Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/9536f5-f566-4c80-a7d9-bc1522789d3b/1/LS7cmX4hkxBo29n9xBMkazlGUQA.roa
File: LS7cmX4hkxBo29n9xBMkazlGUQA.roa (raw, json)
Hash identifier: LcZigv6OQHpGmVW5BHzHMIZtI+TTJsjlraR4mOoxOrA=
Subject key identifier: 2D:2E:DC:99:7E:21:93:10:68:DB:D9:FD:C4:13:24:6B:39:46:51:00
Certificate issuer: /CN=764928a97be955377013d382c62940e950dd212b
Certificate serial: 019422FBB206ACBFF3EA139264B14CC93F9E
Authority key identifier: 76:49:28:A9:7B:E9:55:37:70:13:D3:82:C6:29:40:E9:50:DD:21:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dkkoqXvpVTdwE9OCxilA6VDdISs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/9536f5-f566-4c80-a7d9-bc1522789d3b/1/LS7cmX4hkxBo29n9xBMkazlGUQA.roa
Signing time: Wed 01 Jan 2025 17:48:27 +0000
ROA not before: Wed 01 Jan 2025 17:48:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9211
IP address blocks: 31.24.96.0/21 maxlen: 24
87.253.160.0/20 maxlen: 24
87.253.190.0/24 maxlen: 24
185.205.216.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/63/9536f5-f566-4c80-a7d9-bc1522789d3b/1/dkkoqXvpVTdwE9OCxilA6VDdISs.crl
rsync://rpki.ripe.net/repository/DEFAULT/63/9536f5-f566-4c80-a7d9-bc1522789d3b/1/dkkoqXvpVTdwE9OCxilA6VDdISs.mft
rsync://rpki.ripe.net/repository/DEFAULT/dkkoqXvpVTdwE9OCxilA6VDdISs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 20:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:b2:06:ac:bf:f3:ea:13:92:64:b1:4c:c9:3f:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=764928a97be955377013d382c62940e950dd212b
Validity
Not Before: Jan 1 17:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2d2edc997e21931068dbd9fdc413246b39465100
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:4a:ff:e0:35:3f:ff:f8:93:76:ef:a2:00:9f:
63:4e:28:4b:f7:6c:37:ec:86:b2:dd:ea:ad:8c:72:
eb:af:99:88:52:b7:2f:ac:93:9f:c2:f5:45:fe:57:
2c:02:0c:87:42:fd:da:07:c3:8e:37:4e:3f:2c:43:
d2:42:48:d5:dc:4d:bc:f5:dd:59:8d:49:6d:9e:d2:
f3:70:f8:6c:77:a0:40:03:01:bf:45:03:d1:6c:98:
c5:3d:1f:eb:3c:c2:22:6a:81:b9:98:3c:ca:d5:7e:
e0:0c:e8:89:07:fe:9f:3d:ac:4f:b2:e2:79:4a:11:
17:7b:db:f2:77:01:05:88:69:0e:10:11:19:13:ad:
a7:39:b7:88:a0:b0:49:b2:b1:10:41:d8:0b:17:5d:
b9:84:f2:42:f5:a4:59:48:86:fb:fb:bf:bd:8e:ee:
cc:01:4f:9c:bd:3e:60:e4:c9:7f:41:96:7f:a9:01:
5a:9c:40:9a:82:7a:0b:e0:9e:29:9b:7f:a1:45:2d:
c7:d3:71:2f:26:d1:d3:21:08:8a:14:c8:ed:82:7e:
4b:33:a5:03:64:ff:d3:c5:ca:93:d4:94:02:da:7e:
7a:f2:98:59:35:ba:b9:1e:ff:2a:f8:14:5f:6f:40:
28:df:ad:70:f0:a2:87:c8:96:1e:4c:a8:fe:f0:a5:
18:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:2E:DC:99:7E:21:93:10:68:DB:D9:FD:C4:13:24:6B:39:46:51:00
X509v3 Authority Key Identifier:
keyid:76:49:28:A9:7B:E9:55:37:70:13:D3:82:C6:29:40:E9:50:DD:21:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dkkoqXvpVTdwE9OCxilA6VDdISs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/9536f5-f566-4c80-a7d9-bc1522789d3b/1/LS7cmX4hkxBo29n9xBMkazlGUQA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/9536f5-f566-4c80-a7d9-bc1522789d3b/1/dkkoqXvpVTdwE9OCxilA6VDdISs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.96.0/21
87.253.160.0/20
87.253.190.0/24
185.205.216.0/22
Signature Algorithm: sha256WithRSAEncryption
04:b6:b6:2e:54:1f:f8:af:53:a9:50:be:6f:3f:42:5e:a6:12:
4b:24:9d:2b:53:0f:2a:06:8d:89:fe:d6:f1:74:1f:ce:84:62:
5b:ed:ea:ce:6b:1b:77:0a:3f:c6:33:2e:e1:79:83:85:d2:bf:
88:66:6d:8d:33:57:b6:25:7e:33:89:0d:4e:6f:00:1e:73:ea:
3f:89:b1:8a:11:1a:47:3e:e7:1a:02:80:10:c7:e1:3e:cb:a5:
50:d0:59:02:8a:f1:c8:98:82:7f:14:50:fc:96:c2:de:b7:57:
a0:a3:87:fe:1e:cc:50:fe:3a:96:9f:64:83:14:50:b3:d3:cd:
68:5f:76:6d:ec:6c:c8:91:07:9f:ee:83:ff:37:7e:6d:97:12:
43:92:15:70:14:15:7f:5a:17:36:7f:4a:c6:8a:ab:f9:26:be:
8d:22:e2:e7:71:c6:0a:d9:60:bc:0a:27:70:bf:0d:c8:08:aa:
ab:cc:4a:d3:9d:a5:43:6e:27:8d:a7:ed:e8:8f:eb:47:07:12:
87:32:14:2c:96:30:58:80:1f:b1:83:dc:79:c0:1d:72:78:cf:
3a:54:eb:48:2b:4a:62:2f:36:5d:f5:f9:41:82:7f:9e:53:7c:
36:bf:21:e2:f4:9c:f7:c3:bb:bf:53:23:48:a3:dc:76:6b:bb:
ad:b4:f0:53
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQi+7IGrL/z6hOSZLFMyT+eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2NDkyOGE5N2JlOTU1Mzc3MDEzZDM4MmM2Mjk0MGU5NTBk
ZDIxMmIwHhcNMjUwMTAxMTc0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDJlZGM5OTdlMjE5MzEwNjhkYmQ5ZmRjNDEzMjQ2YjM5NDY1MTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8Er/4DU///iTdu+iAJ9jTihL92w3
7Iay3eqtjHLrr5mIUrcvrJOfwvVF/lcsAgyHQv3aB8OON04/LEPSQkjV3E289d1Z
jUltntLzcPhsd6BAAwG/RQPRbJjFPR/rPMIiaoG5mDzK1X7gDOiJB/6fPaxPsuJ5
ShEXe9vydwEFiGkOEBEZE62nObeIoLBJsrEQQdgLF125hPJC9aRZSIb7+7+9ju7M
AU+cvT5g5Ml/QZZ/qQFanECagnoL4J4pm3+hRS3H03EvJtHTIQiKFMjtgn5LM6UD
ZP/TxcqT1JQC2n568phZNbq5Hv8q+BRfb0Ao361w8KKHyJYeTKj+8KUYGQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFC0u3Jl+IZMQaNvZ/cQTJGs5RlEAMB8GA1UdIwQY
MBaAFHZJKKl76VU3cBPTgsYpQOlQ3SErMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGtrb3FYdnBWVGR3RTlPQ3hpbEE2VkRkSVNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My85NTM2ZjUtZjU2Ni00YzgwLWE3ZDkt
YmMxNTIyNzg5ZDNiLzEvTFM3Y21YNGhreEJvMjluOXhCTWthemxHVVFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My85NTM2ZjUtZjU2Ni00YzgwLWE3ZDktYmMxNTIyNzg5ZDNi
LzEvZGtrb3FYdnBWVGR3RTlPQ3hpbEE2VkRkSVNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDHxhgAwQE
V/2gAwQAV/2+AwQCuc3YMA0GCSqGSIb3DQEBCwUAA4IBAQAEtrYuVB/4r1OpUL5v
P0JephJLJJ0rUw8qBo2J/tbxdB/OhGJb7erOaxt3Cj/GMy7heYOF0r+IZm2NM1e2
JX4ziQ1ObwAec+o/ibGKERpHPucaAoAQx+E+y6VQ0FkCivHImIJ/FFD8lsLet1eg
o4f+HsxQ/jqWn2SDFFCz081oX3Zt7GzIkQef7oP/N35tlxJDkhVwFBV/Whc2f0rG
iqv5Jr6NIuLnccYK2WC8Cidwvw3ICKqrzErTnaVDbieNp+3oj+tHBxKHMhQsljBY
gB+xg9x5wB1yeM86VOtIK0piLzZd9flBgn+eU3w2vyHi9Jz3w7u/UyNIo9x2a7ut
tPBT
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:33:21 2025 by rpki-client