Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/LnHcLzrQc_Bz90g37z1yqJnyHFg.roa
File: LnHcLzrQc_Bz90g37z1yqJnyHFg.roa (raw, json)
Hash identifier: Mrib53Xd7qZIt+yUUa0DTs49OnzRlPCby1C1WKjBs5A=
Subject key identifier: 2E:71:DC:2F:3A:D0:73:F0:73:F7:48:37:EF:3D:72:A8:99:F2:1C:58
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 0194DA08A310741AE3F70B8674AA92770987
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/LnHcLzrQc_Bz90g37z1yqJnyHFg.roa
Signing time: Thu 06 Feb 2025 06:53:06 +0000
ROA not before: Thu 06 Feb 2025 06:53:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3356
IP address blocks: 94.74.158.0/24 maxlen: 24
176.46.141.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.mft
rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 12:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:da:08:a3:10:74:1a:e3:f7:0b:86:74:aa:92:77:09:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Feb 6 06:53:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2e71dc2f3ad073f073f74837ef3d72a899f21c58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:1e:f7:c9:32:f1:25:91:12:3f:dd:57:aa:7d:
27:47:69:f0:31:f8:98:b6:a7:35:4a:86:75:04:23:
4d:62:86:2a:1c:2c:e5:29:19:c0:2e:d8:4c:8c:32:
f6:60:34:47:b5:55:7a:4b:08:c6:73:91:12:9e:9c:
88:28:bc:46:1e:08:b0:10:64:23:39:84:13:05:30:
60:4e:81:8a:8a:62:38:4c:2d:ad:33:47:77:20:ff:
db:30:75:ad:68:0c:97:3b:34:e5:f0:e1:02:78:e3:
72:da:48:ba:c8:a2:a0:9a:eb:87:93:36:c2:02:89:
fb:35:70:ef:8a:81:06:e6:75:00:0d:b6:40:93:fa:
a7:3e:e7:6a:c3:bd:78:e8:68:5c:67:b3:97:95:99:
0d:ab:04:1c:0c:ca:00:90:e5:85:93:de:d1:ca:6f:
76:f9:5e:fe:2a:10:d9:d6:fc:5b:fd:cf:47:6d:02:
3b:6f:a5:59:40:4e:dd:f1:6e:49:0e:c4:02:18:06:
85:b7:a0:34:a2:47:d9:ac:dd:ec:30:78:66:31:cb:
40:bd:fa:6b:f2:3d:e3:36:78:4e:7d:37:60:62:7b:
5a:10:f2:91:4d:40:58:bb:9d:29:cd:de:0b:8f:1e:
0d:90:92:af:e9:03:a2:2a:6e:1f:53:83:d4:34:c1:
66:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:71:DC:2F:3A:D0:73:F0:73:F7:48:37:EF:3D:72:A8:99:F2:1C:58
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/LnHcLzrQc_Bz90g37z1yqJnyHFg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.74.158.0/24
176.46.141.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:71:9e:11:65:06:6e:61:4c:df:eb:6e:86:8d:3f:6b:3c:9d:
5c:d2:3e:a8:49:4a:a9:1a:e4:9d:22:3d:68:e9:74:86:3a:ab:
d8:23:0f:3c:be:ab:7c:4b:be:6b:e3:1c:93:d1:cc:3b:a2:df:
3f:18:0d:70:6b:a4:c9:02:e7:78:09:bd:6b:98:fb:64:bc:d2:
5f:6b:2e:98:d0:60:59:e1:d5:d9:37:28:d9:35:c8:ae:02:f2:
fe:07:75:16:f7:89:40:9a:73:72:9a:31:42:b9:a2:89:bb:83:
d2:36:b0:9c:bd:ac:be:e2:a2:d4:d4:bf:74:6b:f4:f0:c0:e1:
d8:b1:c1:ee:58:1b:c1:b0:84:5e:a4:a2:da:de:43:0d:91:9c:
96:45:ec:26:1d:8b:6c:3f:4b:4a:2a:b9:06:5f:c1:a4:34:01:
35:62:fa:52:cd:67:6f:31:4b:ae:61:43:36:c1:f6:9c:d2:64:
1d:4f:af:1e:88:d6:5f:8c:0d:5f:3d:7b:59:53:0f:05:89:61:
c5:99:d3:d9:e3:4f:7b:b5:1c:85:de:34:51:c4:ea:0d:b6:c4:
dd:0f:78:13:eb:0d:68:3f:1b:78:22:c7:a3:c9:d2:bf:22:1d:
1d:94:b9:80:01:e6:fc:8e:0d:42:73:9d:a5:f4:7a:fd:ab:f1:
25:15:3d:d7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZTaCKMQdBrj9wuGdKqSdwmHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjUwMjA2MDY1MzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTcxZGMyZjNhZDA3M2YwNzNmNzQ4MzdlZjNkNzJhODk5ZjIxYzU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoh73yTLxJZESP91Xqn0nR2nwMfiY
tqc1SoZ1BCNNYoYqHCzlKRnALthMjDL2YDRHtVV6SwjGc5ESnpyIKLxGHgiwEGQj
OYQTBTBgToGKimI4TC2tM0d3IP/bMHWtaAyXOzTl8OECeONy2ki6yKKgmuuHkzbC
Aon7NXDvioEG5nUADbZAk/qnPudqw7146GhcZ7OXlZkNqwQcDMoAkOWFk97Rym92
+V7+KhDZ1vxb/c9HbQI7b6VZQE7d8W5JDsQCGAaFt6A0okfZrN3sMHhmMctAvfpr
8j3jNnhOfTdgYntaEPKRTUBYu50pzd4Ljx4NkJKv6QOiKm4fU4PUNMFmDQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFC5x3C860HPwc/dIN+89cqiZ8hxYMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvTG5IY0x6clFjX0J6OTBnMzd6MXlxSm55SEZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXkqeAwQA
sC6NMA0GCSqGSIb3DQEBCwUAA4IBAQAdcZ4RZQZuYUzf626GjT9rPJ1c0j6oSUqp
GuSdIj1o6XSGOqvYIw88vqt8S75r4xyT0cw7ot8/GA1wa6TJAud4Cb1rmPtkvNJf
ay6Y0GBZ4dXZNyjZNciuAvL+B3UW94lAmnNymjFCuaKJu4PSNrCcvay+4qLU1L90
a/TwwOHYscHuWBvBsIRepKLa3kMNkZyWRewmHYtsP0tKKrkGX8GkNAE1YvpSzWdv
MUuuYUM2wfac0mQdT68eiNZfjA1fPXtZUw8FiWHFmdPZ4097tRyF3jRRxOoNtsTd
D3gT6w1oPxt4IsejydK/Ih0dlLmAAeb8jg1Cc52l9Hr9q/ElFT3X
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:07:31 2025 by rpki-client