Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/42252e-0321-4da2-92f4-35a0241a4301/1/LN9Y4VYuBPHcqnOfi1whRTolirA.roa
File: LN9Y4VYuBPHcqnOfi1whRTolirA.roa (raw, json)
Hash identifier: oKsBnnzz1/szS+noOPKG/sq6k5F0SOG+hrVgu4395L0=
Subject key identifier: 2C:DF:58:E1:56:2E:04:F1:DC:AA:73:9F:8B:5C:21:45:3A:25:8A:B0
Certificate issuer: /CN=3e34b02edc7c2878f94c5104cafa8978afb6752d
Certificate serial: 019422202444923508B617808E4CC4CC8A00
Authority key identifier: 3E:34:B0:2E:DC:7C:28:78:F9:4C:51:04:CA:FA:89:78:AF:B6:75:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PjSwLtx8KHj5TFEEyvqJeK-2dS0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/42252e-0321-4da2-92f4-35a0241a4301/1/LN9Y4VYuBPHcqnOfi1whRTolirA.roa
Signing time: Wed 01 Jan 2025 13:48:39 +0000
ROA not before: Wed 01 Jan 2025 13:48:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30885
IP address blocks: 91.212.110.0/24 maxlen: 24
194.102.208.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/42252e-0321-4da2-92f4-35a0241a4301/1/PjSwLtx8KHj5TFEEyvqJeK-2dS0.crl
rsync://rpki.ripe.net/repository/DEFAULT/8b/42252e-0321-4da2-92f4-35a0241a4301/1/PjSwLtx8KHj5TFEEyvqJeK-2dS0.mft
rsync://rpki.ripe.net/repository/DEFAULT/PjSwLtx8KHj5TFEEyvqJeK-2dS0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Mar 2025 13:01:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:24:44:92:35:08:b6:17:80:8e:4c:c4:cc:8a:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e34b02edc7c2878f94c5104cafa8978afb6752d
Validity
Not Before: Jan 1 13:48:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2cdf58e1562e04f1dcaa739f8b5c21453a258ab0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:d5:a5:ed:9d:86:3b:53:78:4f:1c:4f:6d:66:
96:56:28:5a:0c:20:eb:d0:be:8a:ae:01:73:2e:b1:
95:3a:88:9e:6e:42:b2:a2:74:76:52:0c:00:3c:8e:
77:b2:e1:c3:3b:70:0e:33:fb:de:b5:88:c7:21:4a:
e0:d6:15:64:b0:95:86:74:a1:d1:d9:b0:0f:7f:81:
de:a6:72:69:e1:db:84:f3:d5:7d:ed:3f:f6:a4:5b:
50:37:cd:a5:fe:75:35:df:8a:6e:56:be:67:86:53:
b7:e9:1a:c8:7e:25:d7:9c:bc:60:d9:60:55:fe:88:
db:7a:1e:36:3e:05:9f:40:7e:a8:e2:a9:88:be:15:
37:9d:36:22:bd:e8:6d:7e:08:f2:e3:a5:ba:ee:e8:
f3:ba:b5:c0:11:cf:33:0c:4f:56:b0:1f:66:2c:a8:
83:41:de:b2:29:b4:cf:2d:f7:41:ec:5e:ae:6c:c6:
6f:da:86:7b:22:a6:1f:67:59:6c:39:73:6e:fd:8f:
4a:12:45:ad:ce:9f:65:d6:69:51:ef:e6:11:b9:97:
8e:a3:71:e9:9d:35:bb:06:84:77:ee:4f:d0:87:5a:
4c:f2:42:c1:35:23:0e:b2:bf:89:57:02:1f:59:9d:
24:ae:8a:be:43:ab:b5:e9:02:e8:03:89:ab:62:79:
0b:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:DF:58:E1:56:2E:04:F1:DC:AA:73:9F:8B:5C:21:45:3A:25:8A:B0
X509v3 Authority Key Identifier:
keyid:3E:34:B0:2E:DC:7C:28:78:F9:4C:51:04:CA:FA:89:78:AF:B6:75:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PjSwLtx8KHj5TFEEyvqJeK-2dS0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/42252e-0321-4da2-92f4-35a0241a4301/1/LN9Y4VYuBPHcqnOfi1whRTolirA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/42252e-0321-4da2-92f4-35a0241a4301/1/PjSwLtx8KHj5TFEEyvqJeK-2dS0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.212.110.0/24
194.102.208.0/24
Signature Algorithm: sha256WithRSAEncryption
21:e2:93:b5:33:51:b7:32:7d:3e:91:83:80:5e:7e:dd:72:a4:
3d:f2:15:53:05:fb:cf:fa:f4:e0:2b:97:03:97:af:80:46:8d:
0b:0a:fd:4d:41:16:92:f4:87:6f:a9:ba:ac:ab:d6:2f:0d:34:
62:fb:d9:28:d6:42:fb:e4:37:75:16:d8:d4:96:09:a8:12:54:
92:a8:ed:84:8a:72:27:3a:62:3a:e3:80:c0:76:0d:99:76:ae:
2c:98:fd:91:d1:52:4c:ec:c6:7e:49:6c:b0:e2:9e:30:8e:28:
23:67:0d:9d:41:54:24:b7:57:42:df:e8:0b:37:9f:25:48:2e:
23:5a:21:49:58:14:3c:f1:11:b7:38:fa:58:cc:3b:4e:cf:1a:
b4:8e:c5:ee:2c:22:a0:4f:5f:c8:fe:9c:4f:5b:df:b6:49:f9:
3c:84:53:e0:24:d6:76:3a:0e:87:a5:2d:67:0a:c8:cb:9a:68:
2d:36:e3:e3:d1:24:1c:6f:bb:f1:20:e8:02:b6:9b:45:d1:90:
e8:cc:23:b2:d4:ec:ab:31:ff:1e:b7:a1:3b:70:59:3e:8a:6f:
39:24:b9:ca:b1:10:44:c6:06:05:fe:e4:5c:f1:55:fd:01:bd:
a3:5e:14:51:bf:0f:69:78:7f:d6:18:f4:c9:e5:2f:69:be:a6:
ed:b0:b9:52
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQiICREkjUItheAjkzEzIoAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMzRiMDJlZGM3YzI4NzhmOTRjNTEwNGNhZmE4OTc4YWZi
Njc1MmQwHhcNMjUwMTAxMTM0ODM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyY2RmNThlMTU2MmUwNGYxZGNhYTczOWY4YjVjMjE0NTNhMjU4YWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqtWl7Z2GO1N4TxxPbWaWVihaDCDr
0L6KrgFzLrGVOoiebkKyonR2UgwAPI53suHDO3AOM/vetYjHIUrg1hVksJWGdKHR
2bAPf4HepnJp4duE89V97T/2pFtQN82l/nU134puVr5nhlO36RrIfiXXnLxg2WBV
/ojbeh42PgWfQH6o4qmIvhU3nTYivehtfgjy46W67ujzurXAEc8zDE9WsB9mLKiD
Qd6yKbTPLfdB7F6ubMZv2oZ7IqYfZ1lsOXNu/Y9KEkWtzp9l1mlR7+YRuZeOo3Hp
nTW7BoR37k/Qh1pM8kLBNSMOsr+JVwIfWZ0kroq+Q6u16QLoA4mrYnkLdQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCzfWOFWLgTx3Kpzn4tcIUU6JYqwMB8GA1UdIwQY
MBaAFD40sC7cfCh4+UxRBMr6iXivtnUtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGpTd0x0eDhLSGo1VEZFRXl2cUplSy0yZFMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi80MjI1MmUtMDMyMS00ZGEyLTkyZjQt
MzVhMDI0MWE0MzAxLzEvTE45WTRWWXVCUEhjcW5PZmkxd2hSVG9saXJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi80MjI1MmUtMDMyMS00ZGEyLTkyZjQtMzVhMDI0MWE0MzAx
LzEvUGpTd0x0eDhLSGo1VEZFRXl2cUplSy0yZFMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9RuAwQA
wmbQMA0GCSqGSIb3DQEBCwUAA4IBAQAh4pO1M1G3Mn0+kYOAXn7dcqQ98hVTBfvP
+vTgK5cDl6+ARo0LCv1NQRaS9Idvqbqsq9YvDTRi+9ko1kL75Dd1FtjUlgmoElSS
qO2EinInOmI644DAdg2Zdq4smP2R0VJM7MZ+SWyw4p4wjigjZw2dQVQkt1dC3+gL
N58lSC4jWiFJWBQ88RG3OPpYzDtOzxq0jsXuLCKgT1/I/pxPW9+2Sfk8hFPgJNZ2
Og6HpS1nCsjLmmgtNuPj0SQcb7vxIOgCtptF0ZDozCOy1OyrMf8et6E7cFk+im85
JLnKsRBExgYF/uRc8VX9Ab2jXhRRvw9peH/WGPTJ5S9pvqbtsLlS
-----END CERTIFICATE-----
Generated at Tue Mar 11 19:38:43 2025 by rpki-client