Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/LNIAH1MylX8WQQ-W8xfPHTlOsW0.roa
File: LNIAH1MylX8WQQ-W8xfPHTlOsW0.roa (raw, json)
Hash identifier: GFXXpakvt3mJ4yGbBFawI3+WVF7sKNF14A1lgtziIek=
Subject key identifier: 2C:D2:00:1F:53:32:95:7F:16:41:0F:96:F3:17:CF:1D:39:4E:B1:6D
Certificate issuer: /CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Certificate serial: 0195F00BA4EB919DC816F099CF2D1009EFE8
Authority key identifier: 8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/LNIAH1MylX8WQQ-W8xfPHTlOsW0.roa
Signing time: Tue 01 Apr 2025 06:30:49 +0000
ROA not before: Tue 01 Apr 2025 06:30:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21859
IP address blocks: 188.191.96.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.mft
rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 22:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f0:0b:a4:eb:91:9d:c8:16:f0:99:cf:2d:10:09:ef:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Validity
Not Before: Apr 1 06:30:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2cd2001f5332957f16410f96f317cf1d394eb16d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:5a:4c:ce:7e:c4:49:06:d4:3e:bd:39:46:bc:
94:01:10:2a:fe:e9:d2:59:aa:cd:62:33:63:68:da:
58:d1:da:b7:e1:e5:81:be:b2:a0:c0:40:b1:38:a0:
b3:b4:ac:df:91:10:06:b3:56:4e:14:37:be:62:2c:
53:9b:35:da:a5:9f:93:19:d2:cf:30:08:00:83:b9:
08:68:38:75:72:5c:c5:78:cb:17:ae:7c:f1:80:68:
b4:24:57:9d:2a:05:61:26:71:a2:c0:b3:47:53:de:
16:bd:07:0f:3f:ff:20:f2:a4:7a:9e:05:23:6e:bf:
6e:e7:0e:db:3b:6e:ea:f0:ee:0b:47:0c:8f:e8:cb:
f6:c1:41:f2:b9:cb:bf:f2:86:d6:0c:53:6c:bd:0e:
a1:09:38:40:ee:73:ac:a9:52:ec:17:c3:7e:df:7f:
9d:78:54:22:cd:78:69:0f:f1:58:29:fb:60:95:49:
d6:82:3e:0b:87:bd:80:4e:6d:06:39:65:b3:e6:cd:
39:c8:64:9e:cf:82:7e:48:cb:44:14:4e:76:e6:4f:
3d:3c:ae:9e:e1:d7:93:cf:c3:cc:c9:9d:f9:31:d8:
25:32:88:1e:ce:84:93:4b:ad:9c:5f:49:32:61:61:
1b:ab:7c:79:22:99:f0:9c:2f:b3:7c:91:2e:eb:be:
ba:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:D2:00:1F:53:32:95:7F:16:41:0F:96:F3:17:CF:1D:39:4E:B1:6D
X509v3 Authority Key Identifier:
keyid:8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/LNIAH1MylX8WQQ-W8xfPHTlOsW0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.191.96.0/24
Signature Algorithm: sha256WithRSAEncryption
53:fb:7b:d1:26:6e:43:03:f3:91:01:6d:f7:7f:14:fc:50:5d:
fe:1e:50:50:3b:8c:a1:f5:3d:81:18:75:70:40:6d:c0:8d:5d:
f1:fb:97:1c:74:2f:ac:01:5b:c8:6e:7e:0e:c7:f3:b6:69:da:
9e:b6:6b:97:80:2d:5a:a9:be:9d:6e:b4:73:3f:c7:e4:d0:12:
ef:99:5e:4f:d5:6b:be:f0:b6:d5:af:6d:73:df:72:81:dc:ee:
a3:fe:d2:61:11:3d:5c:ef:5d:7c:98:6f:58:88:04:ca:29:8f:
99:6a:6c:ba:9d:bb:07:30:b7:df:8f:24:b7:c8:e4:37:99:74:
ab:3d:7e:34:e7:38:79:c7:4b:3a:83:61:eb:9f:82:46:78:4a:
3b:9b:e1:dd:6b:95:b0:73:d4:f7:94:6d:4d:c3:bf:09:7a:a8:
3a:35:61:8e:3a:0c:e3:fb:ae:5f:a0:2e:8e:3f:c4:8c:e2:0f:
a0:f2:5e:06:76:94:76:64:bc:f5:3a:35:65:24:9d:48:94:97:
d1:49:2b:68:a5:72:d4:19:ed:6b:48:b6:13:83:01:7d:c4:0d:
63:76:d5:91:29:7d:18:cd:9e:ce:78:78:42:31:19:6e:77:ba:
64:6b:9f:7f:17:0b:47:76:34:9d:1a:4f:9f:52:b4:cc:e3:b0:
d1:dd:a2:0e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZXwC6TrkZ3IFvCZzy0QCe/oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWFjODNlZTNhM2Y5NjhkNjZhZDJmZGY0NjE2ZTdiYjFl
NGQxZDcwHhcNMjUwNDAxMDYzMDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyY2QyMDAxZjUzMzI5NTdmMTY0MTBmOTZmMzE3Y2YxZDM5NGViMTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmFpMzn7ESQbUPr05RryUARAq/unS
WarNYjNjaNpY0dq34eWBvrKgwECxOKCztKzfkRAGs1ZOFDe+YixTmzXapZ+TGdLP
MAgAg7kIaDh1clzFeMsXrnzxgGi0JFedKgVhJnGiwLNHU94WvQcPP/8g8qR6ngUj
br9u5w7bO27q8O4LRwyP6Mv2wUHyucu/8obWDFNsvQ6hCThA7nOsqVLsF8N+33+d
eFQizXhpD/FYKftglUnWgj4Lh72ATm0GOWWz5s05yGSez4J+SMtEFE525k89PK6e
4deTz8PMyZ35MdglMogezoSTS62cX0kyYWEbq3x5IpnwnC+zfJEu6766YQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCzSAB9TMpV/FkEPlvMXzx05TrFtMB8GA1UdIwQY
MBaAFI0ayD7jo/lo1mrS/fRhbnux5NHXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWIt
ZGRmNTY3ZWRlZDAzLzEvTE5JQUgxTXlsWDhXUVEtVzh4ZlBIVGxPc1cwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWItZGRmNTY3ZWRlZDAz
LzEvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvL9gMA0G
CSqGSIb3DQEBCwUAA4IBAQBT+3vRJm5DA/ORAW33fxT8UF3+HlBQO4yh9T2BGHVw
QG3AjV3x+5ccdC+sAVvIbn4Ox/O2adqetmuXgC1aqb6dbrRzP8fk0BLvmV5P1Wu+
8LbVr21z33KB3O6j/tJhET1c7118mG9YiATKKY+Zamy6nbsHMLffjyS3yOQ3mXSr
PX405zh5x0s6g2Hrn4JGeEo7m+Hda5Wwc9T3lG1Nw78Jeqg6NWGOOgzj+65foC6O
P8SM4g+g8l4GdpR2ZLz1OjVlJJ1IlJfRSStopXLUGe1rSLYTgwF9xA1jdtWRKX0Y
zZ7OeHhCMRlud7pka59/FwtHdjSdGk+fUrTM47DR3aIO
-----END CERTIFICATE-----
Generated at Sun Apr 6 04:37:35 2025 by rpki-client