Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/LnB1q1PM_kJ4XevQHSSwoAwFcTY.roa
File: LnB1q1PM_kJ4XevQHSSwoAwFcTY.roa (raw, json)
Hash identifier: e7swdzDOe/Y/3x1bZCYwD/+li1TB00/HX6iaal7aLeI=
Subject key identifier: 2E:70:75:AB:53:CC:FE:42:78:5D:EB:D0:1D:24:B0:A0:0C:05:71:36
Certificate issuer: /CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
Certificate serial: 0194266BC45CD89439B42D90D2D47F744DFB
Authority key identifier: 87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/LnB1q1PM_kJ4XevQHSSwoAwFcTY.roa
Signing time: Thu 02 Jan 2025 09:49:44 +0000
ROA not before: Thu 02 Jan 2025 09:49:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15824
IP address blocks: 195.3.108.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/hwxYmk8iqcov-ZtMSPi99JKHFyU.crl
rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/hwxYmk8iqcov-ZtMSPi99JKHFyU.mft
rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:c4:5c:d8:94:39:b4:2d:90:d2:d4:7f:74:4d:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
Validity
Not Before: Jan 2 09:49:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2e7075ab53ccfe42785debd01d24b0a00c057136
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:63:56:ba:c9:6e:6e:08:60:6b:c4:f8:6d:bc:
ed:6b:2f:d9:53:9d:eb:96:39:66:27:f2:e6:aa:99:
51:bf:a0:32:b0:a7:88:68:bc:b8:d3:df:5f:78:5f:
61:e1:4f:1f:8e:ee:64:17:b7:f6:2f:9f:62:68:ff:
64:0c:6d:b7:25:8a:14:e1:26:3d:6c:f3:08:ed:4c:
79:7f:45:44:67:3b:33:ce:29:d3:9f:f8:b8:44:13:
59:85:70:d6:62:b4:6b:4b:10:20:b0:3e:3e:14:43:
ce:5c:2f:a9:78:c6:a2:64:95:5e:a9:6d:59:4a:28:
2d:91:34:91:aa:6b:a9:b0:6b:4a:49:7a:6d:83:f8:
94:f5:1b:9a:45:f4:c3:09:66:e6:b3:14:bd:f9:c3:
31:b4:2f:b6:4d:91:b2:4a:fb:a2:3b:84:29:4b:af:
16:00:a1:64:ab:e0:82:17:e1:a8:d4:f0:43:03:b4:
09:f4:93:9b:f9:a2:5d:c5:29:16:54:51:ab:39:ae:
2c:83:8d:d8:41:01:8b:f4:47:ec:34:7c:7f:ae:2e:
f0:ee:e1:ed:d9:13:a0:2d:1a:49:66:31:33:13:31:
0e:2e:aa:04:e9:f8:8c:3d:3b:9e:7d:f2:a3:ed:59:
d8:17:8c:ca:c7:ac:df:9a:a2:d1:50:f9:8c:0d:81:
af:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:70:75:AB:53:CC:FE:42:78:5D:EB:D0:1D:24:B0:A0:0C:05:71:36
X509v3 Authority Key Identifier:
keyid:87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/LnB1q1PM_kJ4XevQHSSwoAwFcTY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/hwxYmk8iqcov-ZtMSPi99JKHFyU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.3.108.0/23
Signature Algorithm: sha256WithRSAEncryption
62:c4:79:39:6f:39:df:0c:c1:04:89:e1:1c:d7:34:9e:34:9b:
50:ed:65:fe:bc:13:8a:c7:12:3d:57:6f:f9:b6:a6:40:ab:fe:
81:3c:00:3b:e8:af:d1:64:32:cf:32:0c:fd:be:da:4e:02:32:
8b:b6:32:93:bf:a1:1f:46:d2:c9:e0:ac:c4:1c:42:6d:ec:a8:
fb:46:b5:c0:2f:f8:f3:7e:24:11:59:0b:c3:0b:df:f0:69:45:
f6:9e:84:bf:2a:24:0e:0b:19:a1:be:f1:e5:ad:51:f6:3b:04:
ac:c5:0c:6d:1a:d8:b3:57:82:2c:43:d8:a7:e2:f5:2b:2d:9a:
e9:d6:a1:f1:fe:04:d8:3a:76:17:5a:be:40:8d:6c:69:9a:41:
ce:b7:e2:40:53:62:90:e9:9c:bb:2c:4f:09:08:b8:9f:cc:c5:
8f:e7:66:11:26:98:1f:ed:f9:94:ec:32:e7:ad:48:2e:d3:b2:
5d:85:32:dd:01:29:97:62:b9:4b:c5:67:42:39:35:44:ad:e6:
1f:4f:60:74:15:c1:6b:b9:65:3a:67:e8:86:f0:d8:20:7a:e9:
99:d1:58:31:69:88:c1:b9:21:76:72:0f:27:70:3c:74:9e:0a:
f3:84:87:45:66:bb:c9:27:9c:8d:f0:e0:a1:49:9f:9d:77:ab:
e6:ef:7a:61
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQma8Rc2JQ5tC2Q0tR/dE37MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MGM1ODlhNGYyMmE5Y2EyZmY5OWI0YzQ4ZjhiZGY0OTI4
NzE3MjUwHhcNMjUwMTAyMDk0OTQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTcwNzVhYjUzY2NmZTQyNzg1ZGViZDAxZDI0YjBhMDBjMDU3MTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2NWuslubghga8T4bbztay/ZU53r
ljlmJ/LmqplRv6AysKeIaLy4099feF9h4U8fju5kF7f2L59iaP9kDG23JYoU4SY9
bPMI7Ux5f0VEZzszzinTn/i4RBNZhXDWYrRrSxAgsD4+FEPOXC+peMaiZJVeqW1Z
SigtkTSRqmupsGtKSXptg/iU9RuaRfTDCWbmsxS9+cMxtC+2TZGySvuiO4QpS68W
AKFkq+CCF+Go1PBDA7QJ9JOb+aJdxSkWVFGrOa4sg43YQQGL9EfsNHx/ri7w7uHt
2ROgLRpJZjEzEzEOLqoE6fiMPTueffKj7VnYF4zKx6zfmqLRUPmMDYGv3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC5wdatTzP5CeF3r0B0ksKAMBXE2MB8GA1UdIwQY
MBaAFIcMWJpPIqnKL/mbTEj4vfSShxclMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWIt
ODQ5ZDNhNmI5YzJkLzEvTG5CMXExUE1fa0o0WGV2UUhTU3dvQXdGY1RZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWItODQ5ZDNhNmI5YzJk
LzEvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwwNsMA0G
CSqGSIb3DQEBCwUAA4IBAQBixHk5bznfDMEEieEc1zSeNJtQ7WX+vBOKxxI9V2/5
tqZAq/6BPAA76K/RZDLPMgz9vtpOAjKLtjKTv6EfRtLJ4KzEHEJt7Kj7RrXAL/jz
fiQRWQvDC9/waUX2noS/KiQOCxmhvvHlrVH2OwSsxQxtGtizV4IsQ9in4vUrLZrp
1qHx/gTYOnYXWr5AjWxpmkHOt+JAU2KQ6Zy7LE8JCLifzMWP52YRJpgf7fmU7DLn
rUgu07JdhTLdASmXYrlLxWdCOTVEreYfT2B0FcFruWU6Z+iG8NggeumZ0VgxaYjB
uSF2cg8ncDx0ngrzhIdFZrvJJ5yN8OChSZ+dd6vm73ph
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:27:29 2025 by rpki-client