Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/40f1bb-e868-479c-a515-7b47b5ba6aed/1/ldrAy5A_M0tg2d0BXg7t_q2mTmY.roa
File: ldrAy5A_M0tg2d0BXg7t_q2mTmY.roa (raw, json)
Hash identifier: PzgoMs0khlbRVil+vbEFVoeQZaszoG+3sW3UoJkJrfY=
Subject key identifier: 95:DA:C0:CB:90:3F:33:4B:60:D9:DD:01:5E:0E:ED:FE:AD:A6:4E:66
Certificate issuer: /CN=e58ff73925a23692847ed92bc66613fd47068dcf
Certificate serial: 01941F8CA3DFB8A049915F3F02CACBB8876B
Authority key identifier: E5:8F:F7:39:25:A2:36:92:84:7E:D9:2B:C6:66:13:FD:47:06:8D:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5Y_3OSWiNpKEftkrxmYT_UcGjc8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/40f1bb-e868-479c-a515-7b47b5ba6aed/1/ldrAy5A_M0tg2d0BXg7t_q2mTmY.roa
Signing time: Wed 01 Jan 2025 01:48:18 +0000
ROA not before: Wed 01 Jan 2025 01:48:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21376
IP address blocks: 176.104.248.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c2/40f1bb-e868-479c-a515-7b47b5ba6aed/1/5Y_3OSWiNpKEftkrxmYT_UcGjc8.crl
rsync://rpki.ripe.net/repository/DEFAULT/c2/40f1bb-e868-479c-a515-7b47b5ba6aed/1/5Y_3OSWiNpKEftkrxmYT_UcGjc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/5Y_3OSWiNpKEftkrxmYT_UcGjc8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 15 Jan 2025 06:34:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:a3:df:b8:a0:49:91:5f:3f:02:ca:cb:b8:87:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e58ff73925a23692847ed92bc66613fd47068dcf
Validity
Not Before: Jan 1 01:48:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=95dac0cb903f334b60d9dd015e0eedfeada64e66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:1c:1c:b4:07:0a:9a:c9:bc:30:79:34:70:06:
cb:00:b1:73:9e:a8:88:71:d6:c4:0e:5d:d8:48:c5:
87:ef:3c:26:12:2a:fe:1e:8f:b6:02:2c:3e:bc:ef:
f0:76:cd:1e:63:8f:34:16:f7:bd:1f:d1:e3:49:e9:
4d:da:40:e3:d9:f8:d3:5c:85:25:b4:4b:02:fe:19:
ad:a2:bd:70:a4:7f:4e:ef:a3:dc:5a:ff:de:d5:f8:
6d:63:8d:1e:f1:13:05:6d:5e:fd:4e:d6:06:88:5f:
48:51:8d:29:37:2a:60:a3:4d:7c:4e:5b:d7:7e:27:
96:d8:d4:42:1d:dd:50:00:3b:7f:25:54:6d:41:45:
d1:a8:d4:64:a1:ba:04:2f:d1:15:3e:f7:69:0f:a8:
bb:c4:f3:ee:73:1f:e8:5c:86:b6:92:08:3b:17:e3:
84:b0:f5:fa:33:e6:76:b8:a6:06:dc:8d:05:5a:c9:
3c:10:7b:33:53:5e:9b:da:e6:af:4a:bc:13:2c:a1:
94:7d:0d:30:e9:62:71:ae:ff:6a:63:16:58:77:5c:
c2:15:dc:f0:33:63:2b:17:a3:f1:a8:fe:86:96:c2:
2f:68:15:42:8e:62:38:dc:b6:8d:92:be:9e:11:67:
c9:1e:37:cc:7d:06:96:bd:c0:36:e4:8b:fd:d7:c9:
74:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:DA:C0:CB:90:3F:33:4B:60:D9:DD:01:5E:0E:ED:FE:AD:A6:4E:66
X509v3 Authority Key Identifier:
keyid:E5:8F:F7:39:25:A2:36:92:84:7E:D9:2B:C6:66:13:FD:47:06:8D:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5Y_3OSWiNpKEftkrxmYT_UcGjc8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/40f1bb-e868-479c-a515-7b47b5ba6aed/1/ldrAy5A_M0tg2d0BXg7t_q2mTmY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/40f1bb-e868-479c-a515-7b47b5ba6aed/1/5Y_3OSWiNpKEftkrxmYT_UcGjc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.104.248.0/21
Signature Algorithm: sha256WithRSAEncryption
29:a6:6e:5c:2f:32:94:92:a4:31:a2:68:27:72:31:5d:c0:90:
83:a9:1c:4e:3c:66:0d:16:bb:61:b8:39:79:ed:e8:a2:e0:21:
28:c6:8a:98:a4:24:bf:56:04:41:53:d7:c3:2c:84:64:94:37:
28:9d:1a:ac:73:ea:66:d6:25:c4:1f:3d:83:7a:00:df:0d:e4:
2f:95:df:e1:3c:f8:f8:a5:11:a2:c0:20:1d:12:98:cd:56:87:
0c:24:ef:4b:e8:4d:51:f6:0f:49:0c:b5:f5:4c:aa:d1:8f:8e:
1d:95:97:8a:5c:6f:1a:10:ee:29:f4:34:9f:fa:56:3f:14:9c:
49:9f:ec:02:bb:0c:4e:33:92:2c:50:f4:69:e5:8a:d1:52:66:
f5:cd:6e:27:63:59:09:d1:f0:5c:bd:43:6c:fb:3d:4d:a2:27:
06:1a:0c:01:5e:f3:f9:66:54:3b:af:49:e1:b3:43:d7:68:f6:
f5:73:ac:62:3c:80:0a:cf:89:dd:df:3e:4c:5e:96:0a:ad:8a:
4f:e5:d6:b8:6b:6a:e0:7b:aa:7c:ff:df:2b:2d:15:4a:f3:d1:
61:f2:dd:25:2b:ed:7a:2d:6c:da:75:a6:15:5a:77:47:60:9d:
ad:f4:8e:60:3d:6f:fc:44:e2:04:23:13:85:49:d6:bb:b7:2b:
4d:41:7f:26
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjKPfuKBJkV8/AsrLuIdrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1OGZmNzM5MjVhMjM2OTI4NDdlZDkyYmM2NjYxM2ZkNDcw
NjhkY2YwHhcNMjUwMTAxMDE0ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWRhYzBjYjkwM2YzMzRiNjBkOWRkMDE1ZTBlZWRmZWFkYTY0ZTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsBwctAcKmsm8MHk0cAbLALFznqiI
cdbEDl3YSMWH7zwmEir+Ho+2Aiw+vO/wds0eY480Fve9H9HjSelN2kDj2fjTXIUl
tEsC/hmtor1wpH9O76PcWv/e1fhtY40e8RMFbV79TtYGiF9IUY0pNypgo018TlvX
fieW2NRCHd1QADt/JVRtQUXRqNRkoboEL9EVPvdpD6i7xPPucx/oXIa2kgg7F+OE
sPX6M+Z2uKYG3I0FWsk8EHszU16b2uavSrwTLKGUfQ0w6WJxrv9qYxZYd1zCFdzw
M2MrF6PxqP6GlsIvaBVCjmI43LaNkr6eEWfJHjfMfQaWvcA25Iv918l07QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJXawMuQPzNLYNndAV4O7f6tpk5mMB8GA1UdIwQY
MBaAFOWP9zklojaShH7ZK8ZmE/1HBo3PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVlfM09TV2lOcEtFZnRrcnhtWVRfVWNHamM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi80MGYxYmItZTg2OC00NzljLWE1MTUt
N2I0N2I1YmE2YWVkLzEvbGRyQXk1QV9NMHRnMmQwQlhnN3RfcTJtVG1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi80MGYxYmItZTg2OC00NzljLWE1MTUtN2I0N2I1YmE2YWVk
LzEvNVlfM09TV2lOcEtFZnRrcnhtWVRfVWNHamM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDsGj4MA0G
CSqGSIb3DQEBCwUAA4IBAQAppm5cLzKUkqQxomgncjFdwJCDqRxOPGYNFrthuDl5
7eii4CEoxoqYpCS/VgRBU9fDLIRklDconRqsc+pm1iXEHz2DegDfDeQvld/hPPj4
pRGiwCAdEpjNVocMJO9L6E1R9g9JDLX1TKrRj44dlZeKXG8aEO4p9DSf+lY/FJxJ
n+wCuwxOM5IsUPRp5YrRUmb1zW4nY1kJ0fBcvUNs+z1NoicGGgwBXvP5ZlQ7r0nh
s0PXaPb1c6xiPIAKz4nd3z5MXpYKrYpP5da4a2rge6p8/98rLRVK89Fh8t0lK+16
LWzadaYVWndHYJ2t9I5gPW/8ROIEIxOFSda7tytNQX8m
-----END CERTIFICATE-----
Generated at Tue Jan 14 17:33:25 2025 by rpki-client on console-ams.rpki-client.org