Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/c89677-1d9a-418d-8593-c18e3ccc742b/1/LwM623k2kR7q91QrhiqdXUwBs7k.roa
File: LwM623k2kR7q91QrhiqdXUwBs7k.roa (raw, json)
Hash identifier: RKu1QnAXYUI9f91c+0fb1S3SkGsEsHeC3eprd1gKm7I=
Subject key identifier: 2F:03:3A:DB:79:36:91:1E:EA:F7:54:2B:86:2A:9D:5D:4C:01:B3:B9
Certificate issuer: /CN=5c6b0c001a99ab6296e242173bf7e7fdcf03c019
Certificate serial: 019426D94DC0F6568E29EC1C161E7DE2EE0C
Authority key identifier: 5C:6B:0C:00:1A:99:AB:62:96:E2:42:17:3B:F7:E7:FD:CF:03:C0:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XGsMABqZq2KW4kIXO_fn_c8DwBk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/c89677-1d9a-418d-8593-c18e3ccc742b/1/LwM623k2kR7q91QrhiqdXUwBs7k.roa
Signing time: Thu 02 Jan 2025 11:49:22 +0000
ROA not before: Thu 02 Jan 2025 11:49:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44600
IP address blocks: 46.182.80.0/22 maxlen: 22
46.182.84.0/22 maxlen: 22
91.202.72.0/22 maxlen: 22
94.131.244.0/24 maxlen: 24
94.131.245.0/24 maxlen: 24
94.131.248.0/24 maxlen: 24
94.131.249.0/24 maxlen: 24
94.131.250.0/23 maxlen: 23
94.131.250.0/24 maxlen: 24
94.131.252.0/24 maxlen: 24
94.131.253.0/24 maxlen: 24
94.131.254.0/24 maxlen: 24
94.131.255.0/24 maxlen: 24
185.41.248.0/22 maxlen: 22
185.46.148.0/22 maxlen: 22
185.128.232.0/22 maxlen: 22
185.128.235.0/24 maxlen: 24
185.156.52.0/24 maxlen: 24
185.156.53.0/24 maxlen: 24
185.156.54.0/24 maxlen: 24
185.156.55.0/24 maxlen: 24
194.42.201.0/24 maxlen: 24
2a03:a600::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7e/c89677-1d9a-418d-8593-c18e3ccc742b/1/XGsMABqZq2KW4kIXO_fn_c8DwBk.crl
rsync://rpki.ripe.net/repository/DEFAULT/7e/c89677-1d9a-418d-8593-c18e3ccc742b/1/XGsMABqZq2KW4kIXO_fn_c8DwBk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XGsMABqZq2KW4kIXO_fn_c8DwBk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 18:34:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:4d:c0:f6:56:8e:29:ec:1c:16:1e:7d:e2:ee:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c6b0c001a99ab6296e242173bf7e7fdcf03c019
Validity
Not Before: Jan 2 11:49:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2f033adb7936911eeaf7542b862a9d5d4c01b3b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:c8:98:40:39:c7:a9:ac:20:4b:3e:bf:d1:38:
65:b9:52:c6:16:4e:9d:a7:8c:44:a6:75:ac:7b:8d:
6f:33:c9:c2:94:dd:22:de:0a:01:86:42:93:7a:87:
21:ba:d9:76:99:8c:07:b7:9f:d7:ca:75:c2:d1:92:
cc:d6:64:e4:8f:da:94:06:0e:70:f1:52:81:83:88:
40:82:c6:26:db:5e:fe:37:d3:64:03:02:e2:05:b7:
74:5f:55:20:9d:27:5f:4c:54:38:90:a9:5e:2a:48:
7e:db:3d:48:f7:88:71:5b:e5:04:ce:2e:2d:bc:83:
1b:34:2e:f8:d2:68:84:16:1c:e1:6e:b9:31:b8:af:
28:15:ba:ff:21:e2:b5:83:b2:ba:3a:a7:c3:13:60:
78:97:40:1b:d9:a0:96:06:96:05:28:92:d6:52:4a:
98:61:51:d5:2d:f2:23:d1:24:10:24:32:8a:ef:0c:
db:85:32:47:3f:ba:09:e3:dc:60:78:29:ea:46:44:
9f:25:24:ed:65:1d:57:d8:2e:49:13:66:82:b4:3f:
99:c0:de:e7:88:00:d0:a2:2b:ed:5f:7a:76:73:4e:
db:5f:63:a9:5f:85:28:75:13:14:f9:cc:cc:9f:6f:
ba:ef:fa:c3:8e:e7:a3:92:d8:15:44:25:95:ec:4c:
0a:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:03:3A:DB:79:36:91:1E:EA:F7:54:2B:86:2A:9D:5D:4C:01:B3:B9
X509v3 Authority Key Identifier:
keyid:5C:6B:0C:00:1A:99:AB:62:96:E2:42:17:3B:F7:E7:FD:CF:03:C0:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XGsMABqZq2KW4kIXO_fn_c8DwBk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/c89677-1d9a-418d-8593-c18e3ccc742b/1/LwM623k2kR7q91QrhiqdXUwBs7k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/c89677-1d9a-418d-8593-c18e3ccc742b/1/XGsMABqZq2KW4kIXO_fn_c8DwBk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.182.80.0/21
91.202.72.0/22
94.131.244.0/23
94.131.248.0/21
185.41.248.0/22
185.46.148.0/22
185.128.232.0/22
185.156.52.0/22
194.42.201.0/24
IPv6:
2a03:a600::/29
Signature Algorithm: sha256WithRSAEncryption
71:d2:1c:94:13:1f:69:a0:26:40:06:be:a6:5d:71:9d:55:8b:
07:94:78:c2:cb:d9:2a:75:ec:fb:c3:c1:ed:e2:69:e7:6d:47:
ce:25:f8:44:ae:a0:ec:c7:fb:a1:b3:b4:b1:bf:f1:19:8a:54:
42:e8:50:d7:cd:f3:ea:b2:d8:df:89:d2:94:c2:dd:45:fa:ba:
5b:5c:48:87:31:c9:38:1f:ad:95:d9:ad:17:c9:bc:15:19:11:
41:97:a1:db:2e:ea:5e:35:73:f7:17:a8:e5:3f:8f:94:22:b6:
f0:85:df:37:74:de:fa:8d:17:21:95:a1:fc:1b:61:51:92:0d:
41:2b:67:24:0a:df:de:6b:67:ea:aa:fe:3e:06:8d:02:58:2e:
4f:7a:ae:18:49:fb:6b:56:74:24:21:72:3e:9a:40:4c:64:e4:
49:89:ff:18:26:d6:46:a1:f2:76:cc:d7:e5:02:16:d3:44:66:
36:43:bc:82:83:3a:4f:e0:98:59:3a:cb:c9:23:6f:a7:54:46:
ec:d9:9f:0c:59:9d:47:58:a6:97:f9:be:a6:a2:bf:08:8c:58:
04:55:53:45:57:e1:a2:1b:ee:a7:4b:73:f5:2d:93:bb:e0:ea:
af:5e:79:d5:93:cf:90:fe:fc:05:b2:fa:51:e8:c7:e7:eb:84:
89:e2:2f:15
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAZQm2U3A9laOKewcFh594u4MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNmIwYzAwMWE5OWFiNjI5NmUyNDIxNzNiZjdlN2ZkY2Yw
M2MwMTkwHhcNMjUwMTAyMTE0OTIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjAzM2FkYjc5MzY5MTFlZWFmNzU0MmI4NjJhOWQ1ZDRjMDFiM2I5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzMiYQDnHqawgSz6/0ThluVLGFk6d
p4xEpnWse41vM8nClN0i3goBhkKTeochutl2mYwHt5/XynXC0ZLM1mTkj9qUBg5w
8VKBg4hAgsYm217+N9NkAwLiBbd0X1UgnSdfTFQ4kKleKkh+2z1I94hxW+UEzi4t
vIMbNC740miEFhzhbrkxuK8oFbr/IeK1g7K6OqfDE2B4l0Ab2aCWBpYFKJLWUkqY
YVHVLfIj0SQQJDKK7wzbhTJHP7oJ49xgeCnqRkSfJSTtZR1X2C5JE2aCtD+ZwN7n
iADQoivtX3p2c07bX2OpX4UodRMU+czMn2+67/rDjuejktgVRCWV7EwKfwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFC8DOtt5NpEe6vdUK4YqnV1MAbO5MB8GA1UdIwQY
MBaAFFxrDAAamatiluJCFzv35/3PA8AZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEdzTUFCcVpxMktXNGtJWE9fZm5fYzhEd0JrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9jODk2NzctMWQ5YS00MThkLTg1OTMt
YzE4ZTNjY2M3NDJiLzEvTHdNNjIzazJrUjdxOTFRcmhpcWRYVXdCczdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9jODk2NzctMWQ5YS00MThkLTg1OTMtYzE4ZTNjY2M3NDJi
LzEvWEdzTUFCcVpxMktXNGtJWE9fZm5fYzhEd0JrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQDLrZQAwQC
W8pIAwQBXoP0AwQDXoP4AwQCuSn4AwQCuS6UAwQCuYDoAwQCuZw0AwQAwirJMA0E
AgACMAcDBQMqA6YAMA0GCSqGSIb3DQEBCwUAA4IBAQBx0hyUEx9poCZABr6mXXGd
VYsHlHjCy9kqdez7w8Ht4mnnbUfOJfhErqDsx/uhs7Sxv/EZilRC6FDXzfPqstjf
idKUwt1F+rpbXEiHMck4H62V2a0XybwVGRFBl6HbLupeNXP3F6jlP4+UIrbwhd83
dN76jRchlaH8G2FRkg1BK2ckCt/ea2fqqv4+Bo0CWC5Peq4YSftrVnQkIXI+mkBM
ZORJif8YJtZGofJ2zNflAhbTRGY2Q7yCgzpP4JhZOsvJI2+nVEbs2Z8MWZ1HWKaX
+b6mor8IjFgEVVNFV+GiG+6nS3P1LZO74OqvXnnVk8+Q/vwFsvpR6Mfn64SJ4i8V
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:46:56 2025 by rpki-client