Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/LJzc1LSPgx4QIfexUgZXlPyOsBM.roa
File: LJzc1LSPgx4QIfexUgZXlPyOsBM.roa (raw, json)
Hash identifier: mSfJR87+dxbiNgyu8fxRwqnptgr734BfWL94Ukn195o=
Subject key identifier: 2C:9C:DC:D4:B4:8F:83:1E:10:21:F7:B1:52:06:57:94:FC:8E:B0:13
Certificate issuer: /CN=22373571c90249bf2aa948e78bed13e08528b87e
Certificate serial: 01942143C573D76B6D8661A7BD451176F80D
Authority key identifier: 22:37:35:71:C9:02:49:BF:2A:A9:48:E7:8B:ED:13:E0:85:28:B8:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ijc1cckCSb8qqUjni-0T4IUouH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/LJzc1LSPgx4QIfexUgZXlPyOsBM.roa
Signing time: Wed 01 Jan 2025 09:47:57 +0000
ROA not before: Wed 01 Jan 2025 09:47:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49796
IP address blocks: 5.160.241.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/Ijc1cckCSb8qqUjni-0T4IUouH4.crl
rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/Ijc1cckCSb8qqUjni-0T4IUouH4.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ijc1cckCSb8qqUjni-0T4IUouH4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:c5:73:d7:6b:6d:86:61:a7:bd:45:11:76:f8:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22373571c90249bf2aa948e78bed13e08528b87e
Validity
Not Before: Jan 1 09:47:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2c9cdcd4b48f831e1021f7b152065794fc8eb013
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:43:bd:4c:84:35:d4:fa:bc:4b:aa:0d:c0:51:
ed:a9:2d:01:99:90:75:9b:f0:e2:ab:2e:95:4f:93:
c7:f4:12:ec:55:77:45:c0:b6:a4:c2:48:e5:8f:bb:
e7:8d:58:e2:2c:66:50:3d:6c:d5:c9:76:21:bf:9d:
4a:ce:b0:e6:19:a6:0e:c9:61:07:25:89:33:f8:45:
48:40:23:a8:13:20:30:f5:5b:d2:5e:17:2e:49:13:
63:3e:5a:ed:2c:77:cd:d4:28:3b:c5:88:e2:46:7c:
1c:42:88:d9:0e:fb:b4:34:4e:a8:d4:3b:23:e8:d8:
b9:e7:5d:55:aa:15:7c:12:db:0c:95:e6:d5:1d:ba:
cc:42:07:e4:6d:15:92:8e:27:02:bf:65:34:8a:7c:
a1:18:94:5a:a1:79:94:1b:3c:7d:c6:87:b3:54:92:
9a:be:12:57:e5:fe:b1:7f:92:6c:02:f1:b6:6f:0f:
96:b4:ef:cd:a1:07:0f:f5:3d:f3:13:58:5a:1d:20:
b7:4f:b0:8a:54:40:d3:3b:d9:15:91:cd:22:bd:51:
64:b9:f9:99:55:89:cd:54:db:fa:99:28:f2:7b:d4:
7d:9b:98:ff:71:0a:dc:47:13:1e:68:6d:5d:8c:5b:
d3:2e:77:d1:0d:b9:10:ba:f0:ff:2e:3f:8d:e5:38:
45:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:9C:DC:D4:B4:8F:83:1E:10:21:F7:B1:52:06:57:94:FC:8E:B0:13
X509v3 Authority Key Identifier:
keyid:22:37:35:71:C9:02:49:BF:2A:A9:48:E7:8B:ED:13:E0:85:28:B8:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ijc1cckCSb8qqUjni-0T4IUouH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/LJzc1LSPgx4QIfexUgZXlPyOsBM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/Ijc1cckCSb8qqUjni-0T4IUouH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.160.241.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:42:0e:1a:a3:58:e9:7a:b3:2a:ca:8d:b2:92:b4:94:c1:4b:
62:31:4d:59:24:f8:de:4f:6b:2f:76:09:4a:c5:fe:a0:97:21:
69:d0:76:c1:7f:8d:9e:4d:0e:bd:77:4b:e7:2d:07:d7:30:b2:
59:e1:a4:b4:e7:54:fa:a1:d7:00:b4:9a:3d:bc:a8:9f:1e:25:
58:c1:d5:90:57:ba:6b:80:a7:12:25:f6:87:19:21:30:88:4a:
29:f3:59:a2:43:fb:8d:1f:2c:ca:49:a9:27:e3:f4:17:61:b2:
20:7a:94:48:f6:60:ac:cb:58:f7:44:41:22:da:51:dc:3f:e1:
b8:bd:0b:e5:ce:b2:bd:48:83:4e:31:30:38:fd:ce:d5:71:4e:
57:33:8c:cf:8b:59:ad:7e:f4:49:39:8e:fb:eb:9f:52:98:bd:
91:50:12:e0:a5:9d:ba:67:0c:44:cf:a3:85:e7:ee:bc:83:e8:
ca:08:e4:11:3b:40:f2:81:6c:8e:03:1f:94:c9:35:ac:e7:97:
39:3f:63:ef:08:90:57:09:a2:59:3a:64:7f:77:5e:2a:43:a9:
4d:f5:9d:db:ad:cb:46:5e:f5:5b:85:30:ad:3c:b7:08:42:bc:
9e:8d:5b:58:9c:67:4e:89:a4:cb:95:17:34:e2:37:a4:c8:c1:
0a:29:9e:30
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhQ8Vz12tthmGnvUURdvgNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMzczNTcxYzkwMjQ5YmYyYWE5NDhlNzhiZWQxM2UwODUy
OGI4N2UwHhcNMjUwMTAxMDk0NzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzljZGNkNGI0OGY4MzFlMTAyMWY3YjE1MjA2NTc5NGZjOGViMDEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9kO9TIQ11Pq8S6oNwFHtqS0BmZB1
m/Diqy6VT5PH9BLsVXdFwLakwkjlj7vnjVjiLGZQPWzVyXYhv51KzrDmGaYOyWEH
JYkz+EVIQCOoEyAw9VvSXhcuSRNjPlrtLHfN1Cg7xYjiRnwcQojZDvu0NE6o1Dsj
6Ni5511VqhV8EtsMlebVHbrMQgfkbRWSjicCv2U0inyhGJRaoXmUGzx9xoezVJKa
vhJX5f6xf5JsAvG2bw+WtO/NoQcP9T3zE1haHSC3T7CKVEDTO9kVkc0ivVFkufmZ
VYnNVNv6mSjye9R9m5j/cQrcRxMeaG1djFvTLnfRDbkQuvD/Lj+N5ThF/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCyc3NS0j4MeECH3sVIGV5T8jrATMB8GA1UdIwQY
MBaAFCI3NXHJAkm/KqlI54vtE+CFKLh+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWpjMWNja0NTYjhxcVVqbmktMFQ0SVVvdUg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS84NjZlNWUtODMxZS00Y2IxLWJkNTEt
YjQ1NDBjNzRjOTRiLzEvTEp6YzFMU1BneDRRSWZleFVnWlhsUHlPc0JNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS84NjZlNWUtODMxZS00Y2IxLWJkNTEtYjQ1NDBjNzRjOTRi
LzEvSWpjMWNja0NTYjhxcVVqbmktMFQ0SVVvdUg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABaDxMA0G
CSqGSIb3DQEBCwUAA4IBAQB9Qg4ao1jperMqyo2ykrSUwUtiMU1ZJPjeT2svdglK
xf6glyFp0HbBf42eTQ69d0vnLQfXMLJZ4aS051T6odcAtJo9vKifHiVYwdWQV7pr
gKcSJfaHGSEwiEop81miQ/uNHyzKSakn4/QXYbIgepRI9mCsy1j3REEi2lHcP+G4
vQvlzrK9SINOMTA4/c7VcU5XM4zPi1mtfvRJOY77659SmL2RUBLgpZ26ZwxEz6OF
5+68g+jKCOQRO0DygWyOAx+UyTWs55c5P2PvCJBXCaJZOmR/d14qQ6lN9Z3brctG
XvVbhTCtPLcIQryejVtYnGdOiaTLlRc04jekyMEKKZ4w
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:54:36 2025 by rpki-client