Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/lwed3ihcQQrFsvv8k908fUPl3CM.roa
File: lwed3ihcQQrFsvv8k908fUPl3CM.roa (raw, json)
Hash identifier: Ug53jrAOg0K9fodJftRbAh41xK8TfAJeCOUBqHsGwb8=
Subject key identifier: 97:07:9D:DE:28:5C:41:0A:C5:B2:FB:FC:93:DD:3C:7D:43:E5:DC:23
Certificate issuer: /CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
Certificate serial: 019427B57F9C8C4CA43C106307C432CC154C
Authority key identifier: 82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/lwed3ihcQQrFsvv8k908fUPl3CM.roa
Signing time: Thu 02 Jan 2025 15:49:53 +0000
ROA not before: Thu 02 Jan 2025 15:49:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 397373
IP address blocks: 5.182.102.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft
rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 19:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:7f:9c:8c:4c:a4:3c:10:63:07:c4:32:cc:15:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
Validity
Not Before: Jan 2 15:49:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=97079dde285c410ac5b2fbfc93dd3c7d43e5dc23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:6f:48:2d:3e:cb:d7:d4:ce:40:0f:be:24:1e:
07:1e:7b:26:6a:cc:2e:28:c6:8a:b4:46:7e:fa:57:
fc:3b:f0:5a:d1:bd:5a:fe:17:ec:7d:93:d0:e7:83:
af:4f:64:67:de:c0:b1:e4:0f:2c:90:1a:65:43:66:
b3:07:13:d4:ab:d2:67:ec:0c:ed:ab:b4:3d:ef:47:
80:40:7f:ce:67:64:42:f6:f2:6c:3e:2e:2a:50:ce:
bf:fa:35:b9:b2:d9:9b:06:8b:54:de:13:e0:ea:90:
fb:96:bd:27:bf:a1:99:7d:c5:1e:39:f4:c5:92:f4:
e9:dd:21:86:5e:05:9b:df:2f:fe:29:48:54:e6:81:
b0:a1:37:1d:71:50:8a:ec:77:3c:9d:73:a1:78:1f:
35:de:27:df:49:a3:a7:33:51:fa:e8:da:34:ac:6e:
de:de:ae:12:c8:26:02:17:e6:e4:46:f1:48:5b:09:
76:b3:a2:ac:fb:f5:bd:5b:57:88:c5:9b:6f:36:c8:
b4:cb:e5:01:8e:ed:eb:c2:9a:ee:eb:c9:21:e7:ea:
93:1c:45:da:48:6e:4f:26:af:e8:fd:3b:71:98:aa:
0b:41:c8:05:ec:ad:e0:e9:df:15:eb:e5:33:1f:f8:
3f:b1:05:50:29:f7:16:a2:d8:69:d5:b2:01:d9:bd:
22:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:07:9D:DE:28:5C:41:0A:C5:B2:FB:FC:93:DD:3C:7D:43:E5:DC:23
X509v3 Authority Key Identifier:
keyid:82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/lwed3ihcQQrFsvv8k908fUPl3CM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.102.0/24
Signature Algorithm: sha256WithRSAEncryption
37:6d:bf:87:60:15:3f:1b:fe:69:41:84:e8:39:30:ac:87:96:
25:53:e5:a6:11:1e:82:4e:ae:8d:b2:53:8f:66:4a:3b:f9:7e:
51:36:09:6d:20:b1:53:65:78:e2:c0:ce:c8:98:90:81:f7:f3:
ff:1d:23:e2:0e:89:1f:bb:5a:ce:db:6c:7e:29:a0:c3:ec:ce:
8f:09:10:56:e6:3c:94:cc:49:4e:57:b3:c1:fb:3a:9c:2e:48:
1e:26:ba:9f:e6:5c:50:dc:ec:e9:16:83:83:02:cb:e0:84:33:
20:a4:1a:58:6a:bf:27:cf:54:93:0c:cf:0b:7f:08:0b:1e:9c:
27:76:85:d7:c7:30:10:da:a8:ba:3e:34:d2:2c:15:eb:8f:d3:
fb:9f:b2:13:2b:5f:ab:4d:45:74:5e:c8:49:c9:3d:b7:9a:0e:
aa:00:0a:85:d2:29:68:63:69:c5:17:30:45:5c:55:c1:08:30:
37:d1:70:f2:4c:62:72:9b:4c:91:07:1e:bf:44:a8:8f:aa:a9:
c7:48:11:66:d7:39:cf:36:2a:08:4f:ba:ed:aa:72:97:d9:19:
63:56:a7:c2:43:12:0b:bf:14:e9:5a:02:8a:80:ea:8a:27:d8:
b5:3f:d8:5e:7f:fd:d2:00:3e:04:68:e5:37:35:6c:b1:cc:00:
e0:96:c9:3e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntX+cjEykPBBjB8QyzBVMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMWEzZjIxZmIwYzI5NGQ2ZDRhNTI5YjJmMWRiZDRiZDEx
MTliZDcwHhcNMjUwMTAyMTU0OTUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzA3OWRkZTI4NWM0MTBhYzViMmZiZmM5M2RkM2M3ZDQzZTVkYzIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1m9ILT7L19TOQA++JB4HHnsmaswu
KMaKtEZ++lf8O/Ba0b1a/hfsfZPQ54OvT2Rn3sCx5A8skBplQ2azBxPUq9Jn7Azt
q7Q970eAQH/OZ2RC9vJsPi4qUM6/+jW5stmbBotU3hPg6pD7lr0nv6GZfcUeOfTF
kvTp3SGGXgWb3y/+KUhU5oGwoTcdcVCK7Hc8nXOheB813iffSaOnM1H66No0rG7e
3q4SyCYCF+bkRvFIWwl2s6Ks+/W9W1eIxZtvNsi0y+UBju3rwpru68kh5+qTHEXa
SG5PJq/o/TtxmKoLQcgF7K3g6d8V6+UzH/g/sQVQKfcWothp1bIB2b0iVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJcHnd4oXEEKxbL7/JPdPH1D5dwjMB8GA1UdIwQY
MBaAFIIaPyH7DClNbUpSmy8dvUvREZvXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMt
YjZmMmFjODZlZjI3LzEvbHdlZDNpaGNRUXJGc3Z2OGs5MDhmVVBsM0NNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMtYjZmMmFjODZlZjI3
LzEvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABbZmMA0G
CSqGSIb3DQEBCwUAA4IBAQA3bb+HYBU/G/5pQYToOTCsh5YlU+WmER6CTq6NslOP
Zko7+X5RNgltILFTZXjiwM7ImJCB9/P/HSPiDokfu1rO22x+KaDD7M6PCRBW5jyU
zElOV7PB+zqcLkgeJrqf5lxQ3OzpFoODAsvghDMgpBpYar8nz1STDM8LfwgLHpwn
doXXxzAQ2qi6PjTSLBXrj9P7n7ITK1+rTUV0XshJyT23mg6qAAqF0iloY2nFFzBF
XFXBCDA30XDyTGJym0yRBx6/RKiPqqnHSBFm1znPNioIT7rtqnKX2RljVqfCQxIL
vxTpWgKKgOqKJ9i1P9hef/3SAD4EaOU3NWyxzADglsk+
-----END CERTIFICATE-----
Generated at Mon Apr 7 03:34:15 2025 by rpki-client