Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/b663df-ac1c-4529-8c8b-712135a6b750/1/lgaTADVYOse5jNoGc-hlR1iyQcM.roa
File: lgaTADVYOse5jNoGc-hlR1iyQcM.roa (raw, json)
Hash identifier: whet4s5rWCX20O/tP+eDuVvdhz/p6dV5HSU07qsog2g=
Subject key identifier: 96:06:93:00:35:58:3A:C7:B9:8C:DA:06:73:E8:65:47:58:B2:41:C3
Certificate issuer: /CN=58dcfb0ff4f28b8ffad6eb0dd29eb2b6af629a68
Certificate serial: 019421B1F1D061201AFF4636ACA20C7517CC
Authority key identifier: 58:DC:FB:0F:F4:F2:8B:8F:FA:D6:EB:0D:D2:9E:B2:B6:AF:62:9A:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WNz7D_Tyi4_61usN0p6ytq9immg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/b663df-ac1c-4529-8c8b-712135a6b750/1/lgaTADVYOse5jNoGc-hlR1iyQcM.roa
Signing time: Wed 01 Jan 2025 11:48:17 +0000
ROA not before: Wed 01 Jan 2025 11:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12046
IP address blocks: 94.138.224.0/20 maxlen: 20
185.222.76.0/23 maxlen: 24
185.222.78.0/24 maxlen: 24
2001:1a70::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/89/b663df-ac1c-4529-8c8b-712135a6b750/1/WNz7D_Tyi4_61usN0p6ytq9immg.crl
rsync://rpki.ripe.net/repository/DEFAULT/89/b663df-ac1c-4529-8c8b-712135a6b750/1/WNz7D_Tyi4_61usN0p6ytq9immg.mft
rsync://rpki.ripe.net/repository/DEFAULT/WNz7D_Tyi4_61usN0p6ytq9immg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 12 Apr 2025 05:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:f1:d0:61:20:1a:ff:46:36:ac:a2:0c:75:17:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58dcfb0ff4f28b8ffad6eb0dd29eb2b6af629a68
Validity
Not Before: Jan 1 11:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9606930035583ac7b98cda0673e8654758b241c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:fe:2b:75:c8:e9:63:78:e5:03:25:22:9c:d1:
82:4e:fd:d3:48:a5:b0:6b:1d:79:d4:f4:41:53:48:
0e:26:fa:52:78:8f:9b:63:c8:85:95:b1:ce:29:4b:
d7:32:e7:67:4e:3e:c3:de:17:ac:96:42:d3:6b:7e:
a6:72:3d:3c:f6:0c:0d:1c:e4:d4:83:2c:76:94:18:
a4:10:32:81:af:1b:c7:ef:4b:1b:02:43:e6:e2:d5:
08:84:98:5c:f1:05:21:d8:38:54:8e:5e:f5:4e:a7:
aa:96:fc:7e:7b:26:4a:3e:4a:10:47:17:e1:e3:3c:
b2:23:81:7b:1c:e1:ed:79:ee:a4:a3:92:f6:78:82:
4e:b2:55:50:cf:91:56:8c:9f:c3:b7:b9:6f:6d:fc:
fc:d6:ef:f1:f0:4f:45:21:34:2f:e1:41:e2:0f:26:
7c:8e:0e:4d:32:32:ad:d3:bc:1e:29:89:89:21:05:
ed:34:2a:4a:08:48:97:8c:b2:e9:39:8c:25:32:5f:
29:f8:bd:ad:c6:01:08:54:2c:f7:84:27:31:46:d0:
93:d3:fe:ba:5d:37:d4:0d:6e:7d:0c:2c:e7:76:50:
51:b9:aa:aa:6d:bf:1a:34:d0:e2:75:f9:8e:bc:84:
37:93:37:31:8e:06:2e:ac:49:78:58:5b:b9:d8:9d:
d7:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:06:93:00:35:58:3A:C7:B9:8C:DA:06:73:E8:65:47:58:B2:41:C3
X509v3 Authority Key Identifier:
keyid:58:DC:FB:0F:F4:F2:8B:8F:FA:D6:EB:0D:D2:9E:B2:B6:AF:62:9A:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WNz7D_Tyi4_61usN0p6ytq9immg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/b663df-ac1c-4529-8c8b-712135a6b750/1/lgaTADVYOse5jNoGc-hlR1iyQcM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/b663df-ac1c-4529-8c8b-712135a6b750/1/WNz7D_Tyi4_61usN0p6ytq9immg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.138.224.0/20
185.222.76.0-185.222.78.255
IPv6:
2001:1a70::/32
Signature Algorithm: sha256WithRSAEncryption
00:15:67:84:fd:68:0e:e4:ea:b6:df:a2:76:57:12:88:1d:4c:
2b:60:e3:2f:39:85:30:21:62:6f:cd:a9:c1:6d:b7:f1:9b:08:
af:d3:33:a2:e5:d2:bd:5f:cf:5d:7d:d7:99:3d:30:5f:d3:36:
48:1b:56:3a:19:7d:9f:61:88:78:df:16:cf:fa:3c:b8:0a:0c:
5c:27:74:98:7e:01:53:a7:da:38:5c:6e:95:ce:7c:1b:de:fd:
01:eb:54:74:e9:f9:83:c2:27:cb:00:79:17:28:52:0a:78:e7:
2f:b1:77:9b:4f:6b:00:0f:83:39:9c:45:ac:42:03:d5:81:0e:
c3:ca:c5:7d:31:68:71:44:c3:17:b3:88:ce:3f:39:ce:e3:a8:
91:67:a3:aa:29:cd:63:9f:81:3b:2e:2c:27:7c:1b:d8:1a:78:
09:17:eb:33:59:c9:f8:db:ce:d6:bd:26:2c:cf:15:be:ed:ca:
9c:73:bd:f8:c8:be:26:cc:25:ea:5f:c3:5f:69:f0:9c:0a:f5:
43:a4:a4:d4:10:05:67:0a:a1:87:5b:a6:da:c1:21:c2:77:c9:
06:03:af:3d:a0:f0:e4:d2:11:30:ab:1c:1c:50:47:12:9d:7a:
37:24:c6:15:32:de:df:44:3a:65:01:b1:12:01:a6:09:3c:ac:
89:1f:45:ca
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZQhsfHQYSAa/0Y2rKIMdRfMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ZGNmYjBmZjRmMjhiOGZmYWQ2ZWIwZGQyOWViMmI2YWY2
MjlhNjgwHhcNMjUwMTAxMTE0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjA2OTMwMDM1NTgzYWM3Yjk4Y2RhMDY3M2U4NjU0NzU4YjI0MWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsv4rdcjpY3jlAyUinNGCTv3TSKWw
ax151PRBU0gOJvpSeI+bY8iFlbHOKUvXMudnTj7D3heslkLTa36mcj089gwNHOTU
gyx2lBikEDKBrxvH70sbAkPm4tUIhJhc8QUh2DhUjl71Tqeqlvx+eyZKPkoQRxfh
4zyyI4F7HOHtee6ko5L2eIJOslVQz5FWjJ/Dt7lvbfz81u/x8E9FITQv4UHiDyZ8
jg5NMjKt07weKYmJIQXtNCpKCEiXjLLpOYwlMl8p+L2txgEIVCz3hCcxRtCT0/66
XTfUDW59DCzndlBRuaqqbb8aNNDidfmOvIQ3kzcxjgYurEl4WFu52J3X7wIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFJYGkwA1WDrHuYzaBnPoZUdYskHDMB8GA1UdIwQY
MBaAFFjc+w/08ouP+tbrDdKesravYppoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV056N0RfVHlpNF82MXVzTjBwNnl0cTlpbW1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9iNjYzZGYtYWMxYy00NTI5LThjOGIt
NzEyMTM1YTZiNzUwLzEvbGdhVEFEVllPc2U1ak5vR2MtaGxSMWl5UWNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9iNjYzZGYtYWMxYy00NTI5LThjOGItNzEyMTM1YTZiNzUw
LzEvV056N0RfVHlpNF82MXVzTjBwNnl0cTlpbW1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQEXorgMAwD
BAK53kwDBAC53k4wDQQCAAIwBwMFACABGnAwDQYJKoZIhvcNAQELBQADggEBAAAV
Z4T9aA7k6rbfonZXEogdTCtg4y85hTAhYm/NqcFtt/GbCK/TM6Ll0r1fz11915k9
MF/TNkgbVjoZfZ9hiHjfFs/6PLgKDFwndJh+AVOn2jhcbpXOfBve/QHrVHTp+YPC
J8sAeRcoUgp45y+xd5tPawAPgzmcRaxCA9WBDsPKxX0xaHFEwxeziM4/Oc7jqJFn
o6opzWOfgTsuLCd8G9gaeAkX6zNZyfjbzta9JizPFb7typxzvfjIvibMJepfw19p
8JwK9UOkpNQQBWcKoYdbptrBIcJ3yQYDrz2g8OTSETCrHBxQRxKdejckxhUy3t9E
OmUBsRIBpgk8rIkfRco=
-----END CERTIFICATE-----
Generated at Fri Apr 11 13:40:05 2025 by rpki-client