Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/1043a7-b276-40dc-9f67-35004af5c935/1/lzjPjehPcPKbzhp_BORqJSFXL5w.roa
File: lzjPjehPcPKbzhp_BORqJSFXL5w.roa (raw, json)
Hash identifier: o7m8VbYXK8WyV5y7PTGt6HIYSCCP18Dfj928jAcIW9s=
Subject key identifier: 97:38:CF:8D:E8:4F:70:F2:9B:CE:1A:7F:04:E4:6A:25:21:57:2F:9C
Certificate issuer: /CN=29197bc7330ea99900f4fc91033a3317e56f75e2
Certificate serial: 0194221F5725AD7585E21E958DE62FCD8C88
Authority key identifier: 29:19:7B:C7:33:0E:A9:99:00:F4:FC:91:03:3A:33:17:E5:6F:75:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KRl7xzMOqZkA9PyRAzozF-VvdeI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/1043a7-b276-40dc-9f67-35004af5c935/1/lzjPjehPcPKbzhp_BORqJSFXL5w.roa
Signing time: Wed 01 Jan 2025 13:47:46 +0000
ROA not before: Wed 01 Jan 2025 13:47:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208319
IP address blocks: 45.128.88.0/22 maxlen: 22
45.128.88.0/24 maxlen: 24
45.128.89.0/24 maxlen: 24
45.128.90.0/24 maxlen: 24
45.128.91.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/79/1043a7-b276-40dc-9f67-35004af5c935/1/KRl7xzMOqZkA9PyRAzozF-VvdeI.crl
rsync://rpki.ripe.net/repository/DEFAULT/79/1043a7-b276-40dc-9f67-35004af5c935/1/KRl7xzMOqZkA9PyRAzozF-VvdeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/KRl7xzMOqZkA9PyRAzozF-VvdeI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 00:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:57:25:ad:75:85:e2:1e:95:8d:e6:2f:cd:8c:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29197bc7330ea99900f4fc91033a3317e56f75e2
Validity
Not Before: Jan 1 13:47:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9738cf8de84f70f29bce1a7f04e46a2521572f9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:73:f9:3b:ee:78:d2:09:5f:04:74:a7:47:43:
c5:2b:68:99:99:53:0c:81:f7:6b:0b:36:0d:d5:6d:
db:e2:1b:2f:35:37:ab:9f:85:e9:88:76:da:8c:e3:
cb:ea:f3:bc:ae:e0:0a:ad:ea:c8:53:b9:e5:b1:45:
b5:a6:7b:b4:98:d6:16:0b:ff:9e:08:cf:df:26:db:
79:3e:4b:bc:b6:e7:62:02:8e:8e:9e:15:c7:02:47:
72:a9:d5:51:1f:0c:62:42:61:01:f7:3e:08:3f:cd:
4b:9e:24:e1:e9:fc:6c:c4:47:46:e8:3b:42:b8:41:
05:8c:ef:a1:03:2d:fd:a5:83:41:23:8d:fa:fc:97:
a9:64:34:a4:b1:0d:2b:46:f4:82:0d:18:35:f8:7d:
34:da:6b:4e:fb:47:cc:75:68:e8:ce:0b:a0:ea:84:
fc:27:69:f9:91:f9:e9:3e:ee:f0:b1:cd:51:52:c1:
fe:65:ee:04:a2:72:d2:2c:c6:ac:aa:ad:45:63:de:
f2:74:f1:d7:8a:71:d3:6b:ad:a5:21:85:3a:c9:61:
22:e8:a8:d1:5f:36:00:61:e8:55:cd:1d:c5:ee:f3:
c4:0d:dc:d8:a9:67:03:ac:33:be:86:fe:56:e6:8e:
f2:15:5b:19:fa:a6:18:f0:1c:ba:ed:70:04:25:57:
f4:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:38:CF:8D:E8:4F:70:F2:9B:CE:1A:7F:04:E4:6A:25:21:57:2F:9C
X509v3 Authority Key Identifier:
keyid:29:19:7B:C7:33:0E:A9:99:00:F4:FC:91:03:3A:33:17:E5:6F:75:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KRl7xzMOqZkA9PyRAzozF-VvdeI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/1043a7-b276-40dc-9f67-35004af5c935/1/lzjPjehPcPKbzhp_BORqJSFXL5w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/1043a7-b276-40dc-9f67-35004af5c935/1/KRl7xzMOqZkA9PyRAzozF-VvdeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.88.0/22
Signature Algorithm: sha256WithRSAEncryption
83:4d:80:35:03:be:33:f7:33:53:ef:ad:db:f0:40:df:04:2f:
e2:6b:4c:f1:8a:73:65:1e:55:63:bb:03:1c:80:8f:b9:da:e3:
0c:c3:df:0b:5c:ba:f5:0d:a1:81:30:84:05:63:48:73:f3:ee:
48:7f:f9:6b:7f:0a:7f:73:b1:26:d1:02:c5:8e:bb:a8:92:2f:
e1:47:69:05:42:1c:3c:04:c0:55:8a:84:3f:20:8c:66:0c:4c:
04:63:78:8c:62:7d:8e:3b:d6:8a:66:2c:6c:52:a2:c5:9e:ca:
17:68:24:7e:d4:f6:f4:f9:ca:0f:c3:96:f8:f5:f9:87:43:fa:
27:6c:ab:80:2c:e2:6f:81:9c:ca:55:42:0a:8f:fe:05:c6:b8:
78:a9:9f:f4:4f:de:ab:a0:cf:37:a3:2f:5b:5c:3e:5a:15:09:
69:b6:cc:03:98:1e:fd:6e:33:55:4c:5f:7c:ea:63:10:20:07:
4f:44:b7:94:63:ad:9c:d7:63:f6:ed:96:c0:d2:67:ce:2a:39:
3b:11:02:31:d9:5a:54:b7:7c:9e:5a:53:9f:1d:8f:96:50:d9:
cf:9e:6d:f2:73:e2:e4:12:ef:7f:67:ae:c6:f2:33:8e:2f:55:
78:b5:53:9c:29:4a:2e:35:aa:b1:dc:28:61:c5:f8:a2:8d:7e:
71:04:31:2f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH1clrXWF4h6VjeYvzYyIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MTk3YmM3MzMwZWE5OTkwMGY0ZmM5MTAzM2EzMzE3ZTU2
Zjc1ZTIwHhcNMjUwMTAxMTM0NzQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzM4Y2Y4ZGU4NGY3MGYyOWJjZTFhN2YwNGU0NmEyNTIxNTcyZjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw3P5O+540glfBHSnR0PFK2iZmVMM
gfdrCzYN1W3b4hsvNTern4XpiHbajOPL6vO8ruAKrerIU7nlsUW1pnu0mNYWC/+e
CM/fJtt5Pku8tudiAo6OnhXHAkdyqdVRHwxiQmEB9z4IP81LniTh6fxsxEdG6DtC
uEEFjO+hAy39pYNBI436/JepZDSksQ0rRvSCDRg1+H002mtO+0fMdWjozgug6oT8
J2n5kfnpPu7wsc1RUsH+Ze4EonLSLMasqq1FY97ydPHXinHTa62lIYU6yWEi6KjR
XzYAYehVzR3F7vPEDdzYqWcDrDO+hv5W5o7yFVsZ+qYY8By67XAEJVf0qwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJc4z43oT3Dym84afwTkaiUhVy+cMB8GA1UdIwQY
MBaAFCkZe8czDqmZAPT8kQM6Mxflb3XiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1JsN3h6TU9xWmtBOVB5UkF6b3pGLVZ2ZGVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS8xMDQzYTctYjI3Ni00MGRjLTlmNjct
MzUwMDRhZjVjOTM1LzEvbHpqUGplaFBjUEtiemhwX0JPUnFKU0ZYTDV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS8xMDQzYTctYjI3Ni00MGRjLTlmNjctMzUwMDRhZjVjOTM1
LzEvS1JsN3h6TU9xWmtBOVB5UkF6b3pGLVZ2ZGVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLYBYMA0G
CSqGSIb3DQEBCwUAA4IBAQCDTYA1A74z9zNT763b8EDfBC/ia0zxinNlHlVjuwMc
gI+52uMMw98LXLr1DaGBMIQFY0hz8+5If/lrfwp/c7Em0QLFjruoki/hR2kFQhw8
BMBVioQ/IIxmDEwEY3iMYn2OO9aKZixsUqLFnsoXaCR+1Pb0+coPw5b49fmHQ/on
bKuALOJvgZzKVUIKj/4Fxrh4qZ/0T96roM83oy9bXD5aFQlptswDmB79bjNVTF98
6mMQIAdPRLeUY62c12P27ZbA0mfOKjk7EQIx2VpUt3yeWlOfHY+WUNnPnm3yc+Lk
Eu9/Z67G8jOOL1V4tVOcKUouNaqx3ChhxfiijX5xBDEv
-----END CERTIFICATE-----
Generated at Thu Mar 13 09:00:23 2025 by rpki-client