Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/0db5e6-867c-4c3c-bb4e-22740bf2d5ea/1/LASSugvVGOxlTSqLMMa1Fpo5qcI.roa
File: LASSugvVGOxlTSqLMMa1Fpo5qcI.roa (raw, json)
Hash identifier: 7gLhtiJHn2UN7WnAAMzittKwA7y319dAzNsYcYCU/0U=
Subject key identifier: 2C:04:92:BA:0B:D5:18:EC:65:4D:2A:8B:30:C6:B5:16:9A:39:A9:C2
Certificate issuer: /CN=e23494e0cc12c75aed1d01deb15be4e2662b485a
Certificate serial: 0194282310B93351935E9471EB48AE22022F
Authority key identifier: E2:34:94:E0:CC:12:C7:5A:ED:1D:01:DE:B1:5B:E4:E2:66:2B:48:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4jSU4MwSx1rtHQHesVvk4mYrSFo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/0db5e6-867c-4c3c-bb4e-22740bf2d5ea/1/LASSugvVGOxlTSqLMMa1Fpo5qcI.roa
Signing time: Thu 02 Jan 2025 17:49:34 +0000
ROA not before: Thu 02 Jan 2025 17:49:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51500
IP address blocks: 91.197.240.0/24 maxlen: 24
2a07:f3c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/48/0db5e6-867c-4c3c-bb4e-22740bf2d5ea/1/4jSU4MwSx1rtHQHesVvk4mYrSFo.crl
rsync://rpki.ripe.net/repository/DEFAULT/48/0db5e6-867c-4c3c-bb4e-22740bf2d5ea/1/4jSU4MwSx1rtHQHesVvk4mYrSFo.mft
rsync://rpki.ripe.net/repository/DEFAULT/4jSU4MwSx1rtHQHesVvk4mYrSFo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 00:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:10:b9:33:51:93:5e:94:71:eb:48:ae:22:02:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e23494e0cc12c75aed1d01deb15be4e2662b485a
Validity
Not Before: Jan 2 17:49:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2c0492ba0bd518ec654d2a8b30c6b5169a39a9c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:6a:ca:25:8f:0d:af:dd:ad:af:79:42:e0:49:
93:21:f7:9e:bc:4a:74:09:f5:86:4c:a7:2b:5d:79:
18:8b:6b:fe:d9:42:8c:5c:d0:2d:ba:9a:c8:e3:9a:
6d:7f:c7:9f:d1:f8:53:ea:89:f7:33:f5:c1:00:ec:
23:47:4c:ab:f9:1a:fc:19:ef:18:cd:9f:bd:c7:b4:
3e:71:3f:d6:9b:64:43:64:f2:be:c1:f4:c2:19:39:
c3:e7:0d:90:8c:20:7b:35:a9:c0:29:4b:94:81:15:
ef:3e:e1:39:1e:93:91:b5:0f:55:14:a0:9f:61:86:
f3:31:f4:5c:d9:4b:bd:bf:24:4b:8d:66:5f:71:5e:
43:9d:4f:02:2d:98:90:f0:9f:94:d3:83:09:49:b6:
60:11:95:c8:d4:67:87:ab:dd:5a:d7:1b:d1:66:20:
d4:de:70:c8:f3:ce:9c:c1:78:3e:37:3a:ba:f3:a7:
37:fa:f1:0a:66:91:d3:df:92:51:8e:c4:bc:fd:d7:
aa:ff:ee:31:05:39:06:7e:90:e9:fb:18:4c:d4:76:
db:bf:d9:95:c7:9b:bc:cf:67:47:39:b5:17:6c:28:
b9:0d:13:e8:13:86:70:44:37:e0:d8:e5:8c:97:5f:
08:9b:24:67:de:85:b3:2e:6f:77:53:9e:fd:38:7f:
77:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:04:92:BA:0B:D5:18:EC:65:4D:2A:8B:30:C6:B5:16:9A:39:A9:C2
X509v3 Authority Key Identifier:
keyid:E2:34:94:E0:CC:12:C7:5A:ED:1D:01:DE:B1:5B:E4:E2:66:2B:48:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4jSU4MwSx1rtHQHesVvk4mYrSFo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/0db5e6-867c-4c3c-bb4e-22740bf2d5ea/1/LASSugvVGOxlTSqLMMa1Fpo5qcI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/0db5e6-867c-4c3c-bb4e-22740bf2d5ea/1/4jSU4MwSx1rtHQHesVvk4mYrSFo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.197.240.0/24
IPv6:
2a07:f3c0::/29
Signature Algorithm: sha256WithRSAEncryption
48:ec:9b:8b:4b:08:24:06:df:55:b8:23:b7:b9:82:11:36:c0:
17:96:b4:56:20:7d:92:46:b0:c0:65:87:1e:b0:37:ff:56:a6:
13:48:16:6c:fd:cd:66:f5:70:08:3c:bd:d9:1d:5e:61:50:50:
1f:fe:2a:aa:51:00:9f:43:be:96:da:42:8e:b8:19:b9:19:d2:
39:cf:13:04:0a:a4:c3:38:86:6e:1b:47:6e:50:9f:c7:1e:5c:
9e:aa:1c:9e:52:fe:b6:bf:4e:ef:7c:07:22:52:4b:f9:77:27:
e9:0b:be:d7:7b:8d:36:ac:1f:e6:4e:1d:08:5d:cd:af:37:7c:
4f:3a:a7:4f:83:9b:ca:f8:5a:14:6e:fb:3a:6c:3f:5b:04:16:
f2:70:a2:4b:5d:96:b4:74:64:04:9e:88:84:a2:a3:b4:69:0e:
a4:c6:54:35:8c:c5:80:be:0f:03:4d:ff:4a:b5:7c:98:17:64:
8c:46:80:db:fe:8e:a6:0f:43:d2:17:ee:3d:27:7f:c0:1c:d3:
8f:2a:04:d6:59:f3:b3:79:cd:0b:23:f3:d1:e8:f2:2f:0f:9b:
07:b7:e3:25:3c:c8:67:84:e5:23:3d:fc:39:c8:ad:db:b7:c5:
52:e9:3f:40:f5:bf:c2:cc:ef:95:33:ef:41:ba:20:16:d8:6b:
69:27:c8:50
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQoIxC5M1GTXpRx60iuIgIvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyMzQ5NGUwY2MxMmM3NWFlZDFkMDFkZWIxNWJlNGUyNjYy
YjQ4NWEwHhcNMjUwMTAyMTc0OTM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzA0OTJiYTBiZDUxOGVjNjU0ZDJhOGIzMGM2YjUxNjlhMzlhOWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk2rKJY8Nr92tr3lC4EmTIfeevEp0
CfWGTKcrXXkYi2v+2UKMXNAtuprI45ptf8ef0fhT6on3M/XBAOwjR0yr+Rr8Ge8Y
zZ+9x7Q+cT/Wm2RDZPK+wfTCGTnD5w2QjCB7NanAKUuUgRXvPuE5HpORtQ9VFKCf
YYbzMfRc2Uu9vyRLjWZfcV5DnU8CLZiQ8J+U04MJSbZgEZXI1GeHq91a1xvRZiDU
3nDI886cwXg+Nzq686c3+vEKZpHT35JRjsS8/deq/+4xBTkGfpDp+xhM1Hbbv9mV
x5u8z2dHObUXbCi5DRPoE4ZwRDfg2OWMl18ImyRn3oWzLm93U579OH93awIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCwEkroL1RjsZU0qizDGtRaaOanCMB8GA1UdIwQY
MBaAFOI0lODMEsda7R0B3rFb5OJmK0haMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGpTVTRNd1N4MXJ0SFFIZXNWdms0bVlyU0ZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC8wZGI1ZTYtODY3Yy00YzNjLWJiNGUt
MjI3NDBiZjJkNWVhLzEvTEFTU3VndlZHT3hsVFNxTE1NYTFGcG81cWNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC8wZGI1ZTYtODY3Yy00YzNjLWJiNGUtMjI3NDBiZjJkNWVh
LzEvNGpTVTRNd1N4MXJ0SFFIZXNWdms0bVlyU0ZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW8XwMA0E
AgACMAcDBQMqB/PAMA0GCSqGSIb3DQEBCwUAA4IBAQBI7JuLSwgkBt9VuCO3uYIR
NsAXlrRWIH2SRrDAZYcesDf/VqYTSBZs/c1m9XAIPL3ZHV5hUFAf/iqqUQCfQ76W
2kKOuBm5GdI5zxMECqTDOIZuG0duUJ/HHlyeqhyeUv62v07vfAciUkv5dyfpC77X
e402rB/mTh0IXc2vN3xPOqdPg5vK+FoUbvs6bD9bBBbycKJLXZa0dGQEnoiEoqO0
aQ6kxlQ1jMWAvg8DTf9KtXyYF2SMRoDb/o6mD0PSF+49J3/AHNOPKgTWWfOzec0L
I/PR6PIvD5sHt+MlPMhnhOUjPfw5yK3bt8VS6T9A9b/CzO+VM+9BuiAW2GtpJ8hQ
-----END CERTIFICATE-----
Generated at Thu Mar 13 06:42:19 2025 by rpki-client