Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/l5eLjRRQiofbgCfgGWC1ESLA0cI.roa
File: l5eLjRRQiofbgCfgGWC1ESLA0cI.roa (raw, json)
Hash identifier: A6wsuiAvc2IMJwsxkxrsjHGVGqfe958bhgt4EvG4y/o=
Subject key identifier: 97:97:8B:8D:14:50:8A:87:DB:80:27:E0:19:60:B5:11:22:C0:D1:C2
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 019427B555323CD11AA639DBBA8D4993D989
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/l5eLjRRQiofbgCfgGWC1ESLA0cI.roa
Signing time: Thu 02 Jan 2025 15:49:42 +0000
ROA not before: Thu 02 Jan 2025 15:49:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56681
IP address blocks: 188.255.146.0/24 maxlen: 24
188.255.169.0/24 maxlen: 24
188.255.173.0/24 maxlen: 24
188.255.184.0/24 maxlen: 24
188.255.221.0/24 maxlen: 24
188.255.224.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.mft
rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 10:01:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:55:32:3c:d1:1a:a6:39:db:ba:8d:49:93:d9:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Jan 2 15:49:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=97978b8d14508a87db8027e01960b51122c0d1c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:4b:d1:d8:9d:ef:45:6a:6d:42:22:b5:05:3a:
c9:bd:9d:67:68:0b:e8:7b:be:b0:e8:8e:ab:21:a5:
c3:74:56:01:72:8a:fd:5d:9d:6d:a5:ef:74:18:12:
76:11:9f:43:1f:e7:50:9e:d5:82:35:1f:c3:24:df:
a5:fb:2f:07:0e:ba:ce:40:78:1b:de:e9:43:e8:01:
7a:6b:30:2e:9e:de:79:67:46:fe:51:f5:4c:e7:01:
3d:7e:ae:cd:b9:d6:64:93:23:d5:93:03:f5:04:39:
27:2b:43:fb:d2:29:a2:6b:03:16:06:7f:d5:b7:9e:
0e:c2:8d:e0:f1:5a:56:03:bc:e0:a3:68:76:57:71:
67:dc:b0:53:00:95:df:55:19:b2:a5:f3:11:f2:57:
82:b8:a3:60:7b:56:e1:8b:c9:29:07:89:10:93:54:
b8:9c:bf:fc:cc:2c:80:d1:c3:b5:e3:7a:2c:c0:0b:
40:48:11:eb:70:31:67:4b:64:20:22:a4:01:a1:ea:
3e:9e:ba:df:56:e2:1a:23:91:8c:1b:d9:f4:0d:4e:
4b:27:27:27:05:af:83:f2:1d:74:1f:32:53:ba:d8:
e9:3f:c8:4c:12:41:07:cf:90:83:7d:8f:2c:09:95:
41:83:19:d8:24:77:53:11:ea:ed:63:d9:2e:f7:7a:
8b:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:97:8B:8D:14:50:8A:87:DB:80:27:E0:19:60:B5:11:22:C0:D1:C2
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/l5eLjRRQiofbgCfgGWC1ESLA0cI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.255.146.0/24
188.255.169.0/24
188.255.173.0/24
188.255.184.0/24
188.255.221.0/24
188.255.224.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:a0:60:54:30:55:44:78:35:a0:cf:a2:0b:ec:fc:78:68:48:
d2:21:00:62:f5:d3:46:67:da:ee:d4:98:12:80:11:32:5d:f2:
10:77:d3:ca:a4:e4:ea:4f:b6:08:e1:d6:cf:df:5f:a8:a5:2c:
eb:ef:22:e5:71:fc:1b:f2:ee:fd:9c:c3:a8:1e:78:39:b2:a6:
61:53:9e:35:8d:a1:e8:93:d8:70:ef:a5:39:dc:b1:fd:5f:de:
45:1f:ea:6f:c2:dd:b5:6f:00:23:f3:20:f3:14:9b:c2:e7:6a:
2d:5e:16:d4:b1:8d:13:b1:ff:9d:86:68:7f:09:4c:df:a2:59:
62:8b:0a:f6:3f:d1:12:e5:e7:f2:99:86:8d:44:59:f1:0e:7d:
fb:95:6d:3f:47:e4:d6:7f:e4:a5:3b:1d:61:0e:e5:bd:ed:33:
d2:de:a5:93:75:17:5b:1d:e3:eb:40:81:26:cf:53:78:41:e5:
ae:b4:83:05:00:a2:ad:1e:bc:eb:65:b7:5e:05:19:ea:13:d4:
88:89:65:29:0a:9d:cb:75:5f:8a:f8:67:bf:57:54:63:e9:f4:
ca:a9:34:1f:37:46:7e:bd:1a:4d:7e:03:22:5f:97:65:0a:3a:
93:9f:5e:e1:78:ad:09:76:23:25:fa:5b:25:4e:10:34:c8:17:
0c:03:79:88
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQntVUyPNEapjnbuo1Jk9mJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjUwMTAyMTU0OTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Nzk3OGI4ZDE0NTA4YTg3ZGI4MDI3ZTAxOTYwYjUxMTIyYzBkMWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtkvR2J3vRWptQiK1BTrJvZ1naAvo
e76w6I6rIaXDdFYBcor9XZ1tpe90GBJ2EZ9DH+dQntWCNR/DJN+l+y8HDrrOQHgb
3ulD6AF6azAunt55Z0b+UfVM5wE9fq7NudZkkyPVkwP1BDknK0P70imiawMWBn/V
t54Owo3g8VpWA7zgo2h2V3Fn3LBTAJXfVRmypfMR8leCuKNge1bhi8kpB4kQk1S4
nL/8zCyA0cO143oswAtASBHrcDFnS2QgIqQBoeo+nrrfVuIaI5GMG9n0DU5LJycn
Ba+D8h10HzJTutjpP8hMEkEHz5CDfY8sCZVBgxnYJHdTEertY9ku93qLYwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJeXi40UUIqH24An4BlgtREiwNHCMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvbDVlTGpSUlFpb2ZiZ0NmZ0dXQzFFU0xBMGNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAvP+SAwQA
vP+pAwQAvP+tAwQAvP+4AwQAvP/dAwQAvP/gMA0GCSqGSIb3DQEBCwUAA4IBAQCh
oGBUMFVEeDWgz6IL7Px4aEjSIQBi9dNGZ9ru1JgSgBEyXfIQd9PKpOTqT7YI4dbP
31+opSzr7yLlcfwb8u79nMOoHng5sqZhU541jaHok9hw76U53LH9X95FH+pvwt21
bwAj8yDzFJvC52otXhbUsY0Tsf+dhmh/CUzfolliiwr2P9ES5efymYaNRFnxDn37
lW0/R+TWf+SlOx1hDuW97TPS3qWTdRdbHePrQIEmz1N4QeWutIMFAKKtHrzrZbde
BRnqE9SIiWUpCp3LdV+K+Ge/V1Rj6fTKqTQfN0Z+vRpNfgMiX5dlCjqTn17heK0J
diMl+lslThA0yBcMA3mI
-----END CERTIFICATE-----
Generated at Sat Apr 5 17:56:55 2025 by rpki-client