Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/011f6e-e928-4f2b-aa24-200fc274cb01/1/LJnxaD0i6KMHQc1A1Myl7JzH7gk.roa
File: LJnxaD0i6KMHQc1A1Myl7JzH7gk.roa (raw, json)
Hash identifier: BOqHp3/8Lrk2VNXTgZj56poMzxkbv3v/wNmy6/SirSw=
Subject key identifier: 2C:99:F1:68:3D:22:E8:A3:07:41:CD:40:D4:CC:A5:EC:9C:C7:EE:09
Certificate issuer: /CN=8452b03e1b01709638940d9592983cde77ecab77
Certificate serial: 01942369AF78BB760435FBA4781FD4E134D8
Authority key identifier: 84:52:B0:3E:1B:01:70:96:38:94:0D:95:92:98:3C:DE:77:EC:AB:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hFKwPhsBcJY4lA2Vkpg83nfsq3c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/011f6e-e928-4f2b-aa24-200fc274cb01/1/LJnxaD0i6KMHQc1A1Myl7JzH7gk.roa
Signing time: Wed 01 Jan 2025 19:48:36 +0000
ROA not before: Wed 01 Jan 2025 19:48:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35297
IP address blocks: 5.53.112.0/21 maxlen: 21
62.68.74.0/24 maxlen: 24
77.75.144.0/21 maxlen: 21
91.204.212.0/22 maxlen: 24
178.251.104.0/21 maxlen: 21
178.251.110.0/24 maxlen: 24
185.249.160.0/22 maxlen: 22
193.238.32.0/22 maxlen: 22
193.239.72.0/22 maxlen: 22
2a02:2000::/29 maxlen: 48
2a02:2000::/32 maxlen: 48
2a02:2000:4::/48 maxlen: 48
2a02:2000:face::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/011f6e-e928-4f2b-aa24-200fc274cb01/1/hFKwPhsBcJY4lA2Vkpg83nfsq3c.crl
rsync://rpki.ripe.net/repository/DEFAULT/e4/011f6e-e928-4f2b-aa24-200fc274cb01/1/hFKwPhsBcJY4lA2Vkpg83nfsq3c.mft
rsync://rpki.ripe.net/repository/DEFAULT/hFKwPhsBcJY4lA2Vkpg83nfsq3c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 23:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:af:78:bb:76:04:35:fb:a4:78:1f:d4:e1:34:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8452b03e1b01709638940d9592983cde77ecab77
Validity
Not Before: Jan 1 19:48:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2c99f1683d22e8a30741cd40d4cca5ec9cc7ee09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:0a:5f:e5:fa:a2:fd:2e:6e:85:bd:d9:c0:7e:
e1:24:66:b5:56:d8:fd:3e:9b:2f:73:95:e5:a5:59:
9b:21:ac:8b:f9:6d:f5:ea:f4:bd:b5:c3:43:15:51:
fc:1a:fe:66:ae:7c:74:f3:2f:46:ae:5c:85:93:24:
cc:eb:bf:19:9e:ce:2e:15:6e:53:50:3e:42:99:fa:
8c:7e:eb:50:33:af:fa:81:fc:07:b0:8a:00:13:46:
5c:5d:20:17:7f:ed:ea:06:05:1a:33:81:96:cc:f4:
e0:6c:84:5c:56:72:10:b1:de:0c:d3:28:b8:08:05:
71:8c:52:06:00:b2:80:5b:4a:9b:68:c2:82:55:23:
24:11:b5:eb:c9:be:03:bb:59:0a:53:98:a1:44:02:
3b:31:d9:aa:13:12:43:8c:89:ae:73:03:1d:e4:a0:
62:fb:94:39:fd:d0:b0:23:68:36:f5:c5:3f:e3:2b:
96:c6:c5:af:2f:49:91:46:bc:71:00:5c:da:01:74:
e8:e8:97:fd:4e:ab:ec:fe:75:ef:12:4c:eb:47:1a:
63:88:d1:be:86:d0:86:70:6d:0b:63:52:05:ba:16:
c2:63:72:f1:b9:03:61:df:29:69:36:17:99:a2:24:
3c:f6:8c:3d:4c:7d:7a:a1:cc:49:d0:c1:07:80:8c:
73:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:99:F1:68:3D:22:E8:A3:07:41:CD:40:D4:CC:A5:EC:9C:C7:EE:09
X509v3 Authority Key Identifier:
keyid:84:52:B0:3E:1B:01:70:96:38:94:0D:95:92:98:3C:DE:77:EC:AB:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hFKwPhsBcJY4lA2Vkpg83nfsq3c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/011f6e-e928-4f2b-aa24-200fc274cb01/1/LJnxaD0i6KMHQc1A1Myl7JzH7gk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/011f6e-e928-4f2b-aa24-200fc274cb01/1/hFKwPhsBcJY4lA2Vkpg83nfsq3c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.53.112.0/21
62.68.74.0/24
77.75.144.0/21
91.204.212.0/22
178.251.104.0/21
185.249.160.0/22
193.238.32.0/22
193.239.72.0/22
IPv6:
2a02:2000::/29
Signature Algorithm: sha256WithRSAEncryption
25:97:14:e6:64:5d:24:55:ab:d6:f2:42:b0:a4:63:a4:a6:0d:
94:f0:38:97:0b:b0:b0:76:97:37:a6:24:a0:b6:dc:9d:47:06:
6a:67:49:9b:a9:ff:e2:63:3f:91:35:8b:c9:22:4c:84:ba:52:
ba:1f:6f:ad:72:8f:b3:37:27:8f:be:69:f8:b6:f0:81:77:52:
8c:be:06:be:3d:56:8e:13:f8:ef:f2:48:0d:3e:de:d4:ef:ca:
70:6f:58:be:fd:df:b1:de:d7:42:7e:70:c4:cd:da:28:81:84:
c5:d6:a7:40:a0:14:1d:25:f5:63:be:72:6b:71:eb:d2:f2:fa:
35:27:02:99:31:a0:47:7a:dc:1b:eb:35:c6:96:20:1d:a9:ab:
8a:36:6f:e3:0c:c4:35:f3:d5:66:2c:8f:4c:9b:ab:dd:e2:19:
e3:a1:49:17:4a:67:73:ec:28:53:28:08:3b:35:18:98:2c:af:
2d:35:97:81:f7:6a:98:79:08:22:04:d4:30:d7:55:90:13:0b:
4e:b5:cd:9b:e3:af:77:dc:8f:79:ea:57:64:3b:8b:bc:c1:a2:
c3:cd:f6:70:c2:bb:62:42:73:08:23:95:00:a3:84:6d:ab:85:
ab:48:78:ca:9e:5b:51:29:17:f1:3b:1b:5b:7c:20:c9:b9:48:
b3:34:66:d6
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZQjaa94u3YENfukeB/U4TTYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NTJiMDNlMWIwMTcwOTYzODk0MGQ5NTkyOTgzY2RlNzdl
Y2FiNzcwHhcNMjUwMTAxMTk0ODM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzk5ZjE2ODNkMjJlOGEzMDc0MWNkNDBkNGNjYTVlYzljYzdlZTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtApf5fqi/S5uhb3ZwH7hJGa1Vtj9
Ppsvc5XlpVmbIayL+W316vS9tcNDFVH8Gv5mrnx08y9GrlyFkyTM678Zns4uFW5T
UD5CmfqMfutQM6/6gfwHsIoAE0ZcXSAXf+3qBgUaM4GWzPTgbIRcVnIQsd4M0yi4
CAVxjFIGALKAW0qbaMKCVSMkEbXryb4Du1kKU5ihRAI7MdmqExJDjImucwMd5KBi
+5Q5/dCwI2g29cU/4yuWxsWvL0mRRrxxAFzaAXTo6Jf9Tqvs/nXvEkzrRxpjiNG+
htCGcG0LY1IFuhbCY3LxuQNh3ylpNheZoiQ89ow9TH16ocxJ0MEHgIxzzQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFCyZ8Wg9IuijB0HNQNTMpeycx+4JMB8GA1UdIwQY
MBaAFIRSsD4bAXCWOJQNlZKYPN537Kt3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEZLd1Boc0JjSlk0bEEyVmtwZzgzbmZzcTNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC8wMTFmNmUtZTkyOC00ZjJiLWFhMjQt
MjAwZmMyNzRjYjAxLzEvTEpueGFEMGk2S01IUWMxQTFNeWw3SnpIN2drLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC8wMTFmNmUtZTkyOC00ZjJiLWFhMjQtMjAwZmMyNzRjYjAx
LzEvaEZLd1Boc0JjSlk0bEEyVmtwZzgzbmZzcTNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQDBTVwAwQA
PkRKAwQDTUuQAwQCW8zUAwQDsvtoAwQCufmgAwQCwe4gAwQCwe9IMA0EAgACMAcD
BQMqAiAAMA0GCSqGSIb3DQEBCwUAA4IBAQAllxTmZF0kVavW8kKwpGOkpg2U8DiX
C7Cwdpc3piSgttydRwZqZ0mbqf/iYz+RNYvJIkyEulK6H2+tco+zNyePvmn4tvCB
d1KMvga+PVaOE/jv8kgNPt7U78pwb1i+/d+x3tdCfnDEzdoogYTF1qdAoBQdJfVj
vnJrcevS8vo1JwKZMaBHetwb6zXGliAdqauKNm/jDMQ189VmLI9Mm6vd4hnjoUkX
Smdz7ChTKAg7NRiYLK8tNZeB92qYeQgiBNQw11WQEwtOtc2b46933I956ldkO4u8
waLDzfZwwrtiQnMII5UAo4Rtq4WrSHjKnltRKRfxOxtbfCDJuUizNGbW
-----END CERTIFICATE-----
Generated at Sun Apr 13 07:59:16 2025 by rpki-client