Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/LitcvfubhJIuJUiPCGKPgxQe23A.roa
File: LitcvfubhJIuJUiPCGKPgxQe23A.roa (raw, json)
Hash identifier: eYeGbLZsvvx5bRlXJjP6drg51KHyMZSRyoTffEFM1W4=
Subject key identifier: 2E:2B:5C:BD:FB:9B:84:92:2E:25:48:8F:08:62:8F:83:14:1E:DB:70
Certificate issuer: /CN=3263787fd0f94b37813eef16bc8137423ee3fef3
Certificate serial: 01941F8C075B32B65A23C17AA9FE8038EB11
Authority key identifier: 32:63:78:7F:D0:F9:4B:37:81:3E:EF:16:BC:81:37:42:3E:E3:FE:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/LitcvfubhJIuJUiPCGKPgxQe23A.roa
Signing time: Wed 01 Jan 2025 01:47:37 +0000
ROA not before: Wed 01 Jan 2025 01:47:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 37.44.228.0/22 maxlen: 24
45.66.92.0/23 maxlen: 23
45.66.94.0/23 maxlen: 23
192.145.52.0/22 maxlen: 24
193.219.99.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.mft
rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:07:5b:32:b6:5a:23:c1:7a:a9:fe:80:38:eb:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3263787fd0f94b37813eef16bc8137423ee3fef3
Validity
Not Before: Jan 1 01:47:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2e2b5cbdfb9b84922e25488f08628f83141edb70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:b5:79:b1:e3:06:df:78:40:ee:7d:dc:c1:b7:
71:7b:b8:01:7e:b0:68:a7:07:ac:b8:c2:57:a7:22:
66:98:72:38:a6:6a:4a:0e:5c:d4:67:c3:4e:ba:0b:
f0:17:7e:57:53:b3:10:a4:19:f4:3d:b1:18:6c:fe:
6b:a6:0f:4f:36:8d:17:e3:59:20:a1:a8:19:4d:51:
9d:c8:b5:81:c3:a2:b8:a3:93:61:d1:d7:6d:47:e6:
9f:27:3b:3c:05:6c:6d:40:74:2f:40:d4:7b:bc:f8:
f5:a8:ce:04:bb:93:21:59:49:ac:65:e4:2e:42:d9:
06:02:28:74:3f:fb:17:53:db:e6:d1:34:57:b7:38:
ee:cd:77:fc:e9:c4:5b:de:1d:46:01:b9:99:b0:b8:
ed:6a:41:77:b2:a3:88:d0:a2:9f:ae:ab:d5:e5:f6:
b5:64:8c:0e:51:aa:c3:da:35:07:87:12:7e:e4:4f:
b3:07:c6:0a:2d:15:a3:be:8c:f0:80:6a:7a:aa:d1:
85:ee:06:3a:b5:07:8f:07:f8:63:4a:0a:da:fe:73:
a4:9d:14:85:96:55:40:af:6e:5e:61:79:55:0c:17:
f0:6e:93:79:c1:18:e4:9f:5c:a9:84:43:cc:bd:e3:
9d:a8:aa:0b:64:65:4a:0b:6c:fd:b8:85:a0:0c:44:
55:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:2B:5C:BD:FB:9B:84:92:2E:25:48:8F:08:62:8F:83:14:1E:DB:70
X509v3 Authority Key Identifier:
keyid:32:63:78:7F:D0:F9:4B:37:81:3E:EF:16:BC:81:37:42:3E:E3:FE:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/LitcvfubhJIuJUiPCGKPgxQe23A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.44.228.0/22
45.66.92.0/22
192.145.52.0/22
193.219.99.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:aa:cc:f4:2d:8e:da:3a:0c:3c:4e:c2:7a:ae:8f:a7:f7:6e:
31:6d:4b:75:ef:84:a7:e6:4c:04:b0:23:49:88:88:a0:3b:e5:
1d:21:16:be:4b:8a:8d:75:02:0c:80:05:92:41:de:78:8c:2e:
c6:0e:bc:15:99:19:88:22:0d:da:ed:56:00:df:9d:2b:2c:8b:
85:54:12:52:73:1c:f5:20:90:71:4e:1a:77:10:a9:6c:eb:f3:
84:b2:92:81:34:83:1b:cf:8f:ec:3a:20:fa:24:94:ce:e9:e2:
16:ea:52:f4:41:84:4d:a2:39:23:60:06:d9:d3:cd:9f:f7:96:
b3:94:03:f5:5c:f1:b6:4b:91:36:74:75:28:ea:3b:fe:99:2d:
7e:84:04:48:90:9d:b6:d1:13:1d:92:56:2d:07:a0:f9:38:3b:
9f:e2:0f:26:b7:dc:a7:ec:8b:36:da:fc:ab:b5:b7:1b:f9:0f:
8a:9b:d6:6c:b6:38:f5:2a:6b:13:d4:7c:53:24:d8:4d:45:7f:
2a:aa:b8:20:af:c7:77:e4:b0:ee:f4:5f:8d:4e:52:bf:fe:51:
39:af:42:7c:04:dd:5d:01:4e:57:41:c8:50:d7:50:aa:fc:98:
d1:e6:c7:47:ec:ee:94:70:b2:39:2c:95:0b:91:f0:61:14:40:
17:b6:aa:7d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQfjAdbMrZaI8F6qf6AOOsRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNjM3ODdmZDBmOTRiMzc4MTNlZWYxNmJjODEzNzQyM2Vl
M2ZlZjMwHhcNMjUwMTAxMDE0NzM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTJiNWNiZGZiOWI4NDkyMmUyNTQ4OGYwODYyOGY4MzE0MWVkYjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmbV5seMG33hA7n3cwbdxe7gBfrBo
pwesuMJXpyJmmHI4pmpKDlzUZ8NOugvwF35XU7MQpBn0PbEYbP5rpg9PNo0X41kg
oagZTVGdyLWBw6K4o5Nh0ddtR+afJzs8BWxtQHQvQNR7vPj1qM4Eu5MhWUmsZeQu
QtkGAih0P/sXU9vm0TRXtzjuzXf86cRb3h1GAbmZsLjtakF3sqOI0KKfrqvV5fa1
ZIwOUarD2jUHhxJ+5E+zB8YKLRWjvozwgGp6qtGF7gY6tQePB/hjSgra/nOknRSF
llVAr25eYXlVDBfwbpN5wRjkn1yphEPMveOdqKoLZGVKC2z9uIWgDERVMQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFC4rXL37m4SSLiVIjwhij4MUHttwMB8GA1UdIwQY
MBaAFDJjeH/Q+Us3gT7vFryBN0I+4/7zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTW1ONGY5RDVTemVCUHU4V3ZJRTNRajdqX3ZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83NzAzZWYtMjQyMi00MzdjLWI5M2Qt
NTk1ZTBiZjVjNjEzLzEvTGl0Y3ZmdWJoSkl1SlVpUENHS1BneFFlMjNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83NzAzZWYtMjQyMi00MzdjLWI5M2QtNTk1ZTBiZjVjNjEz
LzEvTW1ONGY5RDVTemVCUHU4V3ZJRTNRajdqX3ZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCJSzkAwQC
LUJcAwQCwJE0AwQAwdtjMA0GCSqGSIb3DQEBCwUAA4IBAQA7qsz0LY7aOgw8TsJ6
ro+n924xbUt174Sn5kwEsCNJiIigO+UdIRa+S4qNdQIMgAWSQd54jC7GDrwVmRmI
Ig3a7VYA350rLIuFVBJScxz1IJBxThp3EKls6/OEspKBNIMbz4/sOiD6JJTO6eIW
6lL0QYRNojkjYAbZ082f95azlAP1XPG2S5E2dHUo6jv+mS1+hARIkJ220RMdklYt
B6D5ODuf4g8mt9yn7Is22vyrtbcb+Q+Km9Zstjj1KmsT1HxTJNhNRX8qqrggr8d3
5LDu9F+NTlK//lE5r0J8BN1dAU5XQchQ11Cq/JjR5sdH7O6UcLI5LJULkfBhFEAX
tqp9
-----END CERTIFICATE-----
Generated at Wed Feb 5 08:44:56 2025 by rpki-client