Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/e2a55c-b5e6-499a-b729-1e58ac87924a/1/lGQ5oAC4DvbrVczVYtetvVMraGI.roa
File: lGQ5oAC4DvbrVczVYtetvVMraGI.roa (raw, json)
Hash identifier: RPF4xGL/jJtG/0h2vD9Z4Pt0zkSh8uypUluux6hYGEQ=
Subject key identifier: 94:64:39:A0:00:B8:0E:F6:EB:55:CC:D5:62:D7:AD:BD:53:2B:68:62
Certificate issuer: /CN=a5ab79857e68c0205cce2f11a5387a6afa1f8895
Certificate serial: 019422FC26C9F63ADCDFA23E2FFE06D9A3ED
Authority key identifier: A5:AB:79:85:7E:68:C0:20:5C:CE:2F:11:A5:38:7A:6A:FA:1F:88:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pat5hX5owCBczi8RpTh6avofiJU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/e2a55c-b5e6-499a-b729-1e58ac87924a/1/lGQ5oAC4DvbrVczVYtetvVMraGI.roa
Signing time: Wed 01 Jan 2025 17:48:57 +0000
ROA not before: Wed 01 Jan 2025 17:48:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206642
IP address blocks: 185.179.140.0/24 maxlen: 24
185.179.141.0/24 maxlen: 24
185.179.142.0/24 maxlen: 24
185.179.143.0/24 maxlen: 24
2a0a:8780::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/e2a55c-b5e6-499a-b729-1e58ac87924a/1/pat5hX5owCBczi8RpTh6avofiJU.crl
rsync://rpki.ripe.net/repository/DEFAULT/d7/e2a55c-b5e6-499a-b729-1e58ac87924a/1/pat5hX5owCBczi8RpTh6avofiJU.mft
rsync://rpki.ripe.net/repository/DEFAULT/pat5hX5owCBczi8RpTh6avofiJU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Feb 2025 08:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:26:c9:f6:3a:dc:df:a2:3e:2f:fe:06:d9:a3:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5ab79857e68c0205cce2f11a5387a6afa1f8895
Validity
Not Before: Jan 1 17:48:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=946439a000b80ef6eb55ccd562d7adbd532b6862
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:0d:a3:34:d2:1d:bf:7a:36:fa:bd:dc:7b:44:
0e:61:2c:db:5c:c2:eb:74:82:22:9a:56:cc:7e:11:
14:ac:ec:27:28:1d:32:fa:34:ae:17:9b:62:b6:40:
aa:b0:cb:cc:b6:ac:f3:78:4a:3d:ad:d6:dc:41:10:
f6:39:48:56:db:6a:18:54:5a:bc:9f:ef:20:c1:51:
40:28:62:eb:43:47:8c:82:58:e5:cd:27:e1:d0:1f:
16:8a:87:71:f9:76:75:c6:ce:f4:bb:77:a6:cd:bd:
13:b7:4e:37:36:09:12:25:d8:4a:d9:75:cd:bc:60:
45:36:bb:0a:33:99:b4:f4:1e:59:b0:1f:cd:51:32:
ec:0d:1a:07:9d:e4:55:a1:b3:76:ee:bc:6a:7f:d2:
da:08:67:08:aa:f6:6b:b7:69:a2:d3:67:5f:a8:8f:
3f:c0:f1:8a:7d:57:67:67:cd:c5:41:df:05:67:c6:
9f:27:d8:26:b7:29:c6:c3:cf:2a:18:5b:58:be:7a:
38:25:c6:12:c6:35:d0:20:a9:55:07:4e:fc:23:23:
71:78:18:bf:1a:7d:7d:10:44:a8:c0:b0:86:5f:ce:
b5:f8:3e:4e:ba:a6:10:d1:ae:a9:f9:7d:ba:ea:eb:
04:bb:2b:32:2e:0c:9d:50:d8:22:46:98:52:28:eb:
a4:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:64:39:A0:00:B8:0E:F6:EB:55:CC:D5:62:D7:AD:BD:53:2B:68:62
X509v3 Authority Key Identifier:
keyid:A5:AB:79:85:7E:68:C0:20:5C:CE:2F:11:A5:38:7A:6A:FA:1F:88:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pat5hX5owCBczi8RpTh6avofiJU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/e2a55c-b5e6-499a-b729-1e58ac87924a/1/lGQ5oAC4DvbrVczVYtetvVMraGI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/e2a55c-b5e6-499a-b729-1e58ac87924a/1/pat5hX5owCBczi8RpTh6avofiJU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.179.140.0/22
IPv6:
2a0a:8780::/32
Signature Algorithm: sha256WithRSAEncryption
7e:1c:4f:5f:c6:85:94:a2:df:c6:d2:52:c6:51:97:c8:53:bc:
6b:60:20:49:ae:3a:68:45:c8:b0:15:57:9f:49:d3:15:f2:db:
58:fb:40:2f:9f:fc:57:e0:73:20:89:59:0f:22:6f:57:87:78:
90:8f:a7:9c:29:bd:39:c3:be:23:99:a4:8f:e3:69:de:0c:ff:
16:09:85:61:67:6d:be:06:1f:8c:e3:fe:7b:fc:c4:7d:ea:23:
56:51:aa:4c:33:2c:12:69:12:dc:29:e2:43:35:73:ca:d4:25:
53:2a:a1:fa:a8:8b:1d:76:35:32:64:a7:95:3c:e8:05:da:56:
d0:4d:50:67:43:c2:bf:96:1f:27:26:6a:73:20:f2:12:fa:15:
d7:b9:51:f3:46:4e:82:98:9c:42:a8:ee:ac:48:11:0e:2f:34:
b2:af:6f:34:46:10:bd:01:9b:bb:ed:1e:b2:c8:70:2f:2d:9a:
7f:54:ce:ae:e2:0a:95:66:85:c4:5b:46:f2:36:e1:58:7d:de:
f2:06:c7:ea:5c:47:a3:a7:da:ec:61:ec:a0:7a:44:f0:69:4f:
51:73:85:f4:36:2f:1b:b4:0b:20:95:79:fb:3d:95:9f:c5:54:
f6:d4:2c:00:11:67:6d:39:d3:f7:75:22:88:5f:01:a4:bf:da:
3a:88:49:82
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQi/CbJ9jrc36I+L/4G2aPtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YWI3OTg1N2U2OGMwMjA1Y2NlMmYxMWE1Mzg3YTZhZmEx
Zjg4OTUwHhcNMjUwMTAxMTc0ODU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDY0MzlhMDAwYjgwZWY2ZWI1NWNjZDU2MmQ3YWRiZDUzMmI2ODYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzQ2jNNIdv3o2+r3ce0QOYSzbXMLr
dIIimlbMfhEUrOwnKB0y+jSuF5titkCqsMvMtqzzeEo9rdbcQRD2OUhW22oYVFq8
n+8gwVFAKGLrQ0eMgljlzSfh0B8Wiodx+XZ1xs70u3emzb0Tt043NgkSJdhK2XXN
vGBFNrsKM5m09B5ZsB/NUTLsDRoHneRVobN27rxqf9LaCGcIqvZrt2mi02dfqI8/
wPGKfVdnZ83FQd8FZ8afJ9gmtynGw88qGFtYvno4JcYSxjXQIKlVB078IyNxeBi/
Gn19EESowLCGX861+D5OuqYQ0a6p+X266usEuysyLgydUNgiRphSKOukkwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJRkOaAAuA7261XM1WLXrb1TK2hiMB8GA1UdIwQY
MBaAFKWreYV+aMAgXM4vEaU4emr6H4iVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGF0NWhYNW93Q0Jjemk4UnBUaDZhdm9maUpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9lMmE1NWMtYjVlNi00OTlhLWI3Mjkt
MWU1OGFjODc5MjRhLzEvbEdRNW9BQzREdmJyVmN6Vll0ZXR2Vk1yYUdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9lMmE1NWMtYjVlNi00OTlhLWI3MjktMWU1OGFjODc5MjRh
LzEvcGF0NWhYNW93Q0Jjemk4UnBUaDZhdm9maUpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCubOMMA0E
AgACMAcDBQAqCoeAMA0GCSqGSIb3DQEBCwUAA4IBAQB+HE9fxoWUot/G0lLGUZfI
U7xrYCBJrjpoRciwFVefSdMV8ttY+0Avn/xX4HMgiVkPIm9Xh3iQj6ecKb05w74j
maSP42neDP8WCYVhZ22+Bh+M4/57/MR96iNWUapMMywSaRLcKeJDNXPK1CVTKqH6
qIsddjUyZKeVPOgF2lbQTVBnQ8K/lh8nJmpzIPIS+hXXuVHzRk6CmJxCqO6sSBEO
LzSyr280RhC9AZu77R6yyHAvLZp/VM6u4gqVZoXEW0byNuFYfd7yBsfqXEejp9rs
YeygekTwaU9Rc4X0Ni8btAsglXn7PZWfxVT21CwAEWdtOdP3dSKIXwGkv9o6iEmC
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:39:25 2025 by rpki-client