AA:98:70:46:7E:07:84:21:0B:3A:97:D7:2E
Certificate issuer: /CN=8b0c8d35dd66657bffc90b6ac41600ffa623d5b8
Certificate serial: 01960A0D5C12554904746A58F9B1D22A2458
Authority key identifier: 8B:0C:8D:35:DD:66:65:7B:FF:C9:0B:6A:C4:16:00:FF:A6:23:D5:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iwyNNd1mZXv_yQtqxBYA_6Yj1bg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/d28fd4-c368-46b3-a17d-43187e29b0e3/1/LXcAIZsJjKqYcEZ-B4QhCzqX1y4.roa
Signing time: Sun 06 Apr 2025 07:42:49 +0000
ROA not before: Sun 06 Apr 2025 07:42:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8455
IP address blocks: 185.121.92.0/24 maxlen: 24
185.121.93.0/24 maxlen: 24
185.121.94.0/24 maxlen: 24
185.121.95.0/24 maxlen: 24
2a03:8300::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/d28fd4-c368-46b3-a17d-43187e29b0e3/1/iwyNNd1mZXv_yQtqxBYA_6Yj1bg.crl
rsync://rpki.ripe.net/repository/DEFAULT/05/d28fd4-c368-46b3-a17d-43187e29b0e3/1/iwyNNd1mZXv_yQtqxBYA_6Yj1bg.mft
rsync://rpki.ripe.net/repository/DEFAULT/iwyNNd1mZXv_yQtqxBYA_6Yj1bg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 19:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:0a:0d:5c:12:55:49:04:74:6a:58:f9:b1:d2:2a:24:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b0c8d35dd66657bffc90b6ac41600ffa623d5b8
Validity
Not Before: Apr 6 07:42:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2d7700219b098caa9870467e0784210b3a97d72e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:6c:e4:9b:0d:9a:87:84:f4:6a:ff:c8:1e:48:
bf:3a:8f:6a:e2:8f:f9:95:71:51:68:04:3d:0f:17:
4c:90:97:fc:0c:1b:ce:95:11:05:00:ad:40:a1:82:
f6:71:b0:89:42:69:55:52:19:d8:3e:2d:7b:6f:8b:
2a:78:9f:f1:b7:40:88:d5:cc:98:bc:ea:51:ec:da:
b8:b4:7c:f4:86:09:de:11:a2:f9:3e:94:05:de:96:
ca:c4:b2:05:ed:15:62:9c:c5:7b:f3:42:47:83:14:
b7:8a:4b:ea:9f:62:a5:dd:2e:eb:0d:c9:a0:16:b3:
65:1a:12:20:f8:d1:28:54:2c:a2:e6:b7:92:57:c6:
f0:1e:22:88:7e:9d:6f:ad:f6:1d:86:6a:94:9d:87:
fc:53:55:b9:67:9c:c6:42:e8:34:6d:ef:a3:ea:fc:
ee:d9:3e:a0:6e:41:94:b8:37:8a:e3:f1:13:70:f4:
de:85:32:5e:9c:05:be:3e:af:90:c7:f3:70:31:91:
f3:b5:cb:5b:a7:09:5a:8b:ec:b1:e6:5c:22:6f:3a:
ff:31:00:14:73:df:f6:36:4d:14:56:c9:3d:93:a6:
72:13:16:70:73:49:00:90:60:ea:1f:16:fa:8b:61:
fb:c0:92:cb:14:09:f5:6d:db:ee:1a:1a:89:84:57:
1f:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:77:00:21:9B:09:8C:AA:98:70:46:7E:07:84:21:0B:3A:97:D7:2E
X509v3 Authority Key Identifier:
keyid:8B:0C:8D:35:DD:66:65:7B:FF:C9:0B:6A:C4:16:00:FF:A6:23:D5:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iwyNNd1mZXv_yQtqxBYA_6Yj1bg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/d28fd4-c368-46b3-a17d-43187e29b0e3/1/LXcAIZsJjKqYcEZ-B4QhCzqX1y4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/d28fd4-c368-46b3-a17d-43187e29b0e3/1/iwyNNd1mZXv_yQtqxBYA_6Yj1bg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.121.92.0/22
IPv6:
2a03:8300::/32
Signature Algorithm: sha256WithRSAEncryption
77:de:e7:02:80:b5:5c:11:26:a4:5f:d6:60:ac:38:d4:65:12:
1e:43:5f:0a:4f:62:ec:b6:3c:f9:a9:4c:95:f7:e0:33:e7:9b:
ad:0b:f9:f7:ab:c5:66:69:33:5a:e9:39:1b:db:52:cf:0a:b8:
8e:b7:98:a6:da:6f:0e:2c:8e:e5:ff:97:97:6e:19:fe:c9:8d:
0b:cd:85:14:c5:4e:61:7b:12:5e:92:e3:09:8f:26:50:b4:dc:
98:5e:fa:8c:70:72:27:b9:c9:c8:64:59:eb:3c:58:06:71:b1:
59:52:6d:8b:04:85:b0:b7:c8:be:51:84:18:88:b1:17:52:45:
f9:d1:e0:c8:84:21:60:d1:0f:3d:e2:4b:ba:2d:a9:74:d1:72:
cc:db:8f:f1:50:68:ff:3e:b8:ae:d9:1c:33:03:fd:ac:7c:d8:
9e:0e:e2:92:62:8b:d8:af:b5:a9:5c:4d:15:06:25:8d:34:91:
d5:b0:f6:55:b9:2a:d6:df:91:a2:93:02:51:08:ac:38:d6:e6:
d1:55:7c:af:26:7a:e7:be:80:53:3d:8c:92:b6:d1:2b:df:2d:
99:e1:f5:f1:6a:1c:d3:99:47:30:18:25:d4:b8:b0:aa:e7:fa:
6a:14:c8:71:4a:df:1e:29:c3:55:55:63:95:25:81:e5:fe:fc:
fe:67:05:a5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZYKDVwSVUkEdGpY+bHSKiRYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiMGM4ZDM1ZGQ2NjY1N2JmZmM5MGI2YWM0MTYwMGZmYTYy
M2Q1YjgwHhcNMjUwNDA2MDc0MjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDc3MDAyMTliMDk4Y2FhOTg3MDQ2N2UwNzg0MjEwYjNhOTdkNzJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA52zkmw2ah4T0av/IHki/Oo9q4o/5
lXFRaAQ9DxdMkJf8DBvOlREFAK1AoYL2cbCJQmlVUhnYPi17b4sqeJ/xt0CI1cyY
vOpR7Nq4tHz0hgneEaL5PpQF3pbKxLIF7RVinMV780JHgxS3ikvqn2Kl3S7rDcmg
FrNlGhIg+NEoVCyi5reSV8bwHiKIfp1vrfYdhmqUnYf8U1W5Z5zGQug0be+j6vzu
2T6gbkGUuDeK4/ETcPTehTJenAW+Pq+Qx/NwMZHztctbpwlai+yx5lwibzr/MQAU
c9/2Nk0UVsk9k6ZyExZwc0kAkGDqHxb6i2H7wJLLFAn1bdvuGhqJhFcfZwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFC13ACGbCYyqmHBGfgeEIQs6l9cuMB8GA1UdIwQY
MBaAFIsMjTXdZmV7/8kLasQWAP+mI9W4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXd5Tk5kMW1aWHZfeVF0cXhCWUFfNllqMWJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9kMjhmZDQtYzM2OC00NmIzLWExN2Qt
NDMxODdlMjliMGUzLzEvTFhjQUlac0pqS3FZY0VaLUI0UWhDenFYMXk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9kMjhmZDQtYzM2OC00NmIzLWExN2QtNDMxODdlMjliMGUz
LzEvaXd5Tk5kMW1aWHZfeVF0cXhCWUFfNllqMWJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuXlcMA0E
AgACMAcDBQAqA4MAMA0GCSqGSIb3DQEBCwUAA4IBAQB33ucCgLVcESakX9ZgrDjU
ZRIeQ18KT2Lstjz5qUyV9+Az55utC/n3q8VmaTNa6Tkb21LPCriOt5im2m8OLI7l
/5eXbhn+yY0LzYUUxU5hexJekuMJjyZQtNyYXvqMcHInucnIZFnrPFgGcbFZUm2L
BIWwt8i+UYQYiLEXUkX50eDIhCFg0Q894ku6Lal00XLM24/xUGj/Priu2RwzA/2s
fNieDuKSYovYr7WpXE0VBiWNNJHVsPZVuSrW35GikwJRCKw41ubRVXyvJnrnvoBT
PYySttEr3y2Z4fXxahzTmUcwGCXUuLCq5/pqFMhxSt8eKcNVVWOVJYHl/vz+ZwWl
-----END CERTIFICATE-----
Generated at Wed Apr 16 05:04:31 2025 by rpki-client