Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/l8KpKReixNDHkSubHdfI2z2J0LI.roa
File: l8KpKReixNDHkSubHdfI2z2J0LI.roa (raw, json)
Hash identifier: pX4lLViztQ13HYJwweHqkIk+20Vma9iisJYbAnhei/E=
Subject key identifier: 97:C2:A9:29:17:A2:C4:D0:C7:91:2B:9B:1D:D7:C8:DB:3D:89:D0:B2
Certificate issuer: /CN=62a15cc88659f578cc159c52b3a7e9ec5819fb20
Certificate serial: 019473FDE46844604A710DB9AAACEC3E8960
Authority key identifier: 62:A1:5C:C8:86:59:F5:78:CC:15:9C:52:B3:A7:E9:EC:58:19:FB:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/l8KpKReixNDHkSubHdfI2z2J0LI.roa
Signing time: Fri 17 Jan 2025 11:20:06 +0000
ROA not before: Fri 17 Jan 2025 11:20:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 396356
IP address blocks: 141.105.140.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.mft
rsync://rpki.ripe.net/repository/DEFAULT/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 00:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:73:fd:e4:68:44:60:4a:71:0d:b9:aa:ac:ec:3e:89:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62a15cc88659f578cc159c52b3a7e9ec5819fb20
Validity
Not Before: Jan 17 11:20:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=97c2a92917a2c4d0c7912b9b1dd7c8db3d89d0b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:2e:da:26:56:cc:24:c1:cc:8b:bc:6b:a5:79:
af:e3:91:fe:f7:35:f3:39:25:ea:1f:fb:a6:ac:14:
f3:68:e1:09:ea:c5:ac:ad:aa:5e:3a:69:5d:63:80:
66:96:2a:7b:d2:ce:de:97:a3:1c:35:2e:84:45:5c:
98:39:66:33:84:c9:2b:e2:0a:ed:91:6e:3d:4a:f6:
20:27:0b:5c:07:3b:2d:31:ee:90:ff:06:c2:15:f8:
a7:ce:e6:af:f9:aa:75:80:c1:36:08:de:8f:11:ff:
89:ff:3f:1f:23:17:6d:d9:35:01:48:05:45:24:7d:
cb:f6:13:8f:ec:7b:c0:85:fc:50:31:6a:06:92:3d:
19:69:cb:47:23:92:18:90:2e:fb:cb:fb:63:0e:c7:
bd:f9:aa:bd:1a:fd:54:66:6f:7e:50:f8:37:43:c6:
cc:26:57:9a:bf:c4:56:95:9e:85:91:39:d2:eb:07:
08:44:39:94:c7:e6:4c:8e:33:11:50:3e:38:76:3a:
9a:79:e1:e7:52:17:d6:89:5d:17:da:4b:2d:ac:36:
f1:5a:d5:6d:b0:bf:5b:dd:f2:3a:24:4f:51:3d:a1:
a5:52:10:5f:85:fd:f5:63:5e:38:b8:52:87:84:ca:
83:98:37:29:06:93:be:73:50:31:61:86:b8:c0:48:
7a:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:C2:A9:29:17:A2:C4:D0:C7:91:2B:9B:1D:D7:C8:DB:3D:89:D0:B2
X509v3 Authority Key Identifier:
keyid:62:A1:5C:C8:86:59:F5:78:CC:15:9C:52:B3:A7:E9:EC:58:19:FB:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/l8KpKReixNDHkSubHdfI2z2J0LI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.105.140.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:17:ff:70:88:ab:a6:0e:54:72:6e:6a:aa:39:0f:3c:eb:ab:
4e:22:72:aa:84:9d:52:52:6b:e2:cb:97:69:59:66:12:19:ff:
6d:8d:fc:58:92:67:01:1f:f4:99:45:64:0f:82:eb:b4:c5:e1:
c6:04:72:cc:60:8e:79:5f:16:85:b1:05:f3:8c:07:ea:f7:a8:
fe:2f:ab:c2:cc:7f:46:08:43:33:82:2e:b4:97:96:1c:b7:ba:
f3:dd:60:02:b2:e4:70:e6:67:1b:30:a4:c2:64:92:49:00:95:
6f:57:2e:75:43:f7:1d:bc:32:99:2a:c6:ca:2e:dc:55:ba:7c:
9c:e3:05:01:f4:9c:4a:c7:a8:e4:ab:56:4f:27:0a:a6:42:49:
71:fd:ca:90:42:fd:9b:82:0c:69:97:b9:a0:41:ec:95:6a:ed:
ae:5f:35:10:57:51:bd:e5:53:02:af:df:51:d7:23:4e:c7:50:
61:87:31:69:20:41:a8:e0:32:93:8c:7d:3a:ee:bf:e2:6b:53:
92:83:be:dc:80:bd:27:09:8d:34:d9:e3:c2:ee:20:89:b2:82:
73:54:89:06:14:b3:7a:af:11:8a:a6:19:07:7a:0e:16:48:41:
15:eb:54:28:76:ad:eb:bc:96:b3:2a:a1:b2:22:7c:7e:59:a6:
50:15:48:9a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZRz/eRoRGBKcQ25qqzsPolgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyYTE1Y2M4ODY1OWY1NzhjYzE1OWM1MmIzYTdlOWVjNTgx
OWZiMjAwHhcNMjUwMTE3MTEyMDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2MyYTkyOTE3YTJjNGQwYzc5MTJiOWIxZGQ3YzhkYjNkODlkMGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmy7aJlbMJMHMi7xrpXmv45H+9zXz
OSXqH/umrBTzaOEJ6sWsrapeOmldY4Bmlip70s7el6McNS6ERVyYOWYzhMkr4grt
kW49SvYgJwtcBzstMe6Q/wbCFfinzuav+ap1gME2CN6PEf+J/z8fIxdt2TUBSAVF
JH3L9hOP7HvAhfxQMWoGkj0ZactHI5IYkC77y/tjDse9+aq9Gv1UZm9+UPg3Q8bM
Jleav8RWlZ6FkTnS6wcIRDmUx+ZMjjMRUD44djqaeeHnUhfWiV0X2kstrDbxWtVt
sL9b3fI6JE9RPaGlUhBfhf31Y144uFKHhMqDmDcpBpO+c1AxYYa4wEh6zQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJfCqSkXosTQx5Ermx3XyNs9idCyMB8GA1UdIwQY
MBaAFGKhXMiGWfV4zBWcUrOn6exYGfsgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXFGY3lJWlo5WGpNRlp4U3M2ZnA3RmdaLXlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8yMTE3YmMtMWY5ZS00NTkwLWE1NTAt
NDI2OWI1NmJmN2Q0LzEvbDhLcEtSZWl4TkRIa1N1YkhkZkkyejJKMExJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi8yMTE3YmMtMWY5ZS00NTkwLWE1NTAtNDI2OWI1NmJmN2Q0
LzEvWXFGY3lJWlo5WGpNRlp4U3M2ZnA3RmdaLXlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAjWmMMA0G
CSqGSIb3DQEBCwUAA4IBAQAqF/9wiKumDlRybmqqOQ8866tOInKqhJ1SUmviy5dp
WWYSGf9tjfxYkmcBH/SZRWQPguu0xeHGBHLMYI55XxaFsQXzjAfq96j+L6vCzH9G
CEMzgi60l5Yct7rz3WACsuRw5mcbMKTCZJJJAJVvVy51Q/cdvDKZKsbKLtxVunyc
4wUB9JxKx6jkq1ZPJwqmQklx/cqQQv2bggxpl7mgQeyVau2uXzUQV1G95VMCr99R
1yNOx1BhhzFpIEGo4DKTjH067r/ia1OSg77cgL0nCY002ePC7iCJsoJzVIkGFLN6
rxGKphkHeg4WSEEV61Qodq3rvJazKqGyInx+WaZQFUia
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:03:38 2025 by rpki-client