Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/Ln5xrfQaZh4sOk9mLMToxJp2Kis.roa
File: Ln5xrfQaZh4sOk9mLMToxJp2Kis.roa (raw, json)
Hash identifier: NqHTygPl4zxey4USVr4dlEUp9oabLIJtvisQmAgMbg0=
Subject key identifier: 2E:7E:71:AD:F4:1A:66:1E:2C:3A:4F:66:2C:C4:E8:C4:9A:76:2A:2B
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 019422FBB1F0DFA271B73F0247453FBF3C0F
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/Ln5xrfQaZh4sOk9mLMToxJp2Kis.roa
Signing time: Wed 01 Jan 2025 17:48:27 +0000
ROA not before: Wed 01 Jan 2025 17:48:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 36622
IP address blocks: 81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
185.100.0.53/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:b1:f0:df:a2:71:b7:3f:02:47:45:3f:bf:3c:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Jan 1 17:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2e7e71adf41a661e2c3a4f662cc4e8c49a762a2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:fc:5c:35:38:30:1f:90:ba:c1:34:7d:58:78:
88:75:de:aa:4e:10:0c:33:c8:00:6a:d4:a9:31:33:
b0:23:c8:e1:ef:b3:dc:a6:56:7e:23:34:96:1d:7f:
e5:55:f6:f2:a2:03:0b:dd:40:cf:14:b8:e7:c4:8e:
1c:ab:9a:18:08:3a:78:0c:54:12:d1:77:47:0d:cb:
5e:3a:88:08:41:54:f6:0d:78:b7:7e:24:f1:6e:0e:
69:e2:7b:d2:2b:57:a0:fa:21:5a:0d:86:a0:3c:c3:
b8:b4:5e:87:09:b4:10:cf:6b:b1:92:bc:3f:83:4e:
c7:e6:97:55:ae:3a:72:1a:60:e0:e4:b9:54:d7:6b:
d3:ab:4e:d5:4c:1a:47:5f:67:38:5f:39:e0:c5:66:
74:0a:96:c1:9b:83:48:24:46:83:91:2d:f9:ac:1c:
07:43:43:09:8f:7b:59:1c:4c:34:5a:91:d7:5f:b6:
7c:af:47:aa:71:99:ac:14:da:f3:77:b4:82:f6:50:
5f:9f:34:86:a7:86:d7:e9:84:f4:3b:d6:b6:9f:a7:
41:a1:05:21:e6:81:5b:86:ed:a3:03:f4:3c:81:3a:
aa:c8:91:18:2b:78:a6:6b:e1:01:52:25:10:c6:67:
18:b7:f5:60:74:8b:89:86:aa:55:3b:ae:e3:3b:bd:
a8:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:7E:71:AD:F4:1A:66:1E:2C:3A:4F:66:2C:C4:E8:C4:9A:76:2A:2B
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/Ln5xrfQaZh4sOk9mLMToxJp2Kis.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.195.30/31
185.100.0.53/32
Signature Algorithm: sha256WithRSAEncryption
78:14:e8:5f:46:bc:03:b1:63:c2:61:7e:f2:cc:79:fe:8e:01:
40:b5:d2:aa:c7:58:46:ed:c2:0c:1d:c8:22:ad:ed:de:3d:ed:
40:bc:58:c9:25:69:e8:83:ee:e5:1f:df:51:1e:e3:ca:21:f9:
3f:06:45:a0:79:c9:b4:1b:4b:5f:47:54:7f:e1:91:9d:23:13:
32:06:19:10:76:59:5b:4a:b8:16:73:8c:4e:f7:a4:ad:60:e3:
34:e9:3c:5e:0f:37:cf:1c:d2:5b:32:5b:da:5a:c1:fc:c0:5a:
93:32:48:32:b9:1c:17:cc:b1:a8:f4:29:fe:0f:12:ab:b0:e3:
56:26:68:21:ed:41:b1:5e:b2:be:1d:2d:72:e7:c9:4d:86:c8:
1d:61:d3:4d:64:a6:56:f6:87:8c:29:fd:af:93:05:20:46:be:
49:86:f6:46:0c:52:2a:23:59:1b:f6:8e:f4:9c:b0:20:d1:7b:
ee:a6:b9:ab:7b:76:94:aa:b7:cf:57:15:9a:b2:68:3b:ac:80:
dd:9e:82:b0:08:78:06:c0:ed:97:84:c1:e3:33:e1:2f:79:45:
d3:8e:28:83:af:34:92:fa:49:97:cd:6e:55:00:5e:48:ad:2c:
49:2d:5c:d6:82:ac:0e:31:a3:3a:33:a5:c9:da:cb:ae:a3:aa:
c4:f9:b8:9e
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQi+7Hw36Jxtz8CR0U/vzwPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjUwMTAxMTc0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTdlNzFhZGY0MWE2NjFlMmMzYTRmNjYyY2M0ZThjNDlhNzYyYTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/xcNTgwH5C6wTR9WHiIdd6qThAM
M8gAatSpMTOwI8jh77PcplZ+IzSWHX/lVfbyogML3UDPFLjnxI4cq5oYCDp4DFQS
0XdHDcteOogIQVT2DXi3fiTxbg5p4nvSK1eg+iFaDYagPMO4tF6HCbQQz2uxkrw/
g07H5pdVrjpyGmDg5LlU12vTq07VTBpHX2c4XzngxWZ0CpbBm4NIJEaDkS35rBwH
Q0MJj3tZHEw0WpHXX7Z8r0eqcZmsFNrzd7SC9lBfnzSGp4bX6YT0O9a2n6dBoQUh
5oFbhu2jA/Q8gTqqyJEYK3ima+EBUiUQxmcYt/VgdIuJhqpVO67jO72oVQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFC5+ca30GmYeLDpPZizE6MSadiorMB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvTG41eHJmUWFaaDRzT2s5bUxNVG94SnAyS2lzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOAwUBURPDHgMF
ALlkADUwDQYJKoZIhvcNAQELBQADggEBAHgU6F9GvAOxY8JhfvLMef6OAUC10qrH
WEbtwgwdyCKt7d497UC8WMklaeiD7uUf31Ee48oh+T8GRaB5ybQbS19HVH/hkZ0j
EzIGGRB2WVtKuBZzjE73pK1g4zTpPF4PN88c0lsyW9pawfzAWpMySDK5HBfMsaj0
Kf4PEquw41YmaCHtQbFesr4dLXLnyU2GyB1h001kplb2h4wp/a+TBSBGvkmG9kYM
UiojWRv2jvScsCDRe+6muat7dpSqt89XFZqyaDusgN2egrAIeAbA7ZeEweMz4S95
RdOOKIOvNJL6SZfNblUAXkitLEktXNaCrA4xozozpcnay66jqsT5uJ4=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:25:03 2025 by rpki-client