Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/a98e4a-45aa-408c-b807-bfcf9a922a8b/1/0LP5ahEEWvnMaK30aMTVzU6uXkA.roa
File: 0LP5ahEEWvnMaK30aMTVzU6uXkA.roa (raw, json)
Hash identifier: lB/VdYravFr8twO2oC/vGE6G8jo6civSr7gweO3k+0U=
Subject key identifier: D0:B3:F9:6A:11:04:5A:F9:CC:68:AD:F4:68:C4:D5:CD:4E:AE:5E:40
Certificate issuer: /CN=fd2af9060c1f42c628fcfb8f0781d7a5bc21fc02
Certificate serial: 019427B5A989F49B4B2E2EDA75A5599FFBC9
Authority key identifier: FD:2A:F9:06:0C:1F:42:C6:28:FC:FB:8F:07:81:D7:A5:BC:21:FC:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_Sr5BgwfQsYo_PuPB4HXpbwh_AI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/a98e4a-45aa-408c-b807-bfcf9a922a8b/1/0LP5ahEEWvnMaK30aMTVzU6uXkA.roa
Signing time: Thu 02 Jan 2025 15:50:04 +0000
ROA not before: Thu 02 Jan 2025 15:50:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 28725
IP address blocks: 80.74.32.0/20 maxlen: 24
85.162.0.0/15 maxlen: 24
194.147.12.0/22 maxlen: 24
2a07:1f40::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/a98e4a-45aa-408c-b807-bfcf9a922a8b/1/_Sr5BgwfQsYo_PuPB4HXpbwh_AI.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/a98e4a-45aa-408c-b807-bfcf9a922a8b/1/_Sr5BgwfQsYo_PuPB4HXpbwh_AI.mft
rsync://rpki.ripe.net/repository/DEFAULT/_Sr5BgwfQsYo_PuPB4HXpbwh_AI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:a9:89:f4:9b:4b:2e:2e:da:75:a5:59:9f:fb:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd2af9060c1f42c628fcfb8f0781d7a5bc21fc02
Validity
Not Before: Jan 2 15:50:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d0b3f96a11045af9cc68adf468c4d5cd4eae5e40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:6c:39:5c:33:07:21:12:7f:ee:5f:97:f1:28:
82:e1:a2:53:50:69:4f:ba:cb:31:97:85:3c:e4:c1:
bf:ec:bd:1b:b4:9f:03:af:c8:85:ab:5f:34:7d:66:
f2:56:e8:ca:0b:dd:de:09:1e:07:dc:43:a0:df:29:
ca:9c:33:11:c1:af:95:c5:f9:0f:3d:85:3d:46:89:
20:84:8b:15:ca:72:ef:f4:76:74:6e:48:f1:9a:0c:
2f:e8:f8:83:b2:e6:38:5b:f4:21:36:98:2f:bf:d1:
cc:fc:82:01:be:af:4c:23:c1:85:47:16:15:8e:0d:
c7:51:e1:4f:6d:a9:b7:b3:40:6b:39:32:fd:fb:39:
0d:bf:ff:dc:85:87:cd:e6:24:0d:d6:3d:c2:04:1d:
5e:c0:51:d2:d1:6f:ee:a7:2e:fa:6a:7d:e1:54:74:
73:e3:1a:5c:e5:cc:13:ee:3a:d6:65:67:17:be:d5:
47:ef:1d:0c:90:14:c5:12:ff:1e:d5:a7:0f:30:cc:
32:6b:23:db:95:64:33:c2:99:25:b9:70:4d:f3:ae:
5f:8f:a3:3f:b8:3f:6a:c0:c6:73:fd:da:da:eb:6e:
4b:a3:e0:e4:5f:e0:04:a4:0d:4b:2e:97:21:10:ce:
61:42:0f:ce:2e:42:c3:c7:90:4b:1c:65:d6:f1:fe:
77:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:B3:F9:6A:11:04:5A:F9:CC:68:AD:F4:68:C4:D5:CD:4E:AE:5E:40
X509v3 Authority Key Identifier:
keyid:FD:2A:F9:06:0C:1F:42:C6:28:FC:FB:8F:07:81:D7:A5:BC:21:FC:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_Sr5BgwfQsYo_PuPB4HXpbwh_AI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/a98e4a-45aa-408c-b807-bfcf9a922a8b/1/0LP5ahEEWvnMaK30aMTVzU6uXkA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/a98e4a-45aa-408c-b807-bfcf9a922a8b/1/_Sr5BgwfQsYo_PuPB4HXpbwh_AI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.74.32.0/20
85.162.0.0/15
194.147.12.0/22
IPv6:
2a07:1f40::/29
Signature Algorithm: sha256WithRSAEncryption
51:ae:53:16:40:4f:be:4d:ac:a9:9c:b9:50:34:b5:75:4d:c5:
cb:8b:6f:fb:5b:ba:f0:27:67:41:d4:4d:ca:13:1c:a3:8f:bf:
d4:e1:79:a5:f8:5b:ce:48:a2:16:c7:dc:eb:7d:aa:19:70:9a:
78:49:fc:2a:bb:0b:f5:d8:05:a9:0b:38:20:bf:f3:8d:03:7b:
1b:00:aa:e1:71:46:0d:99:98:4a:a7:a2:f3:be:3c:ef:2b:21:
cb:af:82:59:7f:a1:34:0b:6c:90:33:6d:4d:79:40:68:c4:29:
b7:f0:9d:45:8c:8b:ee:b0:8e:fa:11:c8:3a:13:99:a0:de:f3:
d5:93:d3:2c:72:c3:ba:47:b1:29:c0:5d:cb:20:1c:7e:d1:b7:
d5:8a:5c:90:3e:c5:76:77:2a:3a:0e:58:57:4a:7e:da:01:c2:
6c:8c:a1:56:05:67:da:5c:7e:b5:3e:9d:47:b3:7e:7b:30:e4:
2c:96:2d:bd:f1:94:42:a7:50:78:68:b5:8a:d1:f8:c6:ea:23:
ed:4a:50:62:d6:4f:91:36:95:e3:28:13:23:85:a9:6f:ab:67:
07:75:ca:e2:8f:0b:39:db:7e:d7:8d:83:46:21:be:91:b1:ac:
52:86:12:9b:ec:bc:2a:8c:75:3e:44:f3:1f:2a:f5:37:e8:49:
b0:62:92:ee
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZQntamJ9JtLLi7adaVZn/vJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkMmFmOTA2MGMxZjQyYzYyOGZjZmI4ZjA3ODFkN2E1YmMy
MWZjMDIwHhcNMjUwMTAyMTU1MDA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGIzZjk2YTExMDQ1YWY5Y2M2OGFkZjQ2OGM0ZDVjZDRlYWU1ZTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2mw5XDMHIRJ/7l+X8SiC4aJTUGlP
ussxl4U85MG/7L0btJ8Dr8iFq180fWbyVujKC93eCR4H3EOg3ynKnDMRwa+VxfkP
PYU9RokghIsVynLv9HZ0bkjxmgwv6PiDsuY4W/QhNpgvv9HM/IIBvq9MI8GFRxYV
jg3HUeFPbam3s0BrOTL9+zkNv//chYfN5iQN1j3CBB1ewFHS0W/upy76an3hVHRz
4xpc5cwT7jrWZWcXvtVH7x0MkBTFEv8e1acPMMwyayPblWQzwpkluXBN865fj6M/
uD9qwMZz/dra625Lo+DkX+AEpA1LLpchEM5hQg/OLkLDx5BLHGXW8f53fQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFNCz+WoRBFr5zGit9GjE1c1Orl5AMB8GA1UdIwQY
MBaAFP0q+QYMH0LGKPz7jweB16W8IfwCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1NyNUJnd2ZRc1lvX1B1UEI0SFhwYndoX0FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9hOThlNGEtNDVhYS00MDhjLWI4MDct
YmZjZjlhOTIyYThiLzEvMExQNWFoRUVXdm5NYUszMGFNVFZ6VTZ1WGtBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9hOThlNGEtNDVhYS00MDhjLWI4MDctYmZjZjlhOTIyYThi
LzEvX1NyNUJnd2ZRc1lvX1B1UEI0SFhwYndoX0FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAXBAIAATARAwQEUEogAwMB
VaIDBALCkwwwDQQCAAIwBwMFAyoHH0AwDQYJKoZIhvcNAQELBQADggEBAFGuUxZA
T75NrKmcuVA0tXVNxcuLb/tbuvAnZ0HUTcoTHKOPv9TheaX4W85IohbH3Ot9qhlw
mnhJ/Cq7C/XYBakLOCC/840DexsAquFxRg2ZmEqnovO+PO8rIcuvgll/oTQLbJAz
bU15QGjEKbfwnUWMi+6wjvoRyDoTmaDe89WT0yxyw7pHsSnAXcsgHH7Rt9WKXJA+
xXZ3KjoOWFdKftoBwmyMoVYFZ9pcfrU+nUezfnsw5CyWLb3xlEKnUHhotYrR+Mbq
I+1KUGLWT5E2leMoEyOFqW+rZwd1yuKPCznbfteNg0YhvpGxrFKGEpvsvCqMdT5E
8x8q9TfoSbBiku4=
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:34:40 2025 by rpki-client