Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/3ed8dd-d36e-440c-8142-d80c6b85cda4/1/lmtLzOVEBCMJmFDW97nmpW6PzFg.roa
File: lmtLzOVEBCMJmFDW97nmpW6PzFg.roa (raw, json)
Hash identifier: iVAnqzIcFvJJNH7mwFr2Z4NAC8vfHKTonzu7qSoeFDg=
Subject key identifier: 96:6B:4B:CC:E5:44:04:23:09:98:50:D6:F7:B9:E6:A5:6E:8F:CC:58
Certificate issuer: /CN=63d9d1d95c1eb716ee8195045a77cba2181d79ec
Certificate serial: 0194D078851E1DAF822AA26AC4965F52F112
Authority key identifier: 63:D9:D1:D9:5C:1E:B7:16:EE:81:95:04:5A:77:CB:A2:18:1D:79:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y9nR2VwetxbugZUEWnfLohgdeew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/3ed8dd-d36e-440c-8142-d80c6b85cda4/1/lmtLzOVEBCMJmFDW97nmpW6PzFg.roa
Signing time: Tue 04 Feb 2025 10:19:06 +0000
ROA not before: Tue 04 Feb 2025 10:19:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29405
IP address blocks: 46.229.224.0/20 maxlen: 24
46.229.230.0/24 maxlen: 24
81.89.48.0/20 maxlen: 24
86.110.224.0/19 maxlen: 24
86.110.229.0/24 maxlen: 24
86.110.238.0/24 maxlen: 24
92.240.228.0/24 maxlen: 24
92.240.229.0/24 maxlen: 24
92.240.230.0/24 maxlen: 24
92.240.231.0/24 maxlen: 24
92.240.234.0/24 maxlen: 24
92.240.235.0/24 maxlen: 24
92.240.236.0/24 maxlen: 24
92.240.237.0/24 maxlen: 24
92.240.241.0/24 maxlen: 24
92.240.242.0/24 maxlen: 24
92.240.244.0/24 maxlen: 24
92.240.245.0/24 maxlen: 24
92.240.249.0/24 maxlen: 24
92.240.253.0/24 maxlen: 24
92.240.254.0/24 maxlen: 24
93.184.64.0/20 maxlen: 24
109.74.144.0/20 maxlen: 24
176.109.56.0/21 maxlen: 24
185.176.72.0/22 maxlen: 22
217.73.16.0/20 maxlen: 24
217.73.16.0/24 maxlen: 24
217.73.17.0/24 maxlen: 24
2a00:10d8::/32 maxlen: 64
2a00:10d8:10::/48 maxlen: 64
2a01:390::/32 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/3ed8dd-d36e-440c-8142-d80c6b85cda4/1/Y9nR2VwetxbugZUEWnfLohgdeew.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/3ed8dd-d36e-440c-8142-d80c6b85cda4/1/Y9nR2VwetxbugZUEWnfLohgdeew.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y9nR2VwetxbugZUEWnfLohgdeew.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 19:00:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:d0:78:85:1e:1d:af:82:2a:a2:6a:c4:96:5f:52:f1:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63d9d1d95c1eb716ee8195045a77cba2181d79ec
Validity
Not Before: Feb 4 10:19:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=966b4bcce5440423099850d6f7b9e6a56e8fcc58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:19:5b:a9:a8:17:34:51:99:60:6d:5e:9b:e3:
ad:29:f4:83:f4:d1:6a:02:3e:52:dc:41:11:76:cf:
73:40:b3:aa:6d:e2:ed:e4:79:fd:08:9e:cc:d7:fa:
fd:21:06:e2:d5:33:4d:82:12:c2:1c:46:67:89:82:
4b:62:4a:77:27:5b:c0:81:5f:86:d5:88:bf:12:af:
c3:fb:7b:19:57:ec:cf:63:5a:fa:5f:c3:61:ed:b1:
84:c6:e5:1f:1e:f9:e7:d1:01:af:b6:7b:be:5b:fd:
98:9c:9b:71:4f:a6:d2:d2:6f:63:a7:63:d1:2f:e2:
9c:e2:db:9f:39:d3:43:22:ec:88:76:4f:44:69:13:
44:82:35:05:27:17:f4:c8:62:6f:c9:d9:c5:eb:fd:
12:27:00:73:b5:c2:62:f5:99:72:e8:cc:10:60:e7:
81:11:8b:7f:42:70:f0:97:ec:ee:4b:90:02:77:69:
d3:21:e8:9e:0f:a9:fa:94:e6:42:50:34:30:f8:13:
68:93:5a:66:0e:91:1f:af:73:43:79:a7:05:e3:fd:
62:56:dd:fb:0e:13:88:d5:82:56:71:56:46:cc:bd:
57:31:7a:15:30:8d:8e:0b:1e:12:d5:b2:ae:ff:57:
4e:ca:2c:81:53:d8:db:e1:e0:24:69:2b:eb:0c:a8:
dc:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:6B:4B:CC:E5:44:04:23:09:98:50:D6:F7:B9:E6:A5:6E:8F:CC:58
X509v3 Authority Key Identifier:
keyid:63:D9:D1:D9:5C:1E:B7:16:EE:81:95:04:5A:77:CB:A2:18:1D:79:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y9nR2VwetxbugZUEWnfLohgdeew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/3ed8dd-d36e-440c-8142-d80c6b85cda4/1/lmtLzOVEBCMJmFDW97nmpW6PzFg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/3ed8dd-d36e-440c-8142-d80c6b85cda4/1/Y9nR2VwetxbugZUEWnfLohgdeew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.229.224.0/20
81.89.48.0/20
86.110.224.0/19
92.240.228.0/22
92.240.234.0-92.240.237.255
92.240.241.0-92.240.242.255
92.240.244.0/23
92.240.249.0/24
92.240.253.0-92.240.254.255
93.184.64.0/20
109.74.144.0/20
176.109.56.0/21
185.176.72.0/22
217.73.16.0/20
IPv6:
2a00:10d8::/32
2a01:390::/32
Signature Algorithm: sha256WithRSAEncryption
65:e4:06:9e:9e:ed:61:b3:f4:03:3f:1c:26:4d:4a:67:b7:d9:
b5:6f:53:83:55:84:24:1e:93:72:35:1a:11:b2:e2:e8:53:45:
e9:57:8b:2b:d2:a0:1b:46:fe:d1:4d:48:ee:c9:cf:df:54:fa:
85:77:53:7a:b6:ff:6d:14:d8:16:3d:91:a3:b1:85:25:9d:89:
c8:1c:56:61:35:eb:ef:ee:2a:bb:ca:3c:33:08:5d:e4:86:39:
22:e8:56:1b:77:1c:f5:b7:85:4b:20:88:80:f5:1d:d8:7f:91:
95:f4:47:84:90:d4:a5:11:57:9d:a1:64:f8:58:25:ad:3c:28:
0b:fd:da:55:c9:13:ba:0b:0b:52:8d:f7:28:57:2d:f8:2a:08:
7a:2e:07:cd:c3:0d:a4:06:49:96:0f:5b:bd:2b:09:da:af:4c:
36:b0:01:6c:21:39:c5:92:48:44:5d:a4:11:eb:8f:0e:b6:4b:
2f:76:ef:34:03:60:9f:61:6d:9b:25:07:15:52:d7:0c:db:bc:
c2:cf:89:28:93:6d:5f:2e:39:42:32:f8:37:ea:23:e4:f4:61:
8c:4e:8e:bc:7c:04:2c:4e:70:d7:67:fe:5a:50:77:60:fe:87:
43:81:1b:c9:67:c8:d3:9c:04:bb:6b:07:18:e2:21:58:12:04:
26:32:6a:e5
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgISAZTQeIUeHa+CKqJqxJZfUvESMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZDlkMWQ5NWMxZWI3MTZlZTgxOTUwNDVhNzdjYmEyMTgx
ZDc5ZWMwHhcNMjUwMjA0MTAxOTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjZiNGJjY2U1NDQwNDIzMDk5ODUwZDZmN2I5ZTZhNTZlOGZjYzU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2BlbqagXNFGZYG1em+OtKfSD9NFq
Aj5S3EERds9zQLOqbeLt5Hn9CJ7M1/r9IQbi1TNNghLCHEZniYJLYkp3J1vAgV+G
1Yi/Eq/D+3sZV+zPY1r6X8Nh7bGExuUfHvnn0QGvtnu+W/2YnJtxT6bS0m9jp2PR
L+Kc4tufOdNDIuyIdk9EaRNEgjUFJxf0yGJvydnF6/0SJwBztcJi9Zly6MwQYOeB
EYt/QnDwl+zuS5ACd2nTIeieD6n6lOZCUDQw+BNok1pmDpEfr3NDeacF4/1iVt37
DhOI1YJWcVZGzL1XMXoVMI2OCx4S1bKu/1dOyiyBU9jb4eAkaSvrDKjc6QIDAQAB
o4ICiDCCAoQwHQYDVR0OBBYEFJZrS8zlRAQjCZhQ1ve55qVuj8xYMB8GA1UdIwQY
MBaAFGPZ0dlcHrcW7oGVBFp3y6IYHXnsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTluUjJWd2V0eGJ1Z1pVRVduZkxvaGdkZWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8zZWQ4ZGQtZDM2ZS00NDBjLTgxNDIt
ZDgwYzZiODVjZGE0LzEvbG10THpPVkVCQ01KbUZEVzk3bm1wVzZQekZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8zZWQ4ZGQtZDM2ZS00NDBjLTgxNDItZDgwYzZiODVjZGE0
LzEvWTluUjJWd2V0eGJ1Z1pVRVduZkxvaGdkZWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGdBggrBgEFBQcBBwEB/wSBjTCBijByBAIAATBsAwQELuXg
AwQEUVkwAwQFVm7gAwQCXPDkMAwDBAFc8OoDBAFc8OwwDAMEAFzw8QMEAFzw8gME
AVzw9AMEAFzw+TAMAwQAXPD9AwQAXPD+AwQEXbhAAwQEbUqQAwQDsG04AwQCubBI
AwQE2UkQMBQEAgACMA4DBQAqABDYAwUAKgEDkDANBgkqhkiG9w0BAQsFAAOCAQEA
ZeQGnp7tYbP0Az8cJk1KZ7fZtW9Tg1WEJB6TcjUaEbLi6FNF6VeLK9KgG0b+0U1I
7snP31T6hXdTerb/bRTYFj2Ro7GFJZ2JyBxWYTXr7+4qu8o8Mwhd5IY5IuhWG3cc
9beFSyCIgPUd2H+RlfRHhJDUpRFXnaFk+FglrTwoC/3aVckTugsLUo33KFct+CoI
ei4HzcMNpAZJlg9bvSsJ2q9MNrABbCE5xZJIRF2kEeuPDrZLL3bvNANgn2FtmyUH
FVLXDNu8ws+JKJNtXy45QjL4N+oj5PRhjE6OvHwELE5w12f+WlB3YP6HQ4EbyWfI
05wEu2sHGOIhWBIEJjJq5Q==
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:43:11 2025 by rpki-client