Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/LYMZh-8zmmJQALRoTJSiAy1xVXQ.roa
File: LYMZh-8zmmJQALRoTJSiAy1xVXQ.roa (raw, json)
Hash identifier: G06Sl16Ng8eeY3gv7tMq+fX/m50tj1xA9Uh5PHKbHb8=
Subject key identifier: 2D:83:19:87:EF:33:9A:62:50:00:B4:68:4C:94:A2:03:2D:71:55:74
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 01942369C14D13DAFF3EAE76EBEC15E862AE
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/LYMZh-8zmmJQALRoTJSiAy1xVXQ.roa
Signing time: Wed 01 Jan 2025 19:48:40 +0000
ROA not before: Wed 01 Jan 2025 19:48:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2914
IP address blocks: 170.62.112.0/22 maxlen: 24
170.62.116.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.mft
rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 17:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:c1:4d:13:da:ff:3e:ae:76:eb:ec:15:e8:62:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Jan 1 19:48:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2d831987ef339a625000b4684c94a2032d715574
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:a0:ce:41:61:01:75:9b:f3:b3:16:9b:ce:a6:
aa:04:95:1c:63:7c:89:7e:24:d6:38:36:84:00:39:
c2:78:92:f3:6d:f0:8b:58:ef:06:30:d3:89:13:7a:
7f:87:a1:15:c5:0d:ff:7f:13:c9:a6:e2:52:4e:02:
fd:7b:ea:75:10:94:e2:d8:8b:e8:ab:b7:67:a9:c2:
d5:e7:aa:38:f0:02:bc:66:b0:2a:58:af:12:3e:8d:
27:6b:97:36:b4:69:dc:62:b8:08:22:20:e7:07:9c:
ff:6d:ef:9a:a6:5e:36:12:dc:2f:58:da:fb:38:8f:
71:8e:4d:7f:04:e7:12:70:fd:a3:3b:b0:5f:c1:05:
22:b5:16:e7:2e:c1:24:b2:35:27:30:87:a9:f9:cd:
c4:4d:78:60:35:47:01:23:ac:2b:7a:fb:92:04:cd:
f6:50:dc:34:8c:b3:79:50:84:83:7d:46:93:97:ff:
21:81:bc:32:08:6b:28:1d:c3:fc:de:41:44:e3:e6:
b0:4d:d2:ad:8e:35:c7:5b:2b:40:1b:f4:90:0d:c9:
e3:1e:a9:15:82:25:91:48:88:f1:2e:e0:5b:b6:a8:
fe:23:d7:57:5c:7e:6d:55:7f:2f:7c:fc:7b:de:15:
f0:d1:5f:dc:36:84:d3:cb:e9:04:00:00:d1:76:b1:
a3:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:83:19:87:EF:33:9A:62:50:00:B4:68:4C:94:A2:03:2D:71:55:74
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/LYMZh-8zmmJQALRoTJSiAy1xVXQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
170.62.112.0/21
Signature Algorithm: sha256WithRSAEncryption
02:3e:15:05:db:4f:56:fc:0c:46:5a:3d:a1:e2:07:7e:40:ce:
de:08:70:5b:02:bc:09:ef:dc:21:89:70:fd:b5:91:c5:c4:b5:
7f:a3:20:8b:1d:0e:8f:09:e2:d3:e6:3e:a3:53:32:9a:29:1d:
e1:84:74:d7:8b:ed:9e:1b:19:fb:64:ba:29:7c:ef:69:af:c4:
af:b4:03:10:13:da:cb:d6:37:0f:5d:f9:ec:0f:a7:35:cc:d7:
09:f3:20:0c:81:42:39:0c:39:ee:90:6b:8e:37:13:5d:c6:29:
d9:42:a6:15:67:1c:2a:83:f0:7a:51:b4:4e:7b:16:83:2d:17:
f3:de:fd:34:83:cd:cc:db:ac:77:d8:da:7e:2e:3c:03:f7:8d:
11:4f:fa:12:87:51:37:a6:4e:66:22:aa:e4:48:b7:b0:6b:ee:
7b:f9:f5:8e:e8:1e:41:10:8e:36:ce:ed:9f:51:55:71:f1:aa:
ec:3e:11:ee:3f:d3:29:12:33:13:87:f9:78:56:2e:a2:38:54:
ce:32:28:5e:07:d4:06:5e:dd:18:42:14:11:fd:98:70:cb:53:
bc:6e:56:b9:4e:e0:dd:15:3c:b8:96:a3:0d:ce:f9:96:2b:1a:
3b:5b:42:e2:19:23:9e:29:72:33:ad:a4:a8:f0:d9:eb:40:8f:
fa:11:93:fa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjacFNE9r/Pq526+wV6GKuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjUwMTAxMTk0ODQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDgzMTk4N2VmMzM5YTYyNTAwMGI0Njg0Yzk0YTIwMzJkNzE1NTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtKDOQWEBdZvzsxabzqaqBJUcY3yJ
fiTWODaEADnCeJLzbfCLWO8GMNOJE3p/h6EVxQ3/fxPJpuJSTgL9e+p1EJTi2Ivo
q7dnqcLV56o48AK8ZrAqWK8SPo0na5c2tGncYrgIIiDnB5z/be+apl42EtwvWNr7
OI9xjk1/BOcScP2jO7BfwQUitRbnLsEksjUnMIep+c3ETXhgNUcBI6wrevuSBM32
UNw0jLN5UISDfUaTl/8hgbwyCGsoHcP83kFE4+awTdKtjjXHWytAG/SQDcnjHqkV
giWRSIjxLuBbtqj+I9dXXH5tVX8vfPx73hXw0V/cNoTTy+kEAADRdrGjEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC2DGYfvM5piUAC0aEyUogMtcVV0MB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvTFlNWmgtOHptbUpRQUxSb1RKU2lBeTF4VlhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDqj5wMA0G
CSqGSIb3DQEBCwUAA4IBAQACPhUF209W/AxGWj2h4gd+QM7eCHBbArwJ79whiXD9
tZHFxLV/oyCLHQ6PCeLT5j6jUzKaKR3hhHTXi+2eGxn7ZLopfO9pr8SvtAMQE9rL
1jcPXfnsD6c1zNcJ8yAMgUI5DDnukGuONxNdxinZQqYVZxwqg/B6UbROexaDLRfz
3v00g83M26x32Np+LjwD940RT/oSh1E3pk5mIqrkSLewa+57+fWO6B5BEI42zu2f
UVVx8arsPhHuP9MpEjMTh/l4Vi6iOFTOMiheB9QGXt0YQhQR/Zhwy1O8bla5TuDd
FTy4lqMNzvmWKxo7W0LiGSOeKXIzraSo8NnrQI/6EZP6
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:09:55 2025 by rpki-client