Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/aebd42-07a3-4cb5-852e-52afc77ca18f/1/llJ6liNS1pumqjPV_Jv49wbPcyA.roa
File: llJ6liNS1pumqjPV_Jv49wbPcyA.roa (raw, json)
Hash identifier: 8yXr4/k0VmsJ3fSG9IZQB1mAPItrWTFszMy9LsJzJdk=
Subject key identifier: 96:52:7A:96:23:52:D6:9B:A6:AA:33:D5:FC:9B:F8:F7:06:CF:73:20
Certificate issuer: /CN=c10285df5b039e0f04e2dfece28a5a8fbec6e938
Certificate serial: 01951EF588E924CB7CCE0CF698ADFA0B8DBA
Authority key identifier: C1:02:85:DF:5B:03:9E:0F:04:E2:DF:EC:E2:8A:5A:8F:BE:C6:E9:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wQKF31sDng8E4t_s4opaj77G6Tg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/aebd42-07a3-4cb5-852e-52afc77ca18f/1/llJ6liNS1pumqjPV_Jv49wbPcyA.roa
Signing time: Wed 19 Feb 2025 16:06:02 +0000
ROA not before: Wed 19 Feb 2025 16:06:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43824
IP address blocks: 185.127.124.0/24 maxlen: 24
185.127.125.0/24 maxlen: 24
185.127.126.0/24 maxlen: 24
185.127.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/aebd42-07a3-4cb5-852e-52afc77ca18f/1/wQKF31sDng8E4t_s4opaj77G6Tg.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/aebd42-07a3-4cb5-852e-52afc77ca18f/1/wQKF31sDng8E4t_s4opaj77G6Tg.mft
rsync://rpki.ripe.net/repository/DEFAULT/wQKF31sDng8E4t_s4opaj77G6Tg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 10:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:1e:f5:88:e9:24:cb:7c:ce:0c:f6:98:ad:fa:0b:8d:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c10285df5b039e0f04e2dfece28a5a8fbec6e938
Validity
Not Before: Feb 19 16:06:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=96527a962352d69ba6aa33d5fc9bf8f706cf7320
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fb:f2:5b:e3:04:b0:c8:b0:6f:20:4f:70:60:15:
61:65:c8:06:e0:6a:95:23:ac:ce:b6:e7:1b:e7:3a:
68:48:eb:17:f6:51:c6:43:02:e7:53:20:08:fe:d1:
d2:d9:8f:8c:bd:0f:8b:9b:30:bf:3e:45:1e:aa:bd:
48:33:38:81:c3:75:d0:6d:e9:84:e7:f0:f1:41:e3:
82:39:d0:9d:66:ca:a1:e4:f3:2d:e9:ae:a0:4c:5d:
7a:92:ee:03:8a:48:fd:cc:ba:dd:8e:6c:b8:a9:89:
e1:f6:ca:c1:d4:65:30:70:77:12:15:8f:27:91:ba:
74:3e:bf:a5:a7:44:ee:32:11:78:19:52:16:5f:88:
16:d7:dd:bc:25:3d:9f:0c:cd:17:4d:e3:55:cc:65:
e0:43:44:a2:70:96:2d:23:c0:95:4d:a3:5c:12:fb:
85:62:8c:38:7a:02:94:db:ae:25:4b:7a:5e:1c:d3:
24:93:1e:a3:e1:e2:4a:f2:62:ac:a0:62:cf:db:de:
15:c2:26:a6:bc:d2:e8:c0:b2:6e:eb:81:b0:10:98:
61:fc:db:ee:6b:81:fb:e3:5a:fe:40:bb:31:24:c3:
4c:a5:a0:22:a1:24:44:69:87:1e:67:c2:85:57:22:
70:3f:01:af:6c:21:37:c8:6a:65:7f:82:83:d5:82:
fe:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:52:7A:96:23:52:D6:9B:A6:AA:33:D5:FC:9B:F8:F7:06:CF:73:20
X509v3 Authority Key Identifier:
keyid:C1:02:85:DF:5B:03:9E:0F:04:E2:DF:EC:E2:8A:5A:8F:BE:C6:E9:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wQKF31sDng8E4t_s4opaj77G6Tg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/aebd42-07a3-4cb5-852e-52afc77ca18f/1/llJ6liNS1pumqjPV_Jv49wbPcyA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/aebd42-07a3-4cb5-852e-52afc77ca18f/1/wQKF31sDng8E4t_s4opaj77G6Tg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.127.124.0/22
Signature Algorithm: sha256WithRSAEncryption
6f:c2:83:0c:06:25:aa:39:c8:0a:fb:5c:4f:02:35:c0:b0:7a:
59:45:5b:33:0d:61:82:6c:85:5b:9e:0d:9b:44:ef:3c:ec:c0:
de:0c:4a:22:16:1c:04:e6:97:70:1a:59:cb:b4:c4:b6:e4:6d:
01:ab:37:36:c5:de:07:3f:ea:e9:4d:25:8c:92:c5:0b:3e:e1:
ff:5f:5c:c5:a7:41:ea:d5:28:d0:63:85:6a:87:30:cb:37:de:
36:c1:a0:e9:fb:b6:07:b4:1a:fc:d6:0a:cf:46:aa:a4:cd:4c:
02:fa:75:bd:03:0b:91:20:3c:ea:64:8e:a9:f9:17:0d:23:7a:
06:81:1b:2d:4a:d0:12:92:33:41:a9:93:6e:02:3f:fa:5e:26:
5e:09:79:2e:47:68:f6:6d:77:cd:ac:ea:a9:1a:5a:50:a7:71:
11:30:d4:07:4c:12:db:07:e0:f6:d5:e2:f8:87:20:c0:3e:80:
e6:0f:66:1a:cf:f4:fb:28:58:4e:4f:07:7e:7e:73:2a:c0:bb:
53:c3:84:02:6e:53:91:91:40:80:af:dc:28:96:60:60:da:a1:
1f:de:8c:ef:78:76:5a:c7:58:72:10:1a:cc:83:3f:97:10:2b:
08:93:3d:35:55:8b:cf:22:d9:4c:a9:8f:da:2f:d0:7b:34:62:
dd:86:65:c0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZUe9YjpJMt8zgz2mK36C426MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxMDI4NWRmNWIwMzllMGYwNGUyZGZlY2UyOGE1YThmYmVj
NmU5MzgwHhcNMjUwMjE5MTYwNjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjUyN2E5NjIzNTJkNjliYTZhYTMzZDVmYzliZjhmNzA2Y2Y3MzIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+/Jb4wSwyLBvIE9wYBVhZcgG4GqV
I6zOtucb5zpoSOsX9lHGQwLnUyAI/tHS2Y+MvQ+LmzC/PkUeqr1IMziBw3XQbemE
5/DxQeOCOdCdZsqh5PMt6a6gTF16ku4Dikj9zLrdjmy4qYnh9srB1GUwcHcSFY8n
kbp0Pr+lp0TuMhF4GVIWX4gW1928JT2fDM0XTeNVzGXgQ0SicJYtI8CVTaNcEvuF
Yow4egKU264lS3peHNMkkx6j4eJK8mKsoGLP294VwiamvNLowLJu64GwEJhh/Nvu
a4H741r+QLsxJMNMpaAioSREaYceZ8KFVyJwPwGvbCE3yGplf4KD1YL+IQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJZSepYjUtabpqoz1fyb+PcGz3MgMB8GA1UdIwQY
MBaAFMEChd9bA54PBOLf7OKKWo++xuk4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1FLRjMxc0RuZzhFNHRfczRvcGFqNzdHNlRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC9hZWJkNDItMDdhMy00Y2I1LTg1MmUt
NTJhZmM3N2NhMThmLzEvbGxKNmxpTlMxcHVtcWpQVl9KdjQ5d2JQY3lBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC9hZWJkNDItMDdhMy00Y2I1LTg1MmUtNTJhZmM3N2NhMThm
LzEvd1FLRjMxc0RuZzhFNHRfczRvcGFqNzdHNlRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuX98MA0G
CSqGSIb3DQEBCwUAA4IBAQBvwoMMBiWqOcgK+1xPAjXAsHpZRVszDWGCbIVbng2b
RO887MDeDEoiFhwE5pdwGlnLtMS25G0Bqzc2xd4HP+rpTSWMksULPuH/X1zFp0Hq
1SjQY4VqhzDLN942waDp+7YHtBr81grPRqqkzUwC+nW9AwuRIDzqZI6p+RcNI3oG
gRstStASkjNBqZNuAj/6XiZeCXkuR2j2bXfNrOqpGlpQp3ERMNQHTBLbB+D21eL4
hyDAPoDmD2Yaz/T7KFhOTwd+fnMqwLtTw4QCblORkUCAr9wolmBg2qEf3ozveHZa
x1hyEBrMgz+XECsIkz01VYvPItlMqY/aL9B7NGLdhmXA
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:56:31 2025 by rpki-client