Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/lao8bHeqDQtESMGOKFSeFdxwj-s.roa
File: lao8bHeqDQtESMGOKFSeFdxwj-s.roa (raw, json)
Hash identifier: elImsTbe0o9ywVCBRni5u407KloMMvHe03FwOzsl4Y8=
Subject key identifier: 95:AA:3C:6C:77:AA:0D:0B:44:48:C1:8E:28:54:9E:15:DC:70:8F:EB
Certificate issuer: /CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
Certificate serial: 019426D9EC5D1615585AB3CB48F6D62CC513
Authority key identifier: EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/lao8bHeqDQtESMGOKFSeFdxwj-s.roa
Signing time: Thu 02 Jan 2025 11:50:03 +0000
ROA not before: Thu 02 Jan 2025 11:50:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15960
IP address blocks: 93.94.80.0/21 maxlen: 24
185.215.100.0/22 maxlen: 24
217.64.160.0/20 maxlen: 24
2a00:15e0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/7GtCAhiG2O7brpDZ5qsd5TPFDSA.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/7GtCAhiG2O7brpDZ5qsd5TPFDSA.mft
rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 12 Apr 2025 23:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:ec:5d:16:15:58:5a:b3:cb:48:f6:d6:2c:c5:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
Validity
Not Before: Jan 2 11:50:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=95aa3c6c77aa0d0b4448c18e28549e15dc708feb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:e2:24:12:2c:74:e1:06:aa:88:01:04:a7:de:
84:6a:7b:dd:61:af:60:0e:0f:93:b8:09:ba:c8:66:
3e:36:1b:e1:aa:12:07:9b:bd:b5:79:3f:80:bf:32:
a5:06:0f:b1:87:83:e1:08:2a:b8:be:06:ae:21:34:
27:6e:14:38:be:f3:d2:9a:32:94:1b:c1:e5:a0:7a:
3f:31:32:73:a8:e7:38:39:64:2b:4e:3b:62:af:68:
cd:b1:27:ed:9f:2f:91:0b:f6:d1:50:5a:3b:b4:8d:
b7:a0:62:7f:8a:dc:1b:bc:51:df:3e:9d:b5:f0:fc:
b6:ed:50:ec:c8:2d:35:e1:a3:89:36:86:c1:1a:0a:
a3:9f:8d:2d:3c:23:4c:49:c7:75:12:15:68:73:ab:
3f:1f:90:01:b5:33:5e:49:8e:7a:71:6a:43:7c:03:
48:00:dd:d8:0f:2b:20:0f:ca:17:a4:39:0c:a7:04:
8b:69:b7:e8:71:de:a9:2c:e1:41:b1:09:2f:aa:6d:
c2:62:a0:7b:a1:ef:e0:26:38:79:f8:41:a0:94:92:
ab:a1:d1:c9:b9:ad:62:19:32:2f:d5:bd:e4:72:2d:
b6:a1:c7:3b:50:d1:e6:93:5b:e8:8d:7d:77:62:17:
97:4a:19:53:66:03:e4:a4:78:12:49:bd:31:0d:bf:
e1:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:AA:3C:6C:77:AA:0D:0B:44:48:C1:8E:28:54:9E:15:DC:70:8F:EB
X509v3 Authority Key Identifier:
keyid:EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/lao8bHeqDQtESMGOKFSeFdxwj-s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/7GtCAhiG2O7brpDZ5qsd5TPFDSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.94.80.0/21
185.215.100.0/22
217.64.160.0/20
IPv6:
2a00:15e0::/29
Signature Algorithm: sha256WithRSAEncryption
52:02:04:7e:ad:ed:53:9d:83:fa:2d:d5:6e:7b:34:ac:e5:41:
ce:57:0a:e9:5d:c1:bc:99:1b:e6:36:9b:0f:64:fd:6f:dd:82:
ce:a3:62:b3:53:d1:2e:53:ff:13:39:98:5d:46:b7:9e:e8:48:
97:02:a6:32:8d:37:fe:e3:c5:50:1d:e9:c9:3b:10:45:ea:67:
d2:74:04:fa:a0:f9:40:82:e9:9f:db:85:fc:1a:ba:04:f9:73:
ef:99:11:27:af:5b:e6:b5:f4:8d:45:9d:ea:2c:7d:e3:e0:20:
3f:64:c0:9f:67:68:4e:a4:ca:c3:53:22:7f:fb:09:26:b5:85:
da:99:08:6b:ae:fa:1f:a3:c0:9f:5b:34:18:1c:e2:39:b7:9b:
f0:7d:4b:1a:f6:27:38:cf:8e:2f:4c:7c:b4:06:11:82:db:43:
69:c8:dc:65:b2:28:01:59:b7:68:54:39:5a:8b:5f:2a:47:f0:
24:a3:8d:dc:78:93:16:96:c1:cd:5e:3f:c3:26:27:dd:7a:47:
c0:2f:14:c2:12:6e:66:16:f5:fc:f7:58:b0:1a:6c:22:e8:15:
87:79:e0:74:af:7f:ef:33:18:89:93:24:64:7e:87:e7:61:8a:
90:de:6e:23:a5:82:d6:3c:42:30:d3:a6:42:69:90:b6:2b:7c:
cd:4c:03:d8
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQm2exdFhVYWrPLSPbWLMUTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNmI0MjAyMTg4NmQ4ZWVkYmFlOTBkOWU2YWIxZGU1MzNj
NTBkMjAwHhcNMjUwMTAyMTE1MDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWFhM2M2Yzc3YWEwZDBiNDQ0OGMxOGUyODU0OWUxNWRjNzA4ZmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOIkEix04QaqiAEEp96EanvdYa9g
Dg+TuAm6yGY+NhvhqhIHm721eT+AvzKlBg+xh4PhCCq4vgauITQnbhQ4vvPSmjKU
G8HloHo/MTJzqOc4OWQrTjtir2jNsSftny+RC/bRUFo7tI23oGJ/itwbvFHfPp21
8Py27VDsyC014aOJNobBGgqjn40tPCNMScd1EhVoc6s/H5ABtTNeSY56cWpDfANI
AN3YDysgD8oXpDkMpwSLabfocd6pLOFBsQkvqm3CYqB7oe/gJjh5+EGglJKrodHJ
ua1iGTIv1b3kci22occ7UNHmk1vojX13YheXShlTZgPkpHgSSb0xDb/htQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJWqPGx3qg0LREjBjihUnhXccI/rMB8GA1UdIwQY
MBaAFOxrQgIYhtju266Q2earHeUzxQ0gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0d0Q0FoaUcyTzdicnBEWjVxc2Q1VFBGRFNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8yNmMzZTEtNjQ4Ni00ZTA5LTk5YTQt
YTY4NzNiMzc0ZTI2LzEvbGFvOGJIZXFEUXRFU01HT0tGU2VGZHh3ai1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8yNmMzZTEtNjQ4Ni00ZTA5LTk5YTQtYTY4NzNiMzc0ZTI2
LzEvN0d0Q0FoaUcyTzdicnBEWjVxc2Q1VFBGRFNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDXV5QAwQC
uddkAwQE2UCgMA0EAgACMAcDBQMqABXgMA0GCSqGSIb3DQEBCwUAA4IBAQBSAgR+
re1TnYP6LdVuezSs5UHOVwrpXcG8mRvmNpsPZP1v3YLOo2KzU9EuU/8TOZhdRree
6EiXAqYyjTf+48VQHenJOxBF6mfSdAT6oPlAgumf24X8GroE+XPvmREnr1vmtfSN
RZ3qLH3j4CA/ZMCfZ2hOpMrDUyJ/+wkmtYXamQhrrvofo8CfWzQYHOI5t5vwfUsa
9ic4z44vTHy0BhGC20NpyNxlsigBWbdoVDlai18qR/Ako43ceJMWlsHNXj/DJifd
ekfALxTCEm5mFvX891iwGmwi6BWHeeB0r3/vMxiJkyRkfofnYYqQ3m4jpYLWPEIw
06ZCaZC2K3zNTAPY
-----END CERTIFICATE-----
Generated at Sat Apr 12 07:48:14 2025 by rpki-client