Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/fca2ae-25fc-444b-a868-810dc9e1aa54/1/l-uO9C6tKcC2lkHq5_ltCjByOUs.roa
File: l-uO9C6tKcC2lkHq5_ltCjByOUs.roa (raw, json)
Hash identifier: TUNIXLUXFg+4nA9Zr3IEFRMFcebg5+gpL40XGW7pBfQ=
Subject key identifier: 97:EB:8E:F4:2E:AD:29:C0:B6:96:41:EA:E7:F9:6D:0A:30:72:39:4B
Certificate issuer: /CN=30dd0b70850e1f9895658edabe28b9d8d9ea017c
Certificate serial: 019425217D1C5B8C9499EEC87CB7A5EF316F
Authority key identifier: 30:DD:0B:70:85:0E:1F:98:95:65:8E:DA:BE:28:B9:D8:D9:EA:01:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MN0LcIUOH5iVZY7avii52NnqAXw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/fca2ae-25fc-444b-a868-810dc9e1aa54/1/l-uO9C6tKcC2lkHq5_ltCjByOUs.roa
Signing time: Thu 02 Jan 2025 03:48:58 +0000
ROA not before: Thu 02 Jan 2025 03:48:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 553
IP address blocks: 141.37.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7d/fca2ae-25fc-444b-a868-810dc9e1aa54/1/MN0LcIUOH5iVZY7avii52NnqAXw.crl
rsync://rpki.ripe.net/repository/DEFAULT/7d/fca2ae-25fc-444b-a868-810dc9e1aa54/1/MN0LcIUOH5iVZY7avii52NnqAXw.mft
rsync://rpki.ripe.net/repository/DEFAULT/MN0LcIUOH5iVZY7avii52NnqAXw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 21:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:7d:1c:5b:8c:94:99:ee:c8:7c:b7:a5:ef:31:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30dd0b70850e1f9895658edabe28b9d8d9ea017c
Validity
Not Before: Jan 2 03:48:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=97eb8ef42ead29c0b69641eae7f96d0a3072394b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:9b:31:10:d4:8a:dc:d3:a3:c9:60:51:17:e7:
90:25:32:3d:b9:dd:73:5c:a5:b0:06:c6:82:1a:fe:
a4:12:4b:67:3b:a1:a6:c1:01:49:1f:3c:73:0a:bc:
6b:8f:1e:92:fd:de:3c:0a:ee:bd:cf:65:a9:12:32:
c3:e9:d7:7e:5b:ea:2c:72:5b:cd:96:6a:7d:03:d9:
30:f2:40:6f:9e:80:67:55:43:ce:bc:63:c7:ae:e1:
2b:ab:c8:fc:b6:a7:b3:08:f6:74:d8:53:52:90:0e:
5b:72:a4:3e:07:19:10:d4:5a:2d:50:2f:9b:1d:02:
b6:09:df:b0:3b:c0:6a:eb:fc:2d:1e:23:8e:08:55:
a5:85:c4:1a:a2:87:ff:5b:26:bc:b7:c2:7d:73:1d:
13:53:5e:82:99:02:df:ad:90:d0:5b:a6:2e:8e:65:
75:ee:55:0a:b9:2c:9f:30:a3:eb:a4:59:32:46:2c:
1a:0b:15:0a:c7:ae:3b:4f:39:a8:d0:4c:aa:88:10:
70:12:9b:b2:99:c5:76:be:e7:dc:e3:a9:aa:03:6a:
e4:f2:a4:9f:14:09:ed:ba:05:d3:4a:2c:2d:38:6c:
74:05:d5:1f:12:4a:c7:16:8b:79:b7:eb:6d:8a:e0:
bb:c9:29:a3:cb:b0:f2:4f:55:5a:c6:ca:69:25:e0:
00:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:EB:8E:F4:2E:AD:29:C0:B6:96:41:EA:E7:F9:6D:0A:30:72:39:4B
X509v3 Authority Key Identifier:
keyid:30:DD:0B:70:85:0E:1F:98:95:65:8E:DA:BE:28:B9:D8:D9:EA:01:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MN0LcIUOH5iVZY7avii52NnqAXw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/fca2ae-25fc-444b-a868-810dc9e1aa54/1/l-uO9C6tKcC2lkHq5_ltCjByOUs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/fca2ae-25fc-444b-a868-810dc9e1aa54/1/MN0LcIUOH5iVZY7avii52NnqAXw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.37.0.0/16
Signature Algorithm: sha256WithRSAEncryption
12:94:c4:5b:10:2e:17:af:a5:20:e8:57:d1:6f:2d:f8:c8:34:
b7:11:8f:17:dd:6f:46:d3:1b:41:1f:57:7a:cd:8c:b9:6c:d6:
33:30:a7:6c:a1:6e:97:07:b5:9e:f3:68:5b:57:04:1b:6f:06:
3e:0d:42:eb:8a:d6:78:c0:2c:6b:b2:3d:a0:10:66:fb:04:0f:
e1:55:f4:60:57:6e:8b:1b:df:7f:fc:e2:17:27:49:fd:49:c9:
21:31:03:21:e8:a7:36:6a:ef:e1:c5:aa:7d:e5:df:81:f1:47:
0d:35:f6:de:ca:67:01:54:b8:f1:8a:09:a5:ee:24:ca:e9:7d:
ba:67:ed:4f:fd:11:33:60:b6:65:b9:ee:96:a6:b0:e7:c6:d9:
7d:83:7d:51:21:c0:ee:b0:f7:1c:ba:04:6e:ad:32:61:9c:7c:
f4:a2:9f:8a:2a:af:19:fe:07:23:6d:ae:de:2e:b5:9a:7e:88:
37:7d:21:9c:ee:f6:ac:68:b2:29:f6:58:93:00:a7:73:51:81:
24:76:f2:5e:a0:6a:16:ec:0f:b0:ee:ca:93:97:d8:fc:a1:22:
67:65:29:f4:a0:0b:00:85:58:cf:39:a7:4b:bb:50:9f:1d:57:
84:08:a8:7e:79:01:46:de:d9:bc:7f:2a:9b:a6:f3:0d:26:a1:
27:fc:35:a4
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAZQlIX0cW4yUme7IfLel7zFvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwZGQwYjcwODUwZTFmOTg5NTY1OGVkYWJlMjhiOWQ4ZDll
YTAxN2MwHhcNMjUwMTAyMDM0ODU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2ViOGVmNDJlYWQyOWMwYjY5NjQxZWFlN2Y5NmQwYTMwNzIzOTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk5sxENSK3NOjyWBRF+eQJTI9ud1z
XKWwBsaCGv6kEktnO6GmwQFJHzxzCrxrjx6S/d48Cu69z2WpEjLD6dd+W+osclvN
lmp9A9kw8kBvnoBnVUPOvGPHruErq8j8tqezCPZ02FNSkA5bcqQ+BxkQ1FotUC+b
HQK2Cd+wO8Bq6/wtHiOOCFWlhcQaoof/Wya8t8J9cx0TU16CmQLfrZDQW6YujmV1
7lUKuSyfMKPrpFkyRiwaCxUKx647Tzmo0EyqiBBwEpuymcV2vufc46mqA2rk8qSf
FAntugXTSiwtOGx0BdUfEkrHFot5t+ttiuC7ySmjy7DyT1VaxsppJeAAFwIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFJfrjvQurSnAtpZB6uf5bQowcjlLMB8GA1UdIwQY
MBaAFDDdC3CFDh+YlWWO2r4oudjZ6gF8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTU4wTGNJVU9INWlWWlk3YXZpaTUyTm5xQVh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9mY2EyYWUtMjVmYy00NDRiLWE4Njgt
ODEwZGM5ZTFhYTU0LzEvbC11TzlDNnRLY0MybGtIcTVfbHRDakJ5T1VzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9mY2EyYWUtMjVmYy00NDRiLWE4NjgtODEwZGM5ZTFhYTU0
LzEvTU4wTGNJVU9INWlWWlk3YXZpaTUyTm5xQVh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAjSUwDQYJ
KoZIhvcNAQELBQADggEBABKUxFsQLhevpSDoV9FvLfjINLcRjxfdb0bTG0EfV3rN
jLls1jMwp2yhbpcHtZ7zaFtXBBtvBj4NQuuK1njALGuyPaAQZvsED+FV9GBXbosb
33/84hcnSf1JySExAyHopzZq7+HFqn3l34HxRw019t7KZwFUuPGKCaXuJMrpfbpn
7U/9ETNgtmW57pamsOfG2X2DfVEhwO6w9xy6BG6tMmGcfPSin4oqrxn+ByNtrt4u
tZp+iDd9IZzu9qxosin2WJMAp3NRgSR28l6gahbsD7DuypOX2PyhImdlKfSgCwCF
WM85p0u7UJ8dV4QIqH55AUbe2bx/Kpum8w0moSf8NaQ=
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:31:47 2025 by rpki-client