Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/4cb687-87fd-4af0-a36b-607272d737cb/1/lieerIGfYoiifslff7xL15T0Vwk.roa
File: lieerIGfYoiifslff7xL15T0Vwk.roa (raw, json)
Hash identifier: kWGMBjCLxR4cTqqxTU+We9gw4Dbl6ligoaFGrjIgARg=
Subject key identifier: 96:27:9E:AC:81:9F:62:88:A2:7E:C9:5F:7F:BC:4B:D7:94:F4:57:09
Certificate issuer: /CN=97242dba26ed882b380dabebab3c5f3942006ecc
Certificate serial: 019426D8C4AE39AF0EC84393909F14B472EA
Authority key identifier: 97:24:2D:BA:26:ED:88:2B:38:0D:AB:EB:AB:3C:5F:39:42:00:6E:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lyQtuibtiCs4DavrqzxfOUIAbsw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/4cb687-87fd-4af0-a36b-607272d737cb/1/lieerIGfYoiifslff7xL15T0Vwk.roa
Signing time: Thu 02 Jan 2025 11:48:47 +0000
ROA not before: Thu 02 Jan 2025 11:48:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 109.68.248.0/24 maxlen: 24
185.68.58.0/24 maxlen: 24
185.68.59.0/24 maxlen: 24
185.255.32.0/23 maxlen: 23
185.255.34.0/24 maxlen: 24
185.255.35.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/4cb687-87fd-4af0-a36b-607272d737cb/1/lyQtuibtiCs4DavrqzxfOUIAbsw.crl
rsync://rpki.ripe.net/repository/DEFAULT/f7/4cb687-87fd-4af0-a36b-607272d737cb/1/lyQtuibtiCs4DavrqzxfOUIAbsw.mft
rsync://rpki.ripe.net/repository/DEFAULT/lyQtuibtiCs4DavrqzxfOUIAbsw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 11 Apr 2025 08:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d8:c4:ae:39:af:0e:c8:43:93:90:9f:14:b4:72:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97242dba26ed882b380dabebab3c5f3942006ecc
Validity
Not Before: Jan 2 11:48:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=96279eac819f6288a27ec95f7fbc4bd794f45709
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:18:08:60:8b:7f:ed:14:ea:81:45:29:4d:ba:
46:0d:b5:09:d4:4e:66:3f:48:be:62:9d:d8:2b:be:
39:07:93:b4:cb:d9:5e:f2:df:95:d6:50:1a:af:60:
53:0e:c3:98:7f:8b:f7:d9:bd:f0:dc:a1:af:c7:75:
35:f5:14:74:84:c3:a0:54:89:4e:92:9e:04:19:a5:
82:42:38:5a:fe:72:8f:a8:b4:3c:a8:5e:7e:bf:15:
3a:52:04:c7:21:53:f8:e7:61:a2:89:47:37:07:d5:
cb:6a:82:cd:43:31:80:bd:c2:0c:ce:ab:bd:d5:da:
db:44:36:43:6f:70:40:6e:5a:8b:89:20:70:d1:c4:
36:6d:0c:0f:df:02:14:fa:c8:a3:c7:c6:2c:3b:20:
14:e1:0c:52:bf:0e:8c:12:02:84:78:35:8a:74:93:
26:4d:8e:02:55:63:ec:a3:7b:64:c2:d7:c5:33:a6:
66:76:96:74:d7:f7:68:ae:36:97:82:ee:8d:a6:c5:
ff:7f:a1:a4:61:20:d9:2b:44:35:34:b1:11:d4:ed:
26:df:5b:4f:67:cd:57:36:68:a2:33:23:30:54:e9:
d9:37:a0:6f:80:1a:54:d1:70:ee:0c:a7:18:c3:9e:
9e:9c:e9:c5:21:6c:b7:cd:02:bf:8b:0f:c6:5f:de:
9b:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:27:9E:AC:81:9F:62:88:A2:7E:C9:5F:7F:BC:4B:D7:94:F4:57:09
X509v3 Authority Key Identifier:
keyid:97:24:2D:BA:26:ED:88:2B:38:0D:AB:EB:AB:3C:5F:39:42:00:6E:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lyQtuibtiCs4DavrqzxfOUIAbsw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/4cb687-87fd-4af0-a36b-607272d737cb/1/lieerIGfYoiifslff7xL15T0Vwk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/4cb687-87fd-4af0-a36b-607272d737cb/1/lyQtuibtiCs4DavrqzxfOUIAbsw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.68.248.0/24
185.68.58.0/23
185.255.32.0/22
Signature Algorithm: sha256WithRSAEncryption
1c:c6:01:57:93:c8:52:2f:5c:d9:b4:c0:86:96:b8:dc:ce:ee:
aa:7e:9b:3f:40:4b:0b:a6:57:4b:ee:88:1a:51:f0:46:be:4a:
96:db:5d:dd:59:e5:c9:35:e1:d1:c1:bf:98:be:5e:28:e2:71:
d0:5b:33:e6:57:aa:7c:59:7f:08:6d:7c:ed:8b:8b:c0:69:ad:
cc:99:20:aa:48:5f:e1:f8:a4:82:7c:d4:85:6c:2a:1d:6a:31:
6e:4c:df:07:f5:82:8b:18:ec:2a:23:0b:79:c3:f5:51:82:91:
3d:9a:51:d0:ba:ad:ce:3c:f3:5f:7d:13:43:5b:b9:3f:ce:25:
76:e2:ed:b1:3c:bb:c2:19:ee:ae:7c:9b:34:9f:dc:c2:79:8d:
4e:5c:ae:3a:ce:66:6a:26:08:98:b1:ea:4f:8c:43:e8:40:ef:
92:d2:fd:79:53:4f:5d:c9:46:54:25:58:81:58:b0:39:8e:2c:
07:f1:c1:dd:fc:ed:06:0d:12:c0:8f:81:8d:77:98:b4:28:ff:
53:46:2b:35:ba:bb:23:61:e6:d5:d9:f1:c3:bf:ea:a7:fe:74:
3e:2a:d6:c4:c6:d4:40:a0:27:3b:dd:b7:fa:48:ae:b1:ba:3c:
a8:cc:1c:02:fc:9a:c6:b2:c4:f2:ee:d6:c7:c5:64:eb:33:f2:
02:12:e2:94
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQm2MSuOa8OyEOTkJ8UtHLqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3MjQyZGJhMjZlZDg4MmIzODBkYWJlYmFiM2M1ZjM5NDIw
MDZlY2MwHhcNMjUwMTAyMTE0ODQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjI3OWVhYzgxOWY2Mjg4YTI3ZWM5NWY3ZmJjNGJkNzk0ZjQ1NzA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArxgIYIt/7RTqgUUpTbpGDbUJ1E5m
P0i+Yp3YK745B5O0y9le8t+V1lAar2BTDsOYf4v32b3w3KGvx3U19RR0hMOgVIlO
kp4EGaWCQjha/nKPqLQ8qF5+vxU6UgTHIVP452GiiUc3B9XLaoLNQzGAvcIMzqu9
1drbRDZDb3BAblqLiSBw0cQ2bQwP3wIU+sijx8YsOyAU4QxSvw6MEgKEeDWKdJMm
TY4CVWPso3tkwtfFM6ZmdpZ01/dorjaXgu6NpsX/f6GkYSDZK0Q1NLER1O0m31tP
Z81XNmiiMyMwVOnZN6BvgBpU0XDuDKcYw56enOnFIWy3zQK/iw/GX96b4QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJYnnqyBn2KIon7JX3+8S9eU9FcJMB8GA1UdIwQY
MBaAFJckLbom7YgrOA2r66s8XzlCAG7MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHlRdHVpYnRpQ3M0RGF2cnF6eGZPVUlBYnN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy80Y2I2ODctODdmZC00YWYwLWEzNmIt
NjA3MjcyZDczN2NiLzEvbGllZXJJR2ZZb2lpZnNsZmY3eEwxNVQwVndrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy80Y2I2ODctODdmZC00YWYwLWEzNmItNjA3MjcyZDczN2Ni
LzEvbHlRdHVpYnRpQ3M0RGF2cnF6eGZPVUlBYnN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAbUT4AwQB
uUQ6AwQCuf8gMA0GCSqGSIb3DQEBCwUAA4IBAQAcxgFXk8hSL1zZtMCGlrjczu6q
fps/QEsLpldL7ogaUfBGvkqW213dWeXJNeHRwb+Yvl4o4nHQWzPmV6p8WX8IbXzt
i4vAaa3MmSCqSF/h+KSCfNSFbCodajFuTN8H9YKLGOwqIwt5w/VRgpE9mlHQuq3O
PPNffRNDW7k/ziV24u2xPLvCGe6ufJs0n9zCeY1OXK46zmZqJgiYsepPjEPoQO+S
0v15U09dyUZUJViBWLA5jiwH8cHd/O0GDRLAj4GNd5i0KP9TRis1ursjYebV2fHD
v+qn/nQ+KtbExtRAoCc73bf6SK6xujyozBwC/JrGssTy7tbHxWTrM/ICEuKU
-----END CERTIFICATE-----
Generated at Thu Apr 10 10:36:45 2025 by rpki-client