Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/ace18f-ed7c-479f-855d-e409260015ef/1/LxkUadsRFDdYsFJ-gKw9GVGE9Ho.roa
File: LxkUadsRFDdYsFJ-gKw9GVGE9Ho.roa (raw, json)
Hash identifier: 88sHhNn/ivNW7D74QIciwn/7KiQqxUap1drrgZ4Kr/w=
Subject key identifier: 2F:19:14:69:DB:11:14:37:58:B0:52:7E:80:AC:3D:19:51:84:F4:7A
Certificate issuer: /CN=18e1732f2c80e3ea4d7279d252b874a6164c35b4
Certificate serial: 0194221FB4B443F1C3855920979C2E8E1355
Authority key identifier: 18:E1:73:2F:2C:80:E3:EA:4D:72:79:D2:52:B8:74:A6:16:4C:35:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GOFzLyyA4-pNcnnSUrh0phZMNbQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/ace18f-ed7c-479f-855d-e409260015ef/1/LxkUadsRFDdYsFJ-gKw9GVGE9Ho.roa
Signing time: Wed 01 Jan 2025 13:48:10 +0000
ROA not before: Wed 01 Jan 2025 13:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202984
IP address blocks: 45.139.236.0/24 maxlen: 24
45.139.237.0/24 maxlen: 24
45.139.238.0/24 maxlen: 24
45.139.239.0/24 maxlen: 24
185.211.244.0/24 maxlen: 24
185.211.245.0/24 maxlen: 24
185.211.246.0/24 maxlen: 24
185.211.247.0/24 maxlen: 24
2a0b:6cc0::/29 maxlen: 48
2a0b:6cc1:7::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/ace18f-ed7c-479f-855d-e409260015ef/1/GOFzLyyA4-pNcnnSUrh0phZMNbQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/ace18f-ed7c-479f-855d-e409260015ef/1/GOFzLyyA4-pNcnnSUrh0phZMNbQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/GOFzLyyA4-pNcnnSUrh0phZMNbQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:b4:b4:43:f1:c3:85:59:20:97:9c:2e:8e:13:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18e1732f2c80e3ea4d7279d252b874a6164c35b4
Validity
Not Before: Jan 1 13:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2f191469db11143758b0527e80ac3d195184f47a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:40:5a:9b:fe:bf:36:01:74:ed:75:d6:1a:e8:
0f:cb:3e:7c:7f:5b:78:77:ca:55:b9:fd:c9:f2:11:
6b:73:c7:4b:60:d7:b8:03:f9:07:d9:bd:12:1d:6b:
1a:28:c8:74:1b:b4:c1:f8:55:e0:ea:3b:58:26:7c:
54:ce:84:ed:cf:cb:8c:01:56:18:bb:32:83:48:9a:
f6:49:5b:3b:9c:59:cb:b0:8d:bf:f2:b6:25:07:33:
a1:20:70:a8:f7:43:e8:12:ec:ed:ed:d0:00:91:5a:
ec:3f:5b:96:56:28:45:64:cf:1d:44:f7:3a:1e:52:
f2:d0:42:80:c1:c2:b1:ed:f5:d8:41:9d:75:23:32:
cb:3f:d5:d6:63:0f:5c:28:41:80:b3:96:69:c3:92:
3d:98:64:a2:30:0b:5d:d6:54:e0:1b:03:d8:6f:5b:
78:a9:cd:91:67:e6:98:d9:22:fc:ca:36:a5:82:43:
13:ca:ea:8e:0b:b9:e0:4a:63:6a:a8:b6:2b:bb:1a:
58:b7:b7:16:ed:70:b7:cb:4e:93:e7:39:db:89:77:
30:e4:83:1b:73:cf:f2:67:da:cc:49:fb:7e:9d:c5:
46:13:5f:f7:49:64:0a:1a:67:5e:46:1a:45:b4:40:
bc:f6:21:45:cb:f9:10:ed:55:ca:d6:5f:66:8c:4d:
5b:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:19:14:69:DB:11:14:37:58:B0:52:7E:80:AC:3D:19:51:84:F4:7A
X509v3 Authority Key Identifier:
keyid:18:E1:73:2F:2C:80:E3:EA:4D:72:79:D2:52:B8:74:A6:16:4C:35:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GOFzLyyA4-pNcnnSUrh0phZMNbQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/ace18f-ed7c-479f-855d-e409260015ef/1/LxkUadsRFDdYsFJ-gKw9GVGE9Ho.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/ace18f-ed7c-479f-855d-e409260015ef/1/GOFzLyyA4-pNcnnSUrh0phZMNbQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.236.0/22
185.211.244.0/22
IPv6:
2a0b:6cc0::/29
Signature Algorithm: sha256WithRSAEncryption
2f:f5:2b:68:5e:9c:d4:2b:a7:94:55:42:c8:26:74:ac:04:12:
82:41:f2:80:f4:8e:7b:25:de:09:35:20:66:d6:74:b8:2b:70:
c7:d9:7a:59:7c:5e:27:2c:0f:d8:89:98:ed:3c:3f:ea:d4:6b:
0d:24:54:7b:e1:5c:e8:ff:68:56:c5:32:a3:43:6b:db:ce:90:
06:09:65:e5:74:b7:1b:62:8b:cb:63:be:7e:81:87:cb:fa:c1:
ad:1f:3c:a9:1a:c7:a0:05:90:2e:ef:41:94:ff:4d:31:9a:ea:
b9:1a:a7:2e:c4:a0:5e:68:b5:12:7b:f9:f2:70:77:cf:68:15:
a1:db:59:f6:0f:2a:3b:30:11:98:0c:df:17:bd:27:1f:31:ae:
3c:e4:69:6a:3c:db:5d:aa:f9:07:76:7b:35:b1:ac:87:22:ee:
02:80:da:10:06:ec:4a:1c:96:54:31:78:60:63:a1:00:53:08:
81:83:33:86:e8:43:8a:0f:8c:94:bf:a8:54:94:10:74:34:7c:
91:44:4b:3b:eb:91:aa:dc:e9:9a:82:82:68:c2:31:53:e1:77:
18:90:15:f5:48:48:09:c3:ed:98:2d:21:84:02:86:a7:38:1c:
fa:34:a0:da:79:8c:cb:19:f5:e1:2a:42:c5:cf:41:1a:57:e8:
5c:ef:51:37
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQiH7S0Q/HDhVkgl5wujhNVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4ZTE3MzJmMmM4MGUzZWE0ZDcyNzlkMjUyYjg3NGE2MTY0
YzM1YjQwHhcNMjUwMTAxMTM0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjE5MTQ2OWRiMTExNDM3NThiMDUyN2U4MGFjM2QxOTUxODRmNDdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8UBam/6/NgF07XXWGugPyz58f1t4
d8pVuf3J8hFrc8dLYNe4A/kH2b0SHWsaKMh0G7TB+FXg6jtYJnxUzoTtz8uMAVYY
uzKDSJr2SVs7nFnLsI2/8rYlBzOhIHCo90PoEuzt7dAAkVrsP1uWVihFZM8dRPc6
HlLy0EKAwcKx7fXYQZ11IzLLP9XWYw9cKEGAs5Zpw5I9mGSiMAtd1lTgGwPYb1t4
qc2RZ+aY2SL8yjalgkMTyuqOC7ngSmNqqLYruxpYt7cW7XC3y06T5znbiXcw5IMb
c8/yZ9rMSft+ncVGE1/3SWQKGmdeRhpFtEC89iFFy/kQ7VXK1l9mjE1bJwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFC8ZFGnbERQ3WLBSfoCsPRlRhPR6MB8GA1UdIwQY
MBaAFBjhcy8sgOPqTXJ50lK4dKYWTDW0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR09Gekx5eUE0LXBOY25uU1VyaDBwaFpNTmJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9hY2UxOGYtZWQ3Yy00NzlmLTg1NWQt
ZTQwOTI2MDAxNWVmLzEvTHhrVWFkc1JGRGRZc0ZKLWdLdzlHVkdFOUhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9hY2UxOGYtZWQ3Yy00NzlmLTg1NWQtZTQwOTI2MDAxNWVm
LzEvR09Gekx5eUE0LXBOY25uU1VyaDBwaFpNTmJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLYvsAwQC
udP0MA0EAgACMAcDBQMqC2zAMA0GCSqGSIb3DQEBCwUAA4IBAQAv9StoXpzUK6eU
VULIJnSsBBKCQfKA9I57Jd4JNSBm1nS4K3DH2XpZfF4nLA/YiZjtPD/q1GsNJFR7
4Vzo/2hWxTKjQ2vbzpAGCWXldLcbYovLY75+gYfL+sGtHzypGsegBZAu70GU/00x
muq5GqcuxKBeaLUSe/nycHfPaBWh21n2Dyo7MBGYDN8XvScfMa485GlqPNtdqvkH
dns1sayHIu4CgNoQBuxKHJZUMXhgY6EAUwiBgzOG6EOKD4yUv6hUlBB0NHyRREs7
65Gq3OmagoJowjFT4XcYkBX1SEgJw+2YLSGEAoanOBz6NKDaeYzLGfXhKkLFz0Ea
V+hc71E3
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:50:34 2025 by rpki-client