Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/58f45f-8b07-4e6a-9548-d5b0f91d97c2/1/LM4PEm0ffK75EUFTgpXPbuoAKZ8.roa
File: LM4PEm0ffK75EUFTgpXPbuoAKZ8.roa (raw, json)
Hash identifier: d7gyd2tIHJ6HJ/7vl5EHNlkX+eVBttxlbWWHGFZ3xxQ=
Subject key identifier: 2C:CE:0F:12:6D:1F:7C:AE:F9:11:41:53:82:95:CF:6E:EA:00:29:9F
Certificate issuer: /CN=2b976275547b75df2b04c4f9b291c0710c507740
Certificate serial: 019423690D76A41FC2DE967FB6D329C7C544
Authority key identifier: 2B:97:62:75:54:7B:75:DF:2B:04:C4:F9:B2:91:C0:71:0C:50:77:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K5didVR7dd8rBMT5spHAcQxQd0A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/58f45f-8b07-4e6a-9548-d5b0f91d97c2/1/LM4PEm0ffK75EUFTgpXPbuoAKZ8.roa
Signing time: Wed 01 Jan 2025 19:47:54 +0000
ROA not before: Wed 01 Jan 2025 19:47:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202975
IP address blocks: 85.116.132.0/22 maxlen: 22
89.105.88.0/24 maxlen: 24
89.105.89.0/24 maxlen: 24
185.89.222.0/23 maxlen: 23
185.135.100.0/23 maxlen: 23
185.135.102.0/24 maxlen: 24
2a06:f2c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/58f45f-8b07-4e6a-9548-d5b0f91d97c2/1/K5didVR7dd8rBMT5spHAcQxQd0A.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/58f45f-8b07-4e6a-9548-d5b0f91d97c2/1/K5didVR7dd8rBMT5spHAcQxQd0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/K5didVR7dd8rBMT5spHAcQxQd0A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:0d:76:a4:1f:c2:de:96:7f:b6:d3:29:c7:c5:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b976275547b75df2b04c4f9b291c0710c507740
Validity
Not Before: Jan 1 19:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2cce0f126d1f7caef91141538295cf6eea00299f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:a2:52:f9:77:85:27:63:dc:b7:80:12:e6:ec:
80:6f:5a:e2:7d:19:78:b5:f6:58:41:ee:09:74:05:
75:6c:41:d2:f9:98:83:64:42:9f:8b:60:e9:d7:97:
0e:58:2d:33:5f:6d:15:5c:93:7e:2d:bb:3e:95:12:
1f:b8:2f:73:fc:00:5a:e7:4e:53:a2:18:45:58:0e:
06:91:68:2d:b5:66:b2:32:f6:34:4d:e6:ed:12:b1:
e8:3e:87:ca:ce:e7:da:f0:af:f7:38:18:10:04:7e:
5b:cc:74:6d:8d:18:a1:23:73:74:a6:e8:07:a9:44:
ed:d8:59:8d:d9:8f:10:a3:80:11:12:9e:6a:2c:0d:
4b:d3:ed:ca:02:88:24:60:08:2a:86:99:b7:fb:e2:
43:79:7a:8a:90:2e:15:76:fd:99:aa:ed:fa:88:19:
8e:96:85:22:d6:53:9d:9a:d5:c8:05:68:25:7a:59:
98:2f:b4:93:29:1b:4e:9d:9f:71:1c:9d:2c:25:90:
71:f6:23:71:63:3e:74:cd:44:f0:66:bf:37:f8:95:
4d:b4:fc:a9:72:72:2f:5b:40:02:c1:7e:76:17:bc:
dc:cc:d0:87:6d:13:9d:2d:96:67:19:3a:00:57:d2:
e0:c1:bc:18:20:a8:7b:26:68:69:e2:ee:9f:49:18:
65:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:CE:0F:12:6D:1F:7C:AE:F9:11:41:53:82:95:CF:6E:EA:00:29:9F
X509v3 Authority Key Identifier:
keyid:2B:97:62:75:54:7B:75:DF:2B:04:C4:F9:B2:91:C0:71:0C:50:77:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K5didVR7dd8rBMT5spHAcQxQd0A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/58f45f-8b07-4e6a-9548-d5b0f91d97c2/1/LM4PEm0ffK75EUFTgpXPbuoAKZ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/58f45f-8b07-4e6a-9548-d5b0f91d97c2/1/K5didVR7dd8rBMT5spHAcQxQd0A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.116.132.0/22
89.105.88.0/23
185.89.222.0/23
185.135.100.0-185.135.102.255
IPv6:
2a06:f2c0::/29
Signature Algorithm: sha256WithRSAEncryption
67:3f:dc:64:37:e2:76:39:a1:3c:56:7c:3e:5f:45:04:86:ca:
d5:be:6e:96:ec:16:f9:5f:0f:7c:ce:55:15:b0:cc:84:58:00:
96:a5:2c:ca:a0:e8:62:62:ee:f7:5f:b3:e0:a6:59:b4:27:82:
6e:f4:61:53:a7:14:4b:2c:75:a0:40:90:43:75:8f:bc:c1:54:
fe:df:7c:01:13:e6:96:10:48:c4:72:46:c1:ad:d3:a1:c1:55:
fe:37:12:69:5f:8f:f2:33:74:82:83:06:98:63:32:8c:12:98:
70:69:bb:55:ff:b5:70:d4:55:fe:a9:57:b0:62:fe:b6:0c:98:
75:84:29:dc:80:9a:18:15:b0:e5:fa:88:b6:4a:6b:de:f7:0c:
51:dd:b5:5a:9d:bd:75:44:73:2b:32:1f:cd:ba:4c:09:50:c2:
73:1f:0b:5d:da:0e:74:04:9e:86:5a:58:a7:f7:40:ec:a8:bf:
fc:74:d3:b3:58:6a:32:c1:e6:f9:0d:ea:07:7d:db:bc:e4:fb:
fe:5d:b9:80:13:12:60:81:4c:17:81:ef:b8:96:5b:44:cc:90:
aa:6d:0c:5a:7b:6f:ea:53:f1:11:2f:f7:ac:54:32:fb:b6:2f:
8f:70:f6:77:a3:67:3d:32:4c:d2:81:84:b4:79:49:d5:f5:ff:
e9:d7:ce:04
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZQjaQ12pB/C3pZ/ttMpx8VEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiOTc2Mjc1NTQ3Yjc1ZGYyYjA0YzRmOWIyOTFjMDcxMGM1
MDc3NDAwHhcNMjUwMTAxMTk0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyY2NlMGYxMjZkMWY3Y2FlZjkxMTQxNTM4Mjk1Y2Y2ZWVhMDAyOTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuqJS+XeFJ2Pct4AS5uyAb1rifRl4
tfZYQe4JdAV1bEHS+ZiDZEKfi2Dp15cOWC0zX20VXJN+Lbs+lRIfuC9z/ABa505T
ohhFWA4GkWgttWayMvY0TebtErHoPofKzufa8K/3OBgQBH5bzHRtjRihI3N0pugH
qUTt2FmN2Y8Qo4AREp5qLA1L0+3KAogkYAgqhpm3++JDeXqKkC4Vdv2Zqu36iBmO
loUi1lOdmtXIBWglelmYL7STKRtOnZ9xHJ0sJZBx9iNxYz50zUTwZr83+JVNtPyp
cnIvW0ACwX52F7zczNCHbROdLZZnGToAV9LgwbwYIKh7Jmhp4u6fSRhl+QIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFCzODxJtH3yu+RFBU4KVz27qACmfMB8GA1UdIwQY
MBaAFCuXYnVUe3XfKwTE+bKRwHEMUHdAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzVkaWRWUjdkZDhyQk1UNXNwSEFjUXhRZDBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81OGY0NWYtOGIwNy00ZTZhLTk1NDgt
ZDViMGY5MWQ5N2MyLzEvTE00UEVtMGZmSzc1RVVGVGdwWFBidW9BS1o4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81OGY0NWYtOGIwNy00ZTZhLTk1NDgtZDViMGY5MWQ5N2My
LzEvSzVkaWRWUjdkZDhyQk1UNXNwSEFjUXhRZDBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgAwQCVXSEAwQB
WWlYAwQBuVneMAwDBAK5h2QDBAC5h2YwDQQCAAIwBwMFAyoG8sAwDQYJKoZIhvcN
AQELBQADggEBAGc/3GQ34nY5oTxWfD5fRQSGytW+bpbsFvlfD3zOVRWwzIRYAJal
LMqg6GJi7vdfs+CmWbQngm70YVOnFEssdaBAkEN1j7zBVP7ffAET5pYQSMRyRsGt
06HBVf43Emlfj/IzdIKDBphjMowSmHBpu1X/tXDUVf6pV7Bi/rYMmHWEKdyAmhgV
sOX6iLZKa973DFHdtVqdvXVEcysyH826TAlQwnMfC13aDnQEnoZaWKf3QOyov/x0
07NYajLB5vkN6gd927zk+/5duYATEmCBTBeB77iWW0TMkKptDFp7b+pT8REv96xU
Mvu2L49w9nejZz0yTNKBhLR5SdX1/+nXzgQ=
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:36:32 2025 by rpki-client