Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/f501f6-1702-48d3-8027-96b8691f5260/1/lgcJahdR3letuGxzqsnkCSm7Xc0.roa
File: lgcJahdR3letuGxzqsnkCSm7Xc0.roa (raw, json)
Hash identifier: AIJrokgnB56FiibF0oRhG0plDf3vlh2BQ7hooxmHrWY=
Subject key identifier: 96:07:09:6A:17:51:DE:57:AD:B8:6C:73:AA:C9:E4:09:29:BB:5D:CD
Certificate issuer: /CN=15d1ff6bec9fbcb89e950a3a01ef2d686f0e7a31
Certificate serial: 019428283752078842C73211761074684705
Authority key identifier: 15:D1:FF:6B:EC:9F:BC:B8:9E:95:0A:3A:01:EF:2D:68:6F:0E:7A:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FdH_a-yfvLielQo6Ae8taG8OejE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/f501f6-1702-48d3-8027-96b8691f5260/1/lgcJahdR3letuGxzqsnkCSm7Xc0.roa
Signing time: Thu 02 Jan 2025 17:55:11 +0000
ROA not before: Thu 02 Jan 2025 17:55:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203147
IP address blocks: 185.150.216.0/23 maxlen: 23
185.150.218.0/24 maxlen: 24
185.150.219.0/24 maxlen: 24
2a07:7c40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5e/f501f6-1702-48d3-8027-96b8691f5260/1/FdH_a-yfvLielQo6Ae8taG8OejE.crl
rsync://rpki.ripe.net/repository/DEFAULT/5e/f501f6-1702-48d3-8027-96b8691f5260/1/FdH_a-yfvLielQo6Ae8taG8OejE.mft
rsync://rpki.ripe.net/repository/DEFAULT/FdH_a-yfvLielQo6Ae8taG8OejE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 15 Apr 2025 23:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:28:37:52:07:88:42:c7:32:11:76:10:74:68:47:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15d1ff6bec9fbcb89e950a3a01ef2d686f0e7a31
Validity
Not Before: Jan 2 17:55:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9607096a1751de57adb86c73aac9e40929bb5dcd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:86:f8:dc:67:a7:23:85:f7:28:b7:9c:42:87:
1d:e5:d0:a4:bd:a3:90:23:7e:db:72:6f:d9:e4:c3:
ef:0d:3a:75:65:9d:52:ad:27:08:7d:f2:8e:5a:69:
a3:9c:f2:31:c1:1a:b8:39:03:14:34:7f:2d:17:45:
70:2d:40:e6:47:05:c6:da:d0:62:8c:db:05:c1:fd:
3d:bc:04:c1:68:a4:33:93:30:78:63:b4:3d:9e:11:
2c:01:17:d7:21:1d:32:d9:42:3b:54:17:e1:e5:ac:
4d:44:e2:bf:d2:92:8e:a8:b0:75:a3:6e:9c:e8:fd:
97:2b:c2:db:66:c0:25:1c:f7:dc:17:46:00:d9:1f:
af:f3:42:20:36:e3:e0:80:ca:fb:2a:0f:6c:c9:4b:
df:d5:93:33:7d:04:37:fe:66:76:8e:ee:63:23:fd:
a4:f4:09:95:a3:05:04:5b:a0:4b:6e:a0:2f:a7:2d:
f5:2d:5b:d9:78:02:83:d4:3e:f6:ca:30:cb:0c:73:
22:d8:8c:04:67:69:b3:c8:65:8b:2a:c7:2d:16:5d:
2d:72:29:c3:f5:08:b2:cd:b6:52:2c:97:32:68:a0:
1f:86:41:fa:86:bf:eb:97:a0:fa:dd:ae:5b:f3:81:
43:5c:12:4b:44:ac:eb:5c:4b:27:2f:9c:09:7a:58:
a6:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:07:09:6A:17:51:DE:57:AD:B8:6C:73:AA:C9:E4:09:29:BB:5D:CD
X509v3 Authority Key Identifier:
keyid:15:D1:FF:6B:EC:9F:BC:B8:9E:95:0A:3A:01:EF:2D:68:6F:0E:7A:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FdH_a-yfvLielQo6Ae8taG8OejE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/f501f6-1702-48d3-8027-96b8691f5260/1/lgcJahdR3letuGxzqsnkCSm7Xc0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/f501f6-1702-48d3-8027-96b8691f5260/1/FdH_a-yfvLielQo6Ae8taG8OejE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.150.216.0/22
IPv6:
2a07:7c40::/29
Signature Algorithm: sha256WithRSAEncryption
01:31:21:43:df:4c:ef:29:59:37:8d:b7:60:b3:bc:2d:bc:6b:
12:ca:6a:a1:d5:37:d1:35:db:cf:83:75:56:eb:51:eb:a7:0b:
80:5f:25:15:7a:ed:c7:5b:7c:6a:b5:3d:cd:07:ba:ea:d4:eb:
6f:35:a8:24:8e:83:59:ed:91:05:93:db:65:cb:97:1a:18:bd:
b8:ee:ca:bf:c8:bc:a3:24:ba:2c:12:7b:fb:fd:e9:2f:64:db:
5c:b9:f6:77:5c:2d:fe:3d:5c:57:26:02:a6:b2:b7:ee:a2:30:
3d:3d:f9:17:25:f1:c8:11:1b:a8:f1:51:b4:ec:55:c5:b7:f9:
64:5c:dc:66:40:2d:41:89:bd:c5:7a:8d:85:eb:ed:6f:6b:4d:
3d:23:76:46:61:77:d7:1a:f7:15:61:b2:10:c6:e7:73:3a:65:
cb:b8:fd:71:f2:1b:53:ab:cb:5c:b5:7e:1b:b4:43:49:c8:b6:
d6:71:00:df:87:80:84:65:d4:ec:45:16:a7:40:c8:a1:c6:96:
8a:69:8d:54:05:b0:d1:3d:95:cc:2e:fd:70:1b:9b:07:fb:3a:
14:13:1b:e7:1f:85:04:9f:88:6d:f8:5e:3c:22:79:90:ff:25:
29:28:75:86:16:75:2b:ed:19:28:4e:37:fa:a8:9e:0f:88:ee:
06:cd:1e:9e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQoKDdSB4hCxzIRdhB0aEcFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZDFmZjZiZWM5ZmJjYjg5ZTk1MGEzYTAxZWYyZDY4NmYw
ZTdhMzEwHhcNMjUwMTAyMTc1NTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjA3MDk2YTE3NTFkZTU3YWRiODZjNzNhYWM5ZTQwOTI5YmI1ZGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArIb43GenI4X3KLecQocd5dCkvaOQ
I37bcm/Z5MPvDTp1ZZ1SrScIffKOWmmjnPIxwRq4OQMUNH8tF0VwLUDmRwXG2tBi
jNsFwf09vATBaKQzkzB4Y7Q9nhEsARfXIR0y2UI7VBfh5axNROK/0pKOqLB1o26c
6P2XK8LbZsAlHPfcF0YA2R+v80IgNuPggMr7Kg9syUvf1ZMzfQQ3/mZ2ju5jI/2k
9AmVowUEW6BLbqAvpy31LVvZeAKD1D72yjDLDHMi2IwEZ2mzyGWLKsctFl0tcinD
9QiyzbZSLJcyaKAfhkH6hr/rl6D63a5b84FDXBJLRKzrXEsnL5wJelimywIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJYHCWoXUd5Xrbhsc6rJ5Akpu13NMB8GA1UdIwQY
MBaAFBXR/2vsn7y4npUKOgHvLWhvDnoxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmRIX2EteWZ2TGllbFFvNkFlOHRhRzhPZWpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9mNTAxZjYtMTcwMi00OGQzLTgwMjct
OTZiODY5MWY1MjYwLzEvbGdjSmFoZFIzbGV0dUd4enFzbmtDU203WGMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9mNTAxZjYtMTcwMi00OGQzLTgwMjctOTZiODY5MWY1MjYw
LzEvRmRIX2EteWZ2TGllbFFvNkFlOHRhRzhPZWpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZbYMA0E
AgACMAcDBQMqB3xAMA0GCSqGSIb3DQEBCwUAA4IBAQABMSFD30zvKVk3jbdgs7wt
vGsSymqh1TfRNdvPg3VW61HrpwuAXyUVeu3HW3xqtT3NB7rq1OtvNagkjoNZ7ZEF
k9tly5caGL247sq/yLyjJLosEnv7/ekvZNtcufZ3XC3+PVxXJgKmsrfuojA9PfkX
JfHIERuo8VG07FXFt/lkXNxmQC1Bib3Feo2F6+1va009I3ZGYXfXGvcVYbIQxudz
OmXLuP1x8htTq8tctX4btENJyLbWcQDfh4CEZdTsRRanQMihxpaKaY1UBbDRPZXM
Lv1wG5sH+zoUExvnH4UEn4ht+F48InmQ/yUpKHWGFnUr7RkoTjf6qJ4PiO4GzR6e
-----END CERTIFICATE-----
Generated at Tue Apr 15 04:42:31 2025 by rpki-client