Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/92e74f-1159-4e89-b15c-7637793f8f3e/1/o_E0IJVdKhbQRmHC6Pylr1ZYJik.roa
File: o_E0IJVdKhbQRmHC6Pylr1ZYJik.roa (raw, json)
Hash identifier: QOVqaW1uvzMy3GoiJe9ujvNbGlD/IhJkIYNAUlIWSVs=
Subject key identifier: A3:F1:34:20:95:5D:2A:16:D0:46:61:C2:E8:FC:A5:AF:56:58:26:29
Certificate issuer: /CN=2c05ffa5cd28cbd00d0268442c7888fb2aa3a5f8
Certificate serial: 019422FBD5DB7E362A85DAD7DE627456472A
Authority key identifier: 2C:05:FF:A5:CD:28:CB:D0:0D:02:68:44:2C:78:88:FB:2A:A3:A5:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LAX_pc0oy9ANAmhELHiI-yqjpfg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/92e74f-1159-4e89-b15c-7637793f8f3e/1/o_E0IJVdKhbQRmHC6Pylr1ZYJik.roa
Signing time: Wed 01 Jan 2025 17:48:37 +0000
ROA not before: Wed 01 Jan 2025 17:48:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213261
IP address blocks: 185.20.6.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/92e74f-1159-4e89-b15c-7637793f8f3e/1/LAX_pc0oy9ANAmhELHiI-yqjpfg.crl
rsync://rpki.ripe.net/repository/DEFAULT/98/92e74f-1159-4e89-b15c-7637793f8f3e/1/LAX_pc0oy9ANAmhELHiI-yqjpfg.mft
rsync://rpki.ripe.net/repository/DEFAULT/LAX_pc0oy9ANAmhELHiI-yqjpfg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Apr 2025 23:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:d5:db:7e:36:2a:85:da:d7:de:62:74:56:47:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c05ffa5cd28cbd00d0268442c7888fb2aa3a5f8
Validity
Not Before: Jan 1 17:48:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a3f13420955d2a16d04661c2e8fca5af56582629
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:81:30:30:98:31:7c:58:d9:b6:23:b6:95:6e:
ed:d5:64:e2:3a:c3:ef:de:3f:77:9a:ed:c5:62:d2:
b3:65:96:88:09:55:35:a6:76:0a:40:98:2a:85:69:
09:0e:c7:58:d9:bd:83:83:79:18:e3:70:2c:2a:ff:
61:c1:27:3c:cf:b4:c8:82:15:d4:26:ff:df:e1:24:
3a:4d:1a:6c:20:90:be:7a:c5:39:b5:b3:85:1f:11:
df:40:69:03:aa:86:24:67:7c:5b:72:37:df:b8:22:
c3:3e:72:42:89:ce:54:f3:29:ac:82:01:ba:af:34:
51:c2:de:b9:31:7f:54:9a:e8:bd:3d:40:56:e6:7c:
8d:54:ac:35:1f:78:be:56:85:c7:62:01:75:8c:f0:
e6:2d:b9:e7:32:20:9a:80:fe:6a:b5:7b:5d:71:38:
8f:40:99:dd:04:93:c2:f2:56:be:99:b2:d4:ba:10:
ea:05:ab:61:ec:01:ad:33:96:ef:1f:dc:00:4f:a1:
1e:e3:3c:3a:b2:9d:6d:86:b9:3d:21:17:db:ad:16:
42:dd:bc:ce:e9:9a:25:82:66:e3:55:44:92:4f:86:
d1:1b:84:2d:84:d7:d4:e8:49:b3:ed:60:39:a7:18:
71:8f:25:0c:65:8b:d5:8c:c2:e1:2c:dc:98:8c:9b:
2a:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:F1:34:20:95:5D:2A:16:D0:46:61:C2:E8:FC:A5:AF:56:58:26:29
X509v3 Authority Key Identifier:
keyid:2C:05:FF:A5:CD:28:CB:D0:0D:02:68:44:2C:78:88:FB:2A:A3:A5:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LAX_pc0oy9ANAmhELHiI-yqjpfg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/92e74f-1159-4e89-b15c-7637793f8f3e/1/o_E0IJVdKhbQRmHC6Pylr1ZYJik.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/92e74f-1159-4e89-b15c-7637793f8f3e/1/LAX_pc0oy9ANAmhELHiI-yqjpfg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.20.6.0/24
Signature Algorithm: sha256WithRSAEncryption
95:1f:26:e8:1d:47:eb:03:4d:3d:c9:22:02:da:1d:69:4b:9b:
d9:e5:c0:27:7c:15:b5:49:ee:fb:8d:e0:65:1b:d6:5a:bc:29:
3d:a7:76:21:9a:ae:7e:80:6b:ff:d5:50:23:f0:ae:39:5c:76:
14:16:b9:43:bb:66:ee:f6:a8:8b:da:89:f0:0a:84:f5:4a:d2:
c1:82:c9:d8:92:0b:e4:8e:f1:d7:5f:b7:8b:53:98:f5:f8:43:
bc:2c:c5:06:e4:64:14:bc:95:be:d8:9c:07:23:b8:c0:eb:86:
16:a2:e1:0b:2f:ed:bf:29:70:94:99:ad:0f:59:47:b2:2d:47:
d9:30:4b:b2:88:46:d1:74:0e:31:d6:7a:7f:f0:09:51:0d:7f:
d9:c7:9b:e0:f0:18:bd:20:af:45:3b:3c:49:1d:79:cc:00:f6:
e1:4f:a7:5d:d3:d4:73:13:5a:09:70:36:c0:32:0e:bd:3f:39:
81:08:3f:a8:2c:25:49:59:25:e7:48:ff:10:02:59:ed:60:59:
cb:83:f4:2a:42:42:54:89:d8:4d:0b:d2:27:01:6f:43:e4:37:
83:d6:50:bf:69:d7:93:07:09:2f:bd:01:43:02:ba:6c:d6:80:
7a:51:14:f3:c5:f5:c0:1b:89:c7:03:c5:56:09:72:b4:8a:e2:
27:be:32:61
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi+9XbfjYqhdrX3mJ0VkcqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjMDVmZmE1Y2QyOGNiZDAwZDAyNjg0NDJjNzg4OGZiMmFh
M2E1ZjgwHhcNMjUwMTAxMTc0ODM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2YxMzQyMDk1NWQyYTE2ZDA0NjYxYzJlOGZjYTVhZjU2NTgyNjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAioEwMJgxfFjZtiO2lW7t1WTiOsPv
3j93mu3FYtKzZZaICVU1pnYKQJgqhWkJDsdY2b2Dg3kY43AsKv9hwSc8z7TIghXU
Jv/f4SQ6TRpsIJC+esU5tbOFHxHfQGkDqoYkZ3xbcjffuCLDPnJCic5U8ymsggG6
rzRRwt65MX9Umui9PUBW5nyNVKw1H3i+VoXHYgF1jPDmLbnnMiCagP5qtXtdcTiP
QJndBJPC8la+mbLUuhDqBath7AGtM5bvH9wAT6Ee4zw6sp1thrk9IRfbrRZC3bzO
6ZolgmbjVUSST4bRG4QthNfU6Emz7WA5pxhxjyUMZYvVjMLhLNyYjJsqpwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKPxNCCVXSoW0EZhwuj8pa9WWCYpMB8GA1UdIwQY
MBaAFCwF/6XNKMvQDQJoRCx4iPsqo6X4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEFYX3BjMG95OUFOQW1oRUxIaUkteXFqcGZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC85MmU3NGYtMTE1OS00ZTg5LWIxNWMt
NzYzNzc5M2Y4ZjNlLzEvb19FMElKVmRLaGJRUm1IQzZQeWxyMVpZSmlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC85MmU3NGYtMTE1OS00ZTg5LWIxNWMtNzYzNzc5M2Y4ZjNl
LzEvTEFYX3BjMG95OUFOQW1oRUxIaUkteXFqcGZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuRQGMA0G
CSqGSIb3DQEBCwUAA4IBAQCVHyboHUfrA009ySIC2h1pS5vZ5cAnfBW1Se77jeBl
G9ZavCk9p3Yhmq5+gGv/1VAj8K45XHYUFrlDu2bu9qiL2onwCoT1StLBgsnYkgvk
jvHXX7eLU5j1+EO8LMUG5GQUvJW+2JwHI7jA64YWouELL+2/KXCUma0PWUeyLUfZ
MEuyiEbRdA4x1np/8AlRDX/Zx5vg8Bi9IK9FOzxJHXnMAPbhT6dd09RzE1oJcDbA
Mg69PzmBCD+oLCVJWSXnSP8QAlntYFnLg/QqQkJUidhNC9InAW9D5DeD1lC/adeT
BwkvvQFDArps1oB6URTzxfXAG4nHA8VWCXK0iuInvjJh
-----END CERTIFICATE-----
Generated at Thu Apr 24 06:39:31 2025 by rpki-client