Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/ljD_gVu1qs2Kl-0qKDp3UUaMANQ.roa
File: ljD_gVu1qs2Kl-0qKDp3UUaMANQ.roa (raw, json)
Hash identifier: YcPEsfq9GWzefDfl1aj8X/VvzCJxb2lIQMIp+xhIHmg=
Subject key identifier: 96:30:FF:81:5B:B5:AA:CD:8A:97:ED:2A:28:3A:77:51:46:8C:00:D4
Certificate issuer: /CN=54cbda78b1d1b613df565ff99700b6aee940de3f
Certificate serial: 019423D70E77383D916194ACDDA3772F37F9
Authority key identifier: 54:CB:DA:78:B1:D1:B6:13:DF:56:5F:F9:97:00:B6:AE:E9:40:DE:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VMvaeLHRthPfVl_5lwC2rulA3j8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/ljD_gVu1qs2Kl-0qKDp3UUaMANQ.roa
Signing time: Wed 01 Jan 2025 21:48:04 +0000
ROA not before: Wed 01 Jan 2025 21:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209956
IP address blocks: 213.238.166.0/24 maxlen: 24
213.238.184.0/24 maxlen: 24
213.238.187.0/24 maxlen: 24
213.238.189.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/VMvaeLHRthPfVl_5lwC2rulA3j8.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/VMvaeLHRthPfVl_5lwC2rulA3j8.mft
rsync://rpki.ripe.net/repository/DEFAULT/VMvaeLHRthPfVl_5lwC2rulA3j8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 08:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:0e:77:38:3d:91:61:94:ac:dd:a3:77:2f:37:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54cbda78b1d1b613df565ff99700b6aee940de3f
Validity
Not Before: Jan 1 21:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9630ff815bb5aacd8a97ed2a283a7751468c00d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ac:28:29:60:ee:80:1b:27:0b:f8:4a:f4:9a:
1c:55:aa:2a:90:bb:97:4c:d8:32:40:16:e5:b1:e6:
43:a0:59:7a:39:ca:c8:cb:d4:a8:e6:41:c2:e7:f3:
8a:a9:ea:88:20:14:f9:9f:c9:86:7c:f7:53:a8:8b:
f7:0b:6f:9d:39:96:e3:d7:c7:c6:5e:1a:99:d9:dd:
75:b0:6b:46:45:3d:13:e8:00:7b:e3:22:b0:8f:53:
45:13:22:ba:e2:dd:2b:b1:b9:3b:ff:3c:b6:46:f6:
b0:de:e1:32:bb:eb:ca:b0:27:6a:f8:a6:5c:05:1b:
b9:b4:ac:6a:62:39:07:05:b1:31:2d:aa:15:ce:1d:
27:10:af:4a:9f:fa:b0:73:8f:9e:2d:07:d1:a5:ff:
f8:ec:51:73:b1:e6:8f:c6:87:82:ed:b7:13:db:2e:
df:3c:db:76:fc:26:65:e2:00:41:e3:a2:f8:14:e2:
4c:be:8d:1a:55:a5:b0:17:08:75:4d:19:05:4e:28:
84:b0:43:4d:78:3b:9e:e8:27:9c:c1:65:9e:2d:52:
98:f6:1c:82:9b:43:83:19:ac:b9:1c:3f:d8:b3:50:
a0:04:32:71:3f:53:44:4b:b5:a3:e8:fc:dd:71:61:
d8:e7:41:d9:13:8f:a5:7f:6a:76:05:97:fd:e2:d9:
ba:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:30:FF:81:5B:B5:AA:CD:8A:97:ED:2A:28:3A:77:51:46:8C:00:D4
X509v3 Authority Key Identifier:
keyid:54:CB:DA:78:B1:D1:B6:13:DF:56:5F:F9:97:00:B6:AE:E9:40:DE:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VMvaeLHRthPfVl_5lwC2rulA3j8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/ljD_gVu1qs2Kl-0qKDp3UUaMANQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/VMvaeLHRthPfVl_5lwC2rulA3j8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.238.166.0/24
213.238.184.0/24
213.238.187.0/24
213.238.189.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:08:7f:fd:97:02:a6:f9:80:3b:fd:6e:0b:d9:11:a0:0b:b5:
65:38:4e:59:28:4a:65:1f:b0:ad:d4:1e:56:b9:c1:f1:85:d5:
c8:bd:42:65:a1:e4:96:49:be:d6:93:42:5d:fa:25:06:43:7f:
e7:6e:37:09:23:eb:fb:6c:1b:a1:48:ec:e8:22:22:d0:a4:b6:
ae:91:b6:11:aa:6c:7f:7e:95:06:e0:2a:b3:62:88:64:ef:2d:
92:ea:1b:a3:66:b6:79:2b:8b:eb:34:5c:b1:ef:ed:19:63:26:
20:2d:7d:be:f7:86:e1:07:e3:bc:8f:db:b8:a8:1d:9d:24:ee:
c3:e9:8d:e2:ba:b7:c0:b8:ba:53:34:77:a6:bb:6f:a5:1b:90:
03:34:ba:d8:32:81:97:a5:d7:1d:97:c5:09:8f:0f:11:08:51:
f8:c9:d6:b8:a8:1d:79:bb:a6:04:e0:8c:44:0f:25:fe:bf:a1:
f0:a1:51:da:b4:c4:c6:b5:c1:be:93:80:57:fb:04:2d:9a:1e:
85:d1:62:0c:32:0a:6c:51:6a:5b:20:fd:bc:c9:f5:83:13:3f:
68:50:8c:79:12:f3:7e:f2:ea:eb:1f:9d:07:d7:c8:4b:5e:1d:
09:54:ee:3f:f2:ef:e7:30:08:5f:07:9e:6b:20:07:41:3e:ea:
b5:85:4f:49
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQj1w53OD2RYZSs3aN3Lzf5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0Y2JkYTc4YjFkMWI2MTNkZjU2NWZmOTk3MDBiNmFlZTk0
MGRlM2YwHhcNMjUwMTAxMjE0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjMwZmY4MTViYjVhYWNkOGE5N2VkMmEyODNhNzc1MTQ2OGMwMGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtKwoKWDugBsnC/hK9JocVaoqkLuX
TNgyQBblseZDoFl6OcrIy9So5kHC5/OKqeqIIBT5n8mGfPdTqIv3C2+dOZbj18fG
XhqZ2d11sGtGRT0T6AB74yKwj1NFEyK64t0rsbk7/zy2Rvaw3uEyu+vKsCdq+KZc
BRu5tKxqYjkHBbExLaoVzh0nEK9Kn/qwc4+eLQfRpf/47FFzseaPxoeC7bcT2y7f
PNt2/CZl4gBB46L4FOJMvo0aVaWwFwh1TRkFTiiEsENNeDue6CecwWWeLVKY9hyC
m0ODGay5HD/Ys1CgBDJxP1NES7Wj6PzdcWHY50HZE4+lf2p2BZf94tm61wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJYw/4FbtarNipftKig6d1FGjADUMB8GA1UdIwQY
MBaAFFTL2nix0bYT31Zf+ZcAtq7pQN4/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVk12YWVMSFJ0aFBmVmxfNWx3QzJydWxBM2o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC82ZDYxZDktMGJmNy00NGJiLWI4MGYt
Y2QzMTYxNWQwMWE5LzEvbGpEX2dWdTFxczJLbC0wcUtEcDNVVWFNQU5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC82ZDYxZDktMGJmNy00NGJiLWI4MGYtY2QzMTYxNWQwMWE5
LzEvVk12YWVMSFJ0aFBmVmxfNWx3QzJydWxBM2o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQA1e6mAwQA
1e64AwQA1e67AwQA1e69MA0GCSqGSIb3DQEBCwUAA4IBAQB+CH/9lwKm+YA7/W4L
2RGgC7VlOE5ZKEplH7Ct1B5WucHxhdXIvUJloeSWSb7Wk0Jd+iUGQ3/nbjcJI+v7
bBuhSOzoIiLQpLaukbYRqmx/fpUG4CqzYohk7y2S6hujZrZ5K4vrNFyx7+0ZYyYg
LX2+94bhB+O8j9u4qB2dJO7D6Y3iurfAuLpTNHemu2+lG5ADNLrYMoGXpdcdl8UJ
jw8RCFH4yda4qB15u6YE4IxEDyX+v6HwoVHatMTGtcG+k4BX+wQtmh6F0WIMMgps
UWpbIP28yfWDEz9oUIx5EvN+8urrH50H18hLXh0JVO4/8u/nMAhfB55rIAdBPuq1
hU9J
-----END CERTIFICATE-----
Generated at Mon Apr 7 15:34:32 2025 by rpki-client