Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/d5104c-f64a-44ca-a37b-6e1f2f6851cf/1/L9pi3nyxzTSejNrNKTLFupEkeKc.roa
File: L9pi3nyxzTSejNrNKTLFupEkeKc.roa (raw, json)
Hash identifier: KRhXEXpB0ZgWCnBzMsYjo3MIerLmYQGo8A6sCf5dI54=
Subject key identifier: 2F:DA:62:DE:7C:B1:CD:34:9E:8C:DA:CD:29:32:C5:BA:91:24:78:A7
Certificate issuer: /CN=e5c340ee5b9daf1a6818f0df407fa5975886b10f
Certificate serial: 01956B0D79B1D31FBF636BC672C6E1D16314
Authority key identifier: E5:C3:40:EE:5B:9D:AF:1A:68:18:F0:DF:40:7F:A5:97:58:86:B1:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5cNA7ludrxpoGPDfQH-ll1iGsQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/d5104c-f64a-44ca-a37b-6e1f2f6851cf/1/L9pi3nyxzTSejNrNKTLFupEkeKc.roa
Signing time: Thu 06 Mar 2025 10:43:19 +0000
ROA not before: Thu 06 Mar 2025 10:43:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12595
IP address blocks: 91.216.34.0/24 maxlen: 24
185.117.226.0/24 maxlen: 24
185.133.88.0/22 maxlen: 24
188.116.45.0/24 maxlen: 24
193.142.212.0/24 maxlen: 24
212.11.88.0/22 maxlen: 24
2a10:7180::/29 maxlen: 29
2a10:7180:101::/48 maxlen: 48
2a10:7180:102::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/d5104c-f64a-44ca-a37b-6e1f2f6851cf/1/5cNA7ludrxpoGPDfQH-ll1iGsQ8.crl
rsync://rpki.ripe.net/repository/DEFAULT/18/d5104c-f64a-44ca-a37b-6e1f2f6851cf/1/5cNA7ludrxpoGPDfQH-ll1iGsQ8.mft
rsync://rpki.ripe.net/repository/DEFAULT/5cNA7ludrxpoGPDfQH-ll1iGsQ8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 18:34:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:6b:0d:79:b1:d3:1f:bf:63:6b:c6:72:c6:e1:d1:63:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5c340ee5b9daf1a6818f0df407fa5975886b10f
Validity
Not Before: Mar 6 10:43:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2fda62de7cb1cd349e8cdacd2932c5ba912478a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:b7:36:37:78:f1:82:11:ab:e6:7b:b2:2c:ed:
b2:76:cf:3d:d6:19:13:02:b4:de:ec:27:97:b2:4a:
2b:03:42:e8:f5:c9:05:b2:13:03:d8:f7:d5:7b:27:
49:99:bf:7f:7a:30:79:c2:f5:a2:5e:9f:5d:67:74:
2d:39:0d:4d:a9:0e:6e:8b:90:8e:f1:a0:91:5b:7f:
b7:dc:00:bb:50:0f:ec:ed:27:ec:56:7f:c6:0e:b6:
90:42:e8:ac:09:ec:67:da:47:6f:08:1e:3c:8b:bf:
e2:1c:4a:bb:46:c4:57:da:3f:14:41:3b:ce:ff:a3:
34:d1:ce:ca:e7:65:c3:c2:b6:f5:c4:32:28:d8:f9:
42:a2:f8:28:a0:ca:7f:17:af:fb:82:54:1e:49:ab:
f7:ac:0f:12:ab:af:c6:d5:26:c7:ab:f4:22:b6:f5:
75:91:56:0e:66:77:04:62:e2:c1:af:77:85:53:8f:
70:99:5e:b4:f8:d0:4d:84:17:d8:08:92:63:de:d9:
e4:0b:d5:96:53:38:8d:18:d9:9e:f9:bb:54:9a:28:
f0:4a:c3:8f:ba:c6:5c:17:89:3c:24:0f:a4:fe:ad:
66:71:aa:39:d0:0a:ad:11:dc:64:9d:42:5f:49:3a:
81:f8:ea:ab:8b:55:c7:59:8f:30:71:57:ae:35:fd:
cb:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:DA:62:DE:7C:B1:CD:34:9E:8C:DA:CD:29:32:C5:BA:91:24:78:A7
X509v3 Authority Key Identifier:
keyid:E5:C3:40:EE:5B:9D:AF:1A:68:18:F0:DF:40:7F:A5:97:58:86:B1:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5cNA7ludrxpoGPDfQH-ll1iGsQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/d5104c-f64a-44ca-a37b-6e1f2f6851cf/1/L9pi3nyxzTSejNrNKTLFupEkeKc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/d5104c-f64a-44ca-a37b-6e1f2f6851cf/1/5cNA7ludrxpoGPDfQH-ll1iGsQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.34.0/24
185.117.226.0/24
185.133.88.0/22
188.116.45.0/24
193.142.212.0/24
212.11.88.0/22
IPv6:
2a10:7180::/29
Signature Algorithm: sha256WithRSAEncryption
94:06:5e:8b:a6:a3:fc:bc:32:0e:d0:98:a4:4e:24:93:ac:6e:
5c:7e:4d:92:64:50:e0:b5:ba:8f:f0:bd:e8:33:e4:56:41:01:
5e:d7:61:f3:1c:fe:67:c4:df:f3:9a:92:b5:f5:82:94:b1:41:
0c:ed:46:d3:72:96:b7:24:92:a9:e4:55:ce:a7:ac:46:f9:12:
36:43:36:04:70:b6:ad:3b:dd:72:a1:02:92:6d:4b:f2:51:f6:
f0:bd:05:dc:4e:35:02:96:e4:60:1f:ec:e4:ed:69:51:d5:40:
4c:be:24:31:08:10:56:5a:6d:fb:94:65:b1:f9:48:a8:9c:0c:
66:ba:35:27:73:e4:f0:64:95:7b:df:a5:35:ef:2a:5f:6c:49:
53:cc:c7:a2:5d:10:ee:b7:52:4f:23:ef:ee:f0:e6:47:bb:27:
bf:68:99:61:c0:22:33:84:14:7f:18:b2:4e:60:ee:8a:3e:98:
47:ef:5a:e1:d7:ea:df:7b:24:77:50:86:39:b1:2e:ee:e9:33:
ee:7e:32:36:e3:68:d7:36:8d:05:82:ce:c9:40:4a:3e:38:e0:
56:2d:12:ec:9d:fd:93:fe:15:65:38:84:91:68:2a:b4:b5:36:
3a:b6:b1:77:bc:33:41:5b:78:af:e8:ee:53:cd:29:8a:a2:48:
53:b7:95:05
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZVrDXmx0x+/Y2vGcsbh0WMUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YzM0MGVlNWI5ZGFmMWE2ODE4ZjBkZjQwN2ZhNTk3NTg4
NmIxMGYwHhcNMjUwMzA2MTA0MzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmRhNjJkZTdjYjFjZDM0OWU4Y2RhY2QyOTMyYzViYTkxMjQ3OGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnLc2N3jxghGr5nuyLO2yds891hkT
ArTe7CeXskorA0Lo9ckFshMD2PfVeydJmb9/ejB5wvWiXp9dZ3QtOQ1NqQ5ui5CO
8aCRW3+33AC7UA/s7SfsVn/GDraQQuisCexn2kdvCB48i7/iHEq7RsRX2j8UQTvO
/6M00c7K52XDwrb1xDIo2PlCovgooMp/F6/7glQeSav3rA8Sq6/G1SbHq/QitvV1
kVYOZncEYuLBr3eFU49wmV60+NBNhBfYCJJj3tnkC9WWUziNGNme+btUmijwSsOP
usZcF4k8JA+k/q1mcao50AqtEdxknUJfSTqB+Oqri1XHWY8wcVeuNf3L0QIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFC/aYt58sc00nozazSkyxbqRJHinMB8GA1UdIwQY
MBaAFOXDQO5bna8aaBjw30B/pZdYhrEPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWNOQTdsdWRyeHBvR1BEZlFILWxsMWlHc1E4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9kNTEwNGMtZjY0YS00NGNhLWEzN2It
NmUxZjJmNjg1MWNmLzEvTDlwaTNueXh6VFNlak5yTktUTEZ1cEVrZUtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9kNTEwNGMtZjY0YS00NGNhLWEzN2ItNmUxZjJmNjg1MWNm
LzEvNWNOQTdsdWRyeHBvR1BEZlFILWxsMWlHc1E4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQAW9giAwQA
uXXiAwQCuYVYAwQAvHQtAwQAwY7UAwQC1AtYMA0EAgACMAcDBQMqEHGAMA0GCSqG
SIb3DQEBCwUAA4IBAQCUBl6LpqP8vDIO0JikTiSTrG5cfk2SZFDgtbqP8L3oM+RW
QQFe12HzHP5nxN/zmpK19YKUsUEM7UbTcpa3JJKp5FXOp6xG+RI2QzYEcLatO91y
oQKSbUvyUfbwvQXcTjUCluRgH+zk7WlR1UBMviQxCBBWWm37lGWx+UionAxmujUn
c+TwZJV736U17ypfbElTzMeiXRDut1JPI+/u8OZHuye/aJlhwCIzhBR/GLJOYO6K
PphH71rh1+rfeyR3UIY5sS7u6TPufjI242jXNo0Fgs7JQEo+OOBWLRLsnf2T/hVl
OISRaCq0tTY6trF3vDNBW3iv6O5TzSmKokhTt5UF
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:07:33 2025 by rpki-client