Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/79bdb0-bd5c-4800-9768-afd1268fdbfd/1/LyKlqkZe1vL0FqTF3iiSvFK7hTQ.roa
File: LyKlqkZe1vL0FqTF3iiSvFK7hTQ.roa (raw, json)
Hash identifier: 2Vj99SsHB7IFNM1FIg40rxpKy12rqtdylkU9a0vtpMc=
Subject key identifier: 2F:22:A5:AA:46:5E:D6:F2:F4:16:A4:C5:DE:28:92:BC:52:BB:85:34
Certificate issuer: /CN=92503aaf126af7cd031cac3ce1e398c174b82e02
Certificate serial: 019422FC448D7D53901DF4D5C71819EEE678
Authority key identifier: 92:50:3A:AF:12:6A:F7:CD:03:1C:AC:3C:E1:E3:98:C1:74:B8:2E:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/klA6rxJq980DHKw84eOYwXS4LgI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/79bdb0-bd5c-4800-9768-afd1268fdbfd/1/LyKlqkZe1vL0FqTF3iiSvFK7hTQ.roa
Signing time: Wed 01 Jan 2025 17:49:05 +0000
ROA not before: Wed 01 Jan 2025 17:49:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43805
IP address blocks: 194.107.23.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/79bdb0-bd5c-4800-9768-afd1268fdbfd/1/klA6rxJq980DHKw84eOYwXS4LgI.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/79bdb0-bd5c-4800-9768-afd1268fdbfd/1/klA6rxJq980DHKw84eOYwXS4LgI.mft
rsync://rpki.ripe.net/repository/DEFAULT/klA6rxJq980DHKw84eOYwXS4LgI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 10 Mar 2025 11:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:44:8d:7d:53:90:1d:f4:d5:c7:18:19:ee:e6:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92503aaf126af7cd031cac3ce1e398c174b82e02
Validity
Not Before: Jan 1 17:49:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2f22a5aa465ed6f2f416a4c5de2892bc52bb8534
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:58:4a:fb:b5:47:55:66:a3:7e:b4:8f:57:39:
92:7f:0f:0c:e8:e4:46:87:1f:51:d1:42:f8:3c:62:
c2:61:92:de:d5:74:ee:69:3e:58:ac:01:c2:2a:c4:
79:39:99:6f:e4:5c:22:90:3d:95:0d:bc:b2:c1:a2:
77:6f:93:cc:05:9f:1c:2f:05:7d:a8:3c:fe:48:12:
78:5d:bc:34:d0:2b:de:84:64:04:a4:eb:ab:2b:e5:
86:e3:21:4f:65:ef:8c:ad:b7:d1:d5:57:e5:f4:e6:
2a:8d:85:04:70:53:29:ff:f2:db:06:47:2b:1c:27:
d7:f5:2c:a9:c4:1e:df:d2:3a:48:5e:dc:a2:87:2b:
52:ed:93:f6:66:a5:2a:2f:f3:6c:a4:7a:32:60:5e:
f9:e0:fb:bd:63:88:fd:4b:c5:d3:f4:2b:6c:cb:3b:
34:30:7f:cd:4b:06:a9:1e:3c:a2:43:40:7d:b5:93:
5e:5b:8e:12:4d:f1:07:d6:41:0a:39:e2:4b:e1:d6:
6c:59:bb:2d:36:b0:94:2f:ee:1c:09:6e:69:60:05:
9f:8a:36:87:3c:08:ae:2d:91:96:b0:01:7c:f3:3e:
9d:17:fa:62:bd:84:b7:f3:9c:a7:39:ee:d4:77:ec:
4b:99:94:6a:fb:12:1a:0f:ff:78:33:54:1e:5a:02:
5f:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:22:A5:AA:46:5E:D6:F2:F4:16:A4:C5:DE:28:92:BC:52:BB:85:34
X509v3 Authority Key Identifier:
keyid:92:50:3A:AF:12:6A:F7:CD:03:1C:AC:3C:E1:E3:98:C1:74:B8:2E:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/klA6rxJq980DHKw84eOYwXS4LgI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/79bdb0-bd5c-4800-9768-afd1268fdbfd/1/LyKlqkZe1vL0FqTF3iiSvFK7hTQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/79bdb0-bd5c-4800-9768-afd1268fdbfd/1/klA6rxJq980DHKw84eOYwXS4LgI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.107.23.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:98:e9:49:6d:00:4c:6a:a4:ac:fa:7c:ac:5c:13:ec:cf:3f:
ec:80:40:ce:06:a5:af:d9:7d:58:2c:b6:1e:fd:6e:cb:c3:13:
2a:8c:de:59:d6:4f:64:43:ea:73:32:9e:b7:0b:4d:fc:16:c1:
99:ac:e8:40:1e:1a:b3:fe:4a:98:8a:3e:80:89:b5:5e:60:50:
e6:a1:a8:99:c3:1b:61:77:b1:f9:3b:d7:8e:35:b0:56:2f:86:
56:e8:aa:e9:2f:0e:1b:d9:87:1b:3e:49:08:da:5c:c0:d0:24:
ee:0f:cc:e6:50:19:ab:0d:a5:c2:d3:50:d9:e8:40:dc:0d:5d:
23:5c:ad:cd:47:b2:1b:4e:2f:01:ca:c1:76:20:99:97:7a:de:
14:5b:ac:7f:e1:54:73:f6:8a:80:75:f8:cc:df:0c:17:35:e6:
f2:f9:d1:5a:a4:5e:cd:5d:d9:ae:13:8b:a4:80:d3:a3:91:56:
ec:c8:54:d2:4e:ff:b1:71:9c:ae:50:f8:66:4d:f4:b2:3e:ec:
f2:4e:11:a4:04:89:5b:4e:86:16:97:53:cd:48:ab:92:c2:ad:
e0:9f:91:bf:cb:3e:7c:ee:7d:a9:35:36:05:69:31:58:a9:ac:
3b:f8:7b:ac:74:4f:bc:85:8f:1b:89:fc:d2:8f:ea:93:3d:4b:
ca:47:c3:61
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi/ESNfVOQHfTVxxgZ7uZ4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNTAzYWFmMTI2YWY3Y2QwMzFjYWMzY2UxZTM5OGMxNzRi
ODJlMDIwHhcNMjUwMTAxMTc0OTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjIyYTVhYTQ2NWVkNmYyZjQxNmE0YzVkZTI4OTJiYzUyYmI4NTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn1hK+7VHVWajfrSPVzmSfw8M6ORG
hx9R0UL4PGLCYZLe1XTuaT5YrAHCKsR5OZlv5FwikD2VDbyywaJ3b5PMBZ8cLwV9
qDz+SBJ4Xbw00CvehGQEpOurK+WG4yFPZe+MrbfR1Vfl9OYqjYUEcFMp//LbBkcr
HCfX9SypxB7f0jpIXtyihytS7ZP2ZqUqL/NspHoyYF754Pu9Y4j9S8XT9Ctsyzs0
MH/NSwapHjyiQ0B9tZNeW44STfEH1kEKOeJL4dZsWbstNrCUL+4cCW5pYAWfijaH
PAiuLZGWsAF88z6dF/pivYS385ynOe7Ud+xLmZRq+xIaD/94M1QeWgJfOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC8ipapGXtby9Bakxd4okrxSu4U0MB8GA1UdIwQY
MBaAFJJQOq8SavfNAxysPOHjmMF0uC4CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2xBNnJ4SnE5ODBESEt3ODRlT1l3WFM0TGdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83OWJkYjAtYmQ1Yy00ODAwLTk3Njgt
YWZkMTI2OGZkYmZkLzEvTHlLbHFrWmUxdkwwRnFURjNpaVN2Rks3aFRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83OWJkYjAtYmQ1Yy00ODAwLTk3NjgtYWZkMTI2OGZkYmZk
LzEva2xBNnJ4SnE5ODBESEt3ODRlT1l3WFM0TGdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwmsXMA0G
CSqGSIb3DQEBCwUAA4IBAQCrmOlJbQBMaqSs+nysXBPszz/sgEDOBqWv2X1YLLYe
/W7LwxMqjN5Z1k9kQ+pzMp63C038FsGZrOhAHhqz/kqYij6AibVeYFDmoaiZwxth
d7H5O9eONbBWL4ZW6KrpLw4b2YcbPkkI2lzA0CTuD8zmUBmrDaXC01DZ6EDcDV0j
XK3NR7IbTi8BysF2IJmXet4UW6x/4VRz9oqAdfjM3wwXNeby+dFapF7NXdmuE4uk
gNOjkVbsyFTSTv+xcZyuUPhmTfSyPuzyThGkBIlbToYWl1PNSKuSwq3gn5G/yz58
7n2pNTYFaTFYqaw7+HusdE+8hY8bifzSj+qTPUvKR8Nh
-----END CERTIFICATE-----
Generated at Sun Mar 9 19:05:12 2025 by rpki-client