Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/lisNsOMnmExU3OzxOGo76h9-iWI.roa
File: lisNsOMnmExU3OzxOGo76h9-iWI.roa (raw, json)
Hash identifier: cvSIudRsx+/lqrMjJK8588ZLkg4wBf5BILQg0Tde/do=
Subject key identifier: 96:2B:0D:B0:E3:27:98:4C:54:DC:EC:F1:38:6A:3B:EA:1F:7E:89:62
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 019427B3920B6532555FA3D08BCFE9AFB984
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/lisNsOMnmExU3OzxOGo76h9-iWI.roa
Signing time: Thu 02 Jan 2025 15:47:47 +0000
ROA not before: Thu 02 Jan 2025 15:47:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 11172
IP address blocks: 45.84.217.0/24 maxlen: 24
2a0f:15c1::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 09:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b3:92:0b:65:32:55:5f:a3:d0:8b:cf:e9:af:b9:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 2 15:47:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=962b0db0e327984c54dcecf1386a3bea1f7e8962
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:cf:51:ce:59:11:c8:db:dd:c6:7d:07:ba:ed:
36:4e:86:28:9b:13:24:18:d5:84:71:7a:82:4e:3c:
52:5e:31:7c:98:fe:c8:a4:75:b5:55:af:d0:d8:65:
21:3f:8b:94:23:3e:69:ad:a0:c4:15:10:9a:96:ba:
68:e8:cb:ed:4c:4c:d5:6e:f1:ee:37:83:9c:a7:05:
7e:1a:d0:6b:fe:0b:22:6d:72:1d:e0:5c:13:70:b8:
5e:33:a1:49:96:01:5d:19:43:0c:c9:4a:30:fb:16:
7c:c8:81:4e:12:b6:7f:eb:7a:f8:db:1d:d3:e9:38:
a7:2e:ba:54:24:2c:fa:3e:d6:fe:f3:17:cc:25:e6:
2d:45:9b:32:e7:76:a1:93:ed:f5:96:ff:90:4c:d0:
64:91:f0:e8:09:65:4f:fc:4c:62:dc:ed:2c:cf:2b:
00:6e:21:7b:60:72:a1:93:3b:a4:1c:16:4d:40:c5:
8b:ab:2f:1b:69:f2:67:06:b4:00:c3:ee:b1:10:47:
0d:4b:f6:65:fb:90:5c:01:ac:84:10:56:9f:23:89:
87:ec:f6:b6:c1:5a:6a:a8:6c:f3:ec:71:8a:51:12:
d8:10:d6:2f:2e:31:cc:d3:3b:b1:cb:e7:4f:f9:bb:
4f:a1:c6:f3:cf:9b:e4:b7:48:4a:50:18:71:00:31:
fd:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:2B:0D:B0:E3:27:98:4C:54:DC:EC:F1:38:6A:3B:EA:1F:7E:89:62
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/lisNsOMnmExU3OzxOGo76h9-iWI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.217.0/24
IPv6:
2a0f:15c1::/32
Signature Algorithm: sha256WithRSAEncryption
72:af:24:77:43:97:8a:2b:25:d6:05:e1:b2:8c:74:f8:8f:26:
b7:0b:1e:aa:2f:86:27:77:59:10:e9:e5:6f:db:aa:5d:13:ce:
35:42:36:ce:4e:14:35:0c:e4:f8:77:ec:38:b8:27:07:47:8d:
1e:6f:46:ea:b2:13:45:7e:72:42:b1:29:21:66:56:16:b2:f4:
38:2d:e8:c6:69:9b:92:9d:39:fc:0c:e2:7c:40:3d:33:53:86:
3a:7d:fd:83:2d:56:50:d8:5d:08:44:56:5d:50:76:11:05:5e:
e9:1c:c6:0c:dd:ba:b7:5e:70:48:73:db:88:d5:df:0f:aa:4b:
a4:7c:e1:05:71:6f:4a:be:ec:03:fb:c2:ef:24:e3:53:55:5c:
06:5f:82:5e:87:69:b7:ca:cc:91:46:e0:be:b3:9f:46:9c:2a:
79:57:34:bc:f2:2c:12:d6:99:2c:c8:3f:bc:58:7b:06:5e:f1:
a7:96:ff:b1:b8:3d:5e:ea:1c:18:d4:85:a3:ae:b4:b2:52:6c:
91:c7:62:76:76:86:70:6a:58:1b:c9:1b:64:4e:68:8c:87:1b:
d4:03:7d:a7:b4:7a:13:cb:8a:aa:d6:66:3f:2a:3e:b2:4a:26:
44:60:51:2e:5e:90:19:3c:81:c7:68:61:84:d4:86:3d:05:d9:
f5:e3:c7:91
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQns5ILZTJVX6PQi8/pr7mEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjUwMTAyMTU0NzQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjJiMGRiMGUzMjc5ODRjNTRkY2VjZjEzODZhM2JlYTFmN2U4OTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmM9RzlkRyNvdxn0Huu02ToYomxMk
GNWEcXqCTjxSXjF8mP7IpHW1Va/Q2GUhP4uUIz5praDEFRCalrpo6MvtTEzVbvHu
N4OcpwV+GtBr/gsibXId4FwTcLheM6FJlgFdGUMMyUow+xZ8yIFOErZ/63r42x3T
6TinLrpUJCz6Ptb+8xfMJeYtRZsy53ahk+31lv+QTNBkkfDoCWVP/Exi3O0szysA
biF7YHKhkzukHBZNQMWLqy8bafJnBrQAw+6xEEcNS/Zl+5BcAayEEFafI4mH7Pa2
wVpqqGzz7HGKURLYENYvLjHM0zuxy+dP+btPocbzz5vkt0hKUBhxADH9kQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJYrDbDjJ5hMVNzs8ThqO+offoliMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvbGlzTnNPTW5tRXhVM096eE9Hbzc2aDktaVdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQALVTZMA0E
AgACMAcDBQAqDxXBMA0GCSqGSIb3DQEBCwUAA4IBAQByryR3Q5eKKyXWBeGyjHT4
jya3Cx6qL4Ynd1kQ6eVv26pdE841QjbOThQ1DOT4d+w4uCcHR40eb0bqshNFfnJC
sSkhZlYWsvQ4LejGaZuSnTn8DOJ8QD0zU4Y6ff2DLVZQ2F0IRFZdUHYRBV7pHMYM
3bq3XnBIc9uI1d8PqkukfOEFcW9KvuwD+8LvJONTVVwGX4Jeh2m3ysyRRuC+s59G
nCp5VzS88iwS1pksyD+8WHsGXvGnlv+xuD1e6hwY1IWjrrSyUmyRx2J2doZwalgb
yRtkTmiMhxvUA32ntHoTy4qq1mY/Kj6ySiZEYFEuXpAZPIHHaGGE1IY9Bdn148eR
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:58:07 2025 by rpki-client