Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/lHAwqxpq3Bk851rpL4G6G32KPvo.roa
File: lHAwqxpq3Bk851rpL4G6G32KPvo.roa (raw, json)
Hash identifier: SsFPabE3LSUH4F0liColQhC10VYQbs8KMbBtFFz0miY=
Subject key identifier: 94:70:30:AB:1A:6A:DC:19:3C:E7:5A:E9:2F:81:BA:1B:7D:8A:3E:FA
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 0194266B92F3316EB721BB72950E091128FA
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/lHAwqxpq3Bk851rpL4G6G32KPvo.roa
Signing time: Thu 02 Jan 2025 09:49:31 +0000
ROA not before: Thu 02 Jan 2025 09:49:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60711
IP address blocks: 5.154.39.0/24 maxlen: 24
84.236.181.0/24 maxlen: 24
84.236.182.0/24 maxlen: 24
84.236.248.0/24 maxlen: 24
84.236.249.0/24 maxlen: 24
88.148.98.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.mft
rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 15 Apr 2025 23:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:92:f3:31:6e:b7:21:bb:72:95:0e:09:11:28:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Jan 2 09:49:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=947030ab1a6adc193ce75ae92f81ba1b7d8a3efa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:8b:4e:a4:cf:20:c0:a7:57:b5:43:6e:c6:52:
55:96:c9:df:ce:5d:7d:a1:94:52:9e:57:90:bf:88:
77:a0:43:c0:08:54:bf:dd:4c:0d:e6:5c:30:f0:a4:
cb:8b:df:f2:ad:ee:ff:40:a2:78:b8:db:43:5f:d4:
9e:90:4c:47:35:7c:9c:fb:c6:d9:26:c0:39:44:bd:
bf:4f:c8:b5:09:c9:eb:6c:85:2d:59:42:27:d1:c0:
22:76:4f:9b:3b:2a:53:db:e8:9e:11:60:3e:bf:2c:
fd:1c:e3:4e:30:c1:40:bf:9f:59:d1:3f:ae:43:2b:
43:60:8e:86:59:87:cf:8c:f4:cc:b9:97:e0:77:55:
a5:83:7c:e5:63:a1:fc:9c:62:8a:d3:96:0d:ba:9d:
ab:ce:c9:d4:17:2f:50:83:e9:2e:6d:12:c2:4a:da:
b2:f0:d1:38:e2:6e:0a:57:5e:b6:72:80:e6:8f:d9:
a0:bd:a6:50:89:59:91:e6:9e:a0:d0:51:aa:d1:71:
0a:41:d7:2a:ad:d9:b0:64:d0:3b:37:84:52:23:59:
8e:9c:5e:9f:9d:c4:1b:7d:5f:64:59:4a:01:88:7d:
9d:74:ea:23:c2:c8:cf:73:2a:fa:b9:fd:ba:bc:ae:
45:d0:e5:7b:5b:53:f4:be:02:43:9d:a7:5a:61:a0:
60:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:70:30:AB:1A:6A:DC:19:3C:E7:5A:E9:2F:81:BA:1B:7D:8A:3E:FA
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/lHAwqxpq3Bk851rpL4G6G32KPvo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.39.0/24
84.236.181.0-84.236.182.255
84.236.248.0/23
88.148.98.0/23
Signature Algorithm: sha256WithRSAEncryption
69:73:5e:8f:70:d9:1f:15:ee:2f:ee:b8:5b:dc:41:5a:ad:58:
f6:40:0c:28:3a:3e:db:a1:38:2b:45:2f:e3:43:be:80:2d:4f:
28:b3:0e:4b:5f:f3:81:da:b2:a6:bf:55:09:7b:82:95:56:ab:
cd:da:73:ff:4a:74:6e:06:62:89:67:59:6c:96:2d:cc:41:3a:
5d:74:4f:66:84:32:ca:ea:2a:98:ef:77:d3:4e:73:f7:4c:60:
60:ff:8e:96:9b:f6:d3:ef:d3:cc:db:62:46:7c:d1:60:0b:33:
d1:62:9e:4d:51:d0:01:85:dd:14:8b:84:49:f7:a7:06:d2:c7:
38:8a:39:9f:1a:6a:7e:49:74:ac:76:cd:41:8f:ca:a3:a7:4b:
56:95:ec:21:e0:ca:56:59:83:d2:08:b8:56:6e:40:0c:63:4f:
55:3f:96:fb:a3:e6:cc:eb:2d:cc:f0:cc:8f:9b:4c:6b:92:e1:
67:82:52:0e:91:12:fb:e6:45:b2:d6:ef:c0:2d:d4:d9:22:fd:
42:ea:98:c8:d1:53:81:d5:22:88:45:d3:b7:d4:e4:ef:55:d4:
12:49:90:5b:52:11:11:77:d9:6a:73:b5:e6:8c:04:af:7a:6c:
11:7a:dc:17:aa:e8:1a:c3:9a:30:29:fd:d8:e8:fc:98:93:ab:
fb:7d:3e:ae
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZQma5LzMW63IbtylQ4JESj6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjUwMTAyMDk0OTMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDcwMzBhYjFhNmFkYzE5M2NlNzVhZTkyZjgxYmExYjdkOGEzZWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsYtOpM8gwKdXtUNuxlJVlsnfzl19
oZRSnleQv4h3oEPACFS/3UwN5lww8KTLi9/yre7/QKJ4uNtDX9SekExHNXyc+8bZ
JsA5RL2/T8i1CcnrbIUtWUIn0cAidk+bOypT2+ieEWA+vyz9HONOMMFAv59Z0T+u
QytDYI6GWYfPjPTMuZfgd1Wlg3zlY6H8nGKK05YNup2rzsnUFy9Qg+kubRLCStqy
8NE44m4KV162coDmj9mgvaZQiVmR5p6g0FGq0XEKQdcqrdmwZNA7N4RSI1mOnF6f
ncQbfV9kWUoBiH2ddOojwsjPcyr6uf26vK5F0OV7W1P0vgJDnadaYaBg6wIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFJRwMKsaatwZPOda6S+Buht9ij76MB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvbEhBd3F4cHEzQms4NTFycEw0RzZHMzJLUHZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQABZonMAwD
BABU7LUDBABU7LYDBAFU7PgDBAFYlGIwDQYJKoZIhvcNAQELBQADggEBAGlzXo9w
2R8V7i/uuFvcQVqtWPZADCg6PtuhOCtFL+NDvoAtTyizDktf84Hasqa/VQl7gpVW
q83ac/9KdG4GYolnWWyWLcxBOl10T2aEMsrqKpjvd9NOc/dMYGD/jpab9tPv08zb
YkZ80WALM9Fink1R0AGF3RSLhEn3pwbSxziKOZ8aan5JdKx2zUGPyqOnS1aV7CHg
ylZZg9IIuFZuQAxjT1U/lvuj5szrLczwzI+bTGuS4WeCUg6REvvmRbLW78At1Nki
/ULqmMjRU4HVIohF07fU5O9V1BJJkFtSERF32WpzteaMBK96bBF63Beq6BrDmjAp
/djo/JiTq/t9Pq4=
-----END CERTIFICATE-----
Generated at Tue Apr 15 03:18:35 2025 by rpki-client