Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/59cf8e-dc67-43fb-bd37-0870e659645b/1/LSx9OlKUNiN9N5Lzmn4mpgYUaYM.roa
File: LSx9OlKUNiN9N5Lzmn4mpgYUaYM.roa (raw, json)
Hash identifier: SRtMriKTJRyDfQ60LOh5mHm3HAzdoYJatQZ33jFO0KY=
Subject key identifier: 2D:2C:7D:3A:52:94:36:23:7D:37:92:F3:9A:7E:26:A6:06:14:69:83
Certificate issuer: /CN=ef9d763b49e024a7b6a19eaf7dfb98911a9c94c8
Certificate serial: 01942748104633BFE9E1C22E9E2CC44D6708
Authority key identifier: EF:9D:76:3B:49:E0:24:A7:B6:A1:9E:AF:7D:FB:98:91:1A:9C:94:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7512O0ngJKe2oZ6vffuYkRqclMg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/59cf8e-dc67-43fb-bd37-0870e659645b/1/LSx9OlKUNiN9N5Lzmn4mpgYUaYM.roa
Signing time: Thu 02 Jan 2025 13:50:21 +0000
ROA not before: Thu 02 Jan 2025 13:50:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8860
IP address blocks: 5.182.20.0/24 maxlen: 24
5.182.21.0/24 maxlen: 24
5.182.23.0/24 maxlen: 24
2a0e:b800::/32 maxlen: 32
2a0e:b800:dddd::/48 maxlen: 48
2a0e:b801::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/79/59cf8e-dc67-43fb-bd37-0870e659645b/1/7512O0ngJKe2oZ6vffuYkRqclMg.crl
rsync://rpki.ripe.net/repository/DEFAULT/79/59cf8e-dc67-43fb-bd37-0870e659645b/1/7512O0ngJKe2oZ6vffuYkRqclMg.mft
rsync://rpki.ripe.net/repository/DEFAULT/7512O0ngJKe2oZ6vffuYkRqclMg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 13:01:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:10:46:33:bf:e9:e1:c2:2e:9e:2c:c4:4d:67:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef9d763b49e024a7b6a19eaf7dfb98911a9c94c8
Validity
Not Before: Jan 2 13:50:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2d2c7d3a529436237d3792f39a7e26a606146983
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:ae:84:53:d5:8d:12:2f:de:13:0a:d3:2d:ba:
d3:77:f7:00:4d:1a:dc:ce:d9:0f:01:5c:c2:6b:23:
fc:10:b0:dc:53:a0:28:63:65:2e:f4:d5:22:9c:54:
25:b5:98:ce:bd:cc:3c:75:fd:35:2c:30:eb:a8:3a:
44:08:84:3a:da:03:10:2b:db:4c:5e:10:75:31:e7:
e8:ec:8b:de:5f:5d:75:7d:b6:97:5e:74:19:26:4d:
80:4b:fc:c8:0c:9a:22:5d:95:5b:72:2a:e9:60:c1:
e3:f0:c7:e9:b7:5a:d1:90:ab:36:4a:74:27:ba:de:
6a:72:43:a6:d9:f4:d5:03:3c:0c:bb:32:4b:c7:72:
42:cb:cf:9d:1e:4b:4a:56:c9:fd:5a:95:3b:32:8f:
c1:fc:19:ac:9c:0a:bf:0c:fa:c1:1a:6a:32:88:ba:
fb:8f:4d:8e:32:04:eb:8b:6b:6f:06:97:9f:43:66:
88:ab:e3:14:c7:03:f0:72:0c:0d:1a:d8:85:b4:49:
38:69:c1:bb:c6:fc:d4:af:82:0a:28:bd:ac:fb:8b:
b8:c4:5e:8c:9c:dd:43:2a:ae:92:a6:cf:65:b8:11:
90:66:22:fc:2a:6d:59:b0:b6:41:19:2c:e3:11:6c:
e6:7c:7f:d2:58:fb:00:2f:b8:86:b8:09:b8:07:7b:
59:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:2C:7D:3A:52:94:36:23:7D:37:92:F3:9A:7E:26:A6:06:14:69:83
X509v3 Authority Key Identifier:
keyid:EF:9D:76:3B:49:E0:24:A7:B6:A1:9E:AF:7D:FB:98:91:1A:9C:94:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7512O0ngJKe2oZ6vffuYkRqclMg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/59cf8e-dc67-43fb-bd37-0870e659645b/1/LSx9OlKUNiN9N5Lzmn4mpgYUaYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/59cf8e-dc67-43fb-bd37-0870e659645b/1/7512O0ngJKe2oZ6vffuYkRqclMg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.20.0/23
5.182.23.0/24
IPv6:
2a0e:b800::/31
Signature Algorithm: sha256WithRSAEncryption
a7:b3:c9:ee:f0:dc:cb:57:29:4c:a7:79:09:5b:37:68:d1:d0:
98:40:8f:fe:30:92:ea:e9:8d:03:87:1c:45:ae:39:f9:99:93:
0c:3a:49:f6:06:c0:78:24:bf:4e:f1:80:e2:4c:ed:61:09:9b:
6b:60:98:07:8f:3e:18:85:0b:24:16:41:3f:6e:52:22:56:29:
45:82:fc:f3:63:57:35:7a:a0:a6:38:46:c0:c4:65:d4:9d:df:
52:23:be:98:a1:63:52:cf:0b:de:de:a4:42:10:5c:87:0c:81:
b4:1d:7c:7c:9a:e2:15:5f:b4:8e:c4:cb:65:53:7a:e5:ce:da:
58:74:e3:05:18:c0:2b:96:c9:e5:3e:bb:6d:00:c7:22:71:bd:
8a:2c:d1:13:01:53:bf:76:96:3c:84:af:ad:8a:79:ad:7b:20:
b0:a4:88:b1:10:4d:7a:a7:7e:e8:63:25:6b:42:1d:88:45:6d:
80:ec:f7:59:ac:97:f9:cf:ef:bf:bd:7a:22:e3:d9:e8:b5:70:
96:44:1a:9d:d0:8d:5c:4e:d1:8b:64:e4:be:22:3c:20:8c:ba:
7b:86:50:91:2a:99:79:87:15:a4:c0:ca:5f:54:64:18:a2:ba:
9f:41:da:fb:35:8e:f7:70:97:6b:40:db:20:32:43:16:42:48:
f8:2b:49:9e
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQnSBBGM7/p4cIunizETWcIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmOWQ3NjNiNDllMDI0YTdiNmExOWVhZjdkZmI5ODkxMWE5
Yzk0YzgwHhcNMjUwMTAyMTM1MDIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDJjN2QzYTUyOTQzNjIzN2QzNzkyZjM5YTdlMjZhNjA2MTQ2OTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnq6EU9WNEi/eEwrTLbrTd/cATRrc
ztkPAVzCayP8ELDcU6AoY2Uu9NUinFQltZjOvcw8df01LDDrqDpECIQ62gMQK9tM
XhB1Mefo7IveX111fbaXXnQZJk2AS/zIDJoiXZVbcirpYMHj8Mfpt1rRkKs2SnQn
ut5qckOm2fTVAzwMuzJLx3JCy8+dHktKVsn9WpU7Mo/B/BmsnAq/DPrBGmoyiLr7
j02OMgTri2tvBpefQ2aIq+MUxwPwcgwNGtiFtEk4acG7xvzUr4IKKL2s+4u4xF6M
nN1DKq6Sps9luBGQZiL8Km1ZsLZBGSzjEWzmfH/SWPsAL7iGuAm4B3tZ1QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFC0sfTpSlDYjfTeS85p+JqYGFGmDMB8GA1UdIwQY
MBaAFO+ddjtJ4CSntqGer337mJEanJTIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzUxMk8wbmdKS2Uyb1o2dmZmdVlrUnFjbE1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS81OWNmOGUtZGM2Ny00M2ZiLWJkMzct
MDg3MGU2NTk2NDViLzEvTFN4OU9sS1VOaU45TjVMem1uNG1wZ1lVYVlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS81OWNmOGUtZGM2Ny00M2ZiLWJkMzctMDg3MGU2NTk2NDVi
LzEvNzUxMk8wbmdKS2Uyb1o2dmZmdVlrUnFjbE1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBBbYUAwQA
BbYXMA0EAgACMAcDBQEqDrgAMA0GCSqGSIb3DQEBCwUAA4IBAQCns8nu8NzLVylM
p3kJWzdo0dCYQI/+MJLq6Y0DhxxFrjn5mZMMOkn2BsB4JL9O8YDiTO1hCZtrYJgH
jz4YhQskFkE/blIiVilFgvzzY1c1eqCmOEbAxGXUnd9SI76YoWNSzwve3qRCEFyH
DIG0HXx8muIVX7SOxMtlU3rlztpYdOMFGMArlsnlPrttAMcicb2KLNETAVO/dpY8
hK+tinmteyCwpIixEE16p37oYyVrQh2IRW2A7PdZrJf5z++/vXoi49notXCWRBqd
0I1cTtGLZOS+IjwgjLp7hlCRKpl5hxWkwMpfVGQYorqfQdr7NY73cJdrQNsgMkMW
Qkj4K0me
-----END CERTIFICATE-----
Generated at Tue Apr 8 18:56:03 2025 by rpki-client