Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/61a140-110e-4197-8da5-56ba198d17f0/1/Lp4_8KBWJdha2Jzdhq102LYjczg.roa
File: Lp4_8KBWJdha2Jzdhq102LYjczg.roa (raw, json)
Hash identifier: sRJMp6kjdQS4Uru55TcR1RrRtgv1vq1HoJumS3BQdg8=
Subject key identifier: 2E:9E:3F:F0:A0:56:25:D8:5A:D8:9C:DD:86:AD:74:D8:B6:23:73:38
Certificate issuer: /CN=8eac36ff533eb6f8f8aa65920220cfa471e5a2b1
Certificate serial: 019425FC6F793732669FEDFCDC21F5CB102C
Authority key identifier: 8E:AC:36:FF:53:3E:B6:F8:F8:AA:65:92:02:20:CF:A4:71:E5:A2:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jqw2_1M-tvj4qmWSAiDPpHHlorE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/61a140-110e-4197-8da5-56ba198d17f0/1/Lp4_8KBWJdha2Jzdhq102LYjczg.roa
Signing time: Thu 02 Jan 2025 07:48:08 +0000
ROA not before: Thu 02 Jan 2025 07:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210127
IP address blocks: 194.61.132.0/22 maxlen: 24
194.61.132.0/24 maxlen: 24
194.61.133.0/24 maxlen: 24
194.61.134.0/24 maxlen: 24
194.61.135.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b5/61a140-110e-4197-8da5-56ba198d17f0/1/jqw2_1M-tvj4qmWSAiDPpHHlorE.crl
rsync://rpki.ripe.net/repository/DEFAULT/b5/61a140-110e-4197-8da5-56ba198d17f0/1/jqw2_1M-tvj4qmWSAiDPpHHlorE.mft
rsync://rpki.ripe.net/repository/DEFAULT/jqw2_1M-tvj4qmWSAiDPpHHlorE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:6f:79:37:32:66:9f:ed:fc:dc:21:f5:cb:10:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8eac36ff533eb6f8f8aa65920220cfa471e5a2b1
Validity
Not Before: Jan 2 07:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2e9e3ff0a05625d85ad89cdd86ad74d8b6237338
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:af:5b:ad:31:ad:0f:9e:40:8c:a5:f1:9a:7b:
e6:b0:97:19:af:ed:e8:3c:72:b4:06:e9:89:f3:fb:
c1:2f:2a:04:b3:6f:c6:fb:23:33:06:21:4a:77:fe:
9e:56:1f:27:34:48:a9:c4:9c:6f:46:2c:54:98:e0:
b2:af:bf:e6:24:45:31:98:1d:0c:c8:78:2b:6f:0f:
49:91:2b:25:b4:a8:a7:d0:85:38:21:a1:62:56:92:
70:88:a8:c8:13:9c:06:cb:ef:8f:99:32:a9:30:60:
86:47:5e:18:66:2c:6b:e3:51:17:fb:9b:bc:06:a0:
77:87:15:cb:bb:ec:a1:0a:0a:84:5b:3b:07:b8:a6:
5a:97:4e:61:30:e9:f8:c6:95:79:88:6c:d9:a9:29:
b2:6b:72:b9:01:5b:15:09:5e:74:ab:16:ac:6a:00:
a2:8d:99:4c:ce:a8:db:d0:52:5c:1f:ca:6c:0f:64:
26:28:55:07:10:3d:5e:d2:95:9f:cc:dc:93:b2:26:
8d:b6:f8:68:ca:f2:c9:a1:be:d2:f5:1c:0c:aa:45:
1c:87:25:24:c6:9b:47:0b:a7:f0:99:33:d3:90:03:
bc:6e:31:c5:ee:05:b0:4f:fc:f1:e3:db:32:47:a8:
d8:95:db:3a:f0:2d:1b:d1:c9:bb:e1:ca:4a:34:55:
de:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:9E:3F:F0:A0:56:25:D8:5A:D8:9C:DD:86:AD:74:D8:B6:23:73:38
X509v3 Authority Key Identifier:
keyid:8E:AC:36:FF:53:3E:B6:F8:F8:AA:65:92:02:20:CF:A4:71:E5:A2:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jqw2_1M-tvj4qmWSAiDPpHHlorE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/61a140-110e-4197-8da5-56ba198d17f0/1/Lp4_8KBWJdha2Jzdhq102LYjczg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/61a140-110e-4197-8da5-56ba198d17f0/1/jqw2_1M-tvj4qmWSAiDPpHHlorE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.61.132.0/22
Signature Algorithm: sha256WithRSAEncryption
87:7f:51:27:05:b5:36:e5:33:40:3a:59:65:02:f0:5f:ec:b2:
fd:f9:0b:cf:93:c5:eb:3b:21:44:9c:ca:ce:a4:a7:af:b0:83:
4a:0b:96:d6:88:b3:b8:85:ea:ea:85:2a:6e:98:bd:55:0f:8f:
ca:7c:62:3e:43:10:58:ac:0e:cc:74:75:eb:1e:c4:dc:16:f4:
f6:b5:e0:7f:00:15:f3:31:57:70:83:5e:cc:14:ef:cb:3c:73:
12:71:24:f7:67:d4:e0:e6:99:3c:85:8f:c0:64:89:61:e9:d4:
30:50:2d:df:c8:90:9d:12:94:a3:1a:61:7c:c5:59:05:e8:a6:
b7:bd:fa:f7:32:bc:04:ee:7a:b0:05:f6:2b:7e:4d:7d:44:68:
53:35:53:a4:66:a6:30:3d:89:f3:58:d5:aa:58:3e:b3:dd:02:
c8:3b:dc:7b:af:44:5f:28:8e:03:0f:8e:9d:cd:cf:42:d5:3d:
1b:b3:66:06:2e:3b:73:c1:3c:35:fd:29:12:06:f7:6e:e9:88:
d6:25:7c:38:06:0b:14:7f:fc:58:3f:4a:02:c0:5f:7a:2c:cf:
84:ba:f3:28:54:23:09:c6:a6:a6:b3:ef:2c:eb:91:e2:8c:1d:
51:f0:10:d8:e3:e5:59:36:26:19:05:72:a5:91:12:17:fa:e0:
48:09:3e:1d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/G95NzJmn+383CH1yxAsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlYWMzNmZmNTMzZWI2ZjhmOGFhNjU5MjAyMjBjZmE0NzFl
NWEyYjEwHhcNMjUwMTAyMDc0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTllM2ZmMGEwNTYyNWQ4NWFkODljZGQ4NmFkNzRkOGI2MjM3MzM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqq9brTGtD55AjKXxmnvmsJcZr+3o
PHK0BumJ8/vBLyoEs2/G+yMzBiFKd/6eVh8nNEipxJxvRixUmOCyr7/mJEUxmB0M
yHgrbw9JkSsltKin0IU4IaFiVpJwiKjIE5wGy++PmTKpMGCGR14YZixr41EX+5u8
BqB3hxXLu+yhCgqEWzsHuKZal05hMOn4xpV5iGzZqSmya3K5AVsVCV50qxasagCi
jZlMzqjb0FJcH8psD2QmKFUHED1e0pWfzNyTsiaNtvhoyvLJob7S9RwMqkUchyUk
xptHC6fwmTPTkAO8bjHF7gWwT/zx49syR6jYlds68C0b0cm74cpKNFXeswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC6eP/CgViXYWtic3YatdNi2I3M4MB8GA1UdIwQY
MBaAFI6sNv9TPrb4+KplkgIgz6Rx5aKxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanF3Ml8xTS10dmo0cW1XU0FpRFBwSEhsb3JFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS82MWExNDAtMTEwZS00MTk3LThkYTUt
NTZiYTE5OGQxN2YwLzEvTHA0XzhLQldKZGhhMkp6ZGhxMTAyTFlqY3pnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS82MWExNDAtMTEwZS00MTk3LThkYTUtNTZiYTE5OGQxN2Yw
LzEvanF3Ml8xTS10dmo0cW1XU0FpRFBwSEhsb3JFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwj2EMA0G
CSqGSIb3DQEBCwUAA4IBAQCHf1EnBbU25TNAOlllAvBf7LL9+QvPk8XrOyFEnMrO
pKevsINKC5bWiLO4herqhSpumL1VD4/KfGI+QxBYrA7MdHXrHsTcFvT2teB/ABXz
MVdwg17MFO/LPHMScST3Z9Tg5pk8hY/AZIlh6dQwUC3fyJCdEpSjGmF8xVkF6Ka3
vfr3MrwE7nqwBfYrfk19RGhTNVOkZqYwPYnzWNWqWD6z3QLIO9x7r0RfKI4DD46d
zc9C1T0bs2YGLjtzwTw1/SkSBvdu6YjWJXw4BgsUf/xYP0oCwF96LM+EuvMoVCMJ
xqams+8s65HijB1R8BDY4+VZNiYZBXKlkRIX+uBICT4d
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:00:33 2025 by rpki-client