Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/1df8e1-6e80-443c-b6e8-d9f905fdc89a/1/54SDy2hBAf60rRk7Cn2SENdLnF0.roa
File: 54SDy2hBAf60rRk7Cn2SENdLnF0.roa (raw, json)
Hash identifier: W4T7JvYJiD5Kubx3/xyHkSB0zOGjx+2ez3Dgx71rGrg=
Subject key identifier: E7:84:83:CB:68:41:01:FE:B4:AD:19:3B:0A:7D:92:10:D7:4B:9C:5D
Certificate issuer: /CN=2c11a53f6df6300b4912ce13f6fa9b100fce2488
Certificate serial: 019427B37C76562216598D6E72FB3F34263A
Authority key identifier: 2C:11:A5:3F:6D:F6:30:0B:49:12:CE:13:F6:FA:9B:10:0F:CE:24:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LBGlP232MAtJEs4T9vqbEA_OJIg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/1df8e1-6e80-443c-b6e8-d9f905fdc89a/1/54SDy2hBAf60rRk7Cn2SENdLnF0.roa
Signing time: Thu 02 Jan 2025 15:47:41 +0000
ROA not before: Thu 02 Jan 2025 15:47:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212562
IP address blocks: 185.108.125.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/76/1df8e1-6e80-443c-b6e8-d9f905fdc89a/1/LBGlP232MAtJEs4T9vqbEA_OJIg.crl
rsync://rpki.ripe.net/repository/DEFAULT/76/1df8e1-6e80-443c-b6e8-d9f905fdc89a/1/LBGlP232MAtJEs4T9vqbEA_OJIg.mft
rsync://rpki.ripe.net/repository/DEFAULT/LBGlP232MAtJEs4T9vqbEA_OJIg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b3:7c:76:56:22:16:59:8d:6e:72:fb:3f:34:26:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c11a53f6df6300b4912ce13f6fa9b100fce2488
Validity
Not Before: Jan 2 15:47:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e78483cb684101feb4ad193b0a7d9210d74b9c5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:eb:0d:98:b7:ad:9b:44:0e:36:17:0d:34:8f:
00:aa:cd:79:d2:e4:7c:40:75:6c:9a:13:fa:b5:3e:
64:96:51:b9:ec:56:0f:90:d1:ec:3a:d0:ae:24:f2:
98:45:d8:b1:54:95:6c:ce:fc:33:e9:09:d9:a0:52:
37:08:fb:f9:b9:05:6d:a7:16:9e:45:aa:23:10:4b:
61:c4:0f:eb:d1:ea:16:9d:c5:69:48:11:ff:26:80:
8f:9a:db:4b:95:66:91:40:42:f3:b7:68:15:ef:9f:
00:4f:ce:93:02:b4:08:6d:b6:ec:8a:e8:8a:40:29:
8a:17:de:70:cc:85:c9:55:34:45:1f:00:3f:ae:b8:
81:05:7f:dc:2a:4f:67:5d:fb:ba:3a:e0:4f:22:77:
fc:11:02:3e:7c:a6:9f:f3:e3:0a:65:0b:71:06:ec:
39:17:98:6e:93:86:6c:94:6e:e3:bb:e8:71:2b:7a:
8d:d3:54:3f:c7:90:da:6b:95:ea:d9:ca:03:de:66:
63:62:ae:94:7d:ae:c1:e3:5f:b2:a1:26:1c:11:fd:
0d:94:09:f0:2a:9f:f0:7d:d2:4f:da:a4:0e:28:22:
da:35:6b:41:23:24:29:e3:14:02:e6:b7:1e:e9:ea:
aa:ea:b9:9d:3a:1c:ad:c4:37:15:0b:37:05:ad:32:
98:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:84:83:CB:68:41:01:FE:B4:AD:19:3B:0A:7D:92:10:D7:4B:9C:5D
X509v3 Authority Key Identifier:
keyid:2C:11:A5:3F:6D:F6:30:0B:49:12:CE:13:F6:FA:9B:10:0F:CE:24:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LBGlP232MAtJEs4T9vqbEA_OJIg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1df8e1-6e80-443c-b6e8-d9f905fdc89a/1/54SDy2hBAf60rRk7Cn2SENdLnF0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1df8e1-6e80-443c-b6e8-d9f905fdc89a/1/LBGlP232MAtJEs4T9vqbEA_OJIg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.108.125.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:cf:a2:61:dc:66:e7:6d:94:6b:8a:17:71:57:96:80:1d:6d:
77:4b:1c:ff:fb:d6:66:e9:79:45:98:02:f1:f0:cf:0e:33:45:
06:71:a1:6e:9c:f6:b0:ac:f6:6a:b4:a0:39:dd:84:c8:a9:a0:
cc:d9:5f:6a:b7:4f:61:4d:f8:e4:92:91:d4:40:c1:8f:ac:65:
bf:62:54:da:ec:f4:a5:da:24:e0:24:85:21:2f:ee:08:97:40:
77:eb:a1:25:25:e4:75:79:a8:79:55:b6:a0:a7:ed:ae:e5:8b:
8b:bb:79:7d:09:76:85:59:4e:5e:58:16:cf:0a:0f:11:59:e4:
55:3e:71:14:df:8f:22:47:1c:ad:1e:5e:04:5d:39:18:cc:82:
db:09:f7:56:b1:d5:40:f0:e3:a4:67:45:16:a3:17:22:dd:41:
72:ac:e9:5d:69:16:e5:56:29:ad:90:f9:ab:23:ec:20:ba:0f:
b9:e5:c7:16:0d:65:ec:db:f4:84:98:32:8d:ad:66:01:38:11:
70:68:92:29:85:a2:13:df:54:6b:7d:10:00:68:6d:83:70:9a:
f3:bd:a1:e1:5f:a8:c5:91:ae:85:13:7b:73:49:63:88:76:09:
47:86:41:5f:1b:94:1d:86:6d:10:f5:27:53:ab:22:a2:1a:14:
b1:01:cf:dd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQns3x2ViIWWY1ucvs/NCY6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjMTFhNTNmNmRmNjMwMGI0OTEyY2UxM2Y2ZmE5YjEwMGZj
ZTI0ODgwHhcNMjUwMTAyMTU0NzQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzg0ODNjYjY4NDEwMWZlYjRhZDE5M2IwYTdkOTIxMGQ3NGI5YzVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5usNmLetm0QONhcNNI8Aqs150uR8
QHVsmhP6tT5kllG57FYPkNHsOtCuJPKYRdixVJVszvwz6QnZoFI3CPv5uQVtpxae
RaojEEthxA/r0eoWncVpSBH/JoCPmttLlWaRQELzt2gV758AT86TArQIbbbsiuiK
QCmKF95wzIXJVTRFHwA/rriBBX/cKk9nXfu6OuBPInf8EQI+fKaf8+MKZQtxBuw5
F5huk4ZslG7ju+hxK3qN01Q/x5Daa5Xq2coD3mZjYq6Ufa7B41+yoSYcEf0NlAnw
Kp/wfdJP2qQOKCLaNWtBIyQp4xQC5rce6eqq6rmdOhytxDcVCzcFrTKYhQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOeEg8toQQH+tK0ZOwp9khDXS5xdMB8GA1UdIwQY
MBaAFCwRpT9t9jALSRLOE/b6mxAPziSIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEJHbFAyMzJNQXRKRXM0VDl2cWJFQV9PSklnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni8xZGY4ZTEtNmU4MC00NDNjLWI2ZTgt
ZDlmOTA1ZmRjODlhLzEvNTRTRHkyaEJBZjYwclJrN0NuMlNFTmRMbkYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni8xZGY4ZTEtNmU4MC00NDNjLWI2ZTgtZDlmOTA1ZmRjODlh
LzEvTEJHbFAyMzJNQXRKRXM0VDl2cWJFQV9PSklnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuWx9MA0G
CSqGSIb3DQEBCwUAA4IBAQCez6Jh3GbnbZRrihdxV5aAHW13Sxz/+9Zm6XlFmALx
8M8OM0UGcaFunPawrPZqtKA53YTIqaDM2V9qt09hTfjkkpHUQMGPrGW/YlTa7PSl
2iTgJIUhL+4Il0B366ElJeR1eah5Vbagp+2u5YuLu3l9CXaFWU5eWBbPCg8RWeRV
PnEU348iRxytHl4EXTkYzILbCfdWsdVA8OOkZ0UWoxci3UFyrOldaRblVimtkPmr
I+wgug+55ccWDWXs2/SEmDKNrWYBOBFwaJIphaIT31RrfRAAaG2DcJrzvaHhX6jF
ka6FE3tzSWOIdglHhkFfG5Qdhm0Q9SdTqyKiGhSxAc/d
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:14:47 2025 by rpki-client