Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/1ad26f-a33e-4069-a802-373b522a821d/1/LVniV-fBUsD2XHyiKXh59lNaKck.roa
File: LVniV-fBUsD2XHyiKXh59lNaKck.roa (raw, json)
Hash identifier: e7ROoJyN3pM39RDR+x9hRmjX8OTAnl8OOTQ8mCyFwtU=
Subject key identifier: 2D:59:E2:57:E7:C1:52:C0:F6:5C:7C:A2:29:78:79:F6:53:5A:29:C9
Certificate issuer: /CN=389b2fa3651383a7fc6a86adba56c7c6207d7568
Certificate serial: 0194258E5862779775C7EA76B3CB0F1C72FA
Authority key identifier: 38:9B:2F:A3:65:13:83:A7:FC:6A:86:AD:BA:56:C7:C6:20:7D:75:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OJsvo2UTg6f8aoatulbHxiB9dWg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/1ad26f-a33e-4069-a802-373b522a821d/1/LVniV-fBUsD2XHyiKXh59lNaKck.roa
Signing time: Thu 02 Jan 2025 05:47:53 +0000
ROA not before: Thu 02 Jan 2025 05:47:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58173
IP address blocks: 5.61.72.0/21 maxlen: 21
5.61.72.0/22 maxlen: 22
5.61.72.0/24 maxlen: 24
5.61.76.0/22 maxlen: 22
134.0.80.0/21 maxlen: 24
185.18.48.0/22 maxlen: 22
185.18.48.0/23 maxlen: 23
185.18.48.0/24 maxlen: 24
185.18.50.0/23 maxlen: 23
185.18.50.0/24 maxlen: 24
185.96.192.0/22 maxlen: 24
185.96.192.0/23 maxlen: 23
185.205.160.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9e/1ad26f-a33e-4069-a802-373b522a821d/1/OJsvo2UTg6f8aoatulbHxiB9dWg.crl
rsync://rpki.ripe.net/repository/DEFAULT/9e/1ad26f-a33e-4069-a802-373b522a821d/1/OJsvo2UTg6f8aoatulbHxiB9dWg.mft
rsync://rpki.ripe.net/repository/DEFAULT/OJsvo2UTg6f8aoatulbHxiB9dWg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8e:58:62:77:97:75:c7:ea:76:b3:cb:0f:1c:72:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=389b2fa3651383a7fc6a86adba56c7c6207d7568
Validity
Not Before: Jan 2 05:47:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2d59e257e7c152c0f65c7ca2297879f6535a29c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:d6:5a:c7:26:0a:e3:51:f8:3c:b4:53:5c:09:
ea:14:b0:ab:db:2a:fd:97:c4:47:e9:58:be:99:c7:
38:01:97:18:45:56:b5:b1:8a:92:41:6b:58:b5:f6:
80:5e:e7:20:a4:aa:02:c6:34:9f:f4:d0:0b:e1:2c:
22:b6:41:7d:19:6d:f8:4f:3a:70:14:00:1a:28:82:
d0:37:4f:90:e8:ea:a3:9d:ef:08:60:5d:b7:70:c0:
b7:af:46:bc:41:1f:80:52:f4:74:9a:99:04:42:a3:
e6:51:62:79:22:6f:c8:44:ce:d8:4a:4f:37:22:2d:
ed:bc:25:a1:9e:82:b6:01:1d:e6:e5:23:5d:f2:ee:
be:e5:04:e0:62:35:49:52:58:02:49:4b:7f:56:48:
1f:6b:42:b9:a9:1a:cb:c4:d4:55:3c:9c:dc:a1:fc:
cb:5c:78:66:ec:18:30:7c:f0:54:69:2b:8d:d8:a0:
aa:97:2f:f9:78:78:13:ca:22:22:4e:2b:a4:34:d2:
7c:66:9e:d4:3d:7d:f5:00:c9:25:26:80:cc:74:b4:
33:d0:ec:ec:9e:57:e7:0e:b4:93:22:a8:1a:e5:db:
c0:bc:76:28:73:fd:d6:2c:1f:86:52:b4:44:a9:fe:
6f:b5:77:7c:0c:e9:73:9f:12:d1:86:dd:fb:e3:14:
ca:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:59:E2:57:E7:C1:52:C0:F6:5C:7C:A2:29:78:79:F6:53:5A:29:C9
X509v3 Authority Key Identifier:
keyid:38:9B:2F:A3:65:13:83:A7:FC:6A:86:AD:BA:56:C7:C6:20:7D:75:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OJsvo2UTg6f8aoatulbHxiB9dWg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/1ad26f-a33e-4069-a802-373b522a821d/1/LVniV-fBUsD2XHyiKXh59lNaKck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/1ad26f-a33e-4069-a802-373b522a821d/1/OJsvo2UTg6f8aoatulbHxiB9dWg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.72.0/21
134.0.80.0/21
185.18.48.0/22
185.96.192.0/22
185.205.160.0/22
Signature Algorithm: sha256WithRSAEncryption
35:e9:d0:36:f6:ea:b2:99:0f:c9:98:da:61:28:88:89:02:60:
05:6c:68:58:1f:bf:89:59:28:09:4f:60:af:83:98:17:89:c2:
d0:20:05:67:d0:fa:d7:31:39:bd:33:09:9e:de:88:3d:aa:43:
63:d4:d2:f1:4a:cc:34:08:e6:bf:3e:11:bc:ff:ef:bb:1d:90:
78:17:e1:11:d1:81:20:4a:01:10:91:a0:7f:b1:3a:80:8d:8f:
ed:9e:92:fe:70:af:90:85:80:31:0a:e4:7a:c6:84:ba:31:90:
2d:b5:86:13:77:51:13:20:2d:20:fe:7b:7a:b8:54:57:8a:f0:
3a:1c:bd:e2:e7:7e:96:7b:b6:b9:20:a6:d6:5c:38:d4:3c:f6:
e2:07:9c:37:f0:43:58:83:3e:ae:63:cd:72:67:6f:6a:03:32:
0b:91:91:77:e7:3e:4e:ff:78:b7:0f:d5:77:80:1e:34:ff:e7:
0f:44:65:4c:24:f4:c6:d3:5a:b1:42:55:20:6a:ec:83:49:69:
b2:80:8c:4c:44:54:92:1a:77:d1:1a:64:c4:3d:55:46:0a:fe:
6f:f1:b7:49:68:2f:e8:2b:35:4b:f0:fe:bb:3d:90:bf:c4:12:
75:12:11:da:1e:f4:e9:0c:c6:c8:f7:7c:2b:f5:54:f6:5d:37:
2f:17:c6:37
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQljlhid5d1x+p2s8sPHHL6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4OWIyZmEzNjUxMzgzYTdmYzZhODZhZGJhNTZjN2M2MjA3
ZDc1NjgwHhcNMjUwMTAyMDU0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDU5ZTI1N2U3YzE1MmMwZjY1YzdjYTIyOTc4NzlmNjUzNWEyOWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4tZaxyYK41H4PLRTXAnqFLCr2yr9
l8RH6Vi+mcc4AZcYRVa1sYqSQWtYtfaAXucgpKoCxjSf9NAL4SwitkF9GW34Tzpw
FAAaKILQN0+Q6Oqjne8IYF23cMC3r0a8QR+AUvR0mpkEQqPmUWJ5Im/IRM7YSk83
Ii3tvCWhnoK2AR3m5SNd8u6+5QTgYjVJUlgCSUt/Vkgfa0K5qRrLxNRVPJzcofzL
XHhm7BgwfPBUaSuN2KCqly/5eHgTyiIiTiukNNJ8Zp7UPX31AMklJoDMdLQz0Ozs
nlfnDrSTIqga5dvAvHYoc/3WLB+GUrREqf5vtXd8DOlznxLRht374xTK2QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFC1Z4lfnwVLA9lx8oil4efZTWinJMB8GA1UdIwQY
MBaAFDibL6NlE4On/GqGrbpWx8YgfXVoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0pzdm8yVVRnNmY4YW9hdHVsYkh4aUI5ZFdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS8xYWQyNmYtYTMzZS00MDY5LWE4MDIt
MzczYjUyMmE4MjFkLzEvTFZuaVYtZkJVc0QyWEh5aUtYaDU5bE5hS2NrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS8xYWQyNmYtYTMzZS00MDY5LWE4MDItMzczYjUyMmE4MjFk
LzEvT0pzdm8yVVRnNmY4YW9hdHVsYkh4aUI5ZFdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDBT1IAwQD
hgBQAwQCuRIwAwQCuWDAAwQCuc2gMA0GCSqGSIb3DQEBCwUAA4IBAQA16dA29uqy
mQ/JmNphKIiJAmAFbGhYH7+JWSgJT2Cvg5gXicLQIAVn0PrXMTm9Mwme3og9qkNj
1NLxSsw0COa/PhG8/++7HZB4F+ER0YEgSgEQkaB/sTqAjY/tnpL+cK+QhYAxCuR6
xoS6MZAttYYTd1ETIC0g/nt6uFRXivA6HL3i536We7a5IKbWXDjUPPbiB5w38ENY
gz6uY81yZ29qAzILkZF35z5O/3i3D9V3gB40/+cPRGVMJPTG01qxQlUgauyDSWmy
gIxMRFSSGnfRGmTEPVVGCv5v8bdJaC/oKzVL8P67PZC/xBJ1EhHaHvTpDMbI93wr
9VT2XTcvF8Y3
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:42:16 2025 by rpki-client