Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/LUT3_8WWrIc05qWZKWLQFjt60KI.roa
File: LUT3_8WWrIc05qWZKWLQFjt60KI.roa (raw, json)
Hash identifier: 4MmEr/LuJfq6eDUj7eLPFo2AuG/83fKPUQ56fOfaCms=
Subject key identifier: 2D:44:F7:FF:C5:96:AC:87:34:E6:A5:99:29:62:D0:16:3B:7A:D0:A2
Certificate issuer: /CN=c41c7221ede3af5ee92e3206af2f18bd010d5dd9
Certificate serial: 019425218774E03FEE8632BE6E71AA212197
Authority key identifier: C4:1C:72:21:ED:E3:AF:5E:E9:2E:32:06:AF:2F:18:BD:01:0D:5D:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xBxyIe3jr17pLjIGry8YvQENXdk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/LUT3_8WWrIc05qWZKWLQFjt60KI.roa
Signing time: Thu 02 Jan 2025 03:49:01 +0000
ROA not before: Thu 02 Jan 2025 03:49:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49649
IP address blocks: 213.109.32.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/xBxyIe3jr17pLjIGry8YvQENXdk.crl
rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/xBxyIe3jr17pLjIGry8YvQENXdk.mft
rsync://rpki.ripe.net/repository/DEFAULT/xBxyIe3jr17pLjIGry8YvQENXdk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 14:46:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:87:74:e0:3f:ee:86:32:be:6e:71:aa:21:21:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c41c7221ede3af5ee92e3206af2f18bd010d5dd9
Validity
Not Before: Jan 2 03:49:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2d44f7ffc596ac8734e6a5992962d0163b7ad0a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:b8:45:15:11:5b:98:2a:49:36:d1:f6:3c:7b:
85:58:95:7e:39:7f:ca:ba:0a:cd:ef:ec:95:14:d6:
10:dc:f9:67:ce:94:b0:23:80:58:33:dd:ee:95:3a:
5d:78:b4:db:7b:63:83:16:3b:c2:68:02:df:be:2f:
9b:5d:6f:88:8d:8a:3d:9e:17:6c:76:28:d7:b4:45:
b6:47:54:a9:c3:89:50:f4:02:1e:1c:9a:83:21:70:
0f:3f:05:a0:11:ad:de:43:d2:7c:af:48:21:3d:b9:
cb:0b:a0:24:9f:b1:69:24:09:cf:92:ee:26:73:b2:
28:e7:d3:4f:0f:c1:04:f6:7f:3b:3a:e9:d1:7e:75:
3e:ca:71:a8:b0:e1:4a:6b:cd:e9:f8:f2:e8:80:33:
9c:1a:16:a7:bc:95:c0:73:6c:89:35:06:65:16:16:
11:97:e8:2f:22:8b:db:17:65:e5:9b:1c:ae:50:41:
58:dd:39:cf:cf:53:d2:2d:ce:a7:71:5d:e7:e0:f8:
be:16:f9:18:34:12:1f:51:40:dc:1b:be:8a:9d:cf:
a5:d2:ed:1b:d6:39:66:b7:c2:a2:99:67:79:b7:0a:
88:86:40:21:a3:5d:89:82:36:01:be:36:ae:c4:7c:
40:57:d1:31:5b:1d:7c:a2:f0:eb:bb:ee:6a:f1:71:
b4:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:44:F7:FF:C5:96:AC:87:34:E6:A5:99:29:62:D0:16:3B:7A:D0:A2
X509v3 Authority Key Identifier:
keyid:C4:1C:72:21:ED:E3:AF:5E:E9:2E:32:06:AF:2F:18:BD:01:0D:5D:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xBxyIe3jr17pLjIGry8YvQENXdk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/LUT3_8WWrIc05qWZKWLQFjt60KI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/xBxyIe3jr17pLjIGry8YvQENXdk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.109.32.0/24
Signature Algorithm: sha256WithRSAEncryption
86:c2:2f:21:e5:96:85:62:f2:cf:cc:6b:7d:86:c3:6e:2d:6f:
67:c2:41:dd:52:24:4f:64:51:2b:2d:79:68:2a:2a:d2:7b:13:
52:a4:f1:a3:6e:40:e8:97:74:05:66:e0:0c:fb:19:38:e5:a4:
fd:bc:c7:d3:cc:8a:53:89:0c:c8:e2:0e:c5:83:58:bc:e3:79:
30:b8:8e:d3:da:15:cd:ee:fd:f5:25:14:4c:b6:d2:58:c9:96:
6a:e4:11:30:df:49:be:47:69:37:da:ae:0b:3a:bc:4c:05:d4:
44:d4:fa:d7:cc:8e:a0:bd:2f:55:15:ec:dd:da:6a:a1:66:2c:
cd:f2:42:73:31:57:fb:f9:57:40:1f:b3:fc:6c:3c:00:e5:e3:
cc:73:65:80:cc:82:b5:f1:d3:37:c1:c2:63:f3:50:a6:f6:72:
11:2c:ab:f4:92:d7:ba:9b:2f:f7:ef:73:6d:f1:df:f5:22:29:
b5:8b:d5:53:79:ae:41:49:13:78:49:2c:2e:89:68:ef:ee:4b:
44:17:a3:c9:5e:19:9d:89:75:1d:db:2a:d8:54:df:10:aa:f2:
89:bd:18:e5:a0:7c:df:04:ea:69:9a:fa:d6:43:6c:a8:5d:55:
f3:18:d7:68:ff:cc:eb:6a:66:0e:b6:fa:12:4b:e4:dd:36:ae:
c3:6a:4f:cf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlIYd04D/uhjK+bnGqISGXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MWM3MjIxZWRlM2FmNWVlOTJlMzIwNmFmMmYxOGJkMDEw
ZDVkZDkwHhcNMjUwMTAyMDM0OTAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDQ0ZjdmZmM1OTZhYzg3MzRlNmE1OTkyOTYyZDAxNjNiN2FkMGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoLhFFRFbmCpJNtH2PHuFWJV+OX/K
ugrN7+yVFNYQ3PlnzpSwI4BYM93ulTpdeLTbe2ODFjvCaALfvi+bXW+IjYo9nhds
dijXtEW2R1Spw4lQ9AIeHJqDIXAPPwWgEa3eQ9J8r0ghPbnLC6Akn7FpJAnPku4m
c7Io59NPD8EE9n87OunRfnU+ynGosOFKa83p+PLogDOcGhanvJXAc2yJNQZlFhYR
l+gvIovbF2XlmxyuUEFY3TnPz1PSLc6ncV3n4Pi+FvkYNBIfUUDcG76Knc+l0u0b
1jlmt8KimWd5twqIhkAho12JgjYBvjauxHxAV9ExWx18ovDru+5q8XG0tQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC1E9//FlqyHNOalmSli0BY7etCiMB8GA1UdIwQY
MBaAFMQcciHt469e6S4yBq8vGL0BDV3ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEJ4eUllM2pyMTdwTGpJR3J5OFl2UUVOWGRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9lOTliMzUtOGNmNi00OTM0LWE1OTEt
OTkzMGYyMTk0YTBlLzEvTFVUM184V1dySWMwNXFXWktXTFFGanQ2MEtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9lOTliMzUtOGNmNi00OTM0LWE1OTEtOTkzMGYyMTk0YTBl
LzEveEJ4eUllM2pyMTdwTGpJR3J5OFl2UUVOWGRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1W0gMA0G
CSqGSIb3DQEBCwUAA4IBAQCGwi8h5ZaFYvLPzGt9hsNuLW9nwkHdUiRPZFErLXlo
KirSexNSpPGjbkDol3QFZuAM+xk45aT9vMfTzIpTiQzI4g7Fg1i843kwuI7T2hXN
7v31JRRMttJYyZZq5BEw30m+R2k32q4LOrxMBdRE1PrXzI6gvS9VFezd2mqhZizN
8kJzMVf7+VdAH7P8bDwA5ePMc2WAzIK18dM3wcJj81Cm9nIRLKv0kte6my/373Nt
8d/1Iim1i9VTea5BSRN4SSwuiWjv7ktEF6PJXhmdiXUd2yrYVN8QqvKJvRjloHzf
BOppmvrWQ2yoXVXzGNdo/8zramYOtvoSS+TdNq7Dak/P
-----END CERTIFICATE-----
Generated at Tue Apr 22 20:49:43 2025 by rpki-client