Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/ls4G7gkOSpCBZFZbd8zweyosxaM.roa
File: ls4G7gkOSpCBZFZbd8zweyosxaM.roa (raw, json)
Hash identifier: VrPK8ewBpnq/M/QJiD8QRQDKA4oeSNO0sosyZKGCCVY=
Subject key identifier: 96:CE:06:EE:09:0E:4A:90:81:64:56:5B:77:CC:F0:7B:2A:2C:C5:A3
Certificate issuer: /CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Certificate serial: 01941FFA92E15FD8F8C61D7438408B0F9CF5
Authority key identifier: 58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/ls4G7gkOSpCBZFZbd8zweyosxaM.roa
Signing time: Wed 01 Jan 2025 03:48:22 +0000
ROA not before: Wed 01 Jan 2025 03:48:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35645
IP address blocks: 141.101.217.0/24 maxlen: 24
141.101.218.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.mft
rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 18:01:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:92:e1:5f:d8:f8:c6:1d:74:38:40:8b:0f:9c:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Validity
Not Before: Jan 1 03:48:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=96ce06ee090e4a908164565b77ccf07b2a2cc5a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:91:92:73:69:4c:95:3c:c1:4c:9c:13:ef:54:
15:b3:73:03:d1:64:c5:98:54:8c:cf:48:0d:b9:5e:
3c:b5:ab:93:c6:81:c7:d1:d1:c5:bd:24:d8:e3:3e:
e6:be:69:0b:09:07:76:05:3e:2e:b3:02:4e:c8:d3:
11:a9:0d:53:53:f9:52:b1:26:e8:ae:16:97:b8:e7:
d4:c5:f0:3e:7d:60:b6:f2:bf:b9:3c:36:b7:0b:8f:
00:1c:4b:62:d1:6b:c6:27:62:85:d9:08:ef:fd:5f:
55:9a:13:c0:e5:db:6a:2b:74:02:f5:1e:6f:af:10:
69:b4:9c:37:e9:af:a4:c6:af:01:70:19:f5:db:f9:
f5:4e:0a:82:cd:3f:45:a2:2a:62:12:56:d1:ff:8c:
2d:87:9a:a1:98:2b:71:9e:50:77:30:63:1f:8c:8c:
42:6e:97:e2:23:02:1f:a5:c1:d3:05:66:39:d8:3d:
5e:31:2d:aa:2c:43:36:29:5f:99:b0:60:98:ca:51:
b5:3b:9c:01:cc:de:72:7a:ed:fe:dc:b7:4a:1b:1a:
3c:12:03:77:2c:aa:9c:2c:25:32:9a:8e:f9:cc:33:
b0:4d:72:16:4f:25:8f:9d:68:8f:a2:47:f9:b1:df:
a8:29:55:b8:7c:69:28:b2:62:15:76:76:e1:74:a5:
37:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:CE:06:EE:09:0E:4A:90:81:64:56:5B:77:CC:F0:7B:2A:2C:C5:A3
X509v3 Authority Key Identifier:
keyid:58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/ls4G7gkOSpCBZFZbd8zweyosxaM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.101.217.0-141.101.219.255
Signature Algorithm: sha256WithRSAEncryption
2f:c7:be:08:3c:15:72:e5:cd:23:b0:38:5d:70:1a:50:da:28:
bb:3c:be:df:14:38:53:fb:85:8b:d0:7f:03:e2:12:cd:65:ee:
e6:16:e5:7c:99:a0:bc:d7:2d:9d:c1:0a:9a:c2:49:88:04:b6:
8a:fe:5e:b9:9b:38:22:8a:a5:9f:76:d1:ec:4f:2e:1b:b0:46:
18:c8:ce:14:6c:49:3b:f7:31:d4:f1:6d:dd:f5:6d:2a:b2:26:
82:a0:c6:4a:cf:d9:22:4c:62:d1:b5:82:6b:19:82:99:7e:60:
93:53:b0:1f:6c:2b:b4:c6:78:00:91:3f:19:f0:5e:1d:36:a7:
3e:9a:e1:1a:87:a5:1f:07:a0:d9:52:ec:1e:87:a9:09:72:7c:
5c:4c:7b:91:d4:42:00:3b:5b:8e:3f:4a:bc:40:06:26:2a:24:
e3:f5:12:0b:98:55:ea:34:67:c8:8a:d8:7e:cb:c8:9e:d7:32:
0f:06:74:96:5d:16:63:24:68:ee:1f:28:45:94:c9:50:5c:68:
f4:4d:78:a1:a1:9d:80:f7:27:db:cf:ff:05:38:3f:cb:d0:1a:
63:75:07:f5:50:e4:6c:20:57:61:a3:ce:2e:41:80:48:78:4e:
01:77:e9:00:51:43:06:4a:20:2f:37:aa:7e:84:0c:b1:02:d4:
ad:0a:15:53
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQf+pLhX9j4xh10OECLD5z1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ODVlODg0YzJmYzdhNzVkMTJkZDFkZWE0OWNlMjM0OWM0
NzA2N2UwHhcNMjUwMTAxMDM0ODIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmNlMDZlZTA5MGU0YTkwODE2NDU2NWI3N2NjZjA3YjJhMmNjNWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh5GSc2lMlTzBTJwT71QVs3MD0WTF
mFSMz0gNuV48tauTxoHH0dHFvSTY4z7mvmkLCQd2BT4uswJOyNMRqQ1TU/lSsSbo
rhaXuOfUxfA+fWC28r+5PDa3C48AHEti0WvGJ2KF2Qjv/V9VmhPA5dtqK3QC9R5v
rxBptJw36a+kxq8BcBn12/n1TgqCzT9FoipiElbR/4wth5qhmCtxnlB3MGMfjIxC
bpfiIwIfpcHTBWY52D1eMS2qLEM2KV+ZsGCYylG1O5wBzN5yeu3+3LdKGxo8EgN3
LKqcLCUymo75zDOwTXIWTyWPnWiPokf5sd+oKVW4fGkosmIVdnbhdKU30QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJbOBu4JDkqQgWRWW3fM8HsqLMWjMB8GA1UdIwQY
MBaAFFiF6ITC/Hp10S3R3qSc4jScRwZ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODkt
OGM5NTgxZDk2ZDhmLzEvbHM0Rzdna09TcENCWkZaYmQ4endleW9zeGFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODktOGM5NTgxZDk2ZDhm
LzEvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBACNZdkD
BAKNZdgwDQYJKoZIhvcNAQELBQADggEBAC/Hvgg8FXLlzSOwOF1wGlDaKLs8vt8U
OFP7hYvQfwPiEs1l7uYW5XyZoLzXLZ3BCprCSYgEtor+XrmbOCKKpZ920exPLhuw
RhjIzhRsSTv3MdTxbd31bSqyJoKgxkrP2SJMYtG1gmsZgpl+YJNTsB9sK7TGeACR
PxnwXh02pz6a4RqHpR8HoNlS7B6HqQlyfFxMe5HUQgA7W44/SrxABiYqJOP1EguY
Veo0Z8iK2H7LyJ7XMg8GdJZdFmMkaO4fKEWUyVBcaPRNeKGhnYD3J9vP/wU4P8vQ
GmN1B/VQ5GwgV2Gjzi5BgEh4TgF36QBRQwZKIC83qn6EDLEC1K0KFVM=
-----END CERTIFICATE-----
Generated at Sun Apr 6 04:40:28 2025 by rpki-client