Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/732801-6294-412b-955e-fefd37666741/1/lcnrXbBFBu5DHpybXSYL_QBSFxY.roa
File: lcnrXbBFBu5DHpybXSYL_QBSFxY.roa (raw, json)
Hash identifier: 55Re6AipYf4XWuugu2p6Yv9D+4CVj5GB9DhYUd+Co3s=
Subject key identifier: 95:C9:EB:5D:B0:45:06:EE:43:1E:9C:9B:5D:26:0B:FD:00:52:17:16
Certificate issuer: /CN=c933481d3fa48710dcb973fdcd29340dedb6229a
Certificate serial: 01942521E10196F9FBBDA7A17856D164607B
Authority key identifier: C9:33:48:1D:3F:A4:87:10:DC:B9:73:FD:CD:29:34:0D:ED:B6:22:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yTNIHT-khxDcuXP9zSk0De22Ipo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/732801-6294-412b-955e-fefd37666741/1/lcnrXbBFBu5DHpybXSYL_QBSFxY.roa
Signing time: Thu 02 Jan 2025 03:49:24 +0000
ROA not before: Thu 02 Jan 2025 03:49:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 32875
IP address blocks: 5.226.169.0/24 maxlen: 24
5.226.170.0/24 maxlen: 24
5.226.174.0/24 maxlen: 24
5.226.175.0/24 maxlen: 24
185.48.205.0/24 maxlen: 24
185.48.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ce/732801-6294-412b-955e-fefd37666741/1/yTNIHT-khxDcuXP9zSk0De22Ipo.crl
rsync://rpki.ripe.net/repository/DEFAULT/ce/732801-6294-412b-955e-fefd37666741/1/yTNIHT-khxDcuXP9zSk0De22Ipo.mft
rsync://rpki.ripe.net/repository/DEFAULT/yTNIHT-khxDcuXP9zSk0De22Ipo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 03:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:e1:01:96:f9:fb:bd:a7:a1:78:56:d1:64:60:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c933481d3fa48710dcb973fdcd29340dedb6229a
Validity
Not Before: Jan 2 03:49:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=95c9eb5db04506ee431e9c9b5d260bfd00521716
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:e7:67:23:ef:57:ec:96:57:61:51:c9:0e:0f:
ba:80:91:42:15:0d:d2:35:c6:8f:11:8d:e8:10:bf:
d4:ad:c4:70:df:a4:7e:33:74:00:d2:34:73:fb:12:
ad:e7:fb:3b:f2:95:64:bd:19:43:21:55:ce:f1:5f:
5e:62:91:16:32:0b:b5:fe:12:cb:c5:43:c2:2a:71:
a9:b2:b3:b9:26:61:71:8f:1b:a1:42:d7:49:3b:fa:
f0:bc:00:82:5b:87:b5:45:72:1d:0e:03:f2:53:bf:
a9:7d:36:31:4a:60:89:5a:fe:d1:e2:2a:ba:c8:8d:
c7:0d:d4:d4:f0:d8:af:ea:f3:00:09:3d:f7:72:a6:
ae:b9:20:03:82:01:38:5f:c2:68:51:60:6a:5e:03:
67:e8:fb:b8:2a:1a:2a:96:cc:b3:c4:db:a1:47:6d:
f9:68:6e:33:19:d2:06:7e:e1:a2:1a:07:39:50:1d:
4d:e8:20:f6:23:56:3a:ab:41:de:e4:18:00:e5:cb:
b7:09:23:ad:5a:5c:9a:ce:e0:80:ef:52:40:c4:33:
83:ed:8e:f2:c1:a0:ac:5c:b8:3e:6d:21:c2:e9:5d:
15:90:a9:5a:e1:50:8d:cf:e5:b9:3c:fd:59:a7:ec:
62:bd:58:8a:8e:a9:5a:5e:46:ac:a0:a9:67:14:8d:
fa:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:C9:EB:5D:B0:45:06:EE:43:1E:9C:9B:5D:26:0B:FD:00:52:17:16
X509v3 Authority Key Identifier:
keyid:C9:33:48:1D:3F:A4:87:10:DC:B9:73:FD:CD:29:34:0D:ED:B6:22:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yTNIHT-khxDcuXP9zSk0De22Ipo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/732801-6294-412b-955e-fefd37666741/1/lcnrXbBFBu5DHpybXSYL_QBSFxY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/732801-6294-412b-955e-fefd37666741/1/yTNIHT-khxDcuXP9zSk0De22Ipo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.226.169.0-5.226.170.255
5.226.174.0/23
185.48.205.0/24
185.48.207.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:a7:c8:a4:05:8e:e1:d6:87:a6:2e:28:ce:3a:9a:59:3e:43:
b3:1e:d4:bb:24:08:7f:ca:db:fa:02:fb:df:74:c6:45:4c:fe:
2e:e7:91:da:46:9c:03:8b:30:19:4d:b1:19:07:45:89:18:1c:
f1:8a:b0:79:a4:ae:6f:ba:da:91:0f:53:28:e0:5b:f0:e0:0d:
d4:67:06:8f:0f:43:a7:c2:9b:ee:90:44:f6:f9:aa:37:e0:a5:
91:28:34:a2:1a:b3:01:fe:ad:19:b3:eb:a9:97:cb:fb:19:53:
aa:8e:80:36:cd:cb:cf:be:e0:02:ff:e3:d7:b3:a7:08:60:ad:
5f:c0:f1:da:83:79:95:47:31:08:fe:26:55:c3:f9:5f:ea:d4:
1c:1d:76:ad:ea:76:f3:66:92:f1:b2:28:16:95:e0:11:a1:e3:
06:ca:a5:7a:bf:fd:30:ed:94:b2:4e:98:55:a1:93:2a:25:c8:
04:9b:dd:da:26:37:81:80:a2:20:c0:cd:33:05:4a:a3:f4:da:
fb:12:cf:69:75:3a:65:c9:7d:36:cf:8d:f3:a6:14:02:7e:d8:
f3:0e:25:f7:ef:71:c8:92:38:fd:5b:29:2d:43:b6:62:29:d6:
f1:3d:92:1c:41:76:f6:04:db:1a:a6:e5:cf:71:e3:08:26:8f:
75:18:e9:94
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZQlIeEBlvn7vaeheFbRZGB7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5MzM0ODFkM2ZhNDg3MTBkY2I5NzNmZGNkMjkzNDBkZWRi
NjIyOWEwHhcNMjUwMTAyMDM0OTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWM5ZWI1ZGIwNDUwNmVlNDMxZTljOWI1ZDI2MGJmZDAwNTIxNzE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuudnI+9X7JZXYVHJDg+6gJFCFQ3S
NcaPEY3oEL/UrcRw36R+M3QA0jRz+xKt5/s78pVkvRlDIVXO8V9eYpEWMgu1/hLL
xUPCKnGpsrO5JmFxjxuhQtdJO/rwvACCW4e1RXIdDgPyU7+pfTYxSmCJWv7R4iq6
yI3HDdTU8Niv6vMACT33cqauuSADggE4X8JoUWBqXgNn6Pu4KhoqlsyzxNuhR235
aG4zGdIGfuGiGgc5UB1N6CD2I1Y6q0He5BgA5cu3CSOtWlyazuCA71JAxDOD7Y7y
waCsXLg+bSHC6V0VkKla4VCNz+W5PP1Zp+xivViKjqlaXkasoKlnFI36WwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFJXJ612wRQbuQx6cm10mC/0AUhcWMB8GA1UdIwQY
MBaAFMkzSB0/pIcQ3Llz/c0pNA3ttiKaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVROSUhULWtoeERjdVhQOXpTazBEZTIySXBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS83MzI4MDEtNjI5NC00MTJiLTk1NWUt
ZmVmZDM3NjY2NzQxLzEvbGNuclhiQkZCdTVESHB5YlhTWUxfUUJTRnhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS83MzI4MDEtNjI5NC00MTJiLTk1NWUtZmVmZDM3NjY2NzQx
LzEveVROSUhULWtoeERjdVhQOXpTazBEZTIySXBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBAAF4qkD
BAAF4qoDBAEF4q4DBAC5MM0DBAC5MM8wDQYJKoZIhvcNAQELBQADggEBADunyKQF
juHWh6YuKM46mlk+Q7Me1LskCH/K2/oC+990xkVM/i7nkdpGnAOLMBlNsRkHRYkY
HPGKsHmkrm+62pEPUyjgW/DgDdRnBo8PQ6fCm+6QRPb5qjfgpZEoNKIaswH+rRmz
66mXy/sZU6qOgDbNy8++4AL/49ezpwhgrV/A8dqDeZVHMQj+JlXD+V/q1Bwddq3q
dvNmkvGyKBaV4BGh4wbKpXq//TDtlLJOmFWhkyolyASb3domN4GAoiDAzTMFSqP0
2vsSz2l1OmXJfTbPjfOmFAJ+2PMOJffvcciSOP1bKS1DtmIp1vE9khxBdvYE2xqm
5c9x4wgmj3UY6ZQ=
-----END CERTIFICATE-----
Generated at Tue Apr 8 12:49:03 2025 by rpki-client