Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/luqyFllQKeDzHLpoXh9sA5XWcgU.roa
File: luqyFllQKeDzHLpoXh9sA5XWcgU.roa (raw, json)
Hash identifier: 1BPyqybpw1BP3b7Pwure15EjZhMjHIuT5UUzjOhSQFA=
Subject key identifier: 96:EA:B2:16:59:50:29:E0:F3:1C:BA:68:5E:1F:6C:03:95:D6:72:05
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 01951DF09DAD366D0476D98F5ED6CF039882
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/luqyFllQKeDzHLpoXh9sA5XWcgU.roa
Signing time: Wed 19 Feb 2025 11:21:03 +0000
ROA not before: Wed 19 Feb 2025 11:21:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213499
IP address blocks: 146.158.92.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.mft
rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:1d:f0:9d:ad:36:6d:04:76:d9:8f:5e:d6:cf:03:98:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Feb 19 11:21:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=96eab216595029e0f31cba685e1f6c0395d67205
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:17:36:c1:0e:e4:cb:f2:b9:32:ff:27:83:bd:
e9:b3:b4:27:ab:17:3e:86:3e:da:15:09:e5:f2:fb:
8b:5e:21:62:f2:e6:d2:e7:5e:b1:df:35:10:36:01:
8e:dd:9a:9f:80:47:44:bb:d2:6f:e5:c4:51:e7:73:
61:72:2e:c5:73:af:21:2d:ef:49:ef:27:1e:54:bd:
7f:b2:e9:26:13:3f:3e:1a:a0:d4:5c:d6:8e:7d:19:
4f:41:21:56:7c:ec:7b:1b:57:c8:5d:40:6c:aa:15:
38:04:82:c4:70:d4:f2:24:d6:d2:9c:c1:a7:96:28:
c1:2e:45:e1:c9:ca:2c:f9:8a:c9:b1:a4:db:10:9f:
bb:e2:fa:40:80:0c:5a:11:f4:29:f5:02:2a:f5:61:
89:8e:04:ba:68:cd:bf:f2:17:e0:2a:83:57:58:62:
fa:76:de:15:eb:19:04:ec:98:cc:7c:15:aa:15:63:
3f:56:16:01:5b:a2:ec:4f:58:77:d8:86:cb:3f:b2:
3b:75:6e:6a:92:a6:3c:4c:3e:6e:e8:36:65:f3:65:
27:62:37:f2:5e:cc:a8:5a:4a:47:ff:0c:ee:05:53:
ef:fd:18:aa:c6:db:3c:5d:23:e9:53:1d:c2:37:c8:
15:54:74:38:2c:30:82:9f:47:f8:ae:05:55:9b:62:
12:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:EA:B2:16:59:50:29:E0:F3:1C:BA:68:5E:1F:6C:03:95:D6:72:05
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/luqyFllQKeDzHLpoXh9sA5XWcgU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.158.92.0/23
Signature Algorithm: sha256WithRSAEncryption
71:a4:23:4e:88:c3:e8:3d:31:13:10:a1:fd:8e:61:cb:9d:77:
97:25:43:1e:01:68:14:61:43:e7:b8:fc:49:75:6c:77:bd:e6:
0a:c2:27:e9:e4:ff:b9:d4:32:17:be:2d:bf:13:e2:d8:2c:dc:
4c:fd:39:92:94:73:c8:9d:18:ec:4e:91:f5:11:cb:5e:72:f2:
20:a1:ad:4a:61:f5:ec:fd:4e:1a:20:90:e1:40:bc:17:06:a5:
76:67:65:1a:cd:83:db:ab:ca:56:48:af:e5:08:7b:8f:f8:83:
73:8e:73:96:d9:49:90:25:c0:b5:bb:46:38:47:ce:ab:39:b4:
f2:7c:5a:af:f5:ce:97:c6:2e:9d:79:0b:02:d2:88:3e:22:ea:
a0:fa:91:5c:36:03:a0:5a:58:f7:65:bb:10:ca:50:3c:68:ab:
80:e8:11:f3:7f:b8:f2:93:87:0e:82:75:9f:e1:46:da:32:d9:
1e:31:74:2e:68:34:ef:96:a5:5c:94:61:20:f8:2d:82:8e:f8:
2a:01:51:7d:d7:22:bc:de:f6:2d:b2:a1:7f:90:9d:4f:39:96:
22:af:79:98:83:21:3a:7e:14:9c:15:e7:48:29:20:34:f0:14:
7c:cd:a1:c4:78:da:83:50:90:73:18:c0:29:fb:20:d4:b4:9a:
b7:40:87:4e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZUd8J2tNm0EdtmPXtbPA5iCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjUwMjE5MTEyMTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmVhYjIxNjU5NTAyOWUwZjMxY2JhNjg1ZTFmNmMwMzk1ZDY3MjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtRc2wQ7ky/K5Mv8ng73ps7Qnqxc+
hj7aFQnl8vuLXiFi8ubS516x3zUQNgGO3ZqfgEdEu9Jv5cRR53Nhci7Fc68hLe9J
7yceVL1/sukmEz8+GqDUXNaOfRlPQSFWfOx7G1fIXUBsqhU4BILEcNTyJNbSnMGn
lijBLkXhycos+YrJsaTbEJ+74vpAgAxaEfQp9QIq9WGJjgS6aM2/8hfgKoNXWGL6
dt4V6xkE7JjMfBWqFWM/VhYBW6LsT1h32IbLP7I7dW5qkqY8TD5u6DZl82UnYjfy
XsyoWkpH/wzuBVPv/Riqxts8XSPpUx3CN8gVVHQ4LDCCn0f4rgVVm2IS1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJbqshZZUCng8xy6aF4fbAOV1nIFMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvbHVxeUZsbFFLZUR6SExwb1hoOXNBNVhXY2dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBkp5cMA0G
CSqGSIb3DQEBCwUAA4IBAQBxpCNOiMPoPTETEKH9jmHLnXeXJUMeAWgUYUPnuPxJ
dWx3veYKwifp5P+51DIXvi2/E+LYLNxM/TmSlHPInRjsTpH1EctecvIgoa1KYfXs
/U4aIJDhQLwXBqV2Z2UazYPbq8pWSK/lCHuP+INzjnOW2UmQJcC1u0Y4R86rObTy
fFqv9c6Xxi6deQsC0og+Iuqg+pFcNgOgWlj3ZbsQylA8aKuA6BHzf7jyk4cOgnWf
4UbaMtkeMXQuaDTvlqVclGEg+C2CjvgqAVF91yK83vYtsqF/kJ1POZYir3mYgyE6
fhScFedIKSA08BR8zaHEeNqDUJBzGMAp+yDUtJq3QIdO
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:15:25 2025 by rpki-client