Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/larXL9Oe9S4uArTjfDphSAdcBAQ.roa
File: larXL9Oe9S4uArTjfDphSAdcBAQ.roa (raw, json)
Hash identifier: ma0kItoUqJ36KR7dotIN1oZE5Sg0M1CpYHLILnMO2cc=
Subject key identifier: 95:AA:D7:2F:D3:9E:F5:2E:2E:02:B4:E3:7C:3A:61:48:07:5C:04:04
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 0194258F93BF6D4C794864F33423FA6EB530
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/larXL9Oe9S4uArTjfDphSAdcBAQ.roa
Signing time: Thu 02 Jan 2025 05:49:14 +0000
ROA not before: Thu 02 Jan 2025 05:49:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209767
IP address blocks: 31.132.192.0/22 maxlen: 22
31.132.196.0/22 maxlen: 22
46.174.204.0/22 maxlen: 22
91.224.213.0/24 maxlen: 24
91.226.52.0/23 maxlen: 23
91.226.54.0/23 maxlen: 23
91.229.30.0/24 maxlen: 24
91.239.179.0/24 maxlen: 24
91.239.224.0/24 maxlen: 24
91.245.92.0/22 maxlen: 24
91.246.204.0/22 maxlen: 22
91.246.216.0/24 maxlen: 24
109.207.133.0/24 maxlen: 24
109.207.142.0/24 maxlen: 24
109.207.143.0/24 maxlen: 24
176.113.176.0/22 maxlen: 24
176.116.229.0/24 maxlen: 24
176.116.237.0/24 maxlen: 24
176.124.172.0/22 maxlen: 22
178.213.176.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.mft
rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 19:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:93:bf:6d:4c:79:48:64:f3:34:23:fa:6e:b5:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Jan 2 05:49:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=95aad72fd39ef52e2e02b4e37c3a6148075c0404
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:69:6f:e7:29:f1:c6:78:f5:58:59:7d:af:e0:
c7:fb:79:41:24:08:02:27:ea:cb:c8:9f:2c:e1:41:
43:b6:75:b6:21:4b:e0:d9:f7:00:f4:0a:6a:4e:4c:
da:6b:c0:5c:e0:54:18:2e:af:09:be:16:89:e0:bc:
32:37:83:53:52:cf:a9:f3:75:d2:47:c7:dd:d0:24:
11:60:f4:4c:df:c3:a3:38:ec:96:13:92:d1:d5:b0:
50:df:3d:6f:5d:7d:49:42:16:6a:e7:0b:e8:c2:38:
b8:a6:70:b1:a4:02:fc:9a:c0:d0:e0:ac:c3:57:ad:
09:8f:f2:7c:7b:f9:36:87:d3:f2:b7:30:f9:12:15:
ce:a0:23:06:0d:ff:3c:8b:e1:1d:03:69:c3:fb:e8:
f1:59:2f:7c:69:a4:f9:cf:70:35:4d:c4:7b:b8:ee:
65:28:27:e4:8d:8c:2e:26:63:49:40:06:a6:d2:40:
f4:4d:1f:73:ed:e2:c1:23:96:69:07:c5:75:7f:a1:
c1:a9:47:67:52:b2:a5:bc:69:25:89:61:60:3e:34:
a2:32:b8:09:0c:78:f8:d1:0a:b1:89:ed:64:a1:45:
f1:43:6b:c6:f7:42:d3:4f:d6:22:74:f3:c2:59:c7:
1e:0e:b1:4a:35:53:2c:00:f6:f6:c4:58:63:2e:d8:
f5:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:AA:D7:2F:D3:9E:F5:2E:2E:02:B4:E3:7C:3A:61:48:07:5C:04:04
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/larXL9Oe9S4uArTjfDphSAdcBAQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.132.192.0/21
46.174.204.0/22
91.224.213.0/24
91.226.52.0/22
91.229.30.0/24
91.239.179.0/24
91.239.224.0/24
91.245.92.0/22
91.246.204.0/22
91.246.216.0/24
109.207.133.0/24
109.207.142.0/23
176.113.176.0/22
176.116.229.0/24
176.116.237.0/24
176.124.172.0/22
178.213.176.0/22
Signature Algorithm: sha256WithRSAEncryption
72:b0:9c:45:69:d1:b2:9f:49:dd:40:23:b4:c5:cd:87:69:eb:
96:9b:c4:bf:04:97:31:93:10:34:20:a3:8c:83:75:8d:2a:28:
4a:a2:eb:d8:01:e8:00:7e:6d:e7:ee:2f:72:d4:8d:bd:bd:23:
8d:7c:1a:3f:3a:a8:49:6a:8e:03:25:f3:ad:ae:17:b7:76:47:
42:32:ed:a2:98:6f:08:de:b3:2d:88:f8:06:08:33:3d:e8:c7:
d4:a3:a3:13:3d:d6:42:82:e0:bd:e5:fb:e5:d1:16:a3:da:1f:
f2:6a:6b:48:24:59:85:fa:da:cf:fe:a1:bd:3f:25:cb:7d:82:
40:35:78:13:75:8c:54:d1:19:e2:e9:f1:62:7f:b5:55:0c:23:
ef:f3:37:4e:e3:01:d3:05:2c:63:93:85:3e:51:b5:dd:f1:2d:
65:88:48:61:38:ce:0c:49:f9:97:2c:54:d9:07:93:11:ff:7c:
fe:c2:95:27:53:0b:5d:0a:5f:42:f5:79:c8:ff:0c:00:98:2b:
aa:04:9a:af:25:7a:73:80:2e:e7:b7:53:3d:1b:f9:fd:4e:49:
57:bc:69:7e:1d:e0:96:40:8c:25:23:7a:8f:6b:17:8e:f4:66:
5e:ff:59:a8:7f:74:47:23:31:68:33:ae:fe:c0:69:79:16:dc:
65:2d:a1:e4
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAZQlj5O/bUx5SGTzNCP6brUwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjUwMTAyMDU0OTE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWFhZDcyZmQzOWVmNTJlMmUwMmI0ZTM3YzNhNjE0ODA3NWMwNDA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtWlv5ynxxnj1WFl9r+DH+3lBJAgC
J+rLyJ8s4UFDtnW2IUvg2fcA9ApqTkzaa8Bc4FQYLq8JvhaJ4LwyN4NTUs+p83XS
R8fd0CQRYPRM38OjOOyWE5LR1bBQ3z1vXX1JQhZq5wvowji4pnCxpAL8msDQ4KzD
V60Jj/J8e/k2h9PytzD5EhXOoCMGDf88i+EdA2nD++jxWS98aaT5z3A1TcR7uO5l
KCfkjYwuJmNJQAam0kD0TR9z7eLBI5ZpB8V1f6HBqUdnUrKlvGkliWFgPjSiMrgJ
DHj40Qqxie1koUXxQ2vG90LTT9YidPPCWcceDrFKNVMsAPb2xFhjLtj1UQIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFJWq1y/TnvUuLgK043w6YUgHXAQEMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvbGFyWEw5T2U5UzR1QXJUamZEcGhTQWRjQkFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQDH4TAAwQC
Lq7MAwQAW+DVAwQCW+I0AwQAW+UeAwQAW++zAwQAW+/gAwQCW/VcAwQCW/bMAwQA
W/bYAwQAbc+FAwQBbc+OAwQCsHGwAwQAsHTlAwQAsHTtAwQCsHysAwQCstWwMA0G
CSqGSIb3DQEBCwUAA4IBAQBysJxFadGyn0ndQCO0xc2HaeuWm8S/BJcxkxA0IKOM
g3WNKihKouvYAegAfm3n7i9y1I29vSONfBo/OqhJao4DJfOtrhe3dkdCMu2imG8I
3rMtiPgGCDM96MfUo6MTPdZCguC95fvl0Raj2h/yamtIJFmF+trP/qG9PyXLfYJA
NXgTdYxU0Rni6fFif7VVDCPv8zdO4wHTBSxjk4U+UbXd8S1liEhhOM4MSfmXLFTZ
B5MR/3z+wpUnUwtdCl9C9XnI/wwAmCuqBJqvJXpzgC7nt1M9G/n9TklXvGl+HeCW
QIwlI3qPaxeO9GZe/1mof3RHIzFoM67+wGl5FtxlLaHk
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:34:21 2025 by rpki-client