Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/LP3S8yG78mlyy4YptZOknyOysGE.roa
File: LP3S8yG78mlyy4YptZOknyOysGE.roa (raw, json)
Hash identifier: 0+igggl45rj1b8cbeEOw0L/RHpnnLwH/Y+kcCj9TGvc=
Subject key identifier: 2C:FD:D2:F3:21:BB:F2:69:72:CB:86:29:B5:93:A4:9F:23:B2:B0:61
Certificate issuer: /CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Certificate serial: 019427484E13484BC7A5713168B48D94DCC3
Authority key identifier: D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/LP3S8yG78mlyy4YptZOknyOysGE.roa
Signing time: Thu 02 Jan 2025 13:50:37 +0000
ROA not before: Thu 02 Jan 2025 13:50:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210636
IP address blocks: 85.203.17.0/24 maxlen: 24
85.203.18.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.mft
rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 05:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:4e:13:48:4b:c7:a5:71:31:68:b4:8d:94:dc:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Validity
Not Before: Jan 2 13:50:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2cfdd2f321bbf26972cb8629b593a49f23b2b061
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:98:dd:1b:b5:3d:47:55:e2:aa:a7:12:31:30:
4c:59:f1:22:35:8c:22:21:e6:83:22:b2:e5:1c:32:
b6:6f:a9:2b:ca:69:6f:8d:9e:a8:f8:cb:18:63:b8:
3c:4b:03:5e:fa:db:40:1c:93:d3:71:da:a5:66:6a:
a4:17:95:61:d7:44:9a:dc:88:2f:59:d3:dc:08:f0:
ae:d2:ae:f5:fc:ca:61:59:bd:00:99:44:95:68:79:
91:8b:d4:3c:7c:db:c2:8f:ac:80:21:84:b2:16:4b:
0e:60:f1:98:23:22:8a:6e:3e:b3:9a:a8:41:ef:d4:
b9:a0:3d:c8:ac:c5:3c:34:9b:11:bd:81:77:99:52:
77:74:bd:99:c6:b6:6a:9d:9e:68:cb:a8:bb:54:5c:
90:3b:8c:d3:5b:86:5c:e1:a4:c2:a2:94:9c:b8:75:
1c:10:0b:71:eb:b6:ff:44:b5:8e:37:49:7f:03:9e:
d9:de:a0:7b:82:d0:d1:8f:b6:9f:de:bb:01:03:23:
3b:ea:b2:05:ea:ec:25:da:f9:6c:a9:53:4f:37:80:
d6:cf:25:60:ad:77:dd:88:a0:53:c1:61:ef:ad:b3:
37:c7:c0:08:5e:fe:59:09:f4:54:4b:87:c8:c1:4d:
a6:0a:11:06:58:df:9e:0e:fe:98:8d:8e:b4:96:50:
65:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:FD:D2:F3:21:BB:F2:69:72:CB:86:29:B5:93:A4:9F:23:B2:B0:61
X509v3 Authority Key Identifier:
keyid:D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/LP3S8yG78mlyy4YptZOknyOysGE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.203.17.0-85.203.18.255
Signature Algorithm: sha256WithRSAEncryption
a0:b9:43:05:d4:a8:b7:73:f3:e3:fb:c0:c8:04:ec:b3:41:1b:
a0:98:24:01:ab:83:99:38:d7:6a:d3:ac:b5:24:89:ba:b3:47:
1d:30:f3:b2:6a:1a:d5:80:bb:7e:c6:93:5c:bb:58:ba:11:67:
04:5b:87:72:d5:51:01:81:c9:bd:0f:77:e6:49:9e:b1:e1:67:
4e:41:3b:68:b3:da:cd:11:40:db:bd:d9:d0:48:09:93:ed:d5:
4a:9b:87:d8:9a:1e:82:ca:23:3a:d2:98:f9:09:4b:74:5c:c6:
91:8a:ed:f0:db:73:7a:2a:35:f3:cf:d5:c8:44:52:b8:78:3e:
59:34:42:c9:7d:88:d5:f6:82:c6:7b:93:17:26:dd:60:c3:04:
73:0e:9b:1c:b1:91:13:b5:3c:8d:62:9c:b0:d3:f5:60:2e:fc:
90:6f:89:9f:00:45:74:f2:f4:7e:21:71:ac:46:53:3b:ff:46:
ae:01:fe:dc:84:1f:4a:02:36:ae:a5:d6:62:32:fd:b1:87:f3:
06:0e:c1:67:8c:56:5b:d4:9a:17:e6:1b:dc:fe:7c:20:15:ae:
95:04:c6:d5:af:9f:fd:48:97:00:a5:49:61:1b:76:40:d1:e1:
34:c4:95:b8:60:3e:22:06:7e:41:d7:80:31:35:d8:a0:c4:c2:
4d:99:2f:52
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQnSE4TSEvHpXExaLSNlNzDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NWJkZjZlZWMwODM3MGFlMWY2N2U4M2Y5OWI1YWMxZmUy
Njg3MmMwHhcNMjUwMTAyMTM1MDM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyY2ZkZDJmMzIxYmJmMjY5NzJjYjg2MjliNTkzYTQ5ZjIzYjJiMDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmpjdG7U9R1XiqqcSMTBMWfEiNYwi
IeaDIrLlHDK2b6krymlvjZ6o+MsYY7g8SwNe+ttAHJPTcdqlZmqkF5Vh10Sa3Igv
WdPcCPCu0q71/MphWb0AmUSVaHmRi9Q8fNvCj6yAIYSyFksOYPGYIyKKbj6zmqhB
79S5oD3IrMU8NJsRvYF3mVJ3dL2ZxrZqnZ5oy6i7VFyQO4zTW4Zc4aTCopScuHUc
EAtx67b/RLWON0l/A57Z3qB7gtDRj7af3rsBAyM76rIF6uwl2vlsqVNPN4DWzyVg
rXfdiKBTwWHvrbM3x8AIXv5ZCfRUS4fIwU2mChEGWN+eDv6YjY60llBljQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFCz90vMhu/JpcsuGKbWTpJ8jsrBhMB8GA1UdIwQY
MBaAFNRb327sCDcK4fZ+g/mbWsH+JocsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEt
OTg0NjM4NTllY2MxLzEvTFAzUzh5Rzc4bWx5eTRZcHRaT2tueU95c0dFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEtOTg0NjM4NTllY2Mx
LzEvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABVyxED
BABVyxIwDQYJKoZIhvcNAQELBQADggEBAKC5QwXUqLdz8+P7wMgE7LNBG6CYJAGr
g5k412rTrLUkibqzRx0w87JqGtWAu37Gk1y7WLoRZwRbh3LVUQGByb0Pd+ZJnrHh
Z05BO2iz2s0RQNu92dBICZPt1Uqbh9iaHoLKIzrSmPkJS3RcxpGK7fDbc3oqNfPP
1chEUrh4Plk0Qsl9iNX2gsZ7kxcm3WDDBHMOmxyxkRO1PI1inLDT9WAu/JBviZ8A
RXTy9H4hcaxGUzv/Rq4B/tyEH0oCNq6l1mIy/bGH8wYOwWeMVlvUmhfmG9z+fCAV
rpUExtWvn/1IlwClSWEbdkDR4TTElbhgPiIGfkHXgDE12KDEwk2ZL1I=
-----END CERTIFICATE-----
Generated at Wed Feb 5 14:08:06 2025 by rpki-client