Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/LmZUjf7yuRNCmmUH_7QJhV8mkXg.roa
File: LmZUjf7yuRNCmmUH_7QJhV8mkXg.roa (raw, json)
Hash identifier: XuL2mWUVrMZnAnrSalWcgApvLOt2cvPv1jSAm644P8Q=
Subject key identifier: 2E:66:54:8D:FE:F2:B9:13:42:9A:65:07:FF:B4:09:85:5F:26:91:78
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01948886DB94F1DEAEEB4A6E90EB6819824D
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/LmZUjf7yuRNCmmUH_7QJhV8mkXg.roa
Signing time: Tue 21 Jan 2025 11:02:06 +0000
ROA not before: Tue 21 Jan 2025 11:02:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 80.240.88.0/21 maxlen: 24
82.152.174.0/23 maxlen: 23
82.153.208.0/22 maxlen: 22
82.163.24.0/21 maxlen: 24
89.213.58.0/24 maxlen: 24
89.213.60.0/23 maxlen: 24
89.213.147.0/24 maxlen: 24
89.213.198.0/23 maxlen: 24
89.213.200.0/23 maxlen: 24
89.213.202.0/23 maxlen: 24
89.213.204.0/23 maxlen: 24
89.213.228.0/24 maxlen: 24
89.213.249.0/24 maxlen: 24
109.176.230.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Feb 2025 21:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:88:86:db:94:f1:de:ae:eb:4a:6e:90:eb:68:19:82:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 21 11:02:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2e66548dfef2b913429a6507ffb409855f269178
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:71:ec:79:48:ea:59:0b:b8:8d:11:04:c6:d5:
8c:5e:7e:67:bd:06:e5:71:58:64:38:01:9f:d1:b6:
be:13:a0:ca:eb:9b:35:96:cb:c9:94:d4:cf:de:da:
8e:a3:47:d9:82:27:7b:55:2a:09:53:0c:b5:e0:3c:
d7:1f:0d:a0:09:8f:3b:b0:25:1f:a6:92:a8:8b:48:
36:76:cf:08:26:c7:36:f6:75:29:03:7f:a7:56:56:
ba:b9:82:94:df:2a:ed:b1:ce:e4:5c:ec:f0:b9:b0:
ea:ea:75:2f:61:51:b1:c6:76:72:e2:14:5b:b6:23:
2c:91:69:25:a4:3e:a6:5a:07:ad:76:90:1a:bf:38:
b1:ed:ff:39:b6:5b:bd:1a:43:b5:b3:0b:45:ae:e0:
c4:16:fb:8a:30:6c:0a:a4:d3:e1:f5:ef:76:29:22:
bb:46:5e:f0:9a:ba:2c:08:1c:ee:b0:f1:ad:d2:d6:
12:af:09:e8:f9:37:c9:7f:ff:6b:89:cc:a6:7d:f5:
d7:43:53:4d:d5:2e:c3:4b:32:12:eb:c9:c2:4f:97:
0b:79:d2:ab:c5:fa:28:b7:61:d7:e7:37:f9:6f:c5:
bf:be:92:eb:8c:aa:25:a0:eb:b3:e3:8f:63:56:b9:
7a:de:64:42:49:7b:15:db:c4:3a:a1:ed:9d:46:f4:
c3:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:66:54:8D:FE:F2:B9:13:42:9A:65:07:FF:B4:09:85:5F:26:91:78
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/LmZUjf7yuRNCmmUH_7QJhV8mkXg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.240.88.0/21
82.152.174.0/23
82.153.208.0/22
82.163.24.0/21
89.213.58.0/24
89.213.60.0/23
89.213.147.0/24
89.213.198.0-89.213.205.255
89.213.228.0/24
89.213.249.0/24
109.176.230.0/24
Signature Algorithm: sha256WithRSAEncryption
81:83:58:5b:40:4a:88:fe:ee:ff:e3:46:7a:41:83:cf:34:bb:
15:07:06:ec:e3:c0:5f:ff:09:f5:b8:a4:66:10:f3:96:10:96:
1f:28:a3:53:81:7e:51:5e:90:c3:10:0f:56:11:8c:3f:79:e9:
13:e4:e5:02:10:42:77:83:9e:ac:90:c8:86:1d:38:1e:02:3e:
e7:2d:fe:60:85:ff:c9:4a:ff:ff:6c:9c:40:55:8d:26:22:5d:
d9:90:90:8e:18:b3:30:c1:08:02:58:10:58:7b:0b:e2:82:92:
f8:5a:e6:71:5b:82:8b:0c:9f:0a:0b:7d:46:f6:ad:39:1c:b3:
1c:b6:c6:50:c7:77:f3:b7:f0:4e:e5:12:01:6d:70:ef:9d:e1:
61:4a:9c:be:9a:ed:ec:4f:3f:47:41:8a:11:85:a4:3b:2a:f5:
d3:00:50:7e:c5:4a:df:f0:84:32:43:95:24:d8:9c:cc:1d:1e:
76:0e:51:04:4b:a3:b1:dd:4c:3f:7b:37:68:6b:b9:d7:d2:3a:
a8:7d:a8:9f:90:e7:97:24:7f:33:91:e5:9a:91:62:d5:e5:65:
24:18:08:7f:56:11:a8:93:be:6b:83:a2:47:dc:2a:0a:2e:7d:
18:0b:f6:28:a1:36:74:54:12:72:94:6f:96:ac:7c:2e:9e:70:
21:a8:c7:ff
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAZSIhtuU8d6u60pukOtoGYJNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMTIxMTEwMjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTY2NTQ4ZGZlZjJiOTEzNDI5YTY1MDdmZmI0MDk4NTVmMjY5MTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3HseUjqWQu4jREExtWMXn5nvQbl
cVhkOAGf0ba+E6DK65s1lsvJlNTP3tqOo0fZgid7VSoJUwy14DzXHw2gCY87sCUf
ppKoi0g2ds8IJsc29nUpA3+nVla6uYKU3yrtsc7kXOzwubDq6nUvYVGxxnZy4hRb
tiMskWklpD6mWgetdpAavzix7f85tlu9GkO1swtFruDEFvuKMGwKpNPh9e92KSK7
Rl7wmrosCBzusPGt0tYSrwno+TfJf/9ricymffXXQ1NN1S7DSzIS68nCT5cLedKr
xfoot2HX5zf5b8W/vpLrjKoloOuz449jVrl63mRCSXsV28Q6oe2dRvTDQwIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFC5mVI3+8rkTQpplB/+0CYVfJpF4MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvTG1aVWpmN3l1Uk5DbW1VSF83UUpoVjhta1hnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQDUPBYAwQB
UpiuAwQCUpnQAwQDUqMYAwQAWdU6AwQBWdU8AwQAWdWTMAwDBAFZ1cYDBAFZ1cwD
BABZ1eQDBABZ1fkDBABtsOYwDQYJKoZIhvcNAQELBQADggEBAIGDWFtASoj+7v/j
RnpBg880uxUHBuzjwF//CfW4pGYQ85YQlh8oo1OBflFekMMQD1YRjD956RPk5QIQ
QneDnqyQyIYdOB4CPuct/mCF/8lK//9snEBVjSYiXdmQkI4YszDBCAJYEFh7C+KC
kvha5nFbgosMnwoLfUb2rTkcsxy2xlDHd/O38E7lEgFtcO+d4WFKnL6a7exPP0dB
ihGFpDsq9dMAUH7FSt/whDJDlSTYnMwdHnYOUQRLo7HdTD97N2hrudfSOqh9qJ+Q
55ckfzOR5ZqRYtXlZSQYCH9WEaiTvmuDokfcKgoufRgL9iihNnRUEnKUb5asfC6e
cCGox/8=
-----END CERTIFICATE-----
Generated at Wed Feb 5 07:54:44 2025 by rpki-client