Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/306adb-7aa7-4b82-b05a-2a6b9a0ccabd/1/LMeAQnqXAno2ePthwCoJjGfcb2A.roa
File: LMeAQnqXAno2ePthwCoJjGfcb2A.roa (raw, json)
Hash identifier: No1WA2LE8faZkFieSxcHhVUWaXGzU/xeEQ1/oG4+fLo=
Subject key identifier: 2C:C7:80:42:7A:97:02:7A:36:78:FB:61:C0:2A:09:8C:67:DC:6F:60
Certificate issuer: /CN=8c856557c4146a8b50dc4d94424b06680cef755b
Certificate serial: 019421439B4C71CBD4B983A8B16466A1B7E5
Authority key identifier: 8C:85:65:57:C4:14:6A:8B:50:DC:4D:94:42:4B:06:68:0C:EF:75:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jIVlV8QUaotQ3E2UQksGaAzvdVs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/306adb-7aa7-4b82-b05a-2a6b9a0ccabd/1/LMeAQnqXAno2ePthwCoJjGfcb2A.roa
Signing time: Wed 01 Jan 2025 09:47:46 +0000
ROA not before: Wed 01 Jan 2025 09:47:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39326
IP address blocks: 37.46.200.0/21 maxlen: 24
46.17.56.0/21 maxlen: 24
77.75.104.0/21 maxlen: 24
80.71.0.0/19 maxlen: 24
80.71.27.0/24 maxlen: 24
89.248.16.0/20 maxlen: 24
93.89.80.0/20 maxlen: 24
185.75.28.0/22 maxlen: 24
185.75.30.0/24 maxlen: 24
194.0.77.0/24 maxlen: 24
194.0.78.0/23 maxlen: 24
195.90.120.0/23 maxlen: 24
195.90.121.0/24 maxlen: 24
195.238.232.0/24 maxlen: 24
217.196.224.0/19 maxlen: 24
2001:a08::/32 maxlen: 32
2a01:348::/32 maxlen: 32
2a01:348:62::/48 maxlen: 48
2a01:348:fab::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/306adb-7aa7-4b82-b05a-2a6b9a0ccabd/1/jIVlV8QUaotQ3E2UQksGaAzvdVs.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/306adb-7aa7-4b82-b05a-2a6b9a0ccabd/1/jIVlV8QUaotQ3E2UQksGaAzvdVs.mft
rsync://rpki.ripe.net/repository/DEFAULT/jIVlV8QUaotQ3E2UQksGaAzvdVs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 18:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:9b:4c:71:cb:d4:b9:83:a8:b1:64:66:a1:b7:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8c856557c4146a8b50dc4d94424b06680cef755b
Validity
Not Before: Jan 1 09:47:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2cc780427a97027a3678fb61c02a098c67dc6f60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:9a:32:57:51:8d:57:37:fd:f3:6b:cb:50:d8:
b0:5f:8f:be:df:cf:0e:6d:89:bc:96:a0:e0:ea:c2:
24:da:cd:f9:1d:ff:f7:19:bc:3b:69:a7:c8:a7:bf:
2b:d4:dd:2c:39:1c:6c:c3:c3:b2:e0:27:af:5c:2b:
35:0c:8d:f0:b1:61:2c:16:c3:c4:0e:0b:fc:2d:3a:
39:87:67:3d:54:9f:a6:0a:cc:54:de:01:22:96:a5:
b7:d2:fd:7f:10:d4:36:61:48:09:a6:de:6e:8e:94:
99:40:c6:3c:ba:4f:79:57:36:46:a2:d2:68:1d:69:
69:c1:53:48:68:05:2b:37:83:6b:f7:db:ed:43:24:
2f:f8:02:a8:0e:aa:13:5f:f9:ae:8e:1f:fc:23:2d:
4f:e3:48:b1:05:ae:80:a1:e9:76:06:2e:49:d9:f6:
d5:36:5c:f3:62:a5:fc:da:0a:2d:c9:57:38:5f:de:
c2:c3:4d:0e:0a:43:f4:50:6e:48:74:4b:b0:59:79:
1c:48:35:17:59:7f:a6:91:8f:4b:f2:82:57:ef:1c:
bf:cc:af:16:1b:0d:51:cb:50:52:17:8e:54:e6:f4:
e9:c7:79:74:9c:28:cb:79:9d:a2:0e:70:f2:b4:5d:
ea:51:a9:a1:6f:d2:a2:d2:64:e1:c4:74:d7:7b:1e:
80:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:C7:80:42:7A:97:02:7A:36:78:FB:61:C0:2A:09:8C:67:DC:6F:60
X509v3 Authority Key Identifier:
keyid:8C:85:65:57:C4:14:6A:8B:50:DC:4D:94:42:4B:06:68:0C:EF:75:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jIVlV8QUaotQ3E2UQksGaAzvdVs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/306adb-7aa7-4b82-b05a-2a6b9a0ccabd/1/LMeAQnqXAno2ePthwCoJjGfcb2A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/306adb-7aa7-4b82-b05a-2a6b9a0ccabd/1/jIVlV8QUaotQ3E2UQksGaAzvdVs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.46.200.0/21
46.17.56.0/21
77.75.104.0/21
80.71.0.0/19
89.248.16.0/20
93.89.80.0/20
185.75.28.0/22
194.0.77.0-194.0.79.255
195.90.120.0/23
195.238.232.0/24
217.196.224.0/19
IPv6:
2001:a08::/32
2a01:348::/32
Signature Algorithm: sha256WithRSAEncryption
6f:cf:03:e7:bc:92:6c:6b:f8:c3:e9:8f:18:23:44:84:de:74:
f0:8b:2a:aa:87:82:79:4e:ff:e3:6e:70:b6:b3:bb:21:41:2e:
40:6d:5f:0b:0a:c9:8e:8a:d8:ee:da:d5:a9:7e:52:e9:f3:cd:
46:c4:36:ea:4b:fa:4a:f0:97:b2:bb:14:f3:05:09:68:fd:a0:
15:bc:7c:b6:4b:99:4b:f2:cb:75:a5:1d:46:fb:93:d2:f7:0b:
f9:2e:98:7f:1f:09:f2:3e:ee:6f:40:a2:b7:5a:fb:5e:da:c1:
d2:66:bd:04:f4:85:7c:d6:23:2f:c5:96:c3:8c:69:d6:77:51:
71:d4:dd:6c:a1:65:6a:6c:a5:a2:18:4c:1d:78:ad:83:25:bf:
4d:b1:86:f6:7c:f8:f5:d9:1f:23:89:1f:a2:a1:53:f3:30:11:
f5:19:34:a1:98:ed:d6:63:0d:d3:2e:89:88:09:23:47:63:c6:
e7:9b:b3:2a:3a:8c:77:26:99:ab:bd:40:eb:be:64:0c:81:95:
14:b9:e5:69:63:ac:3b:64:2a:40:aa:94:cc:7d:a8:ef:52:75:
7f:54:a2:d4:85:c0:70:cb:d7:67:40:99:08:1e:88:ca:b0:22:
8e:c9:68:fe:90:30:45:da:65:38:d8:57:90:4e:e3:af:20:62:
cf:50:c6:b6
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAZQhQ5tMccvUuYOosWRmobflMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjODU2NTU3YzQxNDZhOGI1MGRjNGQ5NDQyNGIwNjY4MGNl
Zjc1NWIwHhcNMjUwMTAxMDk0NzQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyY2M3ODA0MjdhOTcwMjdhMzY3OGZiNjFjMDJhMDk4YzY3ZGM2ZjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJoyV1GNVzf982vLUNiwX4++388O
bYm8lqDg6sIk2s35Hf/3Gbw7aafIp78r1N0sORxsw8Oy4CevXCs1DI3wsWEsFsPE
Dgv8LTo5h2c9VJ+mCsxU3gEilqW30v1/ENQ2YUgJpt5ujpSZQMY8uk95VzZGotJo
HWlpwVNIaAUrN4Nr99vtQyQv+AKoDqoTX/mujh/8Iy1P40ixBa6Aoel2Bi5J2fbV
NlzzYqX82gotyVc4X97Cw00OCkP0UG5IdEuwWXkcSDUXWX+mkY9L8oJX7xy/zK8W
Gw1Ry1BSF45U5vTpx3l0nCjLeZ2iDnDytF3qUamhb9Ki0mThxHTXex6ARwIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFCzHgEJ6lwJ6Nnj7YcAqCYxn3G9gMB8GA1UdIwQY
MBaAFIyFZVfEFGqLUNxNlEJLBmgM73VbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaklWbFY4UVVhb3RRM0UyVVFrc0dhQXp2ZFZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC8zMDZhZGItN2FhNy00YjgyLWIwNWEt
MmE2YjlhMGNjYWJkLzEvTE1lQVFucVhBbm8yZVB0aHdDb0pqR2ZjYjJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC8zMDZhZGItN2FhNy00YjgyLWIwNWEtMmE2YjlhMGNjYWJk
LzEvaklWbFY4UVVhb3RRM0UyVVFrc0dhQXp2ZFZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBQBAIAATBKAwQDJS7IAwQD
LhE4AwQDTUtoAwQFUEcAAwQEWfgQAwQEXVlQAwQCuUscMAwDBADCAE0DBATCAEAD
BAHDWngDBADD7ugDBAXZxOAwFAQCAAIwDgMFACABCggDBQAqAQNIMA0GCSqGSIb3
DQEBCwUAA4IBAQBvzwPnvJJsa/jD6Y8YI0SE3nTwiyqqh4J5Tv/jbnC2s7shQS5A
bV8LCsmOitju2tWpflLp881GxDbqS/pK8JeyuxTzBQlo/aAVvHy2S5lL8st1pR1G
+5PS9wv5Lph/HwnyPu5vQKK3Wvte2sHSZr0E9IV81iMvxZbDjGnWd1Fx1N1soWVq
bKWiGEwdeK2DJb9NsYb2fPj12R8jiR+ioVPzMBH1GTShmO3WYw3TLomICSNHY8bn
m7MqOox3JpmrvUDrvmQMgZUUueVpY6w7ZCpAqpTMfajvUnV/VKLUhcBwy9dnQJkI
HojKsCKOyWj+kDBF2mU42FeQTuOvIGLPUMa2
-----END CERTIFICATE-----
Generated at Thu Apr 17 00:57:56 2025 by rpki-client