Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/LjBtHONSEydrRHBhcQXz16zRmXI.roa
File: LjBtHONSEydrRHBhcQXz16zRmXI.roa (raw, json)
Hash identifier: L7U64NPsHllln08G9Pr/IMuEJPTQTcvatla0i4hK51w=
Subject key identifier: 2E:30:6D:1C:E3:52:13:27:6B:44:70:61:71:05:F3:D7:AC:D1:99:72
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019421442EC05F0602D0E038581F75CD0AB3
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/LjBtHONSEydrRHBhcQXz16zRmXI.roa
Signing time: Wed 01 Jan 2025 09:48:23 +0000
ROA not before: Wed 01 Jan 2025 09:48:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215324
IP address blocks: 213.130.156.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:2e:c0:5f:06:02:d0:e0:38:58:1f:75:cd:0a:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 1 09:48:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2e306d1ce35213276b4470617105f3d7acd19972
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:c9:1c:ff:78:e0:b2:68:ed:17:07:7a:74:67:
6c:58:df:f6:11:eb:20:72:45:57:a6:ba:55:5b:b1:
0a:fc:84:09:d5:11:91:3d:12:2c:0c:78:66:7c:f3:
a2:0e:8b:d9:2f:94:5f:54:b5:01:30:9b:42:7d:f2:
e6:f7:e9:cb:6f:4f:0e:b5:fb:c0:bd:37:fe:e8:e8:
5f:9b:73:c5:65:8c:cb:0f:88:e7:bf:c4:a1:8f:e6:
5e:9d:fc:f8:9a:27:53:29:dc:5b:e5:ff:21:f8:c8:
2a:05:3a:a9:56:cb:55:e8:0f:92:ee:e3:d4:dd:d7:
40:69:1c:6c:14:59:96:c5:ff:9e:9f:ea:05:b4:b3:
35:86:1a:57:46:93:19:3a:2b:be:f3:46:1a:a8:b6:
94:d6:00:e3:98:65:c9:eb:17:53:5a:79:ed:8b:02:
cf:23:b0:65:bb:36:41:f8:58:a3:4d:98:55:f6:aa:
cb:40:39:82:43:30:ea:d9:93:be:0f:aa:f3:43:6b:
fe:8a:58:b2:c3:e6:b2:86:2e:e0:c5:9a:66:5a:3f:
cd:86:55:e5:ed:4e:49:00:aa:12:99:01:c4:52:f8:
d0:d7:44:31:f7:61:8c:7c:b3:14:87:3f:4a:1a:2e:
72:9d:5a:64:33:ae:3d:9a:73:dd:b8:4f:1a:e9:8d:
44:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:30:6D:1C:E3:52:13:27:6B:44:70:61:71:05:F3:D7:AC:D1:99:72
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/LjBtHONSEydrRHBhcQXz16zRmXI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.130.156.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:11:33:8e:04:83:dd:43:dc:20:17:1f:91:fb:dc:0a:77:70:
b3:52:7f:ff:d6:61:8c:8d:20:12:28:0c:b6:0f:67:3e:1c:b0:
f4:c5:d3:1c:ac:6d:6a:73:bb:34:57:e2:9a:9a:ef:9c:25:fd:
b9:2f:41:6d:d4:33:ab:d8:b4:4e:8f:ee:0c:ea:01:73:34:31:
ca:c8:2e:47:d2:06:b1:28:35:00:e3:b0:58:aa:dc:8e:55:e3:
79:82:5c:ac:96:c0:7c:2f:38:1f:19:4f:ac:f6:69:d7:3c:72:
b4:46:76:0b:47:d1:bd:09:fb:04:93:90:e8:fd:f5:79:09:c6:
63:1f:68:e1:47:5c:f8:98:46:29:46:49:06:6b:f6:8d:44:47:
9d:2e:d3:0d:70:19:58:6d:49:a7:a1:56:59:9c:77:b6:73:be:
44:f4:ac:4c:f4:93:fe:f8:cd:70:66:b0:79:cc:a0:bb:0c:36:
61:c3:b3:75:1e:2c:49:e0:d5:f7:82:d6:d9:fd:49:42:16:aa:
70:d5:d0:aa:53:74:be:e7:08:10:9e:f7:71:5a:1c:e5:3c:e2:
59:99:5c:c1:d9:fd:0f:2d:ba:7a:61:9f:97:c4:49:21:cc:36:
11:6e:1e:00:68:c3:41:88:b8:88:bd:62:fe:32:36:70:6d:1c:
66:8a:42:b6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhRC7AXwYC0OA4WB91zQqzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMTAxMDk0ODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTMwNmQxY2UzNTIxMzI3NmI0NDcwNjE3MTA1ZjNkN2FjZDE5OTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn8kc/3jgsmjtFwd6dGdsWN/2Eesg
ckVXprpVW7EK/IQJ1RGRPRIsDHhmfPOiDovZL5RfVLUBMJtCffLm9+nLb08OtfvA
vTf+6Ohfm3PFZYzLD4jnv8Shj+Zenfz4midTKdxb5f8h+MgqBTqpVstV6A+S7uPU
3ddAaRxsFFmWxf+en+oFtLM1hhpXRpMZOiu+80YaqLaU1gDjmGXJ6xdTWnntiwLP
I7BluzZB+FijTZhV9qrLQDmCQzDq2ZO+D6rzQ2v+iliyw+ayhi7gxZpmWj/NhlXl
7U5JAKoSmQHEUvjQ10Qx92GMfLMUhz9KGi5ynVpkM649mnPduE8a6Y1ELwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC4wbRzjUhMna0RwYXEF89es0ZlyMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvTGpCdEhPTlNFeWRyUkhCaGNRWHoxNnpSbVhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1YKcMA0G
CSqGSIb3DQEBCwUAA4IBAQClETOOBIPdQ9wgFx+R+9wKd3CzUn//1mGMjSASKAy2
D2c+HLD0xdMcrG1qc7s0V+Kamu+cJf25L0Ft1DOr2LROj+4M6gFzNDHKyC5H0gax
KDUA47BYqtyOVeN5glyslsB8LzgfGU+s9mnXPHK0RnYLR9G9CfsEk5Do/fV5CcZj
H2jhR1z4mEYpRkkGa/aNREedLtMNcBlYbUmnoVZZnHe2c75E9KxM9JP++M1wZrB5
zKC7DDZhw7N1HixJ4NX3gtbZ/UlCFqpw1dCqU3S+5wgQnvdxWhzlPOJZmVzB2f0P
Lbp6YZ+XxEkhzDYRbh4AaMNBiLiIvWL+MjZwbRxmikK2
-----END CERTIFICATE-----
Generated at Wed Feb 5 07:54:22 2025 by rpki-client