Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/7bff3e-03aa-4e0a-b2fc-4a7ddf2d86bd/1/lmViBZUrJauVEE0G2QrmSk33TZM.roa
File: lmViBZUrJauVEE0G2QrmSk33TZM.roa (raw, json)
Hash identifier: HMXZlZJ5YNloePMdOCSIn559A8cE+RQD1iAwls1t7fk=
Subject key identifier: 96:65:62:05:95:2B:25:AB:95:10:4D:06:D9:0A:E6:4A:4D:F7:4D:93
Certificate issuer: /CN=5e95fdfd28cdc03d89d214e4ad3a6c5fb3ebacbf
Certificate serial: 0194274882CC877A43AEF9CD7F6E0B8B116C
Authority key identifier: 5E:95:FD:FD:28:CD:C0:3D:89:D2:14:E4:AD:3A:6C:5F:B3:EB:AC:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XpX9_SjNwD2J0hTkrTpsX7PrrL8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/7bff3e-03aa-4e0a-b2fc-4a7ddf2d86bd/1/lmViBZUrJauVEE0G2QrmSk33TZM.roa
Signing time: Thu 02 Jan 2025 13:50:51 +0000
ROA not before: Thu 02 Jan 2025 13:50:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44709
IP address blocks: 80.244.173.0/24 maxlen: 24
80.244.174.0/24 maxlen: 24
80.244.175.0/24 maxlen: 24
185.106.128.0/24 maxlen: 24
185.106.129.0/24 maxlen: 24
185.106.130.0/24 maxlen: 24
185.106.131.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/56/7bff3e-03aa-4e0a-b2fc-4a7ddf2d86bd/1/XpX9_SjNwD2J0hTkrTpsX7PrrL8.crl
rsync://rpki.ripe.net/repository/DEFAULT/56/7bff3e-03aa-4e0a-b2fc-4a7ddf2d86bd/1/XpX9_SjNwD2J0hTkrTpsX7PrrL8.mft
rsync://rpki.ripe.net/repository/DEFAULT/XpX9_SjNwD2J0hTkrTpsX7PrrL8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:82:cc:87:7a:43:ae:f9:cd:7f:6e:0b:8b:11:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e95fdfd28cdc03d89d214e4ad3a6c5fb3ebacbf
Validity
Not Before: Jan 2 13:50:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=96656205952b25ab95104d06d90ae64a4df74d93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:6f:0d:29:10:7a:95:7b:aa:cd:bc:a2:6e:fa:
7c:0f:86:87:21:1f:df:5b:a0:f5:b5:7a:c5:b9:98:
30:50:1b:52:c6:4a:5b:d5:c4:9a:37:e6:00:6a:1f:
71:c2:de:6d:d6:46:b6:de:a6:0b:82:0e:f0:53:ca:
f1:06:b5:72:f1:d8:b8:bb:00:fd:d1:af:92:04:6d:
b4:20:06:d6:a8:78:c7:39:bd:4a:14:a7:7b:31:eb:
c0:20:58:d1:e3:8d:3f:ba:40:bb:a4:5a:b7:1d:de:
e9:4f:a6:bc:eb:90:24:a3:a0:e9:61:07:35:00:1c:
f6:15:ac:54:74:c8:04:e3:c5:04:e1:34:d9:8c:6e:
2f:17:86:6a:88:84:8d:95:4f:ec:32:3e:4f:ba:d0:
75:8d:78:57:cc:1d:7a:a9:d4:a2:08:bb:8f:a6:33:
e2:09:fa:df:d6:10:c0:27:82:c8:e1:46:cf:e9:1c:
47:ea:22:28:c3:51:21:5b:70:76:b3:3b:39:02:da:
02:b5:eb:77:2b:5d:d5:72:13:66:64:4e:54:a0:08:
8e:57:3d:26:00:4c:7c:7f:8d:0d:40:dc:70:cf:98:
3f:87:2c:e9:71:88:23:d0:3f:b9:a1:04:ba:74:3a:
52:a3:fd:70:c9:12:fc:37:a7:57:3f:34:bd:ae:66:
2b:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:65:62:05:95:2B:25:AB:95:10:4D:06:D9:0A:E6:4A:4D:F7:4D:93
X509v3 Authority Key Identifier:
keyid:5E:95:FD:FD:28:CD:C0:3D:89:D2:14:E4:AD:3A:6C:5F:B3:EB:AC:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XpX9_SjNwD2J0hTkrTpsX7PrrL8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/7bff3e-03aa-4e0a-b2fc-4a7ddf2d86bd/1/lmViBZUrJauVEE0G2QrmSk33TZM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/7bff3e-03aa-4e0a-b2fc-4a7ddf2d86bd/1/XpX9_SjNwD2J0hTkrTpsX7PrrL8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.244.173.0-80.244.175.255
185.106.128.0/22
Signature Algorithm: sha256WithRSAEncryption
9a:cd:3e:5b:58:f3:57:d7:ba:78:ec:6b:5c:5e:26:2e:48:b2:
eb:d4:c4:60:1d:48:11:6a:8b:92:9e:c3:e0:7f:73:d3:f7:9b:
14:a0:fd:87:36:ed:7b:cd:55:c2:d1:de:72:8c:77:68:33:a2:
9d:0f:6f:5c:3a:50:bb:bc:51:89:e7:1c:2f:bb:dd:8a:7b:aa:
c2:88:fd:04:c3:e4:2a:49:db:45:a4:08:1d:c7:db:aa:9c:68:
d9:0b:f1:58:af:c3:55:16:7e:e1:c9:39:e0:5d:84:76:18:30:
3a:60:8f:d1:5a:7c:87:da:7a:76:31:ab:6d:2a:85:13:0d:ab:
a2:e3:d0:b0:a5:cb:74:db:b4:2f:96:ba:11:42:22:8e:6d:46:
89:db:7e:10:c5:41:e3:82:bd:e3:6e:bb:c6:93:47:01:9a:e9:
f0:3c:a8:c0:01:c2:7c:73:88:07:63:e0:c9:b2:a9:f1:b7:bc:
c4:f5:1d:77:ef:e8:6e:b1:b9:a2:4f:5e:65:24:f5:c7:14:ba:
15:a8:c1:1c:67:70:55:3c:77:a6:76:6f:a0:09:cb:be:4a:da:
d7:1c:cc:f6:a5:c7:bc:8a:8c:50:a7:95:87:e5:a7:9b:d1:1a:
e5:6a:d3:02:91:47:e8:c2:57:63:34:74:46:44:8b:80:52:b9:
8f:aa:6b:40
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQnSILMh3pDrvnNf24LixFsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlOTVmZGZkMjhjZGMwM2Q4OWQyMTRlNGFkM2E2YzVmYjNl
YmFjYmYwHhcNMjUwMTAyMTM1MDUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjY1NjIwNTk1MmIyNWFiOTUxMDRkMDZkOTBhZTY0YTRkZjc0ZDkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz28NKRB6lXuqzbyibvp8D4aHIR/f
W6D1tXrFuZgwUBtSxkpb1cSaN+YAah9xwt5t1ka23qYLgg7wU8rxBrVy8di4uwD9
0a+SBG20IAbWqHjHOb1KFKd7MevAIFjR440/ukC7pFq3Hd7pT6a865Ako6DpYQc1
ABz2FaxUdMgE48UE4TTZjG4vF4ZqiISNlU/sMj5PutB1jXhXzB16qdSiCLuPpjPi
Cfrf1hDAJ4LI4UbP6RxH6iIow1EhW3B2szs5AtoCtet3K13VchNmZE5UoAiOVz0m
AEx8f40NQNxwz5g/hyzpcYgj0D+5oQS6dDpSo/1wyRL8N6dXPzS9rmYrjQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFJZlYgWVKyWrlRBNBtkK5kpN902TMB8GA1UdIwQY
MBaAFF6V/f0ozcA9idIU5K06bF+z66y/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHBYOV9Tak53RDJKMGhUa3JUcHNYN1Byckw4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni83YmZmM2UtMDNhYS00ZTBhLWIyZmMt
NGE3ZGRmMmQ4NmJkLzEvbG1WaUJaVXJKYXVWRUUwRzJRcm1TazMzVFpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni83YmZmM2UtMDNhYS00ZTBhLWIyZmMtNGE3ZGRmMmQ4NmJk
LzEvWHBYOV9Tak53RDJKMGhUa3JUcHNYN1Byckw4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABQ9K0D
BARQ9KADBAK5aoAwDQYJKoZIhvcNAQELBQADggEBAJrNPltY81fXunjsa1xeJi5I
suvUxGAdSBFqi5Kew+B/c9P3mxSg/Yc27XvNVcLR3nKMd2gzop0Pb1w6ULu8UYnn
HC+73Yp7qsKI/QTD5CpJ20WkCB3H26qcaNkL8Vivw1UWfuHJOeBdhHYYMDpgj9Fa
fIfaenYxq20qhRMNq6Lj0LCly3TbtC+WuhFCIo5tRonbfhDFQeOCveNuu8aTRwGa
6fA8qMABwnxziAdj4MmyqfG3vMT1HXfv6G6xuaJPXmUk9ccUuhWowRxncFU8d6Z2
b6AJy75K2tcczPalx7yKjFCnlYflp5vRGuVq0wKRR+jCV2M0dEZEi4BSuY+qa0A=
-----END CERTIFICATE-----
Generated at Tue Apr 22 11:54:04 2025 by rpki-client