Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4b6cc9-09d3-4678-b0a7-950c180596d0/1/LVdTUXxiMF9XJQST5UOIEXtOCYY.roa
File: LVdTUXxiMF9XJQST5UOIEXtOCYY.roa (raw, json)
Hash identifier: 1JvKiaaOoOhGqXZ9Dq7CyaK8VVJ8p+cu5cPkQb+6aUs=
Subject key identifier: 2D:57:53:51:7C:62:30:5F:57:25:04:93:E5:43:88:11:7B:4E:09:86
Certificate issuer: /CN=ab882cd6d196ae1f96872acae78321be7a92b8eb
Certificate serial: 019420D645F2DB85FA3F4B235B0498A7F021
Authority key identifier: AB:88:2C:D6:D1:96:AE:1F:96:87:2A:CA:E7:83:21:BE:7A:92:B8:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q4gs1tGWrh-WhyrK54MhvnqSuOs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/4b6cc9-09d3-4678-b0a7-950c180596d0/1/LVdTUXxiMF9XJQST5UOIEXtOCYY.roa
Signing time: Wed 01 Jan 2025 07:48:20 +0000
ROA not before: Wed 01 Jan 2025 07:48:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6697
IP address blocks: 37.44.64.0/18 maxlen: 21
37.45.0.0/16 maxlen: 21
37.212.0.0/14 maxlen: 23
82.209.192.0/18 maxlen: 24
86.57.128.0/17 maxlen: 24
93.84.0.0/15 maxlen: 24
178.120.0.0/13 maxlen: 24
185.152.136.0/22 maxlen: 24
194.158.192.0/19 maxlen: 24
2001:7f8:5a::/48 maxlen: 48
2a02:2208::/29 maxlen: 44
2a02:2208::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/4b6cc9-09d3-4678-b0a7-950c180596d0/1/q4gs1tGWrh-WhyrK54MhvnqSuOs.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/4b6cc9-09d3-4678-b0a7-950c180596d0/1/q4gs1tGWrh-WhyrK54MhvnqSuOs.mft
rsync://rpki.ripe.net/repository/DEFAULT/q4gs1tGWrh-WhyrK54MhvnqSuOs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 18:34:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:45:f2:db:85:fa:3f:4b:23:5b:04:98:a7:f0:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab882cd6d196ae1f96872acae78321be7a92b8eb
Validity
Not Before: Jan 1 07:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2d5753517c62305f57250493e54388117b4e0986
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:16:10:bd:33:21:d6:7c:ab:1f:08:17:07:2c:
cd:fc:f5:e9:91:40:7f:c1:d3:b3:0b:a9:d7:7b:25:
3a:c8:b5:fe:a6:b5:9e:42:32:d5:56:75:dd:1e:66:
57:f3:29:65:bf:a2:e4:53:bc:9e:db:a7:b1:a9:16:
69:8f:2d:8d:82:b9:cf:cc:f0:a4:a2:28:3a:11:96:
e0:e5:06:a3:46:bd:f2:c3:70:5d:d1:2d:58:80:58:
a4:fc:8d:ca:63:93:8c:11:85:07:4c:b9:74:e7:68:
51:97:87:b9:95:37:73:9b:30:65:be:47:36:88:b3:
30:5c:e8:e4:d9:99:18:9d:d8:d5:40:1f:10:58:92:
f2:8b:c0:ba:1d:03:5f:57:fd:19:03:e7:06:1d:a5:
3c:8f:90:92:ef:0d:7a:0d:90:9e:e3:18:71:35:44:
a2:22:d0:ad:6a:26:5f:a3:c7:41:2e:e3:66:b5:fc:
8f:a5:e8:57:87:bc:f9:a2:6c:41:20:b4:e6:57:dd:
7d:4e:91:7a:c1:bd:5d:d6:88:fa:c8:72:0d:13:55:
0e:49:dc:e0:20:6d:23:7f:ec:ae:19:78:74:75:43:
a0:38:86:c4:97:67:00:76:42:21:d2:f7:a6:d7:ff:
15:73:ba:5c:03:22:42:f2:74:1c:6f:d7:3b:cd:bc:
2b:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:57:53:51:7C:62:30:5F:57:25:04:93:E5:43:88:11:7B:4E:09:86
X509v3 Authority Key Identifier:
keyid:AB:88:2C:D6:D1:96:AE:1F:96:87:2A:CA:E7:83:21:BE:7A:92:B8:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q4gs1tGWrh-WhyrK54MhvnqSuOs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4b6cc9-09d3-4678-b0a7-950c180596d0/1/LVdTUXxiMF9XJQST5UOIEXtOCYY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4b6cc9-09d3-4678-b0a7-950c180596d0/1/q4gs1tGWrh-WhyrK54MhvnqSuOs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.44.64.0/18
37.45.0.0/16
37.212.0.0/14
82.209.192.0/18
86.57.128.0/17
93.84.0.0/15
178.120.0.0/13
185.152.136.0/22
194.158.192.0/19
IPv6:
2001:7f8:5a::/48
2a02:2208::/29
Signature Algorithm: sha256WithRSAEncryption
9b:56:c5:21:c5:eb:59:6d:99:c9:54:41:3d:05:dc:0a:9d:10:
cf:09:77:85:42:93:6f:1c:f4:fd:7a:96:79:c5:e6:6b:5a:35:
12:21:75:62:3b:2c:34:eb:61:49:89:c5:00:67:fa:b0:e6:e3:
14:5b:30:29:52:2e:a4:b8:33:93:89:a7:fe:ec:46:ef:37:9f:
30:b3:a3:09:44:25:50:20:64:1a:b3:6f:8d:90:41:12:ce:12:
c4:5d:a0:24:d3:b2:c8:0e:61:7d:67:ea:07:1b:0a:fd:b2:02:
9a:b9:ec:2f:30:a7:d9:43:6c:92:ff:6b:de:f4:87:b6:c4:c8:
8c:4a:77:c3:16:bf:a6:aa:d8:aa:de:6a:56:42:0b:44:38:63:
ea:68:23:a4:60:a6:bf:dc:aa:0c:a3:d3:b5:fe:96:8c:f0:3b:
12:e9:b0:f4:9d:10:d7:c5:f4:5a:31:cf:7e:43:9a:a2:03:fe:
75:b1:f5:9d:e9:a9:db:d0:86:a0:1e:67:ef:86:c1:d1:16:c5:
f4:b7:d4:2c:7d:8f:d3:00:25:d0:69:39:7e:18:9a:f7:ae:bf:
7a:3b:ae:51:51:69:0a:90:0a:d5:aa:4b:2b:a4:0a:4f:f4:15:
d3:64:30:26:ed:00:46:e7:48:62:d2:b5:e0:c1:33:ba:a2:9a:
29:3b:86:71
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAZQg1kXy24X6P0sjWwSYp/AhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiODgyY2Q2ZDE5NmFlMWY5Njg3MmFjYWU3ODMyMWJlN2E5
MmI4ZWIwHhcNMjUwMTAxMDc0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDU3NTM1MTdjNjIzMDVmNTcyNTA0OTNlNTQzODgxMTdiNGUwOTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxxYQvTMh1nyrHwgXByzN/PXpkUB/
wdOzC6nXeyU6yLX+prWeQjLVVnXdHmZX8yllv6LkU7ye26exqRZpjy2NgrnPzPCk
oig6EZbg5QajRr3yw3Bd0S1YgFik/I3KY5OMEYUHTLl052hRl4e5lTdzmzBlvkc2
iLMwXOjk2ZkYndjVQB8QWJLyi8C6HQNfV/0ZA+cGHaU8j5CS7w16DZCe4xhxNUSi
ItCtaiZfo8dBLuNmtfyPpehXh7z5omxBILTmV919TpF6wb1d1oj6yHINE1UOSdzg
IG0jf+yuGXh0dUOgOIbEl2cAdkIh0vem1/8Vc7pcAyJC8nQcb9c7zbwroQIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFC1XU1F8YjBfVyUEk+VDiBF7TgmGMB8GA1UdIwQY
MBaAFKuILNbRlq4flocqyueDIb56krjrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTRnczF0R1dyaC1XaHlySzU0TWh2bnFTdU9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS80YjZjYzktMDlkMy00Njc4LWIwYTct
OTUwYzE4MDU5NmQwLzEvTFZkVFVYeGlNRjlYSlFTVDVVT0lFWHRPQ1lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS80YjZjYzktMDlkMy00Njc4LWIwYTctOTUwYzE4MDU5NmQw
LzEvcTRnczF0R1dyaC1XaHlySzU0TWh2bnFTdU9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjA4BAIAATAyAwQGJSxAAwMA
JS0DAwIl1AMEBlLRwAMEB1Y5gAMDAV1UAwMDsngDBAK5mIgDBAXCnsAwFgQCAAIw
EAMHACABB/gAWgMFAyoCIggwDQYJKoZIhvcNAQELBQADggEBAJtWxSHF61ltmclU
QT0F3AqdEM8Jd4VCk28c9P16lnnF5mtaNRIhdWI7LDTrYUmJxQBn+rDm4xRbMClS
LqS4M5OJp/7sRu83nzCzowlEJVAgZBqzb42QQRLOEsRdoCTTssgOYX1n6gcbCv2y
Apq57C8wp9lDbJL/a970h7bEyIxKd8MWv6aq2KrealZCC0Q4Y+poI6Rgpr/cqgyj
07X+lozwOxLpsPSdENfF9Foxz35DmqID/nWx9Z3pqdvQhqAeZ++GwdEWxfS31Cx9
j9MAJdBpOX4Ymveuv3o7rlFRaQqQCtWqSyukCk/0FdNkMCbtAEbnSGLSteDBM7qi
mik7hnE=
-----END CERTIFICATE-----
Generated at Sun Apr 13 02:41:45 2025 by rpki-client