Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/5a260e-aec0-4e4a-aa85-4b8df098496d/1/LkSjEtNw7y8FvIXezhAzO7bql6w.roa
File: LkSjEtNw7y8FvIXezhAzO7bql6w.roa (raw, json)
Hash identifier: XWnh2LDRuVnV3zQSeTuxulNsHgB6C0TJ9AfUsOOpruk=
Subject key identifier: 2E:44:A3:12:D3:70:EF:2F:05:BC:85:DE:CE:10:33:3B:B6:EA:97:AC
Certificate issuer: /CN=240e7594aae24a4fd6c38554517d8b9d6fae060d
Certificate serial: 019422201B6677C17DB76C7D85B1C1CBFC86
Authority key identifier: 24:0E:75:94:AA:E2:4A:4F:D6:C3:85:54:51:7D:8B:9D:6F:AE:06:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JA51lKriSk_Ww4VUUX2LnW-uBg0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/5a260e-aec0-4e4a-aa85-4b8df098496d/1/LkSjEtNw7y8FvIXezhAzO7bql6w.roa
Signing time: Wed 01 Jan 2025 13:48:37 +0000
ROA not before: Wed 01 Jan 2025 13:48:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31027
IP address blocks: 193.47.81.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/5a260e-aec0-4e4a-aa85-4b8df098496d/1/JA51lKriSk_Ww4VUUX2LnW-uBg0.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/5a260e-aec0-4e4a-aa85-4b8df098496d/1/JA51lKriSk_Ww4VUUX2LnW-uBg0.mft
rsync://rpki.ripe.net/repository/DEFAULT/JA51lKriSk_Ww4VUUX2LnW-uBg0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 13:43:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:1b:66:77:c1:7d:b7:6c:7d:85:b1:c1:cb:fc:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=240e7594aae24a4fd6c38554517d8b9d6fae060d
Validity
Not Before: Jan 1 13:48:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2e44a312d370ef2f05bc85dece10333bb6ea97ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:3a:5f:c8:fb:72:ea:9f:59:93:d6:cd:02:b5:
13:2f:1d:5d:da:c8:52:3c:2c:26:40:6e:ed:f1:b1:
d0:8b:07:db:14:fe:c0:ba:c1:d6:b1:ce:7f:25:22:
c1:f6:ba:0c:8f:d0:f5:dc:46:e3:a3:84:5a:27:8e:
6b:cf:b0:ae:4a:a4:62:55:97:7e:98:3b:b7:79:5b:
d0:fc:0e:6f:e5:f2:d0:72:59:f9:28:db:8b:79:5e:
9c:8e:92:70:00:3c:11:71:1d:6b:b5:96:fc:b6:9e:
a4:81:09:a4:05:ac:4e:12:c6:94:e2:bc:b6:e8:61:
1e:55:76:ac:9c:77:00:b4:f5:bc:88:5d:c3:64:c6:
bb:ff:92:68:b1:fa:30:71:bd:a7:00:6f:4f:80:5d:
b2:a9:05:32:a2:1f:84:ac:e8:0d:00:2d:77:88:bf:
99:56:c4:02:14:14:c0:8c:94:38:a2:8e:91:48:59:
95:08:48:66:9f:ad:39:16:95:9c:d9:97:03:24:8c:
3d:7e:b5:d1:2b:e7:3d:49:a5:e4:c2:c4:28:9b:ca:
52:af:91:c9:99:ea:7c:90:40:54:de:93:92:35:ba:
27:48:e3:56:77:98:fd:27:e6:8f:ee:b2:9b:b4:91:
61:97:8e:fa:b8:c2:0b:83:6f:d3:ab:a1:83:82:eb:
ea:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:44:A3:12:D3:70:EF:2F:05:BC:85:DE:CE:10:33:3B:B6:EA:97:AC
X509v3 Authority Key Identifier:
keyid:24:0E:75:94:AA:E2:4A:4F:D6:C3:85:54:51:7D:8B:9D:6F:AE:06:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JA51lKriSk_Ww4VUUX2LnW-uBg0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/5a260e-aec0-4e4a-aa85-4b8df098496d/1/LkSjEtNw7y8FvIXezhAzO7bql6w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/5a260e-aec0-4e4a-aa85-4b8df098496d/1/JA51lKriSk_Ww4VUUX2LnW-uBg0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.47.81.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:42:63:5f:ec:89:b7:03:fd:2b:af:96:65:f5:2d:b4:2a:91:
d0:7c:f6:60:df:e2:a0:d4:b8:14:6f:84:88:58:69:26:ee:67:
a1:90:a7:0d:25:db:0f:b4:03:74:65:c6:aa:5f:65:4e:fa:f0:
7d:2d:a3:25:5c:97:52:23:5a:ce:06:08:dc:82:16:34:10:23:
1e:33:83:84:71:ea:6a:c9:b5:26:00:51:9e:0b:65:eb:40:26:
5a:c9:c6:7c:2d:90:3d:43:f0:85:f6:f4:0e:58:99:9d:5c:bb:
88:3d:e2:dc:ed:f6:d6:a8:67:de:2f:5c:f5:d5:7e:75:4c:a5:
c2:8b:3e:be:5f:2d:dc:37:51:0d:83:b5:2c:12:bb:51:6a:26:
37:6f:1a:6d:91:7f:8b:ae:11:1a:07:18:af:2b:86:cf:44:d9:
99:bb:2d:93:cf:c5:60:fc:85:34:35:ad:b3:60:8a:14:16:09:
3a:ed:7d:f0:42:e2:9f:4d:c2:12:58:23:be:aa:f7:a4:be:aa:
f3:c2:d8:dd:f5:20:a2:1b:a5:ff:f1:19:74:c8:34:17:cd:c9:
84:fc:24:e9:a3:0d:5a:c6:d3:e8:e3:bd:05:3a:67:70:27:e0:
76:aa:dc:f8:b7:ad:be:da:b8:fc:61:1f:e4:aa:b8:39:66:b8:
21:5e:94:53
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiIBtmd8F9t2x9hbHBy/yGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0MGU3NTk0YWFlMjRhNGZkNmMzODU1NDUxN2Q4YjlkNmZh
ZTA2MGQwHhcNMjUwMTAxMTM0ODM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTQ0YTMxMmQzNzBlZjJmMDViYzg1ZGVjZTEwMzMzYmI2ZWE5N2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwDpfyPty6p9Zk9bNArUTLx1d2shS
PCwmQG7t8bHQiwfbFP7AusHWsc5/JSLB9roMj9D13Ebjo4RaJ45rz7CuSqRiVZd+
mDu3eVvQ/A5v5fLQcln5KNuLeV6cjpJwADwRcR1rtZb8tp6kgQmkBaxOEsaU4ry2
6GEeVXasnHcAtPW8iF3DZMa7/5Josfowcb2nAG9PgF2yqQUyoh+ErOgNAC13iL+Z
VsQCFBTAjJQ4oo6RSFmVCEhmn605FpWc2ZcDJIw9frXRK+c9SaXkwsQom8pSr5HJ
mep8kEBU3pOSNbonSONWd5j9J+aP7rKbtJFhl476uMILg2/Tq6GDguvq9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC5EoxLTcO8vBbyF3s4QMzu26pesMB8GA1UdIwQY
MBaAFCQOdZSq4kpP1sOFVFF9i51vrgYNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkE1MWxLcmlTa19XdzRWVVVYMkxuVy11QmcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS81YTI2MGUtYWVjMC00ZTRhLWFhODUt
NGI4ZGYwOTg0OTZkLzEvTGtTakV0Tnc3eThGdklYZXpoQXpPN2JxbDZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS81YTI2MGUtYWVjMC00ZTRhLWFhODUtNGI4ZGYwOTg0OTZk
LzEvSkE1MWxLcmlTa19XdzRWVVVYMkxuVy11QmcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwS9RMA0G
CSqGSIb3DQEBCwUAA4IBAQAbQmNf7Im3A/0rr5Zl9S20KpHQfPZg3+Kg1LgUb4SI
WGkm7mehkKcNJdsPtAN0ZcaqX2VO+vB9LaMlXJdSI1rOBgjcghY0ECMeM4OEcepq
ybUmAFGeC2XrQCZaycZ8LZA9Q/CF9vQOWJmdXLuIPeLc7fbWqGfeL1z11X51TKXC
iz6+Xy3cN1ENg7UsErtRaiY3bxptkX+LrhEaBxivK4bPRNmZuy2Tz8Vg/IU0Na2z
YIoUFgk67X3wQuKfTcISWCO+qvekvqrzwtjd9SCiG6X/8Rl0yDQXzcmE/CTpow1a
xtPo470FOmdwJ+B2qtz4t62+2rj8YR/kqrg5ZrghXpRT
-----END CERTIFICATE-----
Generated at Tue Apr 8 20:46:01 2025 by rpki-client