Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/LbH9hJaSL1GOYzLXqD3Awd_qjoA.roa
File: LbH9hJaSL1GOYzLXqD3Awd_qjoA.roa (raw, json)
Hash identifier: 3C2M+kU6uA2Qd0GYC2WkAPgI2BlaHp4MqS4lT08EAiA=
Subject key identifier: 2D:B1:FD:84:96:92:2F:51:8E:63:32:D7:A8:3D:C0:C1:DF:EA:8E:80
Certificate issuer: /CN=94d98e8fec680775a157266e0c6b78b141a34f5e
Certificate serial: 0195CE3318589E0021D1BA5AACC8372F9097
Authority key identifier: 94:D9:8E:8F:EC:68:07:75:A1:57:26:6E:0C:6B:78:B1:41:A3:4F:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lNmOj-xoB3WhVyZuDGt4sUGjT14.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/LbH9hJaSL1GOYzLXqD3Awd_qjoA.roa
Signing time: Tue 25 Mar 2025 16:46:49 +0000
ROA not before: Tue 25 Mar 2025 16:46:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15626
IP address blocks: 5.34.182.0/23 maxlen: 23
5.34.182.0/24 maxlen: 24
5.34.183.0/24 maxlen: 24
82.118.17.0/24 maxlen: 24
82.118.18.0/24 maxlen: 24
193.238.152.0/23 maxlen: 23
193.238.153.0/24 maxlen: 24
217.12.192.0/21 maxlen: 21
217.12.199.0/24 maxlen: 24
217.12.204.0/23 maxlen: 23
217.12.210.0/23 maxlen: 23
217.12.210.0/24 maxlen: 24
217.12.212.0/22 maxlen: 22
217.12.215.0/24 maxlen: 24
217.12.216.0/23 maxlen: 23
217.12.220.0/22 maxlen: 22
217.12.221.0/24 maxlen: 24
217.12.222.0/24 maxlen: 24
217.12.223.0/24 maxlen: 24
2a02:27a8::/32 maxlen: 32
2a02:27a8:feed::/48 maxlen: 48
2a02:27ad::/32 maxlen: 32
2a05:9407::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/lNmOj-xoB3WhVyZuDGt4sUGjT14.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/lNmOj-xoB3WhVyZuDGt4sUGjT14.mft
rsync://rpki.ripe.net/repository/DEFAULT/lNmOj-xoB3WhVyZuDGt4sUGjT14.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 16:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ce:33:18:58:9e:00:21:d1:ba:5a:ac:c8:37:2f:90:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94d98e8fec680775a157266e0c6b78b141a34f5e
Validity
Not Before: Mar 25 16:46:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2db1fd8496922f518e6332d7a83dc0c1dfea8e80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:c1:45:5c:a4:c0:cf:2b:8e:5f:2d:b3:b5:a1:
73:4c:95:26:e6:fa:4f:e3:8e:82:43:6b:40:7b:dd:
e7:e4:f4:e5:e9:dd:ed:5c:a9:6b:d6:d9:eb:88:1b:
40:6f:44:ec:06:e5:cb:5e:d3:8d:c0:14:8f:b6:38:
f1:00:1a:96:b0:7a:8a:5c:19:97:9f:6b:0c:6c:61:
4a:08:55:bb:b9:7e:0e:37:06:23:49:a5:ae:b0:b0:
4b:c5:f2:41:0a:fb:d7:34:cd:11:fb:96:b8:99:bf:
03:84:fa:7f:e5:c8:46:3b:c9:d1:40:f5:8f:80:48:
90:b7:8b:e4:22:1b:f2:9c:8b:ec:cc:aa:19:7e:6a:
b6:c8:9e:ac:40:01:e2:d6:af:3e:8e:c1:f9:17:3f:
ee:05:2d:6c:e8:7d:9f:6c:be:f1:62:95:f4:92:26:
ad:bb:4b:2a:b3:7a:9b:a7:cd:32:6b:42:6c:cf:b6:
4b:fd:db:74:46:2a:e3:6e:0e:d7:21:32:ef:a2:c5:
d4:14:bd:4f:ad:2f:7e:51:4f:c2:b9:91:06:3e:06:
c9:46:ba:9b:75:27:f8:0d:5d:04:4c:ee:17:2d:45:
e1:f1:5a:aa:5e:04:b8:d7:7c:1c:4a:22:a1:f6:be:
c8:73:cb:9b:a4:f8:8f:f3:f1:95:11:f8:9f:03:2f:
5f:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:B1:FD:84:96:92:2F:51:8E:63:32:D7:A8:3D:C0:C1:DF:EA:8E:80
X509v3 Authority Key Identifier:
keyid:94:D9:8E:8F:EC:68:07:75:A1:57:26:6E:0C:6B:78:B1:41:A3:4F:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lNmOj-xoB3WhVyZuDGt4sUGjT14.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/LbH9hJaSL1GOYzLXqD3Awd_qjoA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/lNmOj-xoB3WhVyZuDGt4sUGjT14.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.34.182.0/23
82.118.17.0-82.118.18.255
193.238.152.0/23
217.12.192.0/21
217.12.204.0/23
217.12.210.0-217.12.217.255
217.12.220.0/22
IPv6:
2a02:27a8::/32
2a02:27ad::/32
2a05:9407::/32
Signature Algorithm: sha256WithRSAEncryption
72:ef:99:5c:a2:08:ad:da:4f:3d:13:b6:4e:61:f3:d0:30:a9:
62:27:ea:fa:6f:43:18:51:d2:50:d8:5b:cf:99:1b:c2:ef:3d:
77:56:29:54:9c:e2:40:c1:f2:a9:f9:18:ab:2f:63:78:c2:fd:
7e:01:e3:b2:40:66:70:8e:13:ca:b0:55:ac:24:32:be:f0:10:
3e:df:16:94:d8:a4:01:8d:15:c9:96:6f:ee:8a:74:1d:d1:e8:
41:aa:22:35:98:06:0c:d1:7f:75:e8:1b:c3:16:d0:22:92:b5:
2b:95:84:4e:6a:21:3f:d0:71:2b:5d:13:83:59:1c:13:ee:50:
c9:01:ae:2c:86:16:3a:4e:c3:bf:11:e0:db:5e:f8:fa:cb:73:
d0:4d:6f:56:48:4d:08:1f:58:a7:52:f4:53:11:ea:b4:6c:fc:
3d:c0:69:56:8f:85:93:df:53:b7:69:06:75:81:c9:e7:33:11:
ef:9c:16:3e:d6:86:3a:64:5b:0f:3c:bc:7b:3b:5c:3e:5e:7b:
c0:29:56:9a:d6:86:46:86:5b:a4:09:c8:30:42:1e:34:c9:71:
6d:da:c0:d6:e2:e2:56:e4:30:8a:d4:9e:7e:dd:25:02:6c:f2:
15:5d:9d:73:9b:01:70:aa:d1:6d:42:55:f3:49:5f:e8:1b:59:
b7:1f:22:d6
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAZXOMxhYngAh0bparMg3L5CXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ZDk4ZThmZWM2ODA3NzVhMTU3MjY2ZTBjNmI3OGIxNDFh
MzRmNWUwHhcNMjUwMzI1MTY0NjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGIxZmQ4NDk2OTIyZjUxOGU2MzMyZDdhODNkYzBjMWRmZWE4ZTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyMFFXKTAzyuOXy2ztaFzTJUm5vpP
446CQ2tAe93n5PTl6d3tXKlr1tnriBtAb0TsBuXLXtONwBSPtjjxABqWsHqKXBmX
n2sMbGFKCFW7uX4ONwYjSaWusLBLxfJBCvvXNM0R+5a4mb8DhPp/5chGO8nRQPWP
gEiQt4vkIhvynIvszKoZfmq2yJ6sQAHi1q8+jsH5Fz/uBS1s6H2fbL7xYpX0kiat
u0sqs3qbp80ya0Jsz7ZL/dt0Rirjbg7XITLvosXUFL1PrS9+UU/CuZEGPgbJRrqb
dSf4DV0ETO4XLUXh8VqqXgS413wcSiKh9r7Ic8ubpPiP8/GVEfifAy9f9wIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFC2x/YSWki9RjmMy16g9wMHf6o6AMB8GA1UdIwQY
MBaAFJTZjo/saAd1oVcmbgxreLFBo09eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbE5tT2oteG9CM1doVnladURHdDRzVUdqVDE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83YWUzYzctNjdlNC00NGRlLWIxMzkt
ODdkMTdkZjc0YzdlLzEvTGJIOWhKYVNMMUdPWXpMWHFEM0F3ZF9xam9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83YWUzYzctNjdlNC00NGRlLWIxMzktODdkMTdkZjc0Yzdl
LzEvbE5tT2oteG9CM1doVnladURHdDRzVUdqVDE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBABAIAATA6AwQBBSK2MAwD
BABSdhEDBABSdhIDBAHB7pgDBAPZDMADBAHZDMwwDAMEAdkM0gMEAdkM2AMEAtkM
3DAbBAIAAjAVAwUAKgInqAMFACoCJ60DBQAqBZQHMA0GCSqGSIb3DQEBCwUAA4IB
AQBy75lcogit2k89E7ZOYfPQMKliJ+r6b0MYUdJQ2FvPmRvC7z13VilUnOJAwfKp
+RirL2N4wv1+AeOyQGZwjhPKsFWsJDK+8BA+3xaU2KQBjRXJlm/uinQd0ehBqiI1
mAYM0X916BvDFtAikrUrlYROaiE/0HErXRODWRwT7lDJAa4shhY6TsO/EeDbXvj6
y3PQTW9WSE0IH1inUvRTEeq0bPw9wGlWj4WT31O3aQZ1gcnnMxHvnBY+1oY6ZFsP
PLx7O1w+XnvAKVaa1oZGhlukCcgwQh40yXFt2sDW4uJW5DCK1J5+3SUCbPIVXZ1z
mwFwqtFtQlXzSV/oG1m3HyLW
-----END CERTIFICATE-----
Generated at Mon Apr 7 00:27:48 2025 by rpki-client