Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/d56693-2254-4a3b-acbb-efaaff0a982f/1/LsBMcdJw5xS8I63MgOSx7GP6YGo.roa
File: LsBMcdJw5xS8I63MgOSx7GP6YGo.roa (raw, json)
Hash identifier: eclfzXKV6RSN6OrnDOnk9OvTtMq4JN86esMRl2QpoQY=
Subject key identifier: 2E:C0:4C:71:D2:70:E7:14:BC:23:AD:CC:80:E4:B1:EC:63:FA:60:6A
Certificate issuer: /CN=47d064fb3e541f23563065e48f300f2cfdfe009a
Certificate serial: 019420D6682E643A5B132915DF7F1C3062E5
Authority key identifier: 47:D0:64:FB:3E:54:1F:23:56:30:65:E4:8F:30:0F:2C:FD:FE:00:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R9Bk-z5UHyNWMGXkjzAPLP3-AJo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/d56693-2254-4a3b-acbb-efaaff0a982f/1/LsBMcdJw5xS8I63MgOSx7GP6YGo.roa
Signing time: Wed 01 Jan 2025 07:48:29 +0000
ROA not before: Wed 01 Jan 2025 07:48:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31708
IP address blocks: 195.244.29.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/88/d56693-2254-4a3b-acbb-efaaff0a982f/1/R9Bk-z5UHyNWMGXkjzAPLP3-AJo.crl
rsync://rpki.ripe.net/repository/DEFAULT/88/d56693-2254-4a3b-acbb-efaaff0a982f/1/R9Bk-z5UHyNWMGXkjzAPLP3-AJo.mft
rsync://rpki.ripe.net/repository/DEFAULT/R9Bk-z5UHyNWMGXkjzAPLP3-AJo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 19:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:68:2e:64:3a:5b:13:29:15:df:7f:1c:30:62:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=47d064fb3e541f23563065e48f300f2cfdfe009a
Validity
Not Before: Jan 1 07:48:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2ec04c71d270e714bc23adcc80e4b1ec63fa606a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:bd:72:45:37:61:31:96:cf:9e:d3:1e:2d:0f:
63:5c:c5:57:81:1b:72:d8:05:8d:d2:58:6e:48:ba:
9e:a0:87:af:12:54:a5:57:3a:b6:dd:bd:a5:d5:0d:
35:d3:fb:41:1c:1b:07:8e:d3:e5:23:44:8e:8d:14:
8b:7c:73:5e:90:e6:58:6a:a4:36:3d:c7:85:2f:68:
56:10:47:cb:99:7a:70:37:2c:31:bb:0d:54:dd:94:
bf:88:eb:84:7e:17:9f:db:eb:74:de:c0:a4:fd:77:
48:66:4e:d8:ff:63:39:c0:f8:eb:60:11:5d:36:9b:
9b:43:ea:77:22:43:af:8d:ba:01:2c:ec:fe:b8:da:
03:7f:e6:33:61:05:79:1a:30:57:61:3e:a0:dc:60:
b7:3d:44:a5:de:59:a1:85:05:22:3c:9f:79:23:89:
9a:c0:42:47:79:52:64:29:cd:fe:a3:9b:04:9a:31:
66:6e:af:4a:ef:55:c0:9a:f0:d2:fc:19:e6:f0:3b:
94:63:3b:54:c9:25:36:74:01:4b:b0:87:00:75:b3:
af:cc:ee:2b:68:cf:ac:7f:25:f4:49:b2:94:33:93:
d3:fa:51:2d:79:33:1c:8d:b2:81:f4:4f:02:36:bf:
0e:72:8a:fb:80:71:fb:e4:22:6c:5b:9d:47:0f:c1:
66:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:C0:4C:71:D2:70:E7:14:BC:23:AD:CC:80:E4:B1:EC:63:FA:60:6A
X509v3 Authority Key Identifier:
keyid:47:D0:64:FB:3E:54:1F:23:56:30:65:E4:8F:30:0F:2C:FD:FE:00:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R9Bk-z5UHyNWMGXkjzAPLP3-AJo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/d56693-2254-4a3b-acbb-efaaff0a982f/1/LsBMcdJw5xS8I63MgOSx7GP6YGo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/d56693-2254-4a3b-acbb-efaaff0a982f/1/R9Bk-z5UHyNWMGXkjzAPLP3-AJo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.244.29.0/24
Signature Algorithm: sha256WithRSAEncryption
27:2f:fc:cf:5f:21:d0:9f:66:58:49:36:3d:2a:90:be:f8:d8:
08:1f:a6:da:62:1d:19:20:5a:7d:a7:ab:9a:3a:24:f3:2f:fe:
76:5b:12:eb:0c:c3:25:55:0e:9d:b6:16:bd:92:c5:e2:81:da:
2e:14:96:41:1f:8f:e7:7d:da:a7:62:3c:d4:8d:88:8c:46:cb:
c7:c1:c5:2f:e6:57:9e:1e:f1:ae:33:ab:9e:22:f5:a2:7e:ac:
25:e5:83:c5:19:05:7d:9b:86:17:f6:fa:10:40:ed:16:26:0f:
d4:82:cb:9e:b6:9f:1e:cb:b7:e8:45:08:7d:ab:a0:a5:3b:2f:
e2:01:ba:2d:d8:f7:eb:ab:95:47:72:cc:bb:07:3a:21:4a:34:
db:cc:c6:46:be:35:73:11:7d:1e:e9:08:04:3e:74:d1:13:0b:
4a:ec:7c:37:05:46:39:e9:92:34:1d:cc:6c:44:a7:8a:c4:97:
dc:97:30:8f:43:b3:90:96:93:b2:fa:9b:cf:3e:de:62:69:ea:
0a:bd:e9:5d:a9:06:6d:9f:e2:f9:17:31:95:72:a7:0f:fc:ba:
72:fd:58:0b:c1:b0:7e:a7:4c:98:83:58:f4:db:54:26:22:22:
78:c2:16:e9:2b:5c:45:20:50:0b:81:39:8d:36:5d:88:97:a7:
92:71:f2:9f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1mguZDpbEykV338cMGLlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3ZDA2NGZiM2U1NDFmMjM1NjMwNjVlNDhmMzAwZjJjZmRm
ZTAwOWEwHhcNMjUwMTAxMDc0ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWMwNGM3MWQyNzBlNzE0YmMyM2FkY2M4MGU0YjFlYzYzZmE2MDZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApr1yRTdhMZbPntMeLQ9jXMVXgRty
2AWN0lhuSLqeoIevElSlVzq23b2l1Q010/tBHBsHjtPlI0SOjRSLfHNekOZYaqQ2
PceFL2hWEEfLmXpwNywxuw1U3ZS/iOuEfhef2+t03sCk/XdIZk7Y/2M5wPjrYBFd
NpubQ+p3IkOvjboBLOz+uNoDf+YzYQV5GjBXYT6g3GC3PUSl3lmhhQUiPJ95I4ma
wEJHeVJkKc3+o5sEmjFmbq9K71XAmvDS/Bnm8DuUYztUySU2dAFLsIcAdbOvzO4r
aM+sfyX0SbKUM5PT+lEteTMcjbKB9E8CNr8Ocor7gHH75CJsW51HD8FmYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC7ATHHScOcUvCOtzIDksexj+mBqMB8GA1UdIwQY
MBaAFEfQZPs+VB8jVjBl5I8wDyz9/gCaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjlCay16NVVIeU5XTUdYa2p6QVBMUDMtQUpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9kNTY2OTMtMjI1NC00YTNiLWFjYmIt
ZWZhYWZmMGE5ODJmLzEvTHNCTWNkSnc1eFM4STYzTWdPU3g3R1A2WUdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9kNTY2OTMtMjI1NC00YTNiLWFjYmItZWZhYWZmMGE5ODJm
LzEvUjlCay16NVVIeU5XTUdYa2p6QVBMUDMtQUpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw/QdMA0G
CSqGSIb3DQEBCwUAA4IBAQAnL/zPXyHQn2ZYSTY9KpC++NgIH6baYh0ZIFp9p6ua
OiTzL/52WxLrDMMlVQ6dtha9ksXigdouFJZBH4/nfdqnYjzUjYiMRsvHwcUv5lee
HvGuM6ueIvWifqwl5YPFGQV9m4YX9voQQO0WJg/Ugsuetp8ey7foRQh9q6ClOy/i
Abot2Pfrq5VHcsy7BzohSjTbzMZGvjVzEX0e6QgEPnTREwtK7Hw3BUY56ZI0Hcxs
RKeKxJfclzCPQ7OQlpOy+pvPPt5iaeoKveldqQZtn+L5FzGVcqcP/Lpy/VgLwbB+
p0yYg1j021QmIiJ4whbpK1xFIFALgTmNNl2Il6eScfKf
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:01:57 2025 by rpki-client