Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/LkOZl9li4KDCN9mXJJRsYlntJ7g.roa
File: LkOZl9li4KDCN9mXJJRsYlntJ7g.roa (raw, json)
Hash identifier: OaOnLY2HwNroM0V5LxxCi2+4Ez/WFZNIjE+vrYRqqVI=
Subject key identifier: 2E:43:99:97:D9:62:E0:A0:C2:37:D9:97:24:94:6C:62:59:ED:27:B8
Certificate issuer: /CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Certificate serial: 019743FBB1E321FC1F24D1EC9FB46CD1A572
Authority key identifier: 06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/LkOZl9li4KDCN9mXJJRsYlntJ7g.roa
Signing time: Fri 06 Jun 2025 06:44:17 +0000
ROA not before: Fri 06 Jun 2025 06:44:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.155.240.0/24 maxlen: 24
45.155.241.0/24 maxlen: 24
45.155.242.0/24 maxlen: 24
194.143.205.0/24 maxlen: 24
194.143.206.0/23 maxlen: 24
194.143.210.0/24 maxlen: 24
194.143.217.0/24 maxlen: 24
194.143.218.0/24 maxlen: 24
194.143.221.0/24 maxlen: 24
195.114.192.0/24 maxlen: 24
195.114.195.0/24 maxlen: 24
195.114.197.0/24 maxlen: 24
195.114.198.0/24 maxlen: 24
195.114.203.0/24 maxlen: 24
195.114.205.0/24 maxlen: 24
213.220.2.0/24 maxlen: 24
213.220.4.0/24 maxlen: 24
213.220.5.0/24 maxlen: 24
213.220.9.0/24 maxlen: 24
213.220.20.0/24 maxlen: 24
213.220.62.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.mft
rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 20:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:43:fb:b1:e3:21:fc:1f:24:d1:ec:9f:b4:6c:d1:a5:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Validity
Not Before: Jun 6 06:44:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2e439997d962e0a0c237d99724946c6259ed27b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:b9:b4:b3:83:9a:a0:fc:b8:c4:67:6d:a5:5f:
14:78:b2:4d:c5:2c:68:2f:0c:fe:0e:59:64:9e:ea:
bf:86:67:b9:38:51:1c:cf:fa:70:ef:f0:da:c8:09:
e7:f8:0a:d6:08:83:c1:b5:d3:dd:fd:77:7e:23:90:
e9:7c:32:7b:e0:3b:82:81:64:50:7c:ec:cf:75:b4:
c7:ae:5c:64:36:0f:d0:ef:19:fa:0e:53:4a:7c:4e:
2b:1d:08:fb:fc:d1:a3:7b:a4:a2:15:b7:3f:dd:e0:
f1:47:61:5e:82:6f:61:c8:7c:a7:a0:90:6d:1f:59:
51:23:1b:31:d7:bc:bb:5b:bb:b2:ee:08:4b:6c:83:
1e:b9:f7:e2:6c:58:71:12:62:9b:55:28:a1:12:5f:
bb:60:19:00:8d:a4:59:31:6c:42:28:b6:8b:f0:91:
1c:96:f0:ed:c7:40:02:ba:be:58:ff:30:89:2c:4b:
e7:1b:69:ba:5f:9c:45:38:2f:08:5d:30:75:00:e4:
da:69:93:f1:96:f1:a2:3a:b6:56:47:80:a2:b9:97:
49:a3:f6:27:7e:7c:97:c6:d2:5a:83:8d:8b:b1:90:
c7:28:b5:2c:ea:02:b6:58:d9:d2:d4:0b:f9:4f:e9:
f4:c8:45:38:5f:a2:9d:22:bf:29:93:23:d7:74:9e:
46:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:43:99:97:D9:62:E0:A0:C2:37:D9:97:24:94:6C:62:59:ED:27:B8
X509v3 Authority Key Identifier:
keyid:06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/LkOZl9li4KDCN9mXJJRsYlntJ7g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.240.0-45.155.242.255
194.143.205.0-194.143.207.255
194.143.210.0/24
194.143.217.0-194.143.218.255
194.143.221.0/24
195.114.192.0/24
195.114.195.0/24
195.114.197.0-195.114.198.255
195.114.203.0/24
195.114.205.0/24
213.220.2.0/24
213.220.4.0/23
213.220.9.0/24
213.220.20.0/24
213.220.62.0/24
Signature Algorithm: sha256WithRSAEncryption
93:6f:70:a0:90:b3:ee:b4:0c:36:72:d9:f6:08:ee:b9:72:8e:
ad:af:79:85:01:84:0d:ad:61:09:c8:06:0c:c2:52:60:a8:eb:
08:8a:25:72:d5:b8:3a:73:e5:68:15:30:38:e1:dd:f1:2e:65:
ad:84:33:8c:6d:2d:96:8b:fc:03:4f:e0:bd:ae:e3:28:a6:6f:
24:57:e2:2e:b3:b1:d4:b2:6a:8b:71:3a:df:c7:e1:f2:f0:54:
80:06:0f:22:a9:6c:ae:91:2c:5c:70:03:ac:b2:55:ce:6e:e0:
b2:36:f5:8f:ab:1b:1e:95:de:a7:86:34:01:75:ff:08:bb:58:
cf:60:24:0a:b9:0b:98:ab:83:cc:25:58:25:8d:f0:4b:af:bf:
96:41:db:e2:f8:a6:14:63:3d:72:37:d2:72:0f:8e:ef:3c:0c:
b1:5b:36:81:f9:81:81:c7:26:88:5a:79:fc:b0:92:a4:44:e5:
8a:32:c8:ae:10:72:69:41:ec:f3:94:ba:ed:e0:19:c3:4e:34:
da:bc:03:e7:8b:70:4e:1c:49:1a:10:7a:fe:d3:b8:54:eb:be:
47:b1:01:60:8c:8b:9e:d2:59:56:90:8e:6c:4c:fe:76:66:2d:
c3:e2:78:34:3d:ab:95:db:11:fe:e0:d1:ec:4d:c5:ba:9a:9c:
e9:63:ea:d8
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAZdD+7HjIfwfJNHsn7Rs0aVyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NzFkY2M3YTlhYzczNTFjNzFlMGJjMjI3OGNmNDVmZDAy
MGFlMmUwHhcNMjUwNjA2MDY0NDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTQzOTk5N2Q5NjJlMGEwYzIzN2Q5OTcyNDk0NmM2MjU5ZWQyN2I4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAibm0s4OaoPy4xGdtpV8UeLJNxSxo
Lwz+Dllknuq/hme5OFEcz/pw7/DayAnn+ArWCIPBtdPd/Xd+I5DpfDJ74DuCgWRQ
fOzPdbTHrlxkNg/Q7xn6DlNKfE4rHQj7/NGje6SiFbc/3eDxR2Fegm9hyHynoJBt
H1lRIxsx17y7W7uy7ghLbIMeuffibFhxEmKbVSihEl+7YBkAjaRZMWxCKLaL8JEc
lvDtx0ACur5Y/zCJLEvnG2m6X5xFOC8IXTB1AOTaaZPxlvGiOrZWR4CiuZdJo/Yn
fnyXxtJag42LsZDHKLUs6gK2WNnS1Av5T+n0yEU4X6KdIr8pkyPXdJ5GFQIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFC5DmZfZYuCgwjfZlySUbGJZ7Se4MB8GA1UdIwQY
MBaAFAZx3MeprHNRxx4LwieM9F/QIK4uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGIt
MWRkZWM0Y2NlMjRjLzEvTGtPWmw5bGk0S0RDTjltWEpKUnNZbG50SjdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGItMWRkZWM0Y2NlMjRj
LzEvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzCBgAQCAAEwejAMAwQE
LZvwAwQALZvyMAwDBADCj80DBATCj8ADBADCj9IwDAMEAMKP2QMEAMKP2gMEAMKP
3QMEAMNywAMEAMNywzAMAwQAw3LFAwQAw3LGAwQAw3LLAwQAw3LNAwQA1dwCAwQB
1dwEAwQA1dwJAwQA1dwUAwQA1dw+MA0GCSqGSIb3DQEBCwUAA4IBAQCTb3CgkLPu
tAw2ctn2CO65co6tr3mFAYQNrWEJyAYMwlJgqOsIiiVy1bg6c+VoFTA44d3xLmWt
hDOMbS2Wi/wDT+C9ruMopm8kV+Ius7HUsmqLcTrfx+Hy8FSABg8iqWyukSxccAOs
slXObuCyNvWPqxseld6nhjQBdf8Iu1jPYCQKuQuYq4PMJVgljfBLr7+WQdvi+KYU
Yz1yN9JyD47vPAyxWzaB+YGBxyaIWnn8sJKkROWKMsiuEHJpQezzlLrt4BnDTjTa
vAPni3BOHEkaEHr+07hU675HsQFgjIue0llWkI5sTP52Zi3D4ng0PauV2xH+4NHs
TcW6mpzpY+rY
-----END CERTIFICATE-----
Generated at Sun Jun 8 05:01:26 2025 by rpki-client