Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/410d94-af78-4397-adfe-48d738c5947d/1/_ltzxuGkz6znSaa7SgLi6XMBftU.roa
File: _ltzxuGkz6znSaa7SgLi6XMBftU.roa (raw, json)
Hash identifier: +kNXhyoqNb3mbEFSERmsDLNGdx3dBqclzBGCcZo07A0=
Subject key identifier: FE:5B:73:C6:E1:A4:CF:AC:E7:49:A6:BB:4A:02:E2:E9:73:01:7E:D5
Certificate issuer: /CN=99d3a2d6fad651678e96d24e24d19d71fe380409
Certificate serial: 019425FDAB20AF023D68752AC713E50BB009
Authority key identifier: 99:D3:A2:D6:FA:D6:51:67:8E:96:D2:4E:24:D1:9D:71:FE:38:04:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mdOi1vrWUWeOltJOJNGdcf44BAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/410d94-af78-4397-adfe-48d738c5947d/1/_ltzxuGkz6znSaa7SgLi6XMBftU.roa
Signing time: Thu 02 Jan 2025 07:49:28 +0000
ROA not before: Thu 02 Jan 2025 07:49:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13043
IP address blocks: 164.59.128.0/23 maxlen: 24
164.59.130.0/24 maxlen: 24
164.59.136.0/21 maxlen: 24
164.60.0.0/16 maxlen: 24
212.64.225.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/410d94-af78-4397-adfe-48d738c5947d/1/mdOi1vrWUWeOltJOJNGdcf44BAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/410d94-af78-4397-adfe-48d738c5947d/1/mdOi1vrWUWeOltJOJNGdcf44BAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/mdOi1vrWUWeOltJOJNGdcf44BAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:ab:20:af:02:3d:68:75:2a:c7:13:e5:0b:b0:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99d3a2d6fad651678e96d24e24d19d71fe380409
Validity
Not Before: Jan 2 07:49:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fe5b73c6e1a4cface749a6bb4a02e2e973017ed5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:32:6f:89:19:1c:9a:04:af:6c:1e:aa:d6:68:
2c:40:be:f1:63:80:5d:b4:33:dd:8c:8d:e6:89:3b:
09:8b:d7:c3:60:ed:3a:b8:72:42:dd:56:e1:a5:97:
30:7f:7a:5c:49:d1:8a:ab:31:69:f1:7e:b3:e4:5b:
5e:33:4d:13:97:7c:a8:3a:3d:33:d7:d2:e5:1b:24:
d1:26:29:0d:c7:7b:88:fb:c7:9d:74:17:81:98:5a:
9c:88:cf:df:c8:23:19:5e:ee:db:f7:02:87:e5:f8:
ad:c7:7e:35:9b:11:be:ff:f5:f5:78:bb:58:9b:74:
5b:31:4d:80:6b:c6:1c:fa:f5:06:92:8a:30:05:b8:
f3:ed:bf:af:e7:07:06:6b:3d:bf:6c:42:cb:06:62:
27:9c:9f:8b:e1:b4:37:de:14:db:35:91:5f:cc:51:
c9:f2:6a:4e:32:97:8b:13:90:89:eb:3b:ca:ea:b7:
af:cd:92:cf:20:eb:b0:77:88:c4:4e:a4:f1:8e:1a:
7f:db:d6:11:f5:f4:6e:0e:a7:01:0b:2d:ed:00:a1:
d3:c1:37:11:53:26:d2:05:d3:57:31:3e:d4:79:12:
29:ee:55:18:5d:a3:aa:3b:81:45:83:61:93:7d:75:
8b:d2:42:8b:6f:e8:7c:e6:2a:16:57:e6:73:d1:8c:
24:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:5B:73:C6:E1:A4:CF:AC:E7:49:A6:BB:4A:02:E2:E9:73:01:7E:D5
X509v3 Authority Key Identifier:
keyid:99:D3:A2:D6:FA:D6:51:67:8E:96:D2:4E:24:D1:9D:71:FE:38:04:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mdOi1vrWUWeOltJOJNGdcf44BAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/410d94-af78-4397-adfe-48d738c5947d/1/_ltzxuGkz6znSaa7SgLi6XMBftU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/410d94-af78-4397-adfe-48d738c5947d/1/mdOi1vrWUWeOltJOJNGdcf44BAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
164.59.128.0-164.59.130.255
164.59.136.0/21
164.60.0.0/16
212.64.225.0/24
Signature Algorithm: sha256WithRSAEncryption
93:1d:cb:84:39:40:42:09:30:3b:c5:8d:89:a0:58:14:e7:50:
1e:26:82:c1:65:ce:06:52:18:20:b6:64:bb:bb:ba:57:70:a6:
36:9f:b3:75:6e:10:84:af:78:a7:9f:c9:96:d7:0a:19:cb:ee:
23:5b:02:83:77:dd:9d:e8:aa:b9:24:89:00:ff:6b:c9:45:2c:
5f:80:46:9d:88:ef:4b:19:ca:a3:9c:72:1d:28:75:10:7e:29:
b3:05:b1:2e:7f:bc:fb:2d:05:a1:d6:2d:1e:ea:2d:6c:bc:a9:
34:b8:03:60:dc:fc:74:cd:f6:17:00:f9:e8:48:ad:66:02:3d:
98:d0:4b:bf:dd:54:23:c2:e7:a1:84:d2:cd:0a:c5:e8:86:a4:
06:65:04:ed:86:89:b8:f5:3e:6a:1d:85:0a:4b:69:4a:07:a0:
0e:2f:28:76:c4:78:3d:da:05:67:44:0e:3f:4c:d6:c6:1c:9d:
33:c5:73:36:3d:ed:f6:e1:39:d0:12:88:da:c6:85:65:26:3b:
a5:50:d5:a5:78:c0:7c:e0:bf:97:32:ea:36:02:bb:15:e6:b8:
76:22:c9:30:d8:e1:41:73:0b:50:36:fd:22:34:bd:a4:aa:8c:
4c:ac:37:95:32:f2:1a:5d:91:d3:1c:bf:76:d1:29:08:e7:31:
6a:97:16:56
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZQl/asgrwI9aHUqxxPlC7AJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5ZDNhMmQ2ZmFkNjUxNjc4ZTk2ZDI0ZTI0ZDE5ZDcxZmUz
ODA0MDkwHhcNMjUwMTAyMDc0OTI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTViNzNjNmUxYTRjZmFjZTc0OWE2YmI0YTAyZTJlOTczMDE3ZWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7DJviRkcmgSvbB6q1mgsQL7xY4Bd
tDPdjI3miTsJi9fDYO06uHJC3VbhpZcwf3pcSdGKqzFp8X6z5FteM00Tl3yoOj0z
19LlGyTRJikNx3uI+8eddBeBmFqciM/fyCMZXu7b9wKH5fitx341mxG+//X1eLtY
m3RbMU2Aa8Yc+vUGkoowBbjz7b+v5wcGaz2/bELLBmInnJ+L4bQ33hTbNZFfzFHJ
8mpOMpeLE5CJ6zvK6revzZLPIOuwd4jETqTxjhp/29YR9fRuDqcBCy3tAKHTwTcR
UybSBdNXMT7UeRIp7lUYXaOqO4FFg2GTfXWL0kKLb+h85ioWV+Zz0YwkRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP5bc8bhpM+s50mmu0oC4ulzAX7VMB8GA1UdIwQY
MBaAFJnTotb61lFnjpbSTiTRnXH+OAQJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWRPaTF2cldVV2VPbHRKT0pOR2RjZjQ0QkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS80MTBkOTQtYWY3OC00Mzk3LWFkZmUt
NDhkNzM4YzU5NDdkLzEvX2x0enh1R2t6NnpuU2FhN1NnTGk2WE1CZnRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS80MTBkOTQtYWY3OC00Mzk3LWFkZmUtNDhkNzM4YzU5NDdk
LzEvbWRPaTF2cldVV2VPbHRKT0pOR2RjZjQ0QkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAlBAIAATAfMAwDBAekO4AD
BACkO4IDBAOkO4gDAwCkPAMEANRA4TANBgkqhkiG9w0BAQsFAAOCAQEAkx3LhDlA
QgkwO8WNiaBYFOdQHiaCwWXOBlIYILZku7u6V3CmNp+zdW4QhK94p5/JltcKGcvu
I1sCg3fdneiquSSJAP9ryUUsX4BGnYjvSxnKo5xyHSh1EH4pswWxLn+8+y0FodYt
HuotbLypNLgDYNz8dM32FwD56EitZgI9mNBLv91UI8LnoYTSzQrF6IakBmUE7YaJ
uPU+ah2FCktpSgegDi8odsR4PdoFZ0QOP0zWxhydM8VzNj3t9uE50BKI2saFZSY7
pVDVpXjAfOC/lzLqNgK7Fea4diLJMNjhQXMLUDb9IjS9pKqMTKw3lTLyGl2R0xy/
dtEpCOcxapcWVg==
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:51:49 2025 by rpki-client