Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/114a10-8ef7-4903-963e-d4d59a095c7f/1/L_Our4eaHWMOUAQjkIKeZANVIsk.roa
File: L_Our4eaHWMOUAQjkIKeZANVIsk.roa (raw, json)
Hash identifier: Q9y5AKM/g9XsRWb5fByuIJk//VE8kBVF+PR2hBRUNrQ=
Subject key identifier: 2F:F3:AE:AF:87:9A:1D:63:0E:50:04:23:90:82:9E:64:03:55:22:C9
Certificate issuer: /CN=0f025fa357c20abbf118426234658e62d7dc7076
Certificate serial: 0196381397FC1AD7086CA158B26100B7D983
Authority key identifier: 0F:02:5F:A3:57:C2:0A:BB:F1:18:42:62:34:65:8E:62:D7:DC:70:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DwJfo1fCCrvxGEJiNGWOYtfccHY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/114a10-8ef7-4903-963e-d4d59a095c7f/1/L_Our4eaHWMOUAQjkIKeZANVIsk.roa
Signing time: Tue 15 Apr 2025 06:12:10 +0000
ROA not before: Tue 15 Apr 2025 06:12:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214294
IP address blocks: 123.100.225.0/24 maxlen: 24
2a01:ee80:1::/48 maxlen: 48
2a01:ee80:2::/48 maxlen: 48
2a01:ee80:77::/48 maxlen: 48
2a01:ee80:141::/48 maxlen: 48
2a01:ee80:333::/48 maxlen: 48
2a01:ee80:777::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/114a10-8ef7-4903-963e-d4d59a095c7f/1/DwJfo1fCCrvxGEJiNGWOYtfccHY.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/114a10-8ef7-4903-963e-d4d59a095c7f/1/DwJfo1fCCrvxGEJiNGWOYtfccHY.mft
rsync://rpki.ripe.net/repository/DEFAULT/DwJfo1fCCrvxGEJiNGWOYtfccHY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 20 Apr 2025 13:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:38:13:97:fc:1a:d7:08:6c:a1:58:b2:61:00:b7:d9:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f025fa357c20abbf118426234658e62d7dc7076
Validity
Not Before: Apr 15 06:12:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2ff3aeaf879a1d630e50042390829e64035522c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:f4:90:59:9e:28:33:e5:af:a4:eb:4d:20:37:
1e:4d:cf:5e:7f:f2:97:91:31:45:d9:30:86:ac:3d:
29:d7:da:3a:ee:2c:06:31:34:fd:da:ce:c8:d4:5f:
74:18:54:9e:ea:15:7b:a4:e3:ac:ef:f3:f2:59:2d:
62:cc:a1:7c:87:88:cb:13:cc:f4:ec:82:76:c7:de:
05:e4:14:bc:36:dc:ca:02:cd:79:90:14:fc:a4:00:
6e:33:ac:c4:68:27:6b:53:3c:63:65:8b:8a:68:65:
82:d1:9d:38:93:96:ae:7f:21:64:8a:f2:15:6b:6e:
21:4b:98:2f:0d:8e:92:23:f1:23:70:0d:87:eb:81:
02:73:f2:b2:f3:79:99:e1:8e:3e:da:38:11:25:bd:
46:19:d2:ef:90:46:d3:66:a1:4b:3f:d3:5f:ef:64:
3b:bb:1f:13:aa:1d:ae:c2:5e:75:73:f6:3c:12:c3:
61:65:6a:7c:fd:ed:65:7d:8e:36:17:1a:b4:9f:35:
90:e1:5f:b8:25:c4:86:ac:14:0b:93:0a:f1:98:07:
68:83:12:ed:d1:5b:03:69:2f:85:14:ea:aa:1d:0e:
58:c0:8f:17:a1:16:d7:ac:ef:bc:fc:97:0f:42:14:
77:8e:55:26:d7:9f:62:d9:a8:3d:ab:ef:62:64:e6:
f0:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:F3:AE:AF:87:9A:1D:63:0E:50:04:23:90:82:9E:64:03:55:22:C9
X509v3 Authority Key Identifier:
keyid:0F:02:5F:A3:57:C2:0A:BB:F1:18:42:62:34:65:8E:62:D7:DC:70:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DwJfo1fCCrvxGEJiNGWOYtfccHY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/114a10-8ef7-4903-963e-d4d59a095c7f/1/L_Our4eaHWMOUAQjkIKeZANVIsk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/114a10-8ef7-4903-963e-d4d59a095c7f/1/DwJfo1fCCrvxGEJiNGWOYtfccHY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
123.100.225.0/24
IPv6:
2a01:ee80:1::-2a01:ee80:2:ffff:ffff:ffff:ffff:ffff
2a01:ee80:77::/48
2a01:ee80:141::/48
2a01:ee80:333::/48
2a01:ee80:777::/48
Signature Algorithm: sha256WithRSAEncryption
5f:9b:c9:3a:a7:97:0a:4d:48:e6:4f:84:51:e2:27:be:cb:b7:
a6:29:e6:e9:ab:ff:14:5e:7e:2d:0f:bd:13:e5:92:44:fb:d5:
9e:0a:45:cc:ce:55:1e:ad:63:bd:03:32:2a:f9:70:d8:88:1b:
de:59:e0:f5:4f:f1:e4:12:e7:d0:ba:12:30:a2:9e:bb:8b:4e:
9b:8d:ef:95:e3:a2:c4:e2:68:53:a1:2b:de:f4:ac:d5:43:4b:
b5:96:97:aa:f2:9a:6a:47:44:8f:d9:e2:df:9a:07:62:91:04:
f1:31:ef:13:41:bf:4c:8d:bf:01:3e:0b:26:b6:e8:8a:5a:b4:
98:c6:e0:41:5a:a1:f6:6a:3c:dc:dc:3a:c4:5e:69:a9:58:95:
99:f2:f1:2e:2d:2d:98:fe:b8:fe:9e:c6:12:ee:78:15:9a:15:
0c:b4:34:72:57:00:b1:02:ca:1a:54:84:ee:90:01:2f:51:27:
4f:5d:31:d1:43:70:9f:19:70:34:5e:a9:14:35:9d:d3:55:e2:
58:d4:8f:9c:17:91:e9:b0:90:91:41:3c:19:4c:91:f5:2e:be:
20:e3:74:45:db:16:e2:c4:85:6b:ff:18:32:73:e4:95:b6:72:
fe:64:67:90:75:4b:aa:9c:e9:36:16:7f:8a:06:cb:d1:c3:46:
17:1e:23:34
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZY4E5f8GtcIbKFYsmEAt9mDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmMDI1ZmEzNTdjMjBhYmJmMTE4NDI2MjM0NjU4ZTYyZDdk
YzcwNzYwHhcNMjUwNDE1MDYxMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmYzYWVhZjg3OWExZDYzMGU1MDA0MjM5MDgyOWU2NDAzNTUyMmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp/SQWZ4oM+WvpOtNIDceTc9ef/KX
kTFF2TCGrD0p19o67iwGMTT92s7I1F90GFSe6hV7pOOs7/PyWS1izKF8h4jLE8z0
7IJ2x94F5BS8NtzKAs15kBT8pABuM6zEaCdrUzxjZYuKaGWC0Z04k5aufyFkivIV
a24hS5gvDY6SI/EjcA2H64ECc/Ky83mZ4Y4+2jgRJb1GGdLvkEbTZqFLP9Nf72Q7
ux8Tqh2uwl51c/Y8EsNhZWp8/e1lfY42Fxq0nzWQ4V+4JcSGrBQLkwrxmAdogxLt
0VsDaS+FFOqqHQ5YwI8XoRbXrO+8/JcPQhR3jlUm159i2ag9q+9iZObwPwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFC/zrq+Hmh1jDlAEI5CCnmQDVSLJMB8GA1UdIwQY
MBaAFA8CX6NXwgq78RhCYjRljmLX3HB2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHdKZm8xZkNDcnZ4R0VKaU5HV09ZdGZjY0hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8xMTRhMTAtOGVmNy00OTAzLTk2M2Ut
ZDRkNTlhMDk1YzdmLzEvTF9PdXI0ZWFIV01PVUFRamtJS2VaQU5WSXNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy8xMTRhMTAtOGVmNy00OTAzLTk2M2UtZDRkNTlhMDk1Yzdm
LzEvRHdKZm8xZkNDcnZ4R0VKaU5HV09ZdGZjY0hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjAMBAIAATAGAwQAe2ThMD4E
AgACMDgwEgMHACoB7oAAAQMHACoB7oAAAgMHACoB7oAAdwMHACoB7oABQQMHACoB
7oADMwMHACoB7oAHdzANBgkqhkiG9w0BAQsFAAOCAQEAX5vJOqeXCk1I5k+EUeIn
vsu3pinm6av/FF5+LQ+9E+WSRPvVngpFzM5VHq1jvQMyKvlw2Igb3lng9U/x5BLn
0LoSMKKeu4tOm43vleOixOJoU6Er3vSs1UNLtZaXqvKaakdEj9ni35oHYpEE8THv
E0G/TI2/AT4LJrboilq0mMbgQVqh9mo83Nw6xF5pqViVmfLxLi0tmP64/p7GEu54
FZoVDLQ0clcAsQLKGlSE7pABL1EnT10x0UNwnxlwNF6pFDWd01XiWNSPnBeR6bCQ
kUE8GUyR9S6+ION0RdsW4sSFa/8YMnPklbZy/mRnkHVLqpzpNhZ/igbL0cNGFx4j
NA==
-----END CERTIFICATE-----
Generated at Sun Apr 20 00:25:14 2025 by rpki-client