Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/050533-a57e-4a8b-bf0d-cee3b492902e/1/LeauqIgA77Guz7NTqsqggxkb3OM.roa
File: LeauqIgA77Guz7NTqsqggxkb3OM.roa (raw, json)
Hash identifier: kn3sF5o0HTuBHvbByMR9Dn62yBg3LuqPb4rgaycQgmQ=
Subject key identifier: 2D:E6:AE:A8:88:00:EF:B1:AE:CF:B3:53:AA:CA:A0:83:19:1B:DC:E3
Certificate issuer: /CN=87e965e78831a88ba8fa419432a9d7bac9db38a3
Certificate serial: 019424B2B61B5EC85D30546CF7712A32C2B9
Authority key identifier: 87:E9:65:E7:88:31:A8:8B:A8:FA:41:94:32:A9:D7:BA:C9:DB:38:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h-ll54gxqIuo-kGUMqnXusnbOKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/050533-a57e-4a8b-bf0d-cee3b492902e/1/LeauqIgA77Guz7NTqsqggxkb3OM.roa
Signing time: Thu 02 Jan 2025 01:47:59 +0000
ROA not before: Thu 02 Jan 2025 01:47:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210275
IP address blocks: 83.229.65.0/24 maxlen: 24
176.105.148.0/22 maxlen: 24
185.35.78.0/23 maxlen: 24
185.169.32.0/22 maxlen: 24
2a13:2400::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/050533-a57e-4a8b-bf0d-cee3b492902e/1/h-ll54gxqIuo-kGUMqnXusnbOKM.crl
rsync://rpki.ripe.net/repository/DEFAULT/b3/050533-a57e-4a8b-bf0d-cee3b492902e/1/h-ll54gxqIuo-kGUMqnXusnbOKM.mft
rsync://rpki.ripe.net/repository/DEFAULT/h-ll54gxqIuo-kGUMqnXusnbOKM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:b6:1b:5e:c8:5d:30:54:6c:f7:71:2a:32:c2:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87e965e78831a88ba8fa419432a9d7bac9db38a3
Validity
Not Before: Jan 2 01:47:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2de6aea88800efb1aecfb353aacaa083191bdce3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:18:26:ba:17:72:76:85:5b:45:3d:13:32:6e:
b4:be:18:a3:d6:1c:00:93:9d:1f:46:ed:8e:41:3f:
ec:94:55:04:85:5a:a8:a2:51:29:df:67:4d:39:ab:
f3:cf:77:01:02:2a:71:82:b9:b1:24:18:be:de:cb:
51:a2:21:e6:d5:51:21:f9:4e:68:18:66:fa:88:22:
2a:7f:1a:a7:bc:da:4c:5e:ff:72:d6:57:3b:9e:6e:
fd:fe:08:7c:f9:22:9c:4c:c9:6e:14:66:fd:d3:f6:
39:a7:ef:54:a1:6e:bd:b0:5f:ca:b4:6a:01:cb:34:
92:e0:cb:e7:65:48:2a:77:cc:7c:d5:69:be:c6:66:
e4:ec:d0:06:5f:a8:c6:d8:19:61:08:1a:f1:ca:47:
29:b3:93:12:c4:21:9d:e7:17:c2:93:bc:46:98:e2:
00:7e:82:7c:d7:a0:1f:23:5b:89:56:05:e7:af:32:
c4:88:72:f4:11:23:9a:eb:96:c5:96:5f:ca:42:b3:
3e:55:7f:cf:bd:0a:f7:5a:17:8c:dc:6d:57:b4:bb:
98:38:08:64:35:6e:5c:1c:d5:ab:a6:c2:f6:51:fd:
22:c2:be:f8:93:9f:54:3e:00:ee:93:20:cf:d3:92:
5b:bb:d2:cc:66:75:f8:93:3d:61:05:89:ea:36:d9:
28:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:E6:AE:A8:88:00:EF:B1:AE:CF:B3:53:AA:CA:A0:83:19:1B:DC:E3
X509v3 Authority Key Identifier:
keyid:87:E9:65:E7:88:31:A8:8B:A8:FA:41:94:32:A9:D7:BA:C9:DB:38:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h-ll54gxqIuo-kGUMqnXusnbOKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/050533-a57e-4a8b-bf0d-cee3b492902e/1/LeauqIgA77Guz7NTqsqggxkb3OM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/050533-a57e-4a8b-bf0d-cee3b492902e/1/h-ll54gxqIuo-kGUMqnXusnbOKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.229.65.0/24
176.105.148.0/22
185.35.78.0/23
185.169.32.0/22
IPv6:
2a13:2400::/29
Signature Algorithm: sha256WithRSAEncryption
85:5d:c7:e3:27:70:89:14:20:be:7c:53:dd:2c:ff:d8:3b:9b:
74:9d:32:ee:65:c7:6a:e8:f6:93:46:f6:b7:a8:c3:8d:0d:36:
70:c5:dc:b0:5f:c6:19:e9:41:b5:ed:85:b4:16:1a:3f:6b:23:
17:3c:68:d9:41:10:65:e9:eb:6d:55:b0:4d:91:12:09:a8:52:
4c:6b:a5:c0:25:fb:b1:0e:d1:cb:df:79:27:15:01:51:4c:b5:
0d:45:15:20:dc:ff:b5:b8:3b:fd:00:e1:a3:29:56:fd:79:2f:
dc:ff:62:c8:5c:42:fa:1b:17:a4:13:90:4c:0d:3d:ae:90:25:
3b:f5:09:3d:ab:41:2e:c6:38:5e:a1:99:d4:e2:08:0d:51:88:
35:ab:44:90:0c:6a:e3:94:97:13:23:a4:e0:12:84:10:0b:58:
94:95:b7:f9:a9:bc:84:3c:7d:63:ee:5e:41:19:45:02:6a:95:
85:82:ce:b9:1d:44:8b:13:04:c5:e8:13:d3:a2:de:62:fb:44:
ff:61:01:fd:0a:ce:be:02:4e:ef:9a:3a:09:94:e3:09:20:80:
e2:bd:10:f4:bc:7d:88:ba:8a:97:b0:bc:3e:41:bc:eb:d1:c2:
9b:9d:52:5e:6f:ce:7a:ec:a9:14:c3:80:dd:21:88:86:bb:0c:
23:f2:cb:1d
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQksrYbXshdMFRs93EqMsK5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3ZTk2NWU3ODgzMWE4OGJhOGZhNDE5NDMyYTlkN2JhYzlk
YjM4YTMwHhcNMjUwMTAyMDE0NzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGU2YWVhODg4MDBlZmIxYWVjZmIzNTNhYWNhYTA4MzE5MWJkY2UzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwRgmuhdydoVbRT0TMm60vhij1hwA
k50fRu2OQT/slFUEhVqoolEp32dNOavzz3cBAipxgrmxJBi+3stRoiHm1VEh+U5o
GGb6iCIqfxqnvNpMXv9y1lc7nm79/gh8+SKcTMluFGb90/Y5p+9UoW69sF/KtGoB
yzSS4MvnZUgqd8x81Wm+xmbk7NAGX6jG2BlhCBrxykcps5MSxCGd5xfCk7xGmOIA
foJ816AfI1uJVgXnrzLEiHL0ESOa65bFll/KQrM+VX/PvQr3WheM3G1XtLuYOAhk
NW5cHNWrpsL2Uf0iwr74k59UPgDukyDP05Jbu9LMZnX4kz1hBYnqNtkoWQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFC3mrqiIAO+xrs+zU6rKoIMZG9zjMB8GA1UdIwQY
MBaAFIfpZeeIMaiLqPpBlDKp17rJ2zijMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaC1sbDU0Z3hxSXVvLWtHVU1xblh1c25iT0tNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy8wNTA1MzMtYTU3ZS00YThiLWJmMGQt
Y2VlM2I0OTI5MDJlLzEvTGVhdXFJZ0E3N0d1ejdOVHFzcWdneGtiM09NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy8wNTA1MzMtYTU3ZS00YThiLWJmMGQtY2VlM2I0OTI5MDJl
LzEvaC1sbDU0Z3hxSXVvLWtHVU1xblh1c25iT0tNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAU+VBAwQC
sGmUAwQBuSNOAwQCuakgMA0EAgACMAcDBQMqEyQAMA0GCSqGSIb3DQEBCwUAA4IB
AQCFXcfjJ3CJFCC+fFPdLP/YO5t0nTLuZcdq6PaTRva3qMONDTZwxdywX8YZ6UG1
7YW0Fho/ayMXPGjZQRBl6ettVbBNkRIJqFJMa6XAJfuxDtHL33knFQFRTLUNRRUg
3P+1uDv9AOGjKVb9eS/c/2LIXEL6GxekE5BMDT2ukCU79Qk9q0EuxjheoZnU4ggN
UYg1q0SQDGrjlJcTI6TgEoQQC1iUlbf5qbyEPH1j7l5BGUUCapWFgs65HUSLEwTF
6BPTot5i+0T/YQH9Cs6+Ak7vmjoJlOMJIIDivRD0vH2IuoqXsLw+Qbzr0cKbnVJe
b8567KkUw4DdIYiGuwwj8ssd
-----END CERTIFICATE-----
Generated at Sun Feb 2 08:03:32 2025 by rpki-client