Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/93686d-11f5-4e3e-b5c4-43843c2e943b/1/LEzl9Qk7MYNbOqPpMlU1Ohh8PNA.roa
File: LEzl9Qk7MYNbOqPpMlU1Ohh8PNA.roa (raw, json)
Hash identifier: UHP2n+X3SSu6vIRko8Q/5h8jCVqX5aAXirgs1zpJmP8=
Subject key identifier: 2C:4C:E5:F5:09:3B:31:83:5B:3A:A3:E9:32:55:35:3A:18:7C:3C:D0
Certificate issuer: /CN=9d210f2259093aaf45285922a588e9a661aba9fa
Certificate serial: 019422FBA33F0D53BCD47CF4470917ADE5C1
Authority key identifier: 9D:21:0F:22:59:09:3A:AF:45:28:59:22:A5:88:E9:A6:61:AB:A9:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSEPIlkJOq9FKFkipYjppmGrqfo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/93686d-11f5-4e3e-b5c4-43843c2e943b/1/LEzl9Qk7MYNbOqPpMlU1Ohh8PNA.roa
Signing time: Wed 01 Jan 2025 17:48:24 +0000
ROA not before: Wed 01 Jan 2025 17:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6453
IP address blocks: 77.245.96.0/20 maxlen: 20
93.185.64.0/20 maxlen: 20
95.141.128.0/20 maxlen: 20
217.196.16.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/93686d-11f5-4e3e-b5c4-43843c2e943b/1/nSEPIlkJOq9FKFkipYjppmGrqfo.crl
rsync://rpki.ripe.net/repository/DEFAULT/1a/93686d-11f5-4e3e-b5c4-43843c2e943b/1/nSEPIlkJOq9FKFkipYjppmGrqfo.mft
rsync://rpki.ripe.net/repository/DEFAULT/nSEPIlkJOq9FKFkipYjppmGrqfo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 23:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:a3:3f:0d:53:bc:d4:7c:f4:47:09:17:ad:e5:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d210f2259093aaf45285922a588e9a661aba9fa
Validity
Not Before: Jan 1 17:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2c4ce5f5093b31835b3aa3e93255353a187c3cd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:16:43:78:b8:de:94:dd:37:75:b5:cd:1c:93:
da:21:e2:66:e7:31:15:09:08:85:30:c9:f7:4f:d5:
4b:74:7c:08:8e:0e:53:6b:a0:99:aa:ed:c6:c4:f2:
8c:92:8b:e9:8d:93:09:5d:67:c5:04:2f:ca:79:1f:
07:94:13:24:41:ba:25:10:fd:ee:26:36:62:ce:60:
6d:42:78:cb:e2:9e:8a:c0:53:f2:ab:22:d2:ee:be:
32:b0:e4:13:63:84:1a:f2:8f:fb:ae:da:05:36:b7:
b6:ef:a4:7a:6a:c5:35:d4:5d:00:73:07:b8:f0:d8:
84:99:dc:de:87:ff:c5:41:b8:5f:97:41:88:e5:95:
6f:b8:4d:20:08:53:21:86:e8:e9:4d:86:0d:fb:25:
02:dc:84:e1:dc:98:c7:15:b6:1f:cc:6e:89:48:8f:
c8:6a:22:c9:0f:ae:f0:68:80:c7:89:7b:58:d7:92:
3d:e8:6f:a5:d3:57:6d:b5:70:80:d4:cb:8d:65:9b:
04:16:7c:d5:b7:48:7b:cf:6d:0e:54:70:b7:6e:09:
d6:23:2b:43:12:cc:dd:d7:33:d7:4b:e1:8a:e9:bf:
b7:f5:82:0a:3e:1d:7d:16:a9:72:7a:db:b9:5f:73:
fe:3f:26:27:84:43:3c:39:1a:43:01:d3:5f:48:9c:
93:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:4C:E5:F5:09:3B:31:83:5B:3A:A3:E9:32:55:35:3A:18:7C:3C:D0
X509v3 Authority Key Identifier:
keyid:9D:21:0F:22:59:09:3A:AF:45:28:59:22:A5:88:E9:A6:61:AB:A9:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSEPIlkJOq9FKFkipYjppmGrqfo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/93686d-11f5-4e3e-b5c4-43843c2e943b/1/LEzl9Qk7MYNbOqPpMlU1Ohh8PNA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/93686d-11f5-4e3e-b5c4-43843c2e943b/1/nSEPIlkJOq9FKFkipYjppmGrqfo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.245.96.0/20
93.185.64.0/20
95.141.128.0/20
217.196.16.0/20
Signature Algorithm: sha256WithRSAEncryption
bd:14:68:dd:92:27:d8:c2:f4:da:35:0c:ff:ed:f1:e2:ae:11:
1d:17:1b:08:d4:3a:c6:a1:4c:e6:26:aa:18:3f:6d:f1:40:59:
cc:a0:5f:85:6b:f7:47:47:4d:15:7a:26:29:7b:2f:de:46:e9:
f0:88:36:29:a8:78:34:ed:66:b5:a5:16:60:7a:07:36:32:35:
ba:1e:a3:e7:42:74:c8:8a:22:25:fe:a9:1d:10:90:a8:2b:e6:
4d:46:60:ee:da:da:51:da:af:e7:4b:25:c8:70:0a:9d:66:90:
ce:99:b5:7f:68:44:c5:d9:7e:b6:75:54:0f:eb:03:ac:74:f1:
b4:8b:7a:a8:71:c8:4b:8c:0c:11:2f:26:b0:36:0d:f0:22:fe:
ed:e4:65:47:b8:24:28:5f:31:e7:2b:c3:51:5c:20:7c:06:cc:
a3:60:5b:66:0b:8e:10:01:11:bf:51:23:14:3e:6f:69:0e:e7:
e8:d1:9c:77:4f:b4:ae:99:44:ac:eb:7c:de:a4:1b:08:c5:10:
8e:35:c3:ef:20:b7:16:0e:f4:0a:b5:da:55:7f:f5:d5:c2:28:
51:ca:a5:5d:8b:ab:28:28:e6:7e:7e:ea:01:02:79:fd:dc:a1:
e1:6e:f2:72:f8:fc:f8:35:30:eb:68:bb:ce:b2:07:38:78:35:
8b:87:01:ad
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQi+6M/DVO81Hz0RwkXreXBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMjEwZjIyNTkwOTNhYWY0NTI4NTkyMmE1ODhlOWE2NjFh
YmE5ZmEwHhcNMjUwMTAxMTc0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzRjZTVmNTA5M2IzMTgzNWIzYWEzZTkzMjU1MzUzYTE4N2MzY2QwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvxZDeLjelN03dbXNHJPaIeJm5zEV
CQiFMMn3T9VLdHwIjg5Ta6CZqu3GxPKMkovpjZMJXWfFBC/KeR8HlBMkQbolEP3u
JjZizmBtQnjL4p6KwFPyqyLS7r4ysOQTY4Qa8o/7rtoFNre276R6asU11F0Acwe4
8NiEmdzeh//FQbhfl0GI5ZVvuE0gCFMhhujpTYYN+yUC3ITh3JjHFbYfzG6JSI/I
aiLJD67waIDHiXtY15I96G+l01dttXCA1MuNZZsEFnzVt0h7z20OVHC3bgnWIytD
Eszd1zPXS+GK6b+39YIKPh19Fqlyetu5X3P+PyYnhEM8ORpDAdNfSJyTywIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCxM5fUJOzGDWzqj6TJVNToYfDzQMB8GA1UdIwQY
MBaAFJ0hDyJZCTqvRShZIqWI6aZhq6n6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNFUElsa0pPcTlGS0ZraXBZanBwbUdycWZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS85MzY4NmQtMTFmNS00ZTNlLWI1YzQt
NDM4NDNjMmU5NDNiLzEvTEV6bDlRazdNWU5iT3FQcE1sVTFPaGg4UE5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS85MzY4NmQtMTFmNS00ZTNlLWI1YzQtNDM4NDNjMmU5NDNi
LzEvblNFUElsa0pPcTlGS0ZraXBZanBwbUdycWZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQETfVgAwQE
XblAAwQEX42AAwQE2cQQMA0GCSqGSIb3DQEBCwUAA4IBAQC9FGjdkifYwvTaNQz/
7fHirhEdFxsI1DrGoUzmJqoYP23xQFnMoF+Fa/dHR00VeiYpey/eRunwiDYpqHg0
7Wa1pRZgegc2MjW6HqPnQnTIiiIl/qkdEJCoK+ZNRmDu2tpR2q/nSyXIcAqdZpDO
mbV/aETF2X62dVQP6wOsdPG0i3qocchLjAwRLyawNg3wIv7t5GVHuCQoXzHnK8NR
XCB8BsyjYFtmC44QARG/USMUPm9pDufo0Zx3T7SumUSs63zepBsIxRCONcPvILcW
DvQKtdpVf/XVwihRyqVdi6soKOZ+fuoBAnn93KHhbvJy+Pz4NTDraLvOsgc4eDWL
hwGt
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:31:28 2025 by rpki-client