Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/e41698-e7ac-418c-b91d-2267968b652f/1/lQvman0TcS9UAXTyd3ZXIdLOBqI.roa
File: lQvman0TcS9UAXTyd3ZXIdLOBqI.roa (raw, json)
Hash identifier: P14NthyAGiyfoJgBsi6HRoRfnfWtEu8GOwgj8n8I3ag=
Subject key identifier: 95:0B:E6:6A:7D:13:71:2F:54:01:74:F2:77:76:57:21:D2:CE:06:A2
Certificate issuer: /CN=c23642d1ab39d309ec5f33e4e8814adc3584825f
Certificate serial: 019428274F71FFD744E63CAA0A881FB50AA0
Authority key identifier: C2:36:42:D1:AB:39:D3:09:EC:5F:33:E4:E8:81:4A:DC:35:84:82:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjZC0as50wnsXzPk6IFK3DWEgl8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/e41698-e7ac-418c-b91d-2267968b652f/1/lQvman0TcS9UAXTyd3ZXIdLOBqI.roa
Signing time: Thu 02 Jan 2025 17:54:12 +0000
ROA not before: Thu 02 Jan 2025 17:54:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39368
IP address blocks: 185.211.56.0/24 maxlen: 24
185.211.57.0/24 maxlen: 24
185.211.58.0/24 maxlen: 24
185.211.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/e41698-e7ac-418c-b91d-2267968b652f/1/wjZC0as50wnsXzPk6IFK3DWEgl8.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/e41698-e7ac-418c-b91d-2267968b652f/1/wjZC0as50wnsXzPk6IFK3DWEgl8.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjZC0as50wnsXzPk6IFK3DWEgl8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 07:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:27:4f:71:ff:d7:44:e6:3c:aa:0a:88:1f:b5:0a:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c23642d1ab39d309ec5f33e4e8814adc3584825f
Validity
Not Before: Jan 2 17:54:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=950be66a7d13712f540174f277765721d2ce06a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:c8:6e:70:55:f1:4a:52:69:bc:2c:73:fc:a4:
21:6a:9c:af:e9:80:eb:26:4a:98:c5:2f:fa:05:48:
a8:e5:5d:39:97:cd:99:5d:52:fb:cf:26:26:e3:2e:
5d:57:47:6d:d9:b7:16:3d:7f:40:bf:0a:ac:19:fe:
51:71:d7:91:fb:8d:99:c0:f4:ef:2e:1b:18:d8:5d:
1a:be:2a:ae:a1:a0:71:02:a4:a4:0d:dd:d7:21:f8:
f9:d6:a6:e7:d8:84:1a:8e:f9:74:b2:d9:d7:ea:5f:
ea:cc:1f:a4:85:41:af:9e:e3:d0:41:e6:c0:05:43:
02:1c:25:74:9f:31:8d:8d:6c:44:7b:92:2e:96:e8:
d5:f5:27:84:30:fd:cd:e3:3f:2d:1f:2d:71:a2:87:
d7:3c:a8:c6:d9:9b:b9:f5:15:d0:fe:06:b4:c4:f3:
c4:9b:ea:2d:92:ed:02:04:74:0e:a8:2c:ed:34:53:
1c:aa:8a:f7:c9:a4:65:3c:c6:09:68:bd:dd:d4:87:
a8:c8:97:67:51:15:0e:37:a4:b4:0b:8c:57:75:d4:
59:76:35:44:4f:79:6e:5e:71:44:7b:68:08:db:38:
c5:e3:3a:e3:75:31:f1:69:12:e5:0a:9b:39:1b:be:
27:18:07:13:44:6e:16:89:f5:8c:db:9e:5e:d3:01:
b5:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:0B:E6:6A:7D:13:71:2F:54:01:74:F2:77:76:57:21:D2:CE:06:A2
X509v3 Authority Key Identifier:
keyid:C2:36:42:D1:AB:39:D3:09:EC:5F:33:E4:E8:81:4A:DC:35:84:82:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjZC0as50wnsXzPk6IFK3DWEgl8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/e41698-e7ac-418c-b91d-2267968b652f/1/lQvman0TcS9UAXTyd3ZXIdLOBqI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/e41698-e7ac-418c-b91d-2267968b652f/1/wjZC0as50wnsXzPk6IFK3DWEgl8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.211.56.0/22
Signature Algorithm: sha256WithRSAEncryption
41:81:62:2b:98:28:22:f5:3c:d3:43:49:0b:78:fe:09:f1:13:
70:0f:0f:82:34:a2:7d:12:65:02:8d:6d:fa:16:1b:98:12:c3:
8e:02:7e:3d:1c:c6:f9:67:f0:79:d4:c1:b2:af:42:1e:80:ef:
43:35:dd:cf:99:f9:b9:a3:a4:8e:1a:89:ec:5a:54:9a:06:40:
ea:dc:c4:ae:9a:99:81:90:d1:53:e6:f4:08:b6:6e:7c:e3:0c:
9e:1b:5a:46:4f:54:75:3b:53:e9:9d:25:08:82:b6:c9:31:e7:
d6:cc:30:60:aa:2e:d2:3f:ea:66:19:f9:5a:43:55:ae:d1:69:
1a:8e:ed:af:4c:f6:e9:85:64:67:26:0a:24:93:34:3a:bb:cc:
1b:5c:04:f2:5b:36:4a:5c:08:35:25:6e:5b:6c:31:9b:71:de:
f4:58:b3:27:b7:9d:5e:c6:4b:97:63:e7:95:78:57:ff:99:9a:
95:0d:cf:c0:2c:00:fe:7d:63:e4:4d:eb:70:e8:4e:87:95:16:
37:d4:61:39:e5:b3:26:10:cd:e4:9a:68:37:7f:a8:63:53:e0:
8b:8b:0f:db:d7:cb:b7:4d:3d:3e:2c:f3:66:6e:85:64:0e:18:
96:07:95:bf:39:d5:17:c2:37:42:73:b9:0d:95:5e:16:ec:aa:
78:3f:c3:5c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJ09x/9dE5jyqCogftQqgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyMzY0MmQxYWIzOWQzMDllYzVmMzNlNGU4ODE0YWRjMzU4
NDgyNWYwHhcNMjUwMTAyMTc1NDEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTBiZTY2YTdkMTM3MTJmNTQwMTc0ZjI3Nzc2NTcyMWQyY2UwNmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnchucFXxSlJpvCxz/KQhapyv6YDr
JkqYxS/6BUio5V05l82ZXVL7zyYm4y5dV0dt2bcWPX9AvwqsGf5RcdeR+42ZwPTv
LhsY2F0aviquoaBxAqSkDd3XIfj51qbn2IQajvl0stnX6l/qzB+khUGvnuPQQebA
BUMCHCV0nzGNjWxEe5IulujV9SeEMP3N4z8tHy1xoofXPKjG2Zu59RXQ/ga0xPPE
m+otku0CBHQOqCztNFMcqor3yaRlPMYJaL3d1IeoyJdnURUON6S0C4xXddRZdjVE
T3luXnFEe2gI2zjF4zrjdTHxaRLlCps5G74nGAcTRG4WifWM255e0wG1JwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJUL5mp9E3EvVAF08nd2VyHSzgaiMB8GA1UdIwQY
MBaAFMI2QtGrOdMJ7F8z5OiBStw1hIJfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2paQzBhczUwd25zWHpQazZJRkszRFdFZ2w4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9lNDE2OTgtZTdhYy00MThjLWI5MWQt
MjI2Nzk2OGI2NTJmLzEvbFF2bWFuMFRjUzlVQVhUeWQzWlhJZExPQnFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9lNDE2OTgtZTdhYy00MThjLWI5MWQtMjI2Nzk2OGI2NTJm
LzEvd2paQzBhczUwd25zWHpQazZJRkszRFdFZ2w4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudM4MA0G
CSqGSIb3DQEBCwUAA4IBAQBBgWIrmCgi9TzTQ0kLeP4J8RNwDw+CNKJ9EmUCjW36
FhuYEsOOAn49HMb5Z/B51MGyr0IegO9DNd3Pmfm5o6SOGonsWlSaBkDq3MSumpmB
kNFT5vQItm584wyeG1pGT1R1O1PpnSUIgrbJMefWzDBgqi7SP+pmGflaQ1Wu0Wka
ju2vTPbphWRnJgokkzQ6u8wbXATyWzZKXAg1JW5bbDGbcd70WLMnt51exkuXY+eV
eFf/mZqVDc/ALAD+fWPkTetw6E6HlRY31GE55bMmEM3kmmg3f6hjU+CLiw/b18u3
TT0+LPNmboVkDhiWB5W/OdUXwjdCc7kNlV4W7Kp4P8Nc
-----END CERTIFICATE-----
Generated at Sun Apr 6 15:58:42 2025 by rpki-client