Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/LXaOacmSywqNlfh5CO5J1YXXGmI.roa
File: LXaOacmSywqNlfh5CO5J1YXXGmI.roa (raw, json)
Hash identifier: jtQHK2Bwk3+TO9AZet3mFNI8IuZDJg2fZaIIhEkYoQM=
Subject key identifier: 2D:76:8E:69:C9:92:CB:0A:8D:95:F8:79:08:EE:49:D5:85:D7:1A:62
Certificate issuer: /CN=5753c06290a371994d7577318685f5bc4a538d47
Certificate serial: 0194266B2FCC94BDCB3284AFB4F1178AD4C9
Authority key identifier: 57:53:C0:62:90:A3:71:99:4D:75:77:31:86:85:F5:BC:4A:53:8D:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V1PAYpCjcZlNdXcxhoX1vEpTjUc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/LXaOacmSywqNlfh5CO5J1YXXGmI.roa
Signing time: Thu 02 Jan 2025 09:49:06 +0000
ROA not before: Thu 02 Jan 2025 09:49:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42147
IP address blocks: 193.148.129.0/24 maxlen: 24
193.148.130.0/24 maxlen: 24
193.148.138.0/24 maxlen: 24
193.148.139.0/24 maxlen: 24
193.148.140.0/24 maxlen: 24
193.148.141.0/24 maxlen: 24
193.148.142.0/24 maxlen: 24
193.148.143.0/24 maxlen: 24
193.148.144.0/24 maxlen: 24
193.148.145.0/24 maxlen: 24
193.148.147.0/24 maxlen: 24
193.148.150.0/24 maxlen: 24
193.148.158.0/24 maxlen: 24
193.148.159.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/V1PAYpCjcZlNdXcxhoX1vEpTjUc.crl
rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/V1PAYpCjcZlNdXcxhoX1vEpTjUc.mft
rsync://rpki.ripe.net/repository/DEFAULT/V1PAYpCjcZlNdXcxhoX1vEpTjUc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 13:01:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:2f:cc:94:bd:cb:32:84:af:b4:f1:17:8a:d4:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5753c06290a371994d7577318685f5bc4a538d47
Validity
Not Before: Jan 2 09:49:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2d768e69c992cb0a8d95f87908ee49d585d71a62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:85:77:d2:4e:2a:20:01:59:bc:4f:96:db:d1:
f4:99:b0:08:83:37:b7:d1:01:07:71:11:b5:1e:07:
13:5a:f1:17:a3:5c:9b:c4:58:c3:9b:c8:13:33:5d:
6f:b3:8b:ef:7c:7a:8d:ed:61:80:ef:53:c5:26:91:
dc:c5:b1:83:74:3c:2e:25:1c:f1:f0:34:ef:f0:d4:
0f:61:b4:29:d1:13:b2:08:03:b8:d8:92:b4:2d:2e:
13:01:23:8a:c8:ae:92:7a:39:be:0a:6e:f4:90:2e:
34:b6:fe:4c:28:c6:6f:5d:b6:8c:8f:e2:bf:dc:ee:
6f:2c:72:ba:02:aa:c6:c7:e3:80:11:dd:19:f0:da:
80:4b:37:dc:88:f6:b3:ec:f7:d0:fc:6e:b5:50:50:
69:58:5a:db:10:17:ec:28:12:06:5b:f7:6d:bf:94:
1d:31:4a:f1:43:ca:66:56:21:1e:00:53:49:57:24:
a1:93:1d:ff:f2:3d:97:11:bc:86:e5:ba:03:ef:75:
98:ef:25:eb:a1:3d:cf:6f:91:d0:c6:f6:6f:85:95:
31:a5:53:3a:17:7a:33:fb:41:77:88:5f:ee:8c:fc:
79:0e:2d:0a:0c:db:44:d5:c7:83:84:b0:f7:a1:80:
64:39:e4:0b:1f:6d:9b:77:ea:94:a1:1b:81:65:f9:
c4:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:76:8E:69:C9:92:CB:0A:8D:95:F8:79:08:EE:49:D5:85:D7:1A:62
X509v3 Authority Key Identifier:
keyid:57:53:C0:62:90:A3:71:99:4D:75:77:31:86:85:F5:BC:4A:53:8D:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V1PAYpCjcZlNdXcxhoX1vEpTjUc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/LXaOacmSywqNlfh5CO5J1YXXGmI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/V1PAYpCjcZlNdXcxhoX1vEpTjUc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.148.129.0-193.148.130.255
193.148.138.0-193.148.145.255
193.148.147.0/24
193.148.150.0/24
193.148.158.0/23
Signature Algorithm: sha256WithRSAEncryption
8c:2b:6c:a2:7b:ff:46:ae:73:6f:b9:a4:29:e9:5f:43:38:50:
43:34:a9:c1:1a:f1:ed:2d:f8:f3:cf:1e:6b:06:66:8b:41:d0:
5a:fc:90:46:4a:2c:1f:52:14:3d:27:37:24:20:5f:ad:0d:f5:
95:b3:69:0e:9c:ff:b7:59:be:d9:99:24:11:db:e0:15:34:44:
79:2e:59:ea:d2:a0:18:53:b2:c0:0e:21:c0:4f:2a:a6:c4:fc:
ae:9b:ef:68:96:5b:f2:86:7e:1b:e2:8f:8f:a5:ca:9d:b8:31:
63:7a:eb:31:3a:a7:32:19:35:74:9d:49:7c:a3:cc:e7:1d:13:
5d:17:1d:d0:d1:6f:00:02:71:50:81:35:dc:fd:c0:6b:f0:29:
77:95:85:8f:9a:01:d2:71:99:49:8c:61:4f:65:f8:7f:06:88:
b9:9d:f1:e3:c1:ff:a6:b6:99:94:c6:f4:22:00:43:5e:0f:76:
1e:7d:4a:7f:37:79:d9:e6:ec:2b:f7:a0:e6:9f:f9:9e:39:ae:
a1:e2:7f:ea:ce:d8:97:ea:c0:43:ff:db:58:41:c0:8b:c7:0b:
0c:ef:97:4e:3c:0a:c8:2d:f3:05:28:d5:64:11:f3:13:12:a6:
bf:e6:af:44:c4:df:f1:2d:92:63:39:2d:94:29:df:cc:24:51:
80:ad:9f:a7
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZQmay/MlL3LMoSvtPEXitTJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NTNjMDYyOTBhMzcxOTk0ZDc1NzczMTg2ODVmNWJjNGE1
MzhkNDcwHhcNMjUwMTAyMDk0OTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDc2OGU2OWM5OTJjYjBhOGQ5NWY4NzkwOGVlNDlkNTg1ZDcxYTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2YV30k4qIAFZvE+W29H0mbAIgze3
0QEHcRG1HgcTWvEXo1ybxFjDm8gTM11vs4vvfHqN7WGA71PFJpHcxbGDdDwuJRzx
8DTv8NQPYbQp0ROyCAO42JK0LS4TASOKyK6Sejm+Cm70kC40tv5MKMZvXbaMj+K/
3O5vLHK6AqrGx+OAEd0Z8NqASzfciPaz7PfQ/G61UFBpWFrbEBfsKBIGW/dtv5Qd
MUrxQ8pmViEeAFNJVyShkx3/8j2XEbyG5boD73WY7yXroT3Pb5HQxvZvhZUxpVM6
F3oz+0F3iF/ujPx5Di0KDNtE1ceDhLD3oYBkOeQLH22bd+qUoRuBZfnEawIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFC12jmnJkssKjZX4eQjuSdWF1xpiMB8GA1UdIwQY
MBaAFFdTwGKQo3GZTXV3MYaF9bxKU41HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjFQQVlwQ2pjWmxOZFhjeGhvWDF2RXBUalVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9iNDFhYjYtYjlmMy00YjRhLTliN2It
MWVkMTA5NTRiZDk2LzEvTFhhT2FjbVN5d3FObGZoNUNPNUoxWVhYR21JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9iNDFhYjYtYjlmMy00YjRhLTliN2ItMWVkMTA5NTRiZDk2
LzEvVjFQQVlwQ2pjWmxOZFhjeGhvWDF2RXBUalVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuMAwDBADBlIED
BADBlIIwDAMEAcGUigMEAcGUkAMEAMGUkwMEAMGUlgMEAcGUnjANBgkqhkiG9w0B
AQsFAAOCAQEAjCtsonv/Rq5zb7mkKelfQzhQQzSpwRrx7S34888eawZmi0HQWvyQ
RkosH1IUPSc3JCBfrQ31lbNpDpz/t1m+2ZkkEdvgFTREeS5Z6tKgGFOywA4hwE8q
psT8rpvvaJZb8oZ+G+KPj6XKnbgxY3rrMTqnMhk1dJ1JfKPM5x0TXRcd0NFvAAJx
UIE13P3Aa/Apd5WFj5oB0nGZSYxhT2X4fwaIuZ3x48H/praZlMb0IgBDXg92Hn1K
fzd52ebsK/eg5p/5njmuoeJ/6s7Yl+rAQ//bWEHAi8cLDO+XTjwKyC3zBSjVZBHz
ExKmv+avRMTf8S2SYzktlCnfzCRRgK2fpw==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:05:26 2025 by rpki-client