Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/LaP9yZWFLbz-vA6yy7WQjmvmnXk.roa
File: LaP9yZWFLbz-vA6yy7WQjmvmnXk.roa (raw, json)
Hash identifier: dSsBDcLcDlWyNXwHKuTffodeoLPC9SNQ0Byy4wB2Z1w=
Subject key identifier: 2D:A3:FD:C9:95:85:2D:BC:FE:BC:0E:B2:CB:B5:90:8E:6B:E6:9D:79
Certificate issuer: /CN=94d98e8fec680775a157266e0c6b78b141a34f5e
Certificate serial: 019425FC990B4BD3FC9DE8817079147AF380
Authority key identifier: 94:D9:8E:8F:EC:68:07:75:A1:57:26:6E:0C:6B:78:B1:41:A3:4F:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lNmOj-xoB3WhVyZuDGt4sUGjT14.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/LaP9yZWFLbz-vA6yy7WQjmvmnXk.roa
Signing time: Thu 02 Jan 2025 07:48:18 +0000
ROA not before: Thu 02 Jan 2025 07:48:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21100
IP address blocks: 5.34.180.0/23 maxlen: 23
82.118.16.0/24 maxlen: 24
82.118.19.0/24 maxlen: 24
185.14.28.0/22 maxlen: 22
195.123.216.0/21 maxlen: 21
217.12.200.0/23 maxlen: 23
217.12.208.0/23 maxlen: 23
217.12.218.0/24 maxlen: 24
217.12.219.0/24 maxlen: 24
217.12.220.0/24 maxlen: 24
2a02:27a9::/32 maxlen: 32
2a02:27ab::/32 maxlen: 32
2a02:27ae::/32 maxlen: 32
2a02:27af::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/lNmOj-xoB3WhVyZuDGt4sUGjT14.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/lNmOj-xoB3WhVyZuDGt4sUGjT14.mft
rsync://rpki.ripe.net/repository/DEFAULT/lNmOj-xoB3WhVyZuDGt4sUGjT14.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 16:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:99:0b:4b:d3:fc:9d:e8:81:70:79:14:7a:f3:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94d98e8fec680775a157266e0c6b78b141a34f5e
Validity
Not Before: Jan 2 07:48:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2da3fdc995852dbcfebc0eb2cbb5908e6be69d79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:5a:3a:3f:db:cb:3e:ee:12:15:68:28:9a:d4:
e4:1b:15:8d:d3:c0:86:ba:f5:fb:09:66:f3:22:3b:
72:ee:92:4f:65:66:2b:19:07:66:5c:a5:76:50:51:
93:3a:72:25:52:56:3a:2e:ef:bb:ea:a0:de:16:2f:
98:51:39:cf:39:1c:d8:9a:b0:ca:43:f5:fd:30:77:
5e:02:b6:85:07:ac:a0:07:fc:21:2d:e4:60:49:1a:
b4:3e:c0:4a:02:21:5e:8a:78:c2:53:73:ba:2d:d2:
a5:e1:e3:d5:ec:38:ae:9b:40:ac:82:f6:40:d3:e2:
76:ea:ad:9c:79:d5:08:6a:66:20:84:60:74:22:9c:
11:8d:9b:f1:ab:f4:b3:68:b2:89:70:c9:9b:dd:26:
fc:e4:49:f1:a6:2b:10:db:c8:c6:70:2a:df:ff:b4:
04:27:a4:da:d7:39:b0:9a:c0:45:27:75:4e:9e:92:
48:4f:21:19:8f:5c:91:00:c2:22:f6:cb:be:2c:ae:
3c:c1:29:fe:e3:3c:82:aa:40:1a:fd:a4:64:26:82:
17:9e:65:8d:55:cc:c8:2e:db:94:7d:a7:50:2d:96:
29:29:34:16:14:30:47:6b:3d:33:b3:b8:cf:85:09:
89:2d:81:62:d5:8c:74:98:76:0c:95:f9:38:b6:a9:
ae:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:A3:FD:C9:95:85:2D:BC:FE:BC:0E:B2:CB:B5:90:8E:6B:E6:9D:79
X509v3 Authority Key Identifier:
keyid:94:D9:8E:8F:EC:68:07:75:A1:57:26:6E:0C:6B:78:B1:41:A3:4F:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lNmOj-xoB3WhVyZuDGt4sUGjT14.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/LaP9yZWFLbz-vA6yy7WQjmvmnXk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/lNmOj-xoB3WhVyZuDGt4sUGjT14.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.34.180.0/23
82.118.16.0/24
82.118.19.0/24
185.14.28.0/22
195.123.216.0/21
217.12.200.0/23
217.12.208.0/23
217.12.218.0-217.12.220.255
IPv6:
2a02:27a9::/32
2a02:27ab::/32
2a02:27ae::/31
Signature Algorithm: sha256WithRSAEncryption
89:be:fa:f2:c6:30:21:23:4b:e3:d2:5c:de:98:d6:3a:68:84:
c4:2c:dc:bb:98:58:b9:46:7e:ca:7b:74:93:71:bc:1e:6f:bb:
a0:d7:1d:7f:22:47:c7:35:d4:3b:94:36:e3:56:9c:24:db:c8:
30:26:8d:5f:49:44:fb:3b:11:5a:77:b0:6b:d8:d8:c6:74:2e:
39:ab:61:99:36:b6:60:31:b5:32:cc:06:32:1c:a0:ad:1e:52:
20:41:52:f1:0e:ce:83:3a:99:a0:9e:7c:af:4f:67:74:eb:55:
19:e3:7b:40:cd:23:19:6b:f1:72:ff:f0:cf:68:9b:5e:2d:6d:
6a:0a:34:11:c8:ac:f8:a8:a3:2e:34:73:49:d2:40:66:10:13:
5f:0d:0a:34:bd:9e:51:27:3a:8f:47:6a:05:2a:96:e2:1e:54:
18:72:a9:4d:40:01:d0:e9:56:57:55:c6:61:88:02:92:1b:df:
3d:05:a7:5c:42:bf:e6:75:bb:6c:06:ab:12:78:44:96:e1:86:
93:4f:90:90:e2:96:08:2e:db:9c:d0:bd:ba:a3:28:63:76:30:
1a:05:84:18:7c:bb:e5:1b:4c:da:52:dc:fe:47:c3:2a:46:07:
4d:54:f0:5f:c4:7e:ad:78:7d:ab:1e:77:41:5a:64:04:ce:c2:
60:4e:dd:96
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgISAZQl/JkLS9P8neiBcHkUevOAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ZDk4ZThmZWM2ODA3NzVhMTU3MjY2ZTBjNmI3OGIxNDFh
MzRmNWUwHhcNMjUwMTAyMDc0ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGEzZmRjOTk1ODUyZGJjZmViYzBlYjJjYmI1OTA4ZTZiZTY5ZDc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxVo6P9vLPu4SFWgomtTkGxWN08CG
uvX7CWbzIjty7pJPZWYrGQdmXKV2UFGTOnIlUlY6Lu+76qDeFi+YUTnPORzYmrDK
Q/X9MHdeAraFB6ygB/whLeRgSRq0PsBKAiFeinjCU3O6LdKl4ePV7Dium0CsgvZA
0+J26q2cedUIamYghGB0IpwRjZvxq/SzaLKJcMmb3Sb85EnxpisQ28jGcCrf/7QE
J6Ta1zmwmsBFJ3VOnpJITyEZj1yRAMIi9su+LK48wSn+4zyCqkAa/aRkJoIXnmWN
VczILtuUfadQLZYpKTQWFDBHaz0zs7jPhQmJLYFi1Yx0mHYMlfk4tqmu5QIDAQAB
o4ICWDCCAlQwHQYDVR0OBBYEFC2j/cmVhS28/rwOssu1kI5r5p15MB8GA1UdIwQY
MBaAFJTZjo/saAd1oVcmbgxreLFBo09eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbE5tT2oteG9CM1doVnladURHdDRzVUdqVDE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83YWUzYzctNjdlNC00NGRlLWIxMzkt
ODdkMTdkZjc0YzdlLzEvTGFQOXlaV0ZMYnotdkE2eXk3V1FqbXZtblhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83YWUzYzctNjdlNC00NGRlLWIxMzktODdkMTdkZjc0Yzdl
LzEvbE5tT2oteG9CM1doVnladURHdDRzVUdqVDE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG4GCCsGAQUFBwEHAQH/BF8wXTA+BAIAATA4AwQBBSK0AwQA
UnYQAwQAUnYTAwQCuQ4cAwQDw3vYAwQB2QzIAwQB2QzQMAwDBAHZDNoDBADZDNww
GwQCAAIwFQMFACoCJ6kDBQAqAierAwUBKgInrjANBgkqhkiG9w0BAQsFAAOCAQEA
ib768sYwISNL49Jc3pjWOmiExCzcu5hYuUZ+ynt0k3G8Hm+7oNcdfyJHxzXUO5Q2
41acJNvIMCaNX0lE+zsRWnewa9jYxnQuOathmTa2YDG1MswGMhygrR5SIEFS8Q7O
gzqZoJ58r09ndOtVGeN7QM0jGWvxcv/wz2ibXi1tago0Ecis+KijLjRzSdJAZhAT
Xw0KNL2eUSc6j0dqBSqW4h5UGHKpTUAB0OlWV1XGYYgCkhvfPQWnXEK/5nW7bAar
EnhEluGGk0+QkOKWCC7bnNC9uqMoY3YwGgWEGHy75RtM2lLc/kfDKkYHTVTwX8R+
rXh9qx53QVpkBM7CYE7dlg==
-----END CERTIFICATE-----
Generated at Mon Apr 7 00:17:59 2025 by rpki-client