Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/Lpz565UF_hEboDFDHeWBZVEQ21M.roa
File: Lpz565UF_hEboDFDHeWBZVEQ21M.roa (raw, json)
Hash identifier: b/r/RQ3PU+HhAUuB6uyPyzIuwGmDsQuSa71JKVhYBIE=
Subject key identifier: 2E:9C:F9:EB:95:05:FE:11:1B:A0:31:43:1D:E5:81:65:51:10:DB:53
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 019422FBB3112288C89E6353D0040901FA88
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/Lpz565UF_hEboDFDHeWBZVEQ21M.roa
Signing time: Wed 01 Jan 2025 17:48:28 +0000
ROA not before: Wed 01 Jan 2025 17:48:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43260
IP address blocks: 5.181.84.0/24 maxlen: 24
5.181.85.0/24 maxlen: 24
91.223.110.0/24 maxlen: 24
195.211.188.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:b3:11:22:88:c8:9e:63:53:d0:04:09:01:fa:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jan 1 17:48:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2e9cf9eb9505fe111ba031431de581655110db53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:de:b9:01:ab:97:7b:83:06:36:ad:93:f1:e0:
ac:8b:c9:f3:d4:0f:a2:ad:db:45:8e:71:a9:7d:09:
73:67:7d:aa:b4:dd:58:92:18:cb:0c:8a:f3:73:f9:
bc:95:66:1a:71:fa:32:06:26:88:f4:08:24:77:20:
5c:e6:6e:52:06:75:3a:9e:a2:20:41:37:50:39:4d:
b8:c4:f5:73:f7:db:8c:16:dd:58:64:e1:ee:9c:e6:
9d:82:1e:8d:4f:24:3f:83:c3:f7:4c:69:33:b8:f9:
37:d9:72:b9:33:c4:23:f9:30:03:8f:ab:a9:aa:8b:
c6:d9:9f:e4:f7:7e:9a:b9:fe:46:3a:4e:02:43:d5:
10:6e:25:6d:9d:89:3f:76:5c:9d:c2:2a:40:10:d5:
0f:99:73:46:85:5a:27:ca:07:f0:96:f1:13:17:a2:
95:01:97:f3:17:0c:a6:90:a3:be:0c:15:d6:15:8c:
4b:b9:c7:4d:0b:3d:c8:fa:de:a8:10:d7:f8:0c:88:
15:bd:ba:7f:48:86:46:77:6e:0c:f6:0a:b4:2d:f8:
8a:48:9a:a5:06:21:83:59:08:8a:7d:80:da:d7:82:
2f:76:e2:99:f8:51:c1:85:4c:b9:ba:8f:99:47:8b:
16:3e:a9:74:13:8f:f2:ca:54:be:1f:66:7c:6e:3e:
b7:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:9C:F9:EB:95:05:FE:11:1B:A0:31:43:1D:E5:81:65:51:10:DB:53
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/Lpz565UF_hEboDFDHeWBZVEQ21M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.84.0/23
91.223.110.0/24
195.211.188.0/24
Signature Algorithm: sha256WithRSAEncryption
37:56:f4:a3:32:c3:c8:e4:b5:2e:82:35:16:62:eb:fc:1f:4c:
9f:84:f7:2d:84:90:1d:04:ac:92:c7:ba:09:ca:3c:a1:d1:9e:
88:03:75:25:33:ac:73:2d:7d:92:a2:88:6b:58:de:74:d4:47:
3c:f2:df:e2:40:7a:62:24:cc:87:d4:6c:55:b2:44:60:58:73:
af:49:d1:6b:23:04:51:63:1b:77:5a:97:81:90:cf:bc:87:1a:
d7:c8:b8:64:ca:0e:0b:1c:b8:9e:d7:5c:19:f1:fc:43:f8:a9:
4a:af:25:4b:d5:84:af:83:5d:da:e8:92:a1:81:47:23:74:b7:
ea:7c:7b:f8:50:b0:31:29:a4:97:7b:f3:43:33:99:d2:78:82:
02:10:3a:44:43:fa:53:7f:cf:d0:03:ca:08:75:f8:77:c5:80:
23:63:c1:0c:69:80:6c:a2:3f:3c:4f:bc:a1:48:62:ad:9e:ab:
a3:78:40:b5:cd:37:84:75:11:63:bf:b2:ec:0b:73:b8:8f:8e:
44:25:6c:5e:3e:d3:5d:7b:04:9f:16:97:7d:7c:57:09:27:b7:
25:3b:6e:9a:ac:96:c8:42:9e:40:14:07:28:02:9b:d9:1f:dd:
10:6c:3b:9d:62:e1:36:6f:95:7c:09:e8:78:c5:9d:98:c9:dc:
fb:f5:5b:ca
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQi+7MRIojInmNT0AQJAfqIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjUwMTAxMTc0ODI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTljZjllYjk1MDVmZTExMWJhMDMxNDMxZGU1ODE2NTUxMTBkYjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw965AauXe4MGNq2T8eCsi8nz1A+i
rdtFjnGpfQlzZ32qtN1YkhjLDIrzc/m8lWYacfoyBiaI9AgkdyBc5m5SBnU6nqIg
QTdQOU24xPVz99uMFt1YZOHunOadgh6NTyQ/g8P3TGkzuPk32XK5M8Qj+TADj6up
qovG2Z/k936auf5GOk4CQ9UQbiVtnYk/dlydwipAENUPmXNGhVonygfwlvETF6KV
AZfzFwymkKO+DBXWFYxLucdNCz3I+t6oENf4DIgVvbp/SIZGd24M9gq0LfiKSJql
BiGDWQiKfYDa14IvduKZ+FHBhUy5uo+ZR4sWPql0E4/yylS+H2Z8bj63ywIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFC6c+euVBf4RG6AxQx3lgWVRENtTMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvTHB6NTY1VUZfaEVib0RGREhlV0JaVkVRMjFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBBbVUAwQA
W99uAwQAw9O8MA0GCSqGSIb3DQEBCwUAA4IBAQA3VvSjMsPI5LUugjUWYuv8H0yf
hPcthJAdBKySx7oJyjyh0Z6IA3UlM6xzLX2SoohrWN501Ec88t/iQHpiJMyH1GxV
skRgWHOvSdFrIwRRYxt3WpeBkM+8hxrXyLhkyg4LHLie11wZ8fxD+KlKryVL1YSv
g13a6JKhgUcjdLfqfHv4ULAxKaSXe/NDM5nSeIICEDpEQ/pTf8/QA8oIdfh3xYAj
Y8EMaYBsoj88T7yhSGKtnqujeEC1zTeEdRFjv7LsC3O4j45EJWxePtNdewSfFpd9
fFcJJ7clO26arJbIQp5AFAcoApvZH90QbDudYuE2b5V8Ceh4xZ2Yydz79VvK
-----END CERTIFICATE-----
Generated at Wed Feb 5 07:01:35 2025 by rpki-client