Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/1LHZTYTL7zXSNbURJx33AGGJ_jU.roa
File: 1LHZTYTL7zXSNbURJx33AGGJ_jU.roa (raw, json)
Hash identifier: ZCVf+uWinCAj5Wsl4w3DRqhhemyGlUb1mHPRd1We1lA=
Subject key identifier: D4:B1:D9:4D:84:CB:EF:35:D2:35:B5:11:27:1D:F7:00:61:89:FE:35
Certificate issuer: /CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
Certificate serial: 019426D9EF857AC4851141707C7FF245E7F8
Authority key identifier: EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/1LHZTYTL7zXSNbURJx33AGGJ_jU.roa
Signing time: Thu 02 Jan 2025 11:50:04 +0000
ROA not before: Thu 02 Jan 2025 11:50:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41412
IP address blocks: 46.245.176.0/21 maxlen: 24
86.105.222.0/23 maxlen: 24
89.38.36.0/23 maxlen: 24
91.90.144.0/20 maxlen: 24
91.230.172.0/22 maxlen: 24
109.70.216.0/21 maxlen: 24
185.187.64.0/22 maxlen: 24
194.1.181.0/24 maxlen: 24
2a00:14e0::/29 maxlen: 48
2a0a:db80:2000::/36 maxlen: 36
2a0a:db80:3000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/7GtCAhiG2O7brpDZ5qsd5TPFDSA.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/7GtCAhiG2O7brpDZ5qsd5TPFDSA.mft
rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 02:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:ef:85:7a:c4:85:11:41:70:7c:7f:f2:45:e7:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
Validity
Not Before: Jan 2 11:50:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d4b1d94d84cbef35d235b511271df7006189fe35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:8a:7d:a2:a5:24:7d:39:cd:5b:92:cf:43:e3:
fd:cc:ea:34:8b:37:fe:77:5a:7b:fc:72:67:48:c1:
b7:1f:ed:ea:3b:21:0c:7a:87:88:76:f4:bd:e4:a5:
52:f6:f9:3a:cc:f0:17:25:c3:63:4f:d2:dc:f5:87:
39:9f:e0:b1:eb:f8:46:03:ed:af:21:1f:ee:f2:39:
85:a3:c4:e3:4c:c7:d0:87:e0:53:ec:1b:95:69:fc:
76:ee:d9:d4:b1:92:0f:75:ba:90:3e:4a:35:a9:a6:
10:47:f7:fb:8b:0a:58:70:87:c5:fb:84:fe:d0:9d:
9d:e7:c4:a2:00:b0:14:c7:ff:fb:55:af:ba:89:52:
9b:dc:cc:a3:e6:9f:3e:43:51:7b:96:1f:70:f5:bd:
46:5f:aa:bf:42:66:e3:63:29:ad:0c:a5:18:33:52:
82:a0:06:9e:bb:6d:51:31:af:88:52:60:14:83:66:
ae:4a:fb:95:29:8f:19:2e:84:36:26:2f:67:68:ae:
7e:b5:8a:1e:07:8b:88:10:40:08:88:e8:5f:78:73:
17:b3:6c:af:2a:ee:9a:d3:0e:7f:c4:86:f5:9d:08:
1f:7e:f9:18:e0:3e:ba:55:57:f3:b8:11:75:09:e7:
4e:dd:e0:22:b6:8d:20:fb:d8:3b:f2:5f:ac:b3:af:
77:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:B1:D9:4D:84:CB:EF:35:D2:35:B5:11:27:1D:F7:00:61:89:FE:35
X509v3 Authority Key Identifier:
keyid:EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/1LHZTYTL7zXSNbURJx33AGGJ_jU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/7GtCAhiG2O7brpDZ5qsd5TPFDSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.245.176.0/21
86.105.222.0/23
89.38.36.0/23
91.90.144.0/20
91.230.172.0/22
109.70.216.0/21
185.187.64.0/22
194.1.181.0/24
IPv6:
2a00:14e0::/29
2a0a:db80:2000::/35
Signature Algorithm: sha256WithRSAEncryption
6a:ac:b7:b8:3c:17:69:4c:c5:f3:fb:63:1f:26:e3:49:e6:04:
79:ab:b5:2d:63:d0:a6:2f:14:3e:ae:ce:8d:71:39:21:4e:a3:
08:05:29:78:96:df:33:f1:cd:7e:63:51:be:e4:d9:3b:2f:54:
d9:40:9d:f8:78:c6:1e:ca:84:2e:19:65:8d:7f:b6:49:e5:b5:
16:dc:57:fd:6a:56:1b:90:41:f0:1e:1c:77:48:30:bf:9e:2c:
5a:87:7f:23:1d:17:b9:4c:b7:6c:d6:0a:43:80:97:54:09:b8:
c7:fc:78:2b:5f:01:86:3a:38:9f:ad:d3:b9:b4:0d:78:80:e2:
1a:9b:0c:20:73:94:78:6d:99:16:ab:17:73:94:6f:22:91:c7:
bb:8f:09:c2:04:f8:08:cc:73:92:f7:20:43:8c:1c:d8:fd:a2:
07:1f:3f:09:b8:95:1a:0f:11:c0:72:5f:ff:a1:11:da:1c:35:
f9:75:d4:23:64:87:54:7e:22:0c:e5:41:83:82:c6:fc:92:b2:
1c:7b:16:df:73:25:8e:c2:e3:72:e4:d9:4c:48:cd:f7:75:d9:
d1:25:e9:8a:2b:18:bc:70:e6:0c:a5:91:65:96:76:31:cb:09:
96:2b:0f:5e:a1:02:36:a3:6d:38:31:f0:7e:52:f7:4a:43:56:
7d:46:44:66
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAZQm2e+FesSFEUFwfH/yRef4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNmI0MjAyMTg4NmQ4ZWVkYmFlOTBkOWU2YWIxZGU1MzNj
NTBkMjAwHhcNMjUwMTAyMTE1MDA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGIxZDk0ZDg0Y2JlZjM1ZDIzNWI1MTEyNzFkZjcwMDYxODlmZTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu4p9oqUkfTnNW5LPQ+P9zOo0izf+
d1p7/HJnSMG3H+3qOyEMeoeIdvS95KVS9vk6zPAXJcNjT9Lc9Yc5n+Cx6/hGA+2v
IR/u8jmFo8TjTMfQh+BT7BuVafx27tnUsZIPdbqQPko1qaYQR/f7iwpYcIfF+4T+
0J2d58SiALAUx//7Va+6iVKb3Myj5p8+Q1F7lh9w9b1GX6q/QmbjYymtDKUYM1KC
oAaeu21RMa+IUmAUg2auSvuVKY8ZLoQ2Ji9naK5+tYoeB4uIEEAIiOhfeHMXs2yv
Ku6a0w5/xIb1nQgffvkY4D66VVfzuBF1CedO3eAito0g+9g78l+ss693rQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFNSx2U2Ey+810jW1EScd9wBhif41MB8GA1UdIwQY
MBaAFOxrQgIYhtju266Q2earHeUzxQ0gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0d0Q0FoaUcyTzdicnBEWjVxc2Q1VFBGRFNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8yNmMzZTEtNjQ4Ni00ZTA5LTk5YTQt
YTY4NzNiMzc0ZTI2LzEvMUxIWlRZVEw3elhTTmJVUkp4MzNBR0dKX2pVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8yNmMzZTEtNjQ4Ni00ZTA5LTk5YTQtYTY4NzNiMzc0ZTI2
LzEvN0d0Q0FoaUcyTzdicnBEWjVxc2Q1VFBGRFNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzA2BAIAATAwAwQDLvWwAwQB
VmneAwQBWSYkAwQEW1qQAwQCW+asAwQDbUbYAwQCubtAAwQAwgG1MBUEAgACMA8D
BQMqABTgAwYFKgrbgCAwDQYJKoZIhvcNAQELBQADggEBAGqst7g8F2lMxfP7Yx8m
40nmBHmrtS1j0KYvFD6uzo1xOSFOowgFKXiW3zPxzX5jUb7k2TsvVNlAnfh4xh7K
hC4ZZY1/tknltRbcV/1qVhuQQfAeHHdIML+eLFqHfyMdF7lMt2zWCkOAl1QJuMf8
eCtfAYY6OJ+t07m0DXiA4hqbDCBzlHhtmRarF3OUbyKRx7uPCcIE+AjMc5L3IEOM
HNj9ogcfPwm4lRoPEcByX/+hEdocNfl11CNkh1R+IgzlQYOCxvySshx7Ft9zJY7C
43Lk2UxIzfd12dEl6YorGLxw5gylkWWWdjHLCZYrD16hAjajbTgx8H5S90pDVn1G
RGY=
-----END CERTIFICATE-----
Generated at Tue Apr 8 09:52:51 2025 by rpki-client