Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/ecbffa-1166-4d1e-9f55-11575db64fbe/1/LTEzdR9zUquR1ggUmA4_QHu2p50.roa
File: LTEzdR9zUquR1ggUmA4_QHu2p50.roa (raw, json)
Hash identifier: uNuzvFRDaCwMPWv1CbBVSxROhTe6dbQ9XSUinppVNcM=
Subject key identifier: 2D:31:33:75:1F:73:52:AB:91:D6:08:14:98:0E:3F:40:7B:B6:A7:9D
Certificate issuer: /CN=2c128265b80991788d86e2262e9339038b4efa82
Certificate serial: 01955DB5A3F338B80FDE5519B29A22CC20D4
Authority key identifier: 2C:12:82:65:B8:09:91:78:8D:86:E2:26:2E:93:39:03:8B:4E:FA:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LBKCZbgJkXiNhuImLpM5A4tO-oI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/ecbffa-1166-4d1e-9f55-11575db64fbe/1/LTEzdR9zUquR1ggUmA4_QHu2p50.roa
Signing time: Mon 03 Mar 2025 20:32:19 +0000
ROA not before: Mon 03 Mar 2025 20:32:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199449
IP address blocks: 185.16.32.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/ecbffa-1166-4d1e-9f55-11575db64fbe/1/LBKCZbgJkXiNhuImLpM5A4tO-oI.crl
rsync://rpki.ripe.net/repository/DEFAULT/a3/ecbffa-1166-4d1e-9f55-11575db64fbe/1/LBKCZbgJkXiNhuImLpM5A4tO-oI.mft
rsync://rpki.ripe.net/repository/DEFAULT/LBKCZbgJkXiNhuImLpM5A4tO-oI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:5d:b5:a3:f3:38:b8:0f:de:55:19:b2:9a:22:cc:20:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c128265b80991788d86e2262e9339038b4efa82
Validity
Not Before: Mar 3 20:32:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2d3133751f7352ab91d60814980e3f407bb6a79d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:8e:92:e8:cd:04:ce:dd:cc:d8:ce:83:d1:2d:
ba:aa:36:a7:ff:8d:76:42:34:82:2c:17:fe:37:89:
dc:4a:10:b9:91:ae:94:75:4d:b6:61:22:63:60:46:
f0:3c:f7:5d:18:6f:f5:8b:1a:11:10:67:64:aa:09:
2b:ce:b0:d7:69:c7:e8:5d:77:b5:d6:d7:ff:f0:db:
d3:60:6a:07:b3:3a:cc:3c:ac:c7:2b:a6:b6:65:5f:
ef:b7:a8:5e:11:8e:24:3e:af:ee:03:fd:93:c0:84:
c5:7b:de:85:90:75:c9:c7:78:ef:47:6a:f2:cc:42:
52:5e:cd:49:8b:5c:e0:08:96:10:0b:b3:d4:bb:57:
16:4a:e3:98:34:53:37:20:14:66:7e:64:39:25:5d:
0f:18:36:e0:39:8f:a9:69:e4:44:cc:5f:6d:93:54:
eb:04:0a:9a:56:92:49:30:3f:6b:5e:df:44:bf:fd:
75:89:5b:6d:13:15:3a:87:bc:e7:aa:22:85:b9:65:
df:17:b2:0a:39:ad:57:70:a3:fc:a6:f7:17:6d:f9:
8a:6a:fe:db:26:94:f1:7b:a7:48:4d:41:f8:b5:e8:
a3:f2:fc:47:7e:e9:e7:5d:b9:7c:1f:d8:22:14:c7:
2d:ce:8f:77:49:09:bf:5b:52:45:ed:fb:7b:a5:39:
ec:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:31:33:75:1F:73:52:AB:91:D6:08:14:98:0E:3F:40:7B:B6:A7:9D
X509v3 Authority Key Identifier:
keyid:2C:12:82:65:B8:09:91:78:8D:86:E2:26:2E:93:39:03:8B:4E:FA:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LBKCZbgJkXiNhuImLpM5A4tO-oI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/ecbffa-1166-4d1e-9f55-11575db64fbe/1/LTEzdR9zUquR1ggUmA4_QHu2p50.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/ecbffa-1166-4d1e-9f55-11575db64fbe/1/LBKCZbgJkXiNhuImLpM5A4tO-oI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.16.32.0/22
Signature Algorithm: sha256WithRSAEncryption
44:0c:68:bd:14:c5:ab:06:c3:e7:46:b0:be:7c:f7:ae:91:22:
2f:16:2b:75:88:90:0c:bc:8e:32:f9:b1:c3:0a:42:b8:52:21:
cb:42:ad:2a:c2:c0:6a:29:f4:dd:56:30:7a:72:60:85:39:5a:
e5:5f:11:55:7b:e1:f5:c2:44:14:09:30:93:f3:cc:50:e4:6d:
17:88:a9:06:d2:2a:b5:80:c6:64:a6:79:ab:a2:f0:c3:a8:48:
74:f0:27:63:41:ca:cc:1c:ab:90:83:0c:fe:4d:2f:ec:25:b2:
f7:04:7f:98:bf:73:c8:77:53:27:55:9d:68:b4:75:c1:fe:a7:
2b:99:69:e1:36:9e:c1:f0:a5:a2:7f:fb:4e:7b:01:3b:cb:9b:
bd:68:41:4b:f4:03:8d:09:68:45:3c:c1:28:50:e9:25:16:4a:
e4:fd:a9:28:95:1a:6f:e1:76:a5:dd:4f:5d:4b:40:81:de:85:
ae:1d:85:92:d5:91:03:45:ad:03:47:eb:70:01:43:2a:29:4a:
f6:e5:75:26:25:38:34:73:06:27:76:d6:9f:44:b1:22:83:80:
75:8b:90:71:11:78:2a:d5:90:6a:63:43:e3:00:98:82:e1:75:
40:de:f4:63:2b:b0:d6:17:bd:07:b2:3b:0e:08:3f:3d:e3:18:
6e:af:6a:ae
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZVdtaPzOLgP3lUZspoizCDUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjMTI4MjY1YjgwOTkxNzg4ZDg2ZTIyNjJlOTMzOTAzOGI0
ZWZhODIwHhcNMjUwMzAzMjAzMjE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDMxMzM3NTFmNzM1MmFiOTFkNjA4MTQ5ODBlM2Y0MDdiYjZhNzlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArI6S6M0Ezt3M2M6D0S26qjan/412
QjSCLBf+N4ncShC5ka6UdU22YSJjYEbwPPddGG/1ixoREGdkqgkrzrDXacfoXXe1
1tf/8NvTYGoHszrMPKzHK6a2ZV/vt6heEY4kPq/uA/2TwITFe96FkHXJx3jvR2ry
zEJSXs1Ji1zgCJYQC7PUu1cWSuOYNFM3IBRmfmQ5JV0PGDbgOY+paeREzF9tk1Tr
BAqaVpJJMD9rXt9Ev/11iVttExU6h7znqiKFuWXfF7IKOa1XcKP8pvcXbfmKav7b
JpTxe6dITUH4teij8vxHfunnXbl8H9giFMctzo93SQm/W1JF7ft7pTnsTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC0xM3Ufc1KrkdYIFJgOP0B7tqedMB8GA1UdIwQY
MBaAFCwSgmW4CZF4jYbiJi6TOQOLTvqCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEJLQ1piZ0prWGlOaHVJbUxwTTVBNHRPLW9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9lY2JmZmEtMTE2Ni00ZDFlLTlmNTUt
MTE1NzVkYjY0ZmJlLzEvTFRFemRSOXpVcXVSMWdnVW1BNF9RSHUycDUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9lY2JmZmEtMTE2Ni00ZDFlLTlmNTUtMTE1NzVkYjY0ZmJl
LzEvTEJLQ1piZ0prWGlOaHVJbUxwTTVBNHRPLW9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuRAgMA0G
CSqGSIb3DQEBCwUAA4IBAQBEDGi9FMWrBsPnRrC+fPeukSIvFit1iJAMvI4y+bHD
CkK4UiHLQq0qwsBqKfTdVjB6cmCFOVrlXxFVe+H1wkQUCTCT88xQ5G0XiKkG0iq1
gMZkpnmrovDDqEh08CdjQcrMHKuQgwz+TS/sJbL3BH+Yv3PId1MnVZ1otHXB/qcr
mWnhNp7B8KWif/tOewE7y5u9aEFL9AONCWhFPMEoUOklFkrk/akolRpv4Xal3U9d
S0CB3oWuHYWS1ZEDRa0DR+twAUMqKUr25XUmJTg0cwYndtafRLEig4B1i5BxEXgq
1ZBqY0PjAJiC4XVA3vRjK7DWF70HsjsOCD894xhur2qu
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:20:13 2025 by rpki-client