Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/39NWCkxRJ14fZsy4fi4Dndunc3E.roa
File: 39NWCkxRJ14fZsy4fi4Dndunc3E.roa (raw, json)
Hash identifier: I60N/7b2uZcY0NbUe1SX8teSf0fVCyRemkra4xSsvf0=
Subject key identifier: DF:D3:56:0A:4C:51:27:5E:1F:66:CC:B8:7E:2E:03:9D:DB:A7:73:71
Certificate issuer: /CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
Certificate serial: 019421B2141A7E02EA3D20E19E08D815D352
Authority key identifier: 2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/39NWCkxRJ14fZsy4fi4Dndunc3E.roa
Signing time: Wed 01 Jan 2025 11:48:26 +0000
ROA not before: Wed 01 Jan 2025 11:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7018
IP address blocks: 5.249.176.0/22 maxlen: 24
5.249.184.0/22 maxlen: 24
37.19.64.0/22 maxlen: 24
37.19.68.0/22 maxlen: 24
185.145.52.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.mft
rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Feb 2025 23:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:14:1a:7e:02:ea:3d:20:e1:9e:08:d8:15:d3:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
Validity
Not Before: Jan 1 11:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dfd3560a4c51275e1f66ccb87e2e039ddba77371
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:b6:fe:2b:16:af:cf:0b:5b:46:b1:46:35:b9:
17:8c:aa:09:3a:0c:d5:25:b7:b2:12:d0:c3:4c:71:
b0:8d:b0:77:67:ee:9f:91:93:9e:f1:f7:19:30:b7:
7a:a5:a9:01:10:ca:cd:fe:2f:68:ee:93:a4:a0:43:
3c:20:dc:8a:8c:1e:bf:80:5c:05:d0:52:a1:bd:a7:
c8:d8:92:e0:a5:55:53:75:88:91:b2:fc:01:70:5d:
2b:5d:d8:f5:cf:30:9b:01:05:ea:82:bc:e5:3b:cd:
37:59:22:a6:f6:b2:7d:f0:31:bd:38:a3:0d:76:98:
75:3e:30:56:39:8c:38:da:3b:aa:61:45:a9:70:f9:
4c:1f:d0:ae:c9:aa:9b:ff:44:45:f1:f5:ed:37:c9:
15:40:83:e7:87:f5:9b:63:95:0c:b3:c8:0b:3a:87:
cf:36:26:aa:c9:1c:2c:80:2a:8e:bc:51:d2:c5:79:
fb:47:66:66:7a:44:61:58:66:cf:1d:e8:dc:6c:d9:
51:6c:0e:39:1f:04:f0:cf:50:da:f8:bc:ac:4b:53:
17:4f:15:2c:e1:9a:83:19:be:26:94:1b:4e:2f:ce:
ef:f7:69:cb:d9:da:ad:04:1d:ce:db:fe:03:a7:bd:
3e:87:8b:18:b8:2f:eb:32:a0:e2:72:66:52:2a:fc:
40:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:D3:56:0A:4C:51:27:5E:1F:66:CC:B8:7E:2E:03:9D:DB:A7:73:71
X509v3 Authority Key Identifier:
keyid:2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/39NWCkxRJ14fZsy4fi4Dndunc3E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.249.176.0/22
5.249.184.0/22
37.19.64.0/21
185.145.52.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:ae:f5:41:9c:4d:f8:75:b6:15:51:38:e4:e0:cc:08:61:81:
e5:c2:10:d8:7c:aa:71:8d:16:be:43:0a:f0:98:1a:54:23:8e:
04:37:9d:4d:2f:31:f1:2f:04:d3:6a:6d:7e:01:7c:97:e5:34:
67:d8:64:bb:1a:66:1b:1c:fd:29:e9:3e:ca:43:86:5d:d7:18:
1e:01:d0:9d:92:1d:84:9b:28:1d:e2:68:b9:72:f5:2b:4b:b5:
bc:46:a8:9b:44:f3:3b:ef:ef:3b:68:90:a2:5d:33:c2:89:3f:
fa:59:84:06:e2:a3:82:b7:e7:f1:e4:03:ef:69:4d:f5:d9:80:
32:81:33:1f:63:0d:78:c5:6e:41:0f:db:47:4d:03:1d:6e:b4:
27:63:e3:d0:b1:6d:7f:1c:b0:7c:92:ca:05:fc:85:4d:9f:6f:
83:37:15:dd:5b:da:c2:27:62:89:8a:c8:5c:da:4f:45:cc:33:
c9:6a:e3:08:74:cd:89:78:c3:a0:a5:5a:62:16:ae:56:9f:87:
4b:3b:8c:c2:26:54:b4:8d:6b:4e:75:46:6f:e0:38:d5:1e:eb:
6f:e7:35:12:b4:5f:df:78:a9:c9:d1:6e:a5:04:9d:37:63:fa:
bf:48:3c:02:54:9d:f3:e6:b6:0c:1b:72:20:c2:6a:a3:fd:db:
63:66:d9:be
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQhshQafgLqPSDhngjYFdNSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlODI5NjNmZjFhYTcwYWIxMGQxZDMzZTg2YjFkNmQ0OTRk
NmNlNTEwHhcNMjUwMTAxMTE0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmQzNTYwYTRjNTEyNzVlMWY2NmNjYjg3ZTJlMDM5ZGRiYTc3MzcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjLb+KxavzwtbRrFGNbkXjKoJOgzV
JbeyEtDDTHGwjbB3Z+6fkZOe8fcZMLd6pakBEMrN/i9o7pOkoEM8INyKjB6/gFwF
0FKhvafI2JLgpVVTdYiRsvwBcF0rXdj1zzCbAQXqgrzlO803WSKm9rJ98DG9OKMN
dph1PjBWOYw42juqYUWpcPlMH9Cuyaqb/0RF8fXtN8kVQIPnh/WbY5UMs8gLOofP
NiaqyRwsgCqOvFHSxXn7R2ZmekRhWGbPHejcbNlRbA45HwTwz1Da+LysS1MXTxUs
4ZqDGb4mlBtOL87v92nL2dqtBB3O2/4Dp70+h4sYuC/rMqDicmZSKvxA6wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFN/TVgpMUSdeH2bMuH4uA53bp3NxMB8GA1UdIwQY
MBaAFC6Clj/xqnCrENHTPoax1tSU1s5RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQt
ZGY2NGYwZTgyMzYwLzEvMzlOV0NreFJKMTRmWnN5NGZpNERuZHVuYzNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQtZGY2NGYwZTgyMzYw
LzEvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCBfmwAwQC
Bfm4AwQDJRNAAwQAuZE0MA0GCSqGSIb3DQEBCwUAA4IBAQBNrvVBnE34dbYVUTjk
4MwIYYHlwhDYfKpxjRa+QwrwmBpUI44EN51NLzHxLwTTam1+AXyX5TRn2GS7GmYb
HP0p6T7KQ4Zd1xgeAdCdkh2Emygd4mi5cvUrS7W8RqibRPM77+87aJCiXTPCiT/6
WYQG4qOCt+fx5APvaU312YAygTMfYw14xW5BD9tHTQMdbrQnY+PQsW1/HLB8ksoF
/IVNn2+DNxXdW9rCJ2KJishc2k9FzDPJauMIdM2JeMOgpVpiFq5Wn4dLO4zCJlS0
jWtOdUZv4DjVHutv5zUStF/feKnJ0W6lBJ03Y/q/SDwCVJ3z5rYMG3Igwmqj/dtj
Ztm+
-----END CERTIFICATE-----
Generated at Wed Feb 5 08:41:36 2025 by rpki-client