Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/lUfZhOt-wvUulei1P4O40ILh6W4.roa
File: lUfZhOt-wvUulei1P4O40ILh6W4.roa (raw, json)
Hash identifier: KvgRSxa7IHlLzvxb6tBzeiNZVGLjogvJrOdyYd+Hhtw=
Subject key identifier: 95:47:D9:84:EB:7E:C2:F5:2E:95:E8:B5:3F:83:B8:D0:82:E1:E9:6E
Certificate issuer: /CN=58ad60da52671e9083cf39864eca2aa23241be9e
Certificate serial: 0194282642724AB43C0BDFF8D90F3CC2E18C
Authority key identifier: 58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/lUfZhOt-wvUulei1P4O40ILh6W4.roa
Signing time: Thu 02 Jan 2025 17:53:03 +0000
ROA not before: Thu 02 Jan 2025 17:53:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29066
IP address blocks: 146.19.245.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.mft
rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 05:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:42:72:4a:b4:3c:0b:df:f8:d9:0f:3c:c2:e1:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58ad60da52671e9083cf39864eca2aa23241be9e
Validity
Not Before: Jan 2 17:53:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9547d984eb7ec2f52e95e8b53f83b8d082e1e96e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:c5:d5:70:88:ea:f4:42:e4:ee:36:45:26:58:
af:8f:aa:e8:f3:56:68:30:5a:9b:e3:14:76:0d:ca:
b4:24:2d:99:20:6a:bc:e4:54:66:c8:ce:2d:da:df:
92:93:2b:a0:f4:b3:5a:76:11:f0:5a:39:a7:cb:74:
c3:b3:fb:0b:16:30:53:be:e9:71:af:98:f4:66:ea:
42:54:74:d9:59:bb:b2:7d:02:a4:2b:a2:09:bc:fc:
81:49:90:ab:f3:99:f3:eb:c9:7e:52:66:14:a9:14:
c4:ff:16:24:62:a2:34:60:3d:fd:44:66:2b:01:8f:
6d:32:06:c8:1e:fe:a2:f0:0b:d4:43:35:70:08:ea:
ae:1d:ce:7e:8c:3c:cc:95:40:3a:24:5d:c7:b6:32:
12:89:dc:66:f1:da:6b:67:85:72:97:d3:0b:60:32:
8a:04:b7:6e:bb:e2:eb:a5:f8:cc:36:83:ec:3c:ed:
e5:10:b9:07:a6:33:c7:61:00:7d:00:50:22:d6:3e:
8e:6d:7b:5c:d9:c2:64:ad:ae:38:71:e0:b9:31:75:
43:84:4f:ca:85:91:92:4b:59:ce:44:5e:ef:09:ff:
bf:87:12:a4:39:f4:c4:76:56:ed:4e:29:df:2a:b2:
8d:bb:44:0d:f4:ca:9a:ea:65:c4:e7:98:69:85:c7:
1d:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:47:D9:84:EB:7E:C2:F5:2E:95:E8:B5:3F:83:B8:D0:82:E1:E9:6E
X509v3 Authority Key Identifier:
keyid:58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/lUfZhOt-wvUulei1P4O40ILh6W4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.245.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:15:5c:f5:35:1e:8e:e1:26:91:22:75:86:ab:44:10:b0:32:
7e:76:6f:66:c1:48:88:e2:8a:a1:b1:09:6a:d9:d1:7f:78:68:
bd:96:a8:c9:ca:eb:93:61:5d:1b:dd:58:ef:e9:94:2e:08:37:
b0:fe:a7:53:60:90:0d:8e:72:af:77:a4:b7:0f:b0:09:aa:85:
fc:c8:88:bc:ee:e5:f7:ce:6e:e5:74:a9:53:ee:8c:0f:62:3d:
c0:9f:08:06:72:6c:79:34:9c:3f:25:3c:07:0f:a6:95:cb:9a:
6c:ed:8b:83:35:b6:59:17:b6:8d:66:ce:30:0d:dd:80:f9:b5:
54:e9:9b:71:9d:ff:13:de:b9:09:20:34:27:d6:d8:b0:ae:81:
d6:36:03:7a:6a:f1:66:e4:1f:33:df:91:8c:ab:58:d3:ca:60:
6e:79:57:f8:42:26:1a:17:9d:7a:cb:6c:58:aa:81:29:6e:57:
af:25:6c:42:e1:e2:e1:08:5d:14:51:c4:b2:7b:e8:77:d4:e5:
1c:14:f6:30:f8:0b:35:90:cc:6d:9d:b3:cb:a0:c3:84:70:18:
99:9e:d6:3d:6d:67:5f:be:23:36:2a:ab:2a:cd:e2:59:90:8b:
02:57:f3:ac:2a:b9:f2:a8:c2:1e:65:14:a1:c2:c2:67:75:86:
da:cf:4c:82
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJkJySrQ8C9/42Q88wuGMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YWQ2MGRhNTI2NzFlOTA4M2NmMzk4NjRlY2EyYWEyMzI0
MWJlOWUwHhcNMjUwMTAyMTc1MzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTQ3ZDk4NGViN2VjMmY1MmU5NWU4YjUzZjgzYjhkMDgyZTFlOTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArcXVcIjq9ELk7jZFJlivj6ro81Zo
MFqb4xR2Dcq0JC2ZIGq85FRmyM4t2t+Skyug9LNadhHwWjmny3TDs/sLFjBTvulx
r5j0ZupCVHTZWbuyfQKkK6IJvPyBSZCr85nz68l+UmYUqRTE/xYkYqI0YD39RGYr
AY9tMgbIHv6i8AvUQzVwCOquHc5+jDzMlUA6JF3HtjISidxm8dprZ4Vyl9MLYDKK
BLduu+LrpfjMNoPsPO3lELkHpjPHYQB9AFAi1j6ObXtc2cJkra44ceC5MXVDhE/K
hZGSS1nORF7vCf+/hxKkOfTEdlbtTinfKrKNu0QN9Mqa6mXE55hphccd/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJVH2YTrfsL1LpXotT+DuNCC4eluMB8GA1UdIwQY
MBaAFFitYNpSZx6Qg885hk7KKqIyQb6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDct
MTFiM2NmM2ZkNGUxLzEvbFVmWmhPdC13dlV1bGVpMVA0TzQwSUxoNlc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDctMTFiM2NmM2ZkNGUx
LzEvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkhP1MA0G
CSqGSIb3DQEBCwUAA4IBAQA7FVz1NR6O4SaRInWGq0QQsDJ+dm9mwUiI4oqhsQlq
2dF/eGi9lqjJyuuTYV0b3Vjv6ZQuCDew/qdTYJANjnKvd6S3D7AJqoX8yIi87uX3
zm7ldKlT7owPYj3AnwgGcmx5NJw/JTwHD6aVy5ps7YuDNbZZF7aNZs4wDd2A+bVU
6Ztxnf8T3rkJIDQn1tiwroHWNgN6avFm5B8z35GMq1jTymBueVf4QiYaF516y2xY
qoEpblevJWxC4eLhCF0UUcSye+h31OUcFPYw+As1kMxtnbPLoMOEcBiZntY9bWdf
viM2KqsqzeJZkIsCV/OsKrnyqMIeZRShwsJndYbaz0yC
-----END CERTIFICATE-----
Generated at Sat Apr 12 13:19:59 2025 by rpki-client