Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/0cb2f9-8ef9-4eeb-962a-d8b4e0d0d6d5/1/Lf6gNW4pB2_3G8WJ1gs4diM2dp4.roa
File: Lf6gNW4pB2_3G8WJ1gs4diM2dp4.roa (raw, json)
Hash identifier: KsApADDkWth8orQKJUtme8wDWNYjMSX9ur5fZXW4Ab8=
Subject key identifier: 2D:FE:A0:35:6E:29:07:6F:F7:1B:C5:89:D6:0B:38:76:23:36:76:9E
Certificate issuer: /CN=dc3884021d1b02e8c16b555743dfeb9da8e48e31
Certificate serial: 0194266C133A7211676C63DD0CE19B7FFBB0
Authority key identifier: DC:38:84:02:1D:1B:02:E8:C1:6B:55:57:43:DF:EB:9D:A8:E4:8E:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3DiEAh0bAujBa1VXQ9_rnajkjjE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/0cb2f9-8ef9-4eeb-962a-d8b4e0d0d6d5/1/Lf6gNW4pB2_3G8WJ1gs4diM2dp4.roa
Signing time: Thu 02 Jan 2025 09:50:04 +0000
ROA not before: Thu 02 Jan 2025 09:50:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20853
IP address blocks: 31.31.168.0/21 maxlen: 32
77.95.234.0/23 maxlen: 32
77.95.236.0/22 maxlen: 32
79.133.192.0/19 maxlen: 32
80.72.32.0/20 maxlen: 32
91.250.243.0/24 maxlen: 32
185.7.104.0/22 maxlen: 32
185.30.124.0/22 maxlen: 32
185.40.196.0/22 maxlen: 32
185.73.228.0/22 maxlen: 32
2a00:c90::/32 maxlen: 32
2a05:4480::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/0cb2f9-8ef9-4eeb-962a-d8b4e0d0d6d5/1/3DiEAh0bAujBa1VXQ9_rnajkjjE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/0cb2f9-8ef9-4eeb-962a-d8b4e0d0d6d5/1/3DiEAh0bAujBa1VXQ9_rnajkjjE.mft
rsync://rpki.ripe.net/repository/DEFAULT/3DiEAh0bAujBa1VXQ9_rnajkjjE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 23:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:13:3a:72:11:67:6c:63:dd:0c:e1:9b:7f:fb:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc3884021d1b02e8c16b555743dfeb9da8e48e31
Validity
Not Before: Jan 2 09:50:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2dfea0356e29076ff71bc589d60b38762336769e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:de:e0:fd:df:26:d0:01:71:36:9c:e2:05:8a:
78:db:3d:a4:b1:e9:17:3e:5b:3e:7f:06:63:06:a0:
de:a8:fc:eb:04:2e:14:60:cc:e9:39:03:9a:21:64:
8d:0c:f3:cd:e0:e3:d7:ff:f5:b4:0c:c3:03:02:17:
cc:e0:c4:83:98:f7:b1:6e:78:44:9b:70:1a:a3:b4:
04:b6:d2:39:8d:ba:0a:ee:39:41:f9:74:6c:2e:bd:
9a:ae:8e:b1:f4:a9:0d:bf:58:8f:2a:f2:76:ea:97:
19:65:7e:d9:5a:e3:ca:4a:99:19:87:aa:26:37:29:
a2:10:82:54:4a:a9:dd:89:91:01:e5:75:5c:19:0e:
67:dd:b4:aa:ca:e6:2f:56:cb:1c:6b:45:28:ca:f6:
39:d7:d0:98:47:94:f7:f6:ea:c7:0b:04:a9:40:e1:
19:e3:5f:4b:56:a2:5f:2a:42:32:d4:94:f7:e7:ec:
38:89:18:a5:a4:87:64:82:80:21:fe:5a:4f:21:00:
be:c9:41:aa:92:d7:4d:d7:d1:4c:29:5b:73:bb:9e:
3c:cc:e7:63:e9:81:a9:e8:81:f8:99:49:8d:56:f0:
57:20:36:7e:0f:3f:52:71:ec:42:4a:65:d8:6b:55:
81:7d:05:1b:97:05:68:1d:57:5f:8e:5c:03:03:92:
39:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:FE:A0:35:6E:29:07:6F:F7:1B:C5:89:D6:0B:38:76:23:36:76:9E
X509v3 Authority Key Identifier:
keyid:DC:38:84:02:1D:1B:02:E8:C1:6B:55:57:43:DF:EB:9D:A8:E4:8E:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3DiEAh0bAujBa1VXQ9_rnajkjjE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/0cb2f9-8ef9-4eeb-962a-d8b4e0d0d6d5/1/Lf6gNW4pB2_3G8WJ1gs4diM2dp4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/0cb2f9-8ef9-4eeb-962a-d8b4e0d0d6d5/1/3DiEAh0bAujBa1VXQ9_rnajkjjE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.31.168.0/21
77.95.234.0-77.95.239.255
79.133.192.0/19
80.72.32.0/20
91.250.243.0/24
185.7.104.0/22
185.30.124.0/22
185.40.196.0/22
185.73.228.0/22
IPv6:
2a00:c90::/32
2a05:4480::/29
Signature Algorithm: sha256WithRSAEncryption
08:db:4c:f9:ad:21:64:4b:2b:24:af:91:ea:f0:97:85:67:5d:
72:ac:b4:2f:8e:d8:de:50:a3:90:a3:c6:e3:b4:93:98:fc:a7:
b7:9e:e2:cc:2f:cf:b8:d4:2e:d1:62:43:03:29:08:f9:01:f7:
38:d3:15:d2:da:a4:74:25:17:9b:30:22:60:e6:10:c4:1d:72:
9b:ae:11:60:8c:d2:52:1b:f7:32:9f:f3:c7:cb:d3:f4:89:aa:
dc:72:0b:4b:aa:8e:f9:46:3c:3c:a7:b9:05:70:75:66:e9:7b:
32:92:e1:e3:85:5d:f4:19:2c:f6:34:f9:1b:2d:94:de:de:0a:
a8:84:8e:0c:d5:65:6c:68:b7:52:67:b2:49:96:43:05:ee:f1:
38:7c:d6:cb:ef:81:e1:6f:87:2c:2b:f8:53:1f:f8:36:84:06:
ab:f1:1c:94:90:f3:4f:85:9f:6f:f6:01:bf:26:a9:7b:2d:58:
de:01:c9:9e:e7:2d:a0:50:4f:b2:85:67:8a:d6:8b:36:b7:42:
76:c4:35:7a:5a:e1:26:15:38:27:58:ca:d6:78:e0:b9:d4:a3:
5f:78:d1:84:d9:d0:18:c1:e3:dc:33:9b:ab:bb:74:dd:32:5b:
0a:97:84:d6:9f:2b:5d:d0:ba:55:58:e0:84:cb:50:61:5c:af:
3c:bf:98:1b
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZQmbBM6chFnbGPdDOGbf/uwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMzg4NDAyMWQxYjAyZThjMTZiNTU1NzQzZGZlYjlkYThl
NDhlMzEwHhcNMjUwMTAyMDk1MDA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGZlYTAzNTZlMjkwNzZmZjcxYmM1ODlkNjBiMzg3NjIzMzY3NjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj97g/d8m0AFxNpziBYp42z2ksekX
Pls+fwZjBqDeqPzrBC4UYMzpOQOaIWSNDPPN4OPX//W0DMMDAhfM4MSDmPexbnhE
m3Aao7QEttI5jboK7jlB+XRsLr2aro6x9KkNv1iPKvJ26pcZZX7ZWuPKSpkZh6om
NymiEIJUSqndiZEB5XVcGQ5n3bSqyuYvVssca0UoyvY519CYR5T39urHCwSpQOEZ
419LVqJfKkIy1JT35+w4iRilpIdkgoAh/lpPIQC+yUGqktdN19FMKVtzu548zOdj
6YGp6IH4mUmNVvBXIDZ+Dz9ScexCSmXYa1WBfQUblwVoHVdfjlwDA5I5fwIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFC3+oDVuKQdv9xvFidYLOHYjNnaeMB8GA1UdIwQY
MBaAFNw4hAIdGwLowWtVV0Pf652o5I4xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0RpRUFoMGJBdWpCYTFWWFE5X3JuYWprampFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS8wY2IyZjktOGVmOS00ZWViLTk2MmEt
ZDhiNGUwZDBkNmQ1LzEvTGY2Z05XNHBCMl8zRzhXSjFnczRkaU0yZHA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS8wY2IyZjktOGVmOS00ZWViLTk2MmEtZDhiNGUwZDBkNmQ1
LzEvM0RpRUFoMGJBdWpCYTFWWFE5X3JuYWprampFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBEBAIAATA+AwQDHx+oMAwD
BAFNX+oDBARNX+ADBAVPhcADBARQSCADBABb+vMDBAK5B2gDBAK5HnwDBAK5KMQD
BAK5SeQwFAQCAAIwDgMFACoADJADBQMqBUSAMA0GCSqGSIb3DQEBCwUAA4IBAQAI
20z5rSFkSyskr5Hq8JeFZ11yrLQvjtjeUKOQo8bjtJOY/Ke3nuLML8+41C7RYkMD
KQj5Afc40xXS2qR0JRebMCJg5hDEHXKbrhFgjNJSG/cyn/PHy9P0iarccgtLqo75
Rjw8p7kFcHVm6XsykuHjhV30GSz2NPkbLZTe3gqohI4M1WVsaLdSZ7JJlkMF7vE4
fNbL74Hhb4csK/hTH/g2hAar8RyUkPNPhZ9v9gG/Jql7LVjeAcme5y2gUE+yhWeK
1os2t0J2xDV6WuEmFTgnWMrWeOC51KNfeNGE2dAYwePcM5uru3TdMlsKl4TWnytd
0LpVWOCEy1BhXK88v5gb
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:19:57 2025 by rpki-client