Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/a554d3-4232-48fc-b883-b3b5caaf5ea6/1/lgeLoySacO5n6-jqTWkewt--0AI.roa
File: lgeLoySacO5n6-jqTWkewt--0AI.roa (raw, json)
Hash identifier: cHeeK4JCsJJNj8Pz7DQjcNm/axVPSQ0h4TJyF4NqSFM=
Subject key identifier: 96:07:8B:A3:24:9A:70:EE:67:EB:E8:EA:4D:69:1E:C2:DF:BE:D0:02
Certificate issuer: /CN=57718361688d162ff8023c1227cd644dae39a1c0
Certificate serial: 01942823299D6F61735C2C824EF4FC7A624B
Authority key identifier: 57:71:83:61:68:8D:16:2F:F8:02:3C:12:27:CD:64:4D:AE:39:A1:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V3GDYWiNFi_4AjwSJ81kTa45ocA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/a554d3-4232-48fc-b883-b3b5caaf5ea6/1/lgeLoySacO5n6-jqTWkewt--0AI.roa
Signing time: Thu 02 Jan 2025 17:49:40 +0000
ROA not before: Thu 02 Jan 2025 17:49:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 680
IP address blocks: 2001:67c:2414::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/a554d3-4232-48fc-b883-b3b5caaf5ea6/1/V3GDYWiNFi_4AjwSJ81kTa45ocA.crl
rsync://rpki.ripe.net/repository/DEFAULT/82/a554d3-4232-48fc-b883-b3b5caaf5ea6/1/V3GDYWiNFi_4AjwSJ81kTa45ocA.mft
rsync://rpki.ripe.net/repository/DEFAULT/V3GDYWiNFi_4AjwSJ81kTa45ocA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 05:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:29:9d:6f:61:73:5c:2c:82:4e:f4:fc:7a:62:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57718361688d162ff8023c1227cd644dae39a1c0
Validity
Not Before: Jan 2 17:49:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=96078ba3249a70ee67ebe8ea4d691ec2dfbed002
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:c9:c2:16:5d:f3:a2:c8:c9:35:79:af:c2:5f:
f3:d3:eb:b6:2a:4c:33:fb:f3:c7:1b:26:e9:9e:3f:
ab:66:89:0d:b4:4e:b8:db:36:81:90:cf:b1:9b:80:
ac:fa:f3:32:66:52:3d:97:21:b6:e4:36:7e:f6:16:
f8:8c:06:1c:9d:64:7c:2b:d0:fb:a3:85:98:3b:32:
bf:92:83:e8:ba:42:96:b4:cf:a7:ec:a3:f3:ce:11:
bd:ba:94:74:12:8d:05:ef:12:52:bd:36:bc:76:e2:
37:9d:26:26:a3:f1:88:34:84:8f:20:44:65:2a:f6:
19:c2:0c:8a:9e:0c:40:7e:eb:22:78:98:7f:56:9f:
42:7b:80:09:cb:d4:c7:65:87:a7:32:90:dc:f7:e8:
db:c3:32:e3:10:68:19:9b:d7:57:55:b0:b4:de:67:
6d:db:90:95:87:ad:39:80:b5:fd:78:57:d2:82:a2:
8f:1a:83:fb:e4:7e:90:7f:2b:79:d7:b2:21:f9:b9:
76:9b:0e:6c:31:2d:c2:34:bd:a1:fa:88:97:c2:81:
8d:ab:c5:f2:5b:b8:c2:a2:f7:e7:42:46:16:68:20:
b2:df:b5:d0:ab:40:cd:1f:63:65:00:ef:87:e3:6e:
4d:85:cc:ce:24:ca:61:99:85:a5:dd:27:a0:c5:2c:
8b:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:07:8B:A3:24:9A:70:EE:67:EB:E8:EA:4D:69:1E:C2:DF:BE:D0:02
X509v3 Authority Key Identifier:
keyid:57:71:83:61:68:8D:16:2F:F8:02:3C:12:27:CD:64:4D:AE:39:A1:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V3GDYWiNFi_4AjwSJ81kTa45ocA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/a554d3-4232-48fc-b883-b3b5caaf5ea6/1/lgeLoySacO5n6-jqTWkewt--0AI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/a554d3-4232-48fc-b883-b3b5caaf5ea6/1/V3GDYWiNFi_4AjwSJ81kTa45ocA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:2414::/48
Signature Algorithm: sha256WithRSAEncryption
72:f1:8f:5b:d8:44:4b:ad:fb:e5:90:07:bd:ba:99:73:0d:1b:
8f:76:fa:51:69:27:67:b4:19:a6:1a:d2:da:9a:fc:eb:76:21:
04:45:f8:fe:34:12:ab:24:2a:50:3a:40:63:83:b8:ae:6d:2f:
b7:d8:17:c3:85:07:c6:6c:12:77:80:e8:2d:45:46:67:4d:92:
28:27:bc:63:f9:8c:13:42:06:a8:57:73:16:dd:b5:5c:52:e6:
97:15:09:6f:5f:8c:57:ba:a0:cf:ee:ff:36:b6:52:24:1d:0b:
af:ae:85:a6:e6:d4:8f:81:f3:c1:bf:49:f4:e1:da:e7:0f:57:
62:7f:60:9b:98:08:d1:88:4d:ea:14:db:1c:96:ed:82:e4:17:
48:b8:b8:d0:4c:aa:83:ed:cd:d1:6b:ca:e3:80:e3:67:52:8b:
f5:8d:81:8e:4a:49:ca:72:82:67:bf:5c:aa:5a:c0:f1:6f:9b:
b6:6d:94:d6:78:01:e4:db:7c:ed:47:d6:b5:cc:44:50:6d:74:
58:50:04:9c:a3:47:96:89:75:ad:83:12:bb:dc:62:4d:cc:9a:
0d:d8:85:30:e7:b8:a4:d3:5c:89:02:ce:63:bb:73:d8:42:9d:
e8:bb:ed:fa:84:e2:39:dd:25:00:78:b6:12:9f:e2:41:d0:4f:
cf:df:4d:c2
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQoIymdb2FzXCyCTvT8emJLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NzE4MzYxNjg4ZDE2MmZmODAyM2MxMjI3Y2Q2NDRkYWUz
OWExYzAwHhcNMjUwMTAyMTc0OTQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjA3OGJhMzI0OWE3MGVlNjdlYmU4ZWE0ZDY5MWVjMmRmYmVkMDAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqsnCFl3zosjJNXmvwl/z0+u2Kkwz
+/PHGybpnj+rZokNtE642zaBkM+xm4Cs+vMyZlI9lyG25DZ+9hb4jAYcnWR8K9D7
o4WYOzK/koPoukKWtM+n7KPzzhG9upR0Eo0F7xJSvTa8duI3nSYmo/GINISPIERl
KvYZwgyKngxAfusieJh/Vp9Ce4AJy9THZYenMpDc9+jbwzLjEGgZm9dXVbC03mdt
25CVh605gLX9eFfSgqKPGoP75H6Qfyt517Ih+bl2mw5sMS3CNL2h+oiXwoGNq8Xy
W7jCovfnQkYWaCCy37XQq0DNH2NlAO+H425NhczOJMphmYWl3SegxSyLBwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJYHi6MkmnDuZ+vo6k1pHsLfvtACMB8GA1UdIwQY
MBaAFFdxg2FojRYv+AI8EifNZE2uOaHAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjNHRFlXaU5GaV80QWp3U0o4MWtUYTQ1b2NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9hNTU0ZDMtNDIzMi00OGZjLWI4ODMt
YjNiNWNhYWY1ZWE2LzEvbGdlTG95U2FjTzVuNi1qcVRXa2V3dC0tMEFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi9hNTU0ZDMtNDIzMi00OGZjLWI4ODMtYjNiNWNhYWY1ZWE2
LzEvVjNHRFlXaU5GaV80QWp3U0o4MWtUYTQ1b2NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfCQU
MA0GCSqGSIb3DQEBCwUAA4IBAQBy8Y9b2ERLrfvlkAe9uplzDRuPdvpRaSdntBmm
GtLamvzrdiEERfj+NBKrJCpQOkBjg7iubS+32BfDhQfGbBJ3gOgtRUZnTZIoJ7xj
+YwTQgaoV3MW3bVcUuaXFQlvX4xXuqDP7v82tlIkHQuvroWm5tSPgfPBv0n04drn
D1dif2CbmAjRiE3qFNsclu2C5BdIuLjQTKqD7c3Ra8rjgONnUov1jYGOSknKcoJn
v1yqWsDxb5u2bZTWeAHk23ztR9a1zERQbXRYUASco0eWiXWtgxK73GJNzJoN2IUw
57ik01yJAs5ju3PYQp3ou+36hOI53SUAeLYSn+JB0E/P303C
-----END CERTIFICATE-----
Generated at Sat Apr 12 13:24:56 2025 by rpki-client