Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/be1a25-5855-4aec-8e18-bbfd45c84bea/1/lhglnPlBsqTneV2iOyN5hamIleM.roa
File: lhglnPlBsqTneV2iOyN5hamIleM.roa (raw, json)
Hash identifier: p/WirEa6li0LQEWmE00BvcWGXDEwDU4D0iWnnIs2QNM=
Subject key identifier: 96:18:25:9C:F9:41:B2:A4:E7:79:5D:A2:3B:23:79:85:A9:88:95:E3
Certificate issuer: /CN=66f8206e3311df394f48389b8122b94aa1f0b05c
Certificate serial: 0194266AC8982A34446D512FAC1FB9A8636E
Authority key identifier: 66:F8:20:6E:33:11:DF:39:4F:48:38:9B:81:22:B9:4A:A1:F0:B0:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZvggbjMR3zlPSDibgSK5SqHwsFw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/be1a25-5855-4aec-8e18-bbfd45c84bea/1/lhglnPlBsqTneV2iOyN5hamIleM.roa
Signing time: Thu 02 Jan 2025 09:48:39 +0000
ROA not before: Thu 02 Jan 2025 09:48:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 55286
IP address blocks: 185.229.34.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/be1a25-5855-4aec-8e18-bbfd45c84bea/1/ZvggbjMR3zlPSDibgSK5SqHwsFw.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/be1a25-5855-4aec-8e18-bbfd45c84bea/1/ZvggbjMR3zlPSDibgSK5SqHwsFw.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZvggbjMR3zlPSDibgSK5SqHwsFw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6a:c8:98:2a:34:44:6d:51:2f:ac:1f:b9:a8:63:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66f8206e3311df394f48389b8122b94aa1f0b05c
Validity
Not Before: Jan 2 09:48:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9618259cf941b2a4e7795da23b237985a98895e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:84:71:94:92:6e:83:90:cf:85:27:f1:30:76:
99:6b:97:62:b8:2f:4f:45:b3:5c:24:98:c3:c3:4e:
3f:1e:f0:32:ae:98:fb:25:1a:63:c6:3a:db:59:6b:
b9:fa:27:91:fa:5b:a2:6d:60:a3:ff:88:d7:73:7a:
aa:a6:88:50:e0:fb:64:27:e3:3c:da:dc:15:a8:b6:
c5:2b:9c:18:a2:e4:d7:7e:9d:7f:43:48:df:98:a2:
1e:92:a8:a3:33:8a:3c:04:36:25:6b:fb:64:34:18:
be:30:6a:11:b9:db:23:c8:04:1c:24:1e:73:a1:20:
27:ec:c3:17:86:21:de:4a:e5:2f:0b:47:e9:4a:08:
12:d2:44:dc:98:cd:46:42:16:ef:05:da:af:46:35:
35:c3:0b:95:aa:b4:4a:07:65:9c:17:2c:46:c5:44:
16:0d:49:da:ef:b5:09:17:f8:21:65:5f:d8:85:7f:
54:55:82:a4:76:d9:a3:cd:a3:86:03:0b:b9:60:2d:
c8:83:c3:94:62:64:eb:f6:c0:a1:cc:77:de:91:4c:
5a:d1:dd:98:92:24:bf:88:5f:e2:ee:0f:47:3e:be:
9e:cf:e9:db:8a:36:e4:34:b2:d1:e0:de:c6:74:82:
18:d7:3f:d3:73:1d:a7:a4:0e:17:78:43:be:4a:73:
6b:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:18:25:9C:F9:41:B2:A4:E7:79:5D:A2:3B:23:79:85:A9:88:95:E3
X509v3 Authority Key Identifier:
keyid:66:F8:20:6E:33:11:DF:39:4F:48:38:9B:81:22:B9:4A:A1:F0:B0:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZvggbjMR3zlPSDibgSK5SqHwsFw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/be1a25-5855-4aec-8e18-bbfd45c84bea/1/lhglnPlBsqTneV2iOyN5hamIleM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/be1a25-5855-4aec-8e18-bbfd45c84bea/1/ZvggbjMR3zlPSDibgSK5SqHwsFw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.229.34.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:cb:06:9c:45:a5:6a:14:8d:d3:d3:e7:2b:a3:27:4c:f6:20:
3b:a6:00:0d:6e:61:9b:5e:a5:2f:6a:0c:8a:fe:f2:73:27:e2:
bc:6d:1b:a6:c5:35:79:f2:39:bd:0f:1c:be:db:37:07:7f:ac:
7b:43:0c:e3:d4:0c:a3:08:5d:d8:f7:a4:6c:53:83:f9:f4:9b:
62:34:7d:bb:bc:ac:02:42:c5:fe:4c:09:56:d1:b6:ae:b3:91:
ad:39:47:ae:7f:68:df:8a:3d:f0:cb:e0:d5:3c:8f:8a:07:76:
66:e9:d6:5b:77:30:16:ed:9c:53:bc:98:dd:a9:05:32:cd:d1:
7a:dd:37:e0:31:82:b8:43:b3:5e:5f:4f:44:bd:98:15:4b:d9:
32:05:d1:45:b3:0d:9a:ce:bf:07:53:14:91:af:a6:3c:32:e2:
34:6c:c1:db:56:66:0b:c4:16:be:87:3f:60:7b:41:b7:99:5c:
f0:7f:8d:9e:4a:91:a7:73:62:15:2e:71:d3:64:82:b2:fd:0f:
5a:6b:12:69:4e:1c:db:b4:9c:d4:d0:2d:15:a3:33:5d:92:73:
87:82:ea:81:73:d3:64:78:81:41:2c:b8:79:4c:59:19:9d:e7:
09:46:1f:10:da:48:53:e1:31:f5:d9:fc:93:19:7a:06:2f:81:
63:33:bf:8d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQmasiYKjREbVEvrB+5qGNuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZjgyMDZlMzMxMWRmMzk0ZjQ4Mzg5YjgxMjJiOTRhYTFm
MGIwNWMwHhcNMjUwMTAyMDk0ODM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjE4MjU5Y2Y5NDFiMmE0ZTc3OTVkYTIzYjIzNzk4NWE5ODg5NWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw4RxlJJug5DPhSfxMHaZa5diuC9P
RbNcJJjDw04/HvAyrpj7JRpjxjrbWWu5+ieR+luibWCj/4jXc3qqpohQ4PtkJ+M8
2twVqLbFK5wYouTXfp1/Q0jfmKIekqijM4o8BDYla/tkNBi+MGoRudsjyAQcJB5z
oSAn7MMXhiHeSuUvC0fpSggS0kTcmM1GQhbvBdqvRjU1wwuVqrRKB2WcFyxGxUQW
DUna77UJF/ghZV/YhX9UVYKkdtmjzaOGAwu5YC3Ig8OUYmTr9sChzHfekUxa0d2Y
kiS/iF/i7g9HPr6ez+nbijbkNLLR4N7GdIIY1z/Tcx2npA4XeEO+SnNrUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJYYJZz5QbKk53ldojsjeYWpiJXjMB8GA1UdIwQY
MBaAFGb4IG4zEd85T0g4m4EiuUqh8LBcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnZnZ2JqTVIzemxQU0RpYmdTSzVTcUh3c0Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9iZTFhMjUtNTg1NS00YWVjLThlMTgt
YmJmZDQ1Yzg0YmVhLzEvbGhnbG5QbEJzcVRuZVYyaU95TjVoYW1JbGVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9iZTFhMjUtNTg1NS00YWVjLThlMTgtYmJmZDQ1Yzg0YmVh
LzEvWnZnZ2JqTVIzemxQU0RpYmdTSzVTcUh3c0Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueUiMA0G
CSqGSIb3DQEBCwUAA4IBAQBuywacRaVqFI3T0+croydM9iA7pgANbmGbXqUvagyK
/vJzJ+K8bRumxTV58jm9Dxy+2zcHf6x7Qwzj1AyjCF3Y96RsU4P59JtiNH27vKwC
QsX+TAlW0baus5GtOUeuf2jfij3wy+DVPI+KB3Zm6dZbdzAW7ZxTvJjdqQUyzdF6
3TfgMYK4Q7NeX09EvZgVS9kyBdFFsw2azr8HUxSRr6Y8MuI0bMHbVmYLxBa+hz9g
e0G3mVzwf42eSpGnc2IVLnHTZIKy/Q9aaxJpThzbtJzU0C0VozNdknOHguqBc9Nk
eIFBLLh5TFkZnecJRh8Q2khT4TH12fyTGXoGL4FjM7+N
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:38:59 2025 by rpki-client