Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/4663bb-c509-4a9a-bcae-70bc66893e5c/1/Lh8yvuYECQW6dDow2L76nBGsr6E.roa
File: Lh8yvuYECQW6dDow2L76nBGsr6E.roa (raw, json)
Hash identifier: 0hiYjVR3RerVN9RXXudfA5pr9cnXHHQqw5O/Jaf9Snc=
Subject key identifier: 2E:1F:32:BE:E6:04:09:05:BA:74:3A:30:D8:BE:FA:9C:11:AC:AF:A1
Certificate issuer: /CN=042ac382689687b60fce5ce9db887b21d68a6abc
Certificate serial: 019424B38CB206523DE00E6DEBA04021A935
Authority key identifier: 04:2A:C3:82:68:96:87:B6:0F:CE:5C:E9:DB:88:7B:21:D6:8A:6A:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BCrDgmiWh7YPzlzp24h7IdaKarw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/4663bb-c509-4a9a-bcae-70bc66893e5c/1/Lh8yvuYECQW6dDow2L76nBGsr6E.roa
Signing time: Thu 02 Jan 2025 01:48:54 +0000
ROA not before: Thu 02 Jan 2025 01:48:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205196
IP address blocks: 185.226.92.0/24 maxlen: 24
185.226.93.0/24 maxlen: 24
185.226.94.0/24 maxlen: 24
185.226.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/4663bb-c509-4a9a-bcae-70bc66893e5c/1/BCrDgmiWh7YPzlzp24h7IdaKarw.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/4663bb-c509-4a9a-bcae-70bc66893e5c/1/BCrDgmiWh7YPzlzp24h7IdaKarw.mft
rsync://rpki.ripe.net/repository/DEFAULT/BCrDgmiWh7YPzlzp24h7IdaKarw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 00:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:8c:b2:06:52:3d:e0:0e:6d:eb:a0:40:21:a9:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=042ac382689687b60fce5ce9db887b21d68a6abc
Validity
Not Before: Jan 2 01:48:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2e1f32bee6040905ba743a30d8befa9c11acafa1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:02:e6:40:36:6a:d4:23:2f:fe:4e:11:27:d1:
0e:06:9e:6a:fd:f8:6e:95:e1:4d:28:0a:a8:41:c2:
1b:be:a4:e3:89:84:e5:e3:57:47:ac:02:f1:dc:55:
47:41:d3:2c:18:62:9f:e6:88:9d:4e:3b:c3:a4:0a:
1a:2e:36:8b:2a:6d:17:a0:7c:42:94:05:d8:53:03:
25:38:a9:63:4f:82:15:9b:63:74:ec:32:61:4e:cc:
4c:ea:cd:06:b6:b5:b3:30:31:5c:c9:10:c7:e8:e9:
86:99:8d:a7:24:b1:0c:63:6a:a4:3b:9a:fb:66:c3:
b8:de:96:e8:ea:5e:17:59:b4:14:68:99:9f:f3:2f:
f1:8d:ad:62:87:8d:61:9a:06:5b:ff:10:df:3e:eb:
38:d3:b8:8b:e4:2a:27:63:f8:21:bf:6d:46:61:f1:
6b:b0:12:ac:6b:70:5c:03:23:eb:8b:05:60:59:16:
10:e0:1b:b0:c6:61:9c:fa:48:a9:39:47:80:cd:f9:
05:d1:bc:69:39:86:ad:56:e9:d4:55:94:a5:91:ee:
af:46:8b:0d:54:af:18:62:34:81:77:56:4c:1f:87:
e7:9a:4a:5b:3f:47:54:c9:53:71:82:59:de:d0:58:
11:ed:ee:98:1e:25:90:55:de:89:ba:8e:65:0f:b7:
ea:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:1F:32:BE:E6:04:09:05:BA:74:3A:30:D8:BE:FA:9C:11:AC:AF:A1
X509v3 Authority Key Identifier:
keyid:04:2A:C3:82:68:96:87:B6:0F:CE:5C:E9:DB:88:7B:21:D6:8A:6A:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BCrDgmiWh7YPzlzp24h7IdaKarw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/4663bb-c509-4a9a-bcae-70bc66893e5c/1/Lh8yvuYECQW6dDow2L76nBGsr6E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/4663bb-c509-4a9a-bcae-70bc66893e5c/1/BCrDgmiWh7YPzlzp24h7IdaKarw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.226.92.0/22
Signature Algorithm: sha256WithRSAEncryption
9b:92:14:1b:95:b4:6c:86:2e:be:30:5a:20:b5:0b:82:8f:73:
ef:b2:31:c0:d1:75:e9:eb:2f:2a:02:9c:1e:5c:dc:43:24:55:
2f:91:61:39:1c:99:5b:39:fa:47:ca:9b:21:b8:32:d5:4a:34:
0c:e9:57:a4:aa:26:06:7a:3b:4b:96:2c:7d:ed:f8:44:90:2e:
5d:71:6e:51:0a:95:3a:5a:4d:d9:68:ac:6d:15:92:d3:d1:43:
1a:7f:76:a9:5f:e6:4a:45:8c:57:c2:5c:fc:f2:29:17:68:26:
f5:a0:63:7a:5a:ff:13:8e:c3:62:bc:f0:21:0a:96:69:6e:20:
6c:b1:c2:5c:a9:38:d9:c6:97:39:75:05:9a:c8:a5:11:38:cc:
bc:b1:1d:5a:7d:fd:01:89:e1:2f:a7:3e:e4:b3:22:23:a1:61:
b7:c4:65:84:ea:00:28:08:38:75:f3:ec:ba:1c:20:c5:30:6e:
19:56:42:96:71:40:27:86:46:15:cb:0e:a1:a3:64:74:22:b5:
0b:e5:94:0f:4c:7d:b3:8d:7a:a5:6b:d2:30:4e:34:d8:23:b5:
ed:8f:b5:dc:ee:4b:26:ee:3a:6c:4e:47:8f:53:ee:cc:ad:ce:
5d:3e:ba:6a:d8:22:e1:77:d3:31:e7:f0:fa:94:79:af:24:21:
39:cb:eb:e9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQks4yyBlI94A5t66BAIak1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0MmFjMzgyNjg5Njg3YjYwZmNlNWNlOWRiODg3YjIxZDY4
YTZhYmMwHhcNMjUwMTAyMDE0ODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTFmMzJiZWU2MDQwOTA1YmE3NDNhMzBkOGJlZmE5YzExYWNhZmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2wLmQDZq1CMv/k4RJ9EOBp5q/fhu
leFNKAqoQcIbvqTjiYTl41dHrALx3FVHQdMsGGKf5oidTjvDpAoaLjaLKm0XoHxC
lAXYUwMlOKljT4IVm2N07DJhTsxM6s0GtrWzMDFcyRDH6OmGmY2nJLEMY2qkO5r7
ZsO43pbo6l4XWbQUaJmf8y/xja1ih41hmgZb/xDfPus407iL5ConY/ghv21GYfFr
sBKsa3BcAyPriwVgWRYQ4BuwxmGc+kipOUeAzfkF0bxpOYatVunUVZSlke6vRosN
VK8YYjSBd1ZMH4fnmkpbP0dUyVNxglne0FgR7e6YHiWQVd6Juo5lD7fq9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC4fMr7mBAkFunQ6MNi++pwRrK+hMB8GA1UdIwQY
MBaAFAQqw4Joloe2D85c6duIeyHWimq8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkNyRGdtaVdoN1lQemx6cDI0aDdJZGFLYXJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC80NjYzYmItYzUwOS00YTlhLWJjYWUt
NzBiYzY2ODkzZTVjLzEvTGg4eXZ1WUVDUVc2ZERvdzJMNzZuQkdzcjZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC80NjYzYmItYzUwOS00YTlhLWJjYWUtNzBiYzY2ODkzZTVj
LzEvQkNyRGdtaVdoN1lQemx6cDI0aDdJZGFLYXJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCueJcMA0G
CSqGSIb3DQEBCwUAA4IBAQCbkhQblbRshi6+MFogtQuCj3PvsjHA0XXp6y8qApwe
XNxDJFUvkWE5HJlbOfpHypshuDLVSjQM6VekqiYGejtLlix97fhEkC5dcW5RCpU6
Wk3ZaKxtFZLT0UMaf3apX+ZKRYxXwlz88ikXaCb1oGN6Wv8TjsNivPAhCpZpbiBs
scJcqTjZxpc5dQWayKUROMy8sR1aff0BieEvpz7ksyIjoWG3xGWE6gAoCDh18+y6
HCDFMG4ZVkKWcUAnhkYVyw6ho2R0IrUL5ZQPTH2zjXqla9IwTjTYI7Xtj7Xc7ksm
7jpsTkePU+7Mrc5dPrpq2CLhd9Mx5/D6lHmvJCE5y+vp
-----END CERTIFICATE-----
Generated at Thu Mar 13 06:56:12 2025 by rpki-client