Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/LAI14FhpOzU-rcfdJ6U9PG061Ec.roa
File: LAI14FhpOzU-rcfdJ6U9PG061Ec.roa (raw, json)
Hash identifier: avAt1L3mlV+2vo4CiZ8YrFs2RggnJV+Qj20+5tYBmII=
Subject key identifier: 2C:02:35:E0:58:69:3B:35:3E:AD:C7:DD:27:A5:3D:3C:6D:3A:D4:47
Certificate issuer: /CN=e2d5bb401180e55f5c165d47908dff4fe29a0d86
Certificate serial: 019511FEC0519D0CA5270FCFE7C489C78F17
Authority key identifier: E2:D5:BB:40:11:80:E5:5F:5C:16:5D:47:90:8D:FF:4F:E2:9A:0D:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/LAI14FhpOzU-rcfdJ6U9PG061Ec.roa
Signing time: Mon 17 Feb 2025 03:41:02 +0000
ROA not before: Mon 17 Feb 2025 03:41:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205209
IP address blocks: 80.74.96.0/24 maxlen: 24
80.74.97.0/24 maxlen: 24
80.74.99.0/24 maxlen: 24
80.74.123.0/24 maxlen: 24
92.61.224.0/24 maxlen: 24
92.61.225.0/24 maxlen: 24
92.61.226.0/24 maxlen: 24
92.61.230.0/24 maxlen: 24
92.61.231.0/24 maxlen: 24
92.61.234.0/23 maxlen: 23
92.61.234.0/24 maxlen: 24
92.61.235.0/24 maxlen: 24
94.188.136.0/24 maxlen: 24
94.188.138.0/24 maxlen: 24
94.188.140.0/24 maxlen: 24
94.188.142.0/24 maxlen: 24
94.188.161.0/24 maxlen: 24
94.188.162.0/24 maxlen: 24
94.188.165.0/24 maxlen: 24
94.188.166.0/24 maxlen: 24
94.188.167.0/24 maxlen: 24
94.188.169.0/24 maxlen: 24
94.188.171.0/24 maxlen: 24
94.188.175.0/24 maxlen: 24
94.188.178.0/24 maxlen: 24
94.188.179.0/24 maxlen: 24
94.188.186.0/23 maxlen: 23
94.188.188.0/23 maxlen: 23
94.188.191.0/24 maxlen: 24
94.188.196.0/24 maxlen: 24
94.188.197.0/24 maxlen: 24
94.188.200.0/24 maxlen: 24
94.188.242.0/24 maxlen: 24
94.188.243.0/24 maxlen: 24
94.188.251.0/24 maxlen: 24
2a02:23b8:2::/52 maxlen: 52
2a02:23b8:1a00::/56 maxlen: 56
2a02:23b8:1a00:200::/56 maxlen: 56
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/4tW7QBGA5V9cFl1HkI3_T-KaDYY.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/4tW7QBGA5V9cFl1HkI3_T-KaDYY.mft
rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 06:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:11:fe:c0:51:9d:0c:a5:27:0f:cf:e7:c4:89:c7:8f:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2d5bb401180e55f5c165d47908dff4fe29a0d86
Validity
Not Before: Feb 17 03:41:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2c0235e058693b353eadc7dd27a53d3c6d3ad447
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:13:d5:99:c6:e5:e3:e3:79:45:79:fa:20:25:
74:35:a3:ab:b3:a5:b1:40:bc:90:88:56:14:bb:6f:
17:c3:3f:d2:2d:d7:5c:1f:7c:1b:3a:44:f7:5a:02:
56:c7:24:f7:44:91:5d:c8:db:b1:a3:46:c5:f6:d9:
05:12:a7:7b:05:44:f3:19:77:28:92:f8:68:7e:5a:
67:bd:91:62:3e:51:28:5d:8c:48:6d:de:6b:96:cb:
3d:af:1a:02:cd:d2:b8:ca:0d:20:cb:33:f6:ed:32:
c2:fc:d1:07:48:8e:c3:56:1b:54:b0:57:f8:02:a1:
8e:56:31:40:15:58:b0:06:fb:47:cc:09:c1:5b:6e:
b4:57:a0:be:20:08:c0:bc:4b:cc:0e:39:9b:1c:94:
8b:21:06:be:91:a9:4a:d2:6a:10:57:57:89:4e:e0:
6b:7b:46:e6:f3:10:d7:ba:9e:59:fb:1b:9c:bd:42:
05:e5:32:bc:12:e2:fd:b5:36:e1:30:2a:2f:92:7a:
c5:d7:ee:f1:3f:3b:3f:86:a0:ec:81:92:6a:30:2a:
c5:4a:78:14:0d:c0:f7:c5:80:ae:79:e5:d6:70:0f:
4a:ab:77:da:dc:f3:3f:44:b2:9d:f7:9d:28:e6:9b:
eb:ca:b0:d5:5f:f0:c9:f7:d2:82:14:b1:b8:2e:fe:
c0:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:02:35:E0:58:69:3B:35:3E:AD:C7:DD:27:A5:3D:3C:6D:3A:D4:47
X509v3 Authority Key Identifier:
keyid:E2:D5:BB:40:11:80:E5:5F:5C:16:5D:47:90:8D:FF:4F:E2:9A:0D:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/LAI14FhpOzU-rcfdJ6U9PG061Ec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/4tW7QBGA5V9cFl1HkI3_T-KaDYY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.74.96.0/23
80.74.99.0/24
80.74.123.0/24
92.61.224.0-92.61.226.255
92.61.230.0/23
92.61.234.0/23
94.188.136.0/24
94.188.138.0/24
94.188.140.0/24
94.188.142.0/24
94.188.161.0-94.188.162.255
94.188.165.0-94.188.167.255
94.188.169.0/24
94.188.171.0/24
94.188.175.0/24
94.188.178.0/23
94.188.186.0-94.188.189.255
94.188.191.0/24
94.188.196.0/23
94.188.200.0/24
94.188.242.0/23
94.188.251.0/24
IPv6:
2a02:23b8:2::/52
2a02:23b8:1a00::/56
2a02:23b8:1a00:200::/56
Signature Algorithm: sha256WithRSAEncryption
47:4d:2b:3c:f8:1f:04:4a:0a:97:87:30:60:77:70:51:7a:17:
94:e2:e4:8e:f1:d2:d8:72:db:48:8e:a4:d3:fd:66:95:fb:9a:
a2:11:0b:74:47:8e:98:02:28:47:0f:5d:67:e5:08:fe:27:32:
00:c4:07:d4:54:a5:13:32:3e:64:5f:8a:8b:2f:1d:4c:e4:88:
42:73:da:ec:38:ff:27:fa:3e:cf:91:d4:53:8e:1a:34:b9:2e:
50:f7:a8:bc:91:eb:c7:d2:77:c8:91:8b:ec:3d:9a:e5:9c:a2:
4f:c0:70:50:f0:ef:5b:95:4a:0f:bd:c9:5d:00:e3:8f:55:1a:
d3:6d:3f:be:ab:17:03:0a:f6:be:a1:4e:1f:b2:8c:c3:82:44:
67:86:bf:71:bc:f5:9d:df:bf:3c:6f:83:39:c2:f3:c7:9a:fa:
d1:11:be:91:a2:78:89:0d:d9:38:ce:a0:13:57:de:ea:7b:e0:
a4:13:1f:96:ba:5e:0b:32:17:6e:4f:9d:91:10:83:21:3e:03:
cb:26:8d:86:f2:c6:bb:47:d4:73:1a:02:ad:be:75:d1:74:0b:
20:8d:63:d9:52:67:26:95:06:87:0e:45:75:58:ce:7b:74:99:
d6:e3:52:a2:49:69:9e:13:0a:d1:e9:ed:55:e3:06:bc:06:45:
21:b1:0a:c5
-----BEGIN CERTIFICATE-----
MIIFxjCCBK6gAwIBAgISAZUR/sBRnQylJw/P58SJx48XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDViYjQwMTE4MGU1NWY1YzE2NWQ0NzkwOGRmZjRmZTI5
YTBkODYwHhcNMjUwMjE3MDM0MTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzAyMzVlMDU4NjkzYjM1M2VhZGM3ZGQyN2E1M2QzYzZkM2FkNDQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuRPVmcbl4+N5RXn6ICV0NaOrs6Wx
QLyQiFYUu28Xwz/SLddcH3wbOkT3WgJWxyT3RJFdyNuxo0bF9tkFEqd7BUTzGXco
kvhoflpnvZFiPlEoXYxIbd5rlss9rxoCzdK4yg0gyzP27TLC/NEHSI7DVhtUsFf4
AqGOVjFAFViwBvtHzAnBW260V6C+IAjAvEvMDjmbHJSLIQa+kalK0moQV1eJTuBr
e0bm8xDXup5Z+xucvUIF5TK8EuL9tTbhMCovknrF1+7xPzs/hqDsgZJqMCrFSngU
DcD3xYCueeXWcA9Kq3fa3PM/RLKd950o5pvryrDVX/DJ99KCFLG4Lv7AcQIDAQAB
o4IC0jCCAs4wHQYDVR0OBBYEFCwCNeBYaTs1Pq3H3SelPTxtOtRHMB8GA1UdIwQY
MBaAFOLVu0ARgOVfXBZdR5CN/0/img2GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHRXN1FCR0E1VjljRmwxSGtJM19ULUthRFlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS84NjI5N2EtZDIxOS00NTY3LTkxNzEt
NDIxZTZiYzdlMmU4LzEvTEFJMTRGaHBPelUtcmNmZEo2VTlQRzA2MUVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS84NjI5N2EtZDIxOS00NTY3LTkxNzEtNDIxZTZiYzdlMmU4
LzEvNHRXN1FCR0E1VjljRmwxSGtJM19ULUthRFlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHnBggrBgEFBQcBBwEB/wSB1zCB1DCBqwQCAAEwgaQDBAFQ
SmADBABQSmMDBABQSnswDAMEBVw94AMEAFw94gMEAVw95gMEAVw96gMEAF68iAME
AF68igMEAF68jAMEAF68jjAMAwQAXryhAwQAXryiMAwDBABevKUDBANevKADBABe
vKkDBABevKsDBABevK8DBAFevLIwDAMEAV68ugMEAV68vAMEAF68vwMEAV68xAME
AF68yAMEAV688gMEAF68+zAkBAIAAjAeAwgEKgIjuAACAAMIACoCI7gaAAADCAAq
AiO4GgACMA0GCSqGSIb3DQEBCwUAA4IBAQBHTSs8+B8ESgqXhzBgd3BReheU4uSO
8dLYcttIjqTT/WaV+5qiEQt0R46YAihHD11n5Qj+JzIAxAfUVKUTMj5kX4qLLx1M
5IhCc9rsOP8n+j7PkdRTjho0uS5Q96i8kevH0nfIkYvsPZrlnKJPwHBQ8O9blUoP
vcldAOOPVRrTbT++qxcDCva+oU4fsozDgkRnhr9xvPWd3788b4M5wvPHmvrREb6R
oniJDdk4zqATV97qe+CkEx+Wul4LMhduT52REIMhPgPLJo2G8sa7R9RzGgKtvnXR
dAsgjWPZUmcmlQaHDkV1WM57dJnW41KiSWmeEwrR6e1V4wa8BkUhsQrF
-----END CERTIFICATE-----
Generated at Tue Apr 15 13:07:11 2025 by rpki-client