Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/3gaGUu98vgQ58MJvezo7k-ARASo.roa
File: 3gaGUu98vgQ58MJvezo7k-ARASo.roa (raw, json)
Hash identifier: zKOcaqs6+UltL1w+RWoeOik9hgJIRqoSknm0oRsT/R8=
Subject key identifier: DE:06:86:52:EF:7C:BE:04:39:F0:C2:6F:7B:3A:3B:93:E0:11:01:2A
Certificate issuer: /CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
Certificate serial: 019421B215997AEB9CC7883B6E5036160086
Authority key identifier: 2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/3gaGUu98vgQ58MJvezo7k-ARASo.roa
Signing time: Wed 01 Jan 2025 11:48:26 +0000
ROA not before: Wed 01 Jan 2025 11:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58056
IP address blocks: 109.123.0.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.mft
rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Feb 2025 23:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:15:99:7a:eb:9c:c7:88:3b:6e:50:36:16:00:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
Validity
Not Before: Jan 1 11:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=de068652ef7cbe0439f0c26f7b3a3b93e011012a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:fc:bb:99:dd:51:c2:ca:c9:1d:07:01:5f:63:
a9:35:08:e7:bf:8c:2f:e7:b1:96:a6:40:94:f5:96:
fb:53:e4:f3:c9:56:9a:95:f8:45:1b:d0:12:64:0a:
c2:b0:03:41:7d:66:03:bd:44:50:68:be:90:bd:5b:
5d:38:a3:f0:35:60:62:1b:84:fd:d3:a3:48:02:5e:
4d:04:96:0b:26:ed:f0:4e:0c:f8:a4:b8:bc:dc:91:
a6:87:d7:f7:62:a4:ff:6a:ab:31:27:5d:34:85:4c:
ee:19:96:c0:4f:f6:07:69:de:3f:60:ca:c5:8b:ca:
06:dc:74:3c:cf:de:31:dd:96:af:3a:bd:56:af:78:
e4:54:b0:13:23:af:a7:e4:5b:45:c1:7c:01:8c:df:
8c:e5:9f:e8:5e:a0:9c:33:62:7f:40:7b:ad:a0:9b:
9f:12:94:00:bf:32:98:b1:04:0f:c5:60:b9:80:ec:
0f:ff:33:eb:b9:3f:2d:cc:e6:4d:bf:b2:0b:4e:f6:
e9:27:91:14:b1:3b:a9:80:26:b3:99:33:a8:bd:3f:
d1:2b:46:8e:4b:92:c6:da:14:3f:f3:02:b7:e5:e4:
53:41:e9:ec:4e:69:cc:93:08:2b:24:1f:02:3d:f4:
28:41:d6:ca:e9:f2:1c:71:77:93:1e:14:6a:ad:93:
06:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:06:86:52:EF:7C:BE:04:39:F0:C2:6F:7B:3A:3B:93:E0:11:01:2A
X509v3 Authority Key Identifier:
keyid:2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/3gaGUu98vgQ58MJvezo7k-ARASo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.123.0.0/18
Signature Algorithm: sha256WithRSAEncryption
d4:38:11:bf:77:ca:12:e6:e8:ed:53:21:37:1d:d7:a8:30:3c:
de:43:e9:05:4f:02:59:c9:1e:40:92:57:af:de:7c:2f:37:e7:
2c:46:83:bb:4e:eb:59:14:18:3d:1a:06:ca:b5:3e:16:46:45:
62:4a:69:33:be:3a:f1:ff:fd:1b:99:bf:17:f9:7c:33:a6:3b:
86:fe:b4:ca:6c:e3:96:9b:81:94:1c:05:82:45:28:be:3a:e3:
fd:d8:0f:ea:29:2f:89:d1:6d:8c:bf:bc:61:71:b6:fe:ee:d0:
2c:b1:2f:99:94:de:4a:10:e3:1d:50:04:01:45:c7:ab:28:66:
2a:62:73:e0:b8:0c:98:51:b5:a7:bf:4e:40:7c:49:ad:f1:f3:
dc:d4:40:f4:fb:0b:7f:50:1b:6c:db:09:ac:98:3d:d7:0f:bf:
89:9d:18:1c:2a:a9:54:ac:46:48:d7:d5:d4:19:cc:6b:93:5e:
08:91:cf:0c:56:4e:53:d3:d9:e7:9f:ca:6b:18:ed:89:fb:07:
08:a5:bb:18:4d:7c:87:3b:c9:ef:1b:90:85:b5:5e:6a:b8:02:
ed:d2:cc:e0:0a:5c:5f:9f:4f:6d:a1:d0:6e:4e:a0:ad:dc:75:
f8:3b:c9:24:98:ab:65:70:d6:5c:1f:72:21:8e:30:18:f4:18:
47:7d:84:12
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhshWZeuucx4g7blA2FgCGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlODI5NjNmZjFhYTcwYWIxMGQxZDMzZTg2YjFkNmQ0OTRk
NmNlNTEwHhcNMjUwMTAxMTE0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTA2ODY1MmVmN2NiZTA0MzlmMGMyNmY3YjNhM2I5M2UwMTEwMTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwfy7md1RwsrJHQcBX2OpNQjnv4wv
57GWpkCU9Zb7U+TzyVaalfhFG9ASZArCsANBfWYDvURQaL6QvVtdOKPwNWBiG4T9
06NIAl5NBJYLJu3wTgz4pLi83JGmh9f3YqT/aqsxJ100hUzuGZbAT/YHad4/YMrF
i8oG3HQ8z94x3ZavOr1Wr3jkVLATI6+n5FtFwXwBjN+M5Z/oXqCcM2J/QHutoJuf
EpQAvzKYsQQPxWC5gOwP/zPruT8tzOZNv7ILTvbpJ5EUsTupgCazmTOovT/RK0aO
S5LG2hQ/8wK35eRTQensTmnMkwgrJB8CPfQoQdbK6fIccXeTHhRqrZMGlQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN4GhlLvfL4EOfDCb3s6O5PgEQEqMB8GA1UdIwQY
MBaAFC6Clj/xqnCrENHTPoax1tSU1s5RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQt
ZGY2NGYwZTgyMzYwLzEvM2dhR1V1OTh2Z1E1OE1KdmV6bzdrLUFSQVNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQtZGY2NGYwZTgyMzYw
LzEvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGbXsAMA0G
CSqGSIb3DQEBCwUAA4IBAQDUOBG/d8oS5ujtUyE3HdeoMDzeQ+kFTwJZyR5Aklev
3nwvN+csRoO7TutZFBg9GgbKtT4WRkViSmkzvjrx//0bmb8X+XwzpjuG/rTKbOOW
m4GUHAWCRSi+OuP92A/qKS+J0W2Mv7xhcbb+7tAssS+ZlN5KEOMdUAQBRcerKGYq
YnPguAyYUbWnv05AfEmt8fPc1ED0+wt/UBts2wmsmD3XD7+JnRgcKqlUrEZI19XU
Gcxrk14Ikc8MVk5T09nnn8prGO2J+wcIpbsYTXyHO8nvG5CFtV5quALt0szgClxf
n09todBuTqCt3HX4O8kkmKtlcNZcH3IhjjAY9BhHfYQS
-----END CERTIFICATE-----
Generated at Wed Feb 5 08:40:49 2025 by rpki-client