Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/59a032-c384-43df-8c9d-ef0b82189444/1/LKQwgiepoVu5_u8taIAcRutuJ-s.roa
File: LKQwgiepoVu5_u8taIAcRutuJ-s.roa (raw, json)
Hash identifier: g/2UuKpKO1KSqMbVUrFxetjbdTbJKbXQ9uje0qgEhYw=
Subject key identifier: 2C:A4:30:82:27:A9:A1:5B:B9:FE:EF:2D:68:80:1C:46:EB:6E:27:EB
Certificate issuer: /CN=e3280c6352a0bfbb79d249c8875ed186ecce8a86
Certificate serial: 019420D64AF5ED3F21DA3000A674DFA0AF57
Authority key identifier: E3:28:0C:63:52:A0:BF:BB:79:D2:49:C8:87:5E:D1:86:EC:CE:8A:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4ygMY1Kgv7t50knIh17RhuzOioY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/59a032-c384-43df-8c9d-ef0b82189444/1/LKQwgiepoVu5_u8taIAcRutuJ-s.roa
Signing time: Wed 01 Jan 2025 07:48:22 +0000
ROA not before: Wed 01 Jan 2025 07:48:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57469
IP address blocks: 31.207.96.0/19 maxlen: 22
159.48.16.0/20 maxlen: 22
159.48.48.0/22 maxlen: 22
159.48.56.0/21 maxlen: 22
185.35.108.0/24 maxlen: 24
185.168.9.0/24 maxlen: 24
185.177.32.0/22 maxlen: 22
185.205.192.0/23 maxlen: 23
185.211.35.0/24 maxlen: 24
185.212.69.0/24 maxlen: 24
185.223.254.0/23 maxlen: 23
185.232.12.0/23 maxlen: 23
193.17.219.0/24 maxlen: 24
194.126.237.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/59a032-c384-43df-8c9d-ef0b82189444/1/4ygMY1Kgv7t50knIh17RhuzOioY.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/59a032-c384-43df-8c9d-ef0b82189444/1/4ygMY1Kgv7t50knIh17RhuzOioY.mft
rsync://rpki.ripe.net/repository/DEFAULT/4ygMY1Kgv7t50knIh17RhuzOioY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 19:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:4a:f5:ed:3f:21:da:30:00:a6:74:df:a0:af:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e3280c6352a0bfbb79d249c8875ed186ecce8a86
Validity
Not Before: Jan 1 07:48:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2ca4308227a9a15bb9feef2d68801c46eb6e27eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:b3:dd:44:f4:7a:98:4a:ad:ce:5c:f0:c1:c7:
42:73:1f:28:ab:09:25:3c:a3:54:a6:64:81:53:79:
46:b4:f6:00:98:c9:db:75:fa:19:77:01:03:a6:59:
6d:d5:c1:07:23:9c:e0:43:40:aa:29:b4:1a:06:87:
a9:b4:a3:12:d5:c9:76:c3:0a:31:0f:83:01:12:90:
2a:e4:05:8f:b2:24:fe:f3:27:e3:0f:b5:df:f2:50:
57:0c:37:ae:cd:49:f8:ec:48:c2:b9:70:a0:cb:35:
7a:ab:9f:51:8d:1e:ed:ef:17:55:37:10:d4:42:c6:
e8:c0:af:6b:50:bf:35:3a:0b:92:c8:5e:8c:4a:65:
b5:a5:27:ac:3e:c9:d8:cc:b3:fd:28:d3:77:02:a8:
8f:8b:68:f6:ec:f9:96:2d:ac:2b:b0:e1:ec:3b:78:
da:7e:e0:1b:5b:94:72:e2:6b:7d:dd:1b:b9:b5:57:
5a:b4:bf:95:3e:b7:1a:b1:3f:98:80:c8:6d:88:f2:
25:0e:5b:d3:f8:9d:72:b4:7a:3f:e8:77:01:c0:fb:
94:cb:06:4f:8b:26:39:7c:88:41:e2:c9:a5:9a:5e:
ad:b2:a8:e6:77:3b:ee:2b:fc:d9:2e:12:14:84:99:
af:04:4a:7e:61:8a:f4:3b:56:14:02:db:66:f4:c8:
4d:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:A4:30:82:27:A9:A1:5B:B9:FE:EF:2D:68:80:1C:46:EB:6E:27:EB
X509v3 Authority Key Identifier:
keyid:E3:28:0C:63:52:A0:BF:BB:79:D2:49:C8:87:5E:D1:86:EC:CE:8A:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4ygMY1Kgv7t50knIh17RhuzOioY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/59a032-c384-43df-8c9d-ef0b82189444/1/LKQwgiepoVu5_u8taIAcRutuJ-s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/59a032-c384-43df-8c9d-ef0b82189444/1/4ygMY1Kgv7t50knIh17RhuzOioY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.207.96.0/19
159.48.16.0/20
159.48.48.0/22
159.48.56.0/21
185.35.108.0/24
185.168.9.0/24
185.177.32.0/22
185.205.192.0/23
185.211.35.0/24
185.212.69.0/24
185.223.254.0/23
185.232.12.0/23
193.17.219.0/24
194.126.237.0/24
Signature Algorithm: sha256WithRSAEncryption
79:39:85:f0:8e:64:75:cf:8b:7e:a7:f7:b9:c1:ff:38:2c:70:
c9:cc:21:bd:03:46:ac:27:b0:4a:03:75:f2:de:c2:d3:fe:22:
a6:54:9a:41:fb:f9:4e:f5:4e:7c:d4:fa:8f:99:5c:a7:49:f6:
20:db:b1:06:04:23:4f:a1:2e:fd:cb:98:c7:09:47:3d:13:f0:
c2:0f:6b:fe:5a:7f:fd:b6:89:aa:72:90:2b:1f:20:83:90:5e:
46:2c:73:d7:4f:dd:44:0a:9e:77:e6:ec:45:eb:cb:4f:1b:b4:
08:12:7a:71:e5:5a:b3:14:9c:9d:79:16:38:15:b0:01:d3:ba:
0b:33:ef:14:7b:df:24:d0:cd:38:cb:8c:d6:7a:1b:e7:5e:61:
34:1b:b9:a9:52:f5:2a:b0:c9:06:e4:0b:99:be:2e:11:1f:ca:
4a:e0:19:87:f1:55:4d:f2:cf:95:c9:d6:63:6c:c6:db:9b:66:
a3:a4:b6:5e:36:98:09:14:75:4a:85:63:40:b8:83:d1:1d:e1:
0a:de:2d:7d:f9:40:72:4c:c4:25:fc:25:dd:c0:2c:97:95:78:
bb:a6:73:7a:09:69:e5:7d:ba:3f:7a:8a:93:d9:80:a8:3f:70:
b5:12:7c:b6:26:9d:0c:fb:33:b6:06:c6:42:e2:6e:00:c9:c0:
8c:88:24:70
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZQg1kr17T8h2jAApnTfoK9XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzMjgwYzYzNTJhMGJmYmI3OWQyNDljODg3NWVkMTg2ZWNj
ZThhODYwHhcNMjUwMTAxMDc0ODIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyY2E0MzA4MjI3YTlhMTViYjlmZWVmMmQ2ODgwMWM0NmViNmUyN2ViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsrPdRPR6mEqtzlzwwcdCcx8oqwkl
PKNUpmSBU3lGtPYAmMnbdfoZdwEDpllt1cEHI5zgQ0CqKbQaBoeptKMS1cl2wwox
D4MBEpAq5AWPsiT+8yfjD7Xf8lBXDDeuzUn47EjCuXCgyzV6q59RjR7t7xdVNxDU
QsbowK9rUL81OguSyF6MSmW1pSesPsnYzLP9KNN3AqiPi2j27PmWLawrsOHsO3ja
fuAbW5Ry4mt93Ru5tVdatL+VPrcasT+YgMhtiPIlDlvT+J1ytHo/6HcBwPuUywZP
iyY5fIhB4smlml6tsqjmdzvuK/zZLhIUhJmvBEp+YYr0O1YUAttm9MhNGQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFCykMIInqaFbuf7vLWiAHEbrbifrMB8GA1UdIwQY
MBaAFOMoDGNSoL+7edJJyIde0YbszoqGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHlnTVkxS2d2N3Q1MGtuSWgxN1JodXpPaW9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC81OWEwMzItYzM4NC00M2RmLThjOWQt
ZWYwYjgyMTg5NDQ0LzEvTEtRd2dpZXBvVnU1X3U4dGFJQWNSdXR1Si1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC81OWEwMzItYzM4NC00M2RmLThjOWQtZWYwYjgyMTg5NDQ0
LzEvNHlnTVkxS2d2N3Q1MGtuSWgxN1JodXpPaW9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQFH89gAwQE
nzAQAwQCnzAwAwQDnzA4AwQAuSNsAwQAuagJAwQCubEgAwQBuc3AAwQAudMjAwQA
udRFAwQBud/+AwQBuegMAwQAwRHbAwQAwn7tMA0GCSqGSIb3DQEBCwUAA4IBAQB5
OYXwjmR1z4t+p/e5wf84LHDJzCG9A0asJ7BKA3Xy3sLT/iKmVJpB+/lO9U581PqP
mVynSfYg27EGBCNPoS79y5jHCUc9E/DCD2v+Wn/9tomqcpArHyCDkF5GLHPXT91E
Cp535uxF68tPG7QIEnpx5VqzFJydeRY4FbAB07oLM+8Ue98k0M04y4zWehvnXmE0
G7mpUvUqsMkG5AuZvi4RH8pK4BmH8VVN8s+VydZjbMbbm2ajpLZeNpgJFHVKhWNA
uIPRHeEK3i19+UByTMQl/CXdwCyXlXi7pnN6CWnlfbo/eoqT2YCoP3C1Eny2Jp0M
+zO2BsZC4m4AycCMiCRw
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:55:42 2025 by rpki-client