Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/LS_oKjOyENRZwn9y786G7x_fDEc.roa
File: LS_oKjOyENRZwn9y786G7x_fDEc.roa (raw, json)
Hash identifier: qwrjawF9Z67WE+ivjm8mPIl3xqaLReHxca9+SNnwKPE=
Subject key identifier: 2D:2F:E8:2A:33:B2:10:D4:59:C2:7F:72:EF:CE:86:EF:1F:DF:0C:47
Certificate issuer: /CN=458d12f095053c35876b88b47685d6435421fcf2
Certificate serial: 0194274733E6DF77CFD59E2779F9AC1ED1BA
Authority key identifier: 45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/LS_oKjOyENRZwn9y786G7x_fDEc.roa
Signing time: Thu 02 Jan 2025 13:49:25 +0000
ROA not before: Thu 02 Jan 2025 13:49:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9009
IP address blocks: 45.11.181.0/24 maxlen: 24
185.158.248.0/24 maxlen: 24
2a0b:7140:7::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.mft
rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:33:e6:df:77:cf:d5:9e:27:79:f9:ac:1e:d1:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=458d12f095053c35876b88b47685d6435421fcf2
Validity
Not Before: Jan 2 13:49:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2d2fe82a33b210d459c27f72efce86ef1fdf0c47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:d4:8c:fd:83:69:8e:4b:e4:41:6b:e9:26:e5:
5a:a6:12:c0:60:89:6d:9d:80:3f:b2:3d:54:66:57:
38:d7:f1:2e:d4:f0:ed:d9:2b:cb:af:08:f9:40:3c:
3d:e1:1a:86:95:b6:4e:b1:75:fe:cf:04:1c:de:73:
5f:fe:5a:04:6b:a8:d7:b1:86:2a:54:8b:2f:6a:7c:
52:10:6c:d7:64:a4:cd:0a:fa:39:f4:d8:52:35:7f:
f0:91:8f:c7:ff:22:bf:60:4d:e0:b7:d6:37:6c:51:
02:b0:b8:c9:32:d8:0c:8b:87:e2:7c:c4:a8:00:18:
ba:9e:d3:18:a4:9c:3b:45:77:31:ba:f1:5d:fa:b8:
6a:4b:42:ac:a4:a9:4c:bd:c3:17:1a:35:59:66:f7:
d8:3a:b8:63:27:cb:04:63:c3:67:d5:bb:5e:6e:91:
b8:b6:1d:c8:7b:d3:12:f5:e6:2d:2a:d2:6f:50:8d:
21:33:af:e5:29:f2:dc:bb:56:0e:6a:8a:6c:26:7d:
ec:4f:19:cb:70:01:f7:03:9f:b1:94:49:79:78:ef:
d6:78:17:11:5e:6e:17:78:8c:00:02:4a:c7:bd:bf:
71:ba:1b:6b:a7:13:da:64:71:ea:75:78:49:29:50:
b2:f2:72:bf:29:d1:ea:40:c9:fa:eb:04:c0:ee:60:
2e:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:2F:E8:2A:33:B2:10:D4:59:C2:7F:72:EF:CE:86:EF:1F:DF:0C:47
X509v3 Authority Key Identifier:
keyid:45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/LS_oKjOyENRZwn9y786G7x_fDEc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.181.0/24
185.158.248.0/24
IPv6:
2a0b:7140:7::/48
Signature Algorithm: sha256WithRSAEncryption
08:50:f0:1d:48:ee:a4:b7:5a:d3:0e:52:1e:bb:2e:28:dd:d4:
e7:d0:c8:ea:4c:e7:81:c9:81:41:e9:21:a1:2b:03:70:81:9c:
8a:1b:82:f0:1c:4a:ed:e8:ed:e6:2a:3c:e0:b1:6b:f0:af:fd:
da:1b:dc:d7:2e:52:58:8d:74:69:43:bb:c0:4d:49:e6:1c:be:
2c:bb:20:da:2f:3d:29:11:3b:4a:19:c4:a0:1f:8e:a1:92:99:
10:27:f2:a0:2a:d7:02:d7:00:99:2a:3d:0a:39:23:79:2e:ae:
04:bc:b1:a4:1e:5b:d6:9c:51:41:7b:10:63:8c:08:fe:94:14:
4a:12:c0:cf:ef:81:23:69:5c:d1:8b:fb:9f:32:58:19:01:2b:
b6:aa:9f:61:47:b7:83:2e:58:6e:e0:ab:6d:4b:2a:27:34:ff:
35:62:30:9c:59:59:8c:c8:d9:f9:4b:46:c8:07:e9:9e:8b:2e:
51:d5:41:0d:da:03:86:e6:eb:dd:37:7e:39:13:d8:6e:3c:0b:
74:7b:4c:5e:09:5f:18:3d:84:a0:5e:d2:1b:4d:6e:e0:7e:91:
21:5d:44:2f:46:9c:bd:d6:26:75:41:0f:d8:c5:da:ad:e1:52:
5d:08:0e:57:fa:b9:e4:c0:11:6d:97:7b:3a:69:38:28:17:66:
12:23:99:08
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQnRzPm33fP1Z4nefmsHtG6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1OGQxMmYwOTUwNTNjMzU4NzZiODhiNDc2ODVkNjQzNTQy
MWZjZjIwHhcNMjUwMTAyMTM0OTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDJmZTgyYTMzYjIxMGQ0NTljMjdmNzJlZmNlODZlZjFmZGYwYzQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAudSM/YNpjkvkQWvpJuVaphLAYIlt
nYA/sj1UZlc41/Eu1PDt2SvLrwj5QDw94RqGlbZOsXX+zwQc3nNf/loEa6jXsYYq
VIsvanxSEGzXZKTNCvo59NhSNX/wkY/H/yK/YE3gt9Y3bFECsLjJMtgMi4fifMSo
ABi6ntMYpJw7RXcxuvFd+rhqS0KspKlMvcMXGjVZZvfYOrhjJ8sEY8Nn1btebpG4
th3Ie9MS9eYtKtJvUI0hM6/lKfLcu1YOaopsJn3sTxnLcAH3A5+xlEl5eO/WeBcR
Xm4XeIwAAkrHvb9xuhtrpxPaZHHqdXhJKVCy8nK/KdHqQMn66wTA7mAumwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFC0v6CozshDUWcJ/cu/Ohu8f3wxHMB8GA1UdIwQY
MBaAFEWNEvCVBTw1h2uItHaF1kNUIfzyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlkwUzhKVUZQRFdIYTRpMGRvWFdRMVFoX1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83Y2VjYzctZjYzZC00M2ZjLWIyMTkt
Mzk1NTk1OWVhZjgxLzEvTFNfb0tqT3lFTlJad245eTc4Nkc3eF9mREVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83Y2VjYzctZjYzZC00M2ZjLWIyMTktMzk1NTk1OWVhZjgx
LzEvUlkwUzhKVUZQRFdIYTRpMGRvWFdRMVFoX1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQALQu1AwQA
uZ74MA8EAgACMAkDBwAqC3FAAAcwDQYJKoZIhvcNAQELBQADggEBAAhQ8B1I7qS3
WtMOUh67Lijd1OfQyOpM54HJgUHpIaErA3CBnIobgvAcSu3o7eYqPOCxa/Cv/dob
3NcuUliNdGlDu8BNSeYcviy7INovPSkRO0oZxKAfjqGSmRAn8qAq1wLXAJkqPQo5
I3kurgS8saQeW9acUUF7EGOMCP6UFEoSwM/vgSNpXNGL+58yWBkBK7aqn2FHt4Mu
WG7gq21LKic0/zViMJxZWYzI2flLRsgH6Z6LLlHVQQ3aA4bm6903fjkT2G48C3R7
TF4JXxg9hKBe0htNbuB+kSFdRC9GnL3WJnVBD9jF2q3hUl0IDlf6ueTAEW2Xezpp
OCgXZhIjmQg=
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:52:23 2025 by rpki-client