Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/L2LZHhkDEnyP0Ci3wPd3ep-m3-c.roa
File: L2LZHhkDEnyP0Ci3wPd3ep-m3-c.roa (raw, json)
Hash identifier: ST/eP+PQmM29+aEnXfcI5/S1IgAjQkXdrCqR3PhW+eo=
Subject key identifier: 2F:62:D9:1E:19:03:12:7C:8F:D0:28:B7:C0:F7:77:7A:9F:A6:DF:E7
Certificate issuer: /CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Certificate serial: 0194228DB14DDCCB1556E956FF38C8924FDE
Authority key identifier: 8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/L2LZHhkDEnyP0Ci3wPd3ep-m3-c.roa
Signing time: Wed 01 Jan 2025 15:48:18 +0000
ROA not before: Wed 01 Jan 2025 15:48:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211709
IP address blocks: 91.93.184.0/24 maxlen: 24
213.14.231.0/24 maxlen: 24
213.14.233.0/24 maxlen: 24
213.14.234.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.mft
rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 02:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:b1:4d:dc:cb:15:56:e9:56:ff:38:c8:92:4f:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Validity
Not Before: Jan 1 15:48:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2f62d91e1903127c8fd028b7c0f7777a9fa6dfe7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:6e:12:6b:42:78:14:bc:de:3b:f7:f7:f3:d0:
ff:11:b4:1f:36:cf:55:16:cd:3c:61:8c:ca:f9:56:
9e:04:a8:14:57:64:e3:2b:8c:19:13:45:cd:8d:2f:
9a:7c:20:70:f2:6c:07:04:57:06:cf:b9:57:75:3f:
d4:d5:3e:df:38:1c:30:40:8d:30:d0:72:d7:0a:1c:
c5:3e:75:e6:3f:32:47:6f:62:f2:a7:b8:d8:11:94:
a5:3a:a8:5b:46:76:1b:04:c9:93:eb:04:a6:4c:cb:
81:3a:bd:95:76:9f:3a:3c:3a:0b:fb:bd:7a:e4:94:
c0:d8:89:42:67:66:e0:c8:b2:88:91:22:5d:ca:c6:
29:9d:47:de:c4:32:f8:f9:3f:c5:80:1a:b6:e1:11:
07:0e:c1:5f:7a:8b:27:ad:0a:ef:8a:be:a9:c8:5d:
97:05:6a:ba:8a:c7:84:32:b1:34:53:e4:c1:4d:a7:
b6:82:41:f5:1a:e2:0c:41:e8:69:d4:47:01:7a:65:
1e:01:0d:08:a5:2f:a7:50:5f:de:0e:df:f0:a5:2b:
3d:d5:20:44:fd:7e:e1:3e:55:57:8e:0c:88:ab:d5:
47:e2:34:b0:06:ca:4d:5a:c4:5c:a3:aa:86:6b:93:
b6:4a:eb:d6:b7:58:30:c6:bd:4c:f8:0c:4a:be:c5:
46:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:62:D9:1E:19:03:12:7C:8F:D0:28:B7:C0:F7:77:7A:9F:A6:DF:E7
X509v3 Authority Key Identifier:
keyid:8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/L2LZHhkDEnyP0Ci3wPd3ep-m3-c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.93.184.0/24
213.14.231.0/24
213.14.233.0-213.14.234.255
Signature Algorithm: sha256WithRSAEncryption
87:ab:cc:f1:ef:9c:e5:41:8c:f7:1f:5b:69:c3:5d:e4:04:37:
34:76:89:2d:36:58:f4:d6:04:05:84:55:8b:21:34:c7:d8:5e:
bf:79:3c:87:e6:68:49:a6:e6:de:da:07:a9:db:ae:c6:c3:64:
69:32:f8:28:c6:7a:c0:d3:4c:2a:bc:1c:2e:bc:55:f3:ce:48:
a0:b8:fc:03:ed:a1:1b:09:fc:cd:68:05:a9:e1:9b:b6:e8:d6:
b5:f5:f3:9e:67:02:1a:2e:9e:00:ee:4e:0a:68:95:12:a1:97:
d2:a0:69:46:24:3c:60:68:6c:9a:77:ba:59:e6:7a:ab:a8:82:
ab:8d:6e:a0:4c:eb:0c:59:b9:23:ed:18:88:3a:30:6e:8b:4c:
f7:f1:17:dc:d9:71:6a:5f:b9:dd:b3:dd:81:ec:fa:0b:d2:d9:
8d:74:1e:29:c3:01:2d:cb:48:5b:71:28:c9:56:82:02:5c:8d:
ea:60:fa:af:8b:2a:a6:ed:80:ba:f4:cc:c7:77:93:fa:df:4a:
6a:a9:49:d5:c5:a3:20:ee:b2:d9:53:21:85:f6:b5:25:fb:d6:
b8:03:29:79:3f:4c:a5:57:e4:fb:8a:87:87:22:f6:91:7d:b3:
6d:3a:5a:5a:ab:7c:d8:a3:8b:20:68:97:4d:e8:09:64:5f:6e:
af:9c:8b:18
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQijbFN3MsVVulW/zjIkk/eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkNTljNDMyM2Y3NjdjZTRmZmM4NWRhYWQyMDhiOTBjMDRm
YmQzZTkwHhcNMjUwMTAxMTU0ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjYyZDkxZTE5MDMxMjdjOGZkMDI4YjdjMGY3Nzc3YTlmYTZkZmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn24Sa0J4FLzeO/f389D/EbQfNs9V
Fs08YYzK+VaeBKgUV2TjK4wZE0XNjS+afCBw8mwHBFcGz7lXdT/U1T7fOBwwQI0w
0HLXChzFPnXmPzJHb2Lyp7jYEZSlOqhbRnYbBMmT6wSmTMuBOr2Vdp86PDoL+716
5JTA2IlCZ2bgyLKIkSJdysYpnUfexDL4+T/FgBq24REHDsFfeosnrQrvir6pyF2X
BWq6iseEMrE0U+TBTae2gkH1GuIMQehp1EcBemUeAQ0IpS+nUF/eDt/wpSs91SBE
/X7hPlVXjgyIq9VH4jSwBspNWsRco6qGa5O2SuvWt1gwxr1M+AxKvsVGCQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFC9i2R4ZAxJ8j9Aot8D3d3qfpt/nMB8GA1UdIwQY
MBaAFI1ZxDI/dnzk/8hdqtIIuQwE+9PpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUt
ZjJiZTlmNmM2NjRjLzEvTDJMWkhoa0RFbnlQMENpM3dQZDNlcC1tMy1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUtZjJiZTlmNmM2NjRj
LzEvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAW124AwQA
1Q7nMAwDBADVDukDBADVDuowDQYJKoZIhvcNAQELBQADggEBAIerzPHvnOVBjPcf
W2nDXeQENzR2iS02WPTWBAWEVYshNMfYXr95PIfmaEmm5t7aB6nbrsbDZGky+CjG
esDTTCq8HC68VfPOSKC4/APtoRsJ/M1oBanhm7bo1rX1855nAhoungDuTgpolRKh
l9KgaUYkPGBobJp3ulnmequogquNbqBM6wxZuSPtGIg6MG6LTPfxF9zZcWpfud2z
3YHs+gvS2Y10HinDAS3LSFtxKMlWggJcjepg+q+LKqbtgLr0zMd3k/rfSmqpSdXF
oyDustlTIYX2tSX71rgDKXk/TKVX5PuKh4ci9pF9s206WlqrfNijiyBol03oCWRf
bq+cixg=
-----END CERTIFICATE-----
Generated at Wed Apr 9 09:32:09 2025 by rpki-client