Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/lFooOW_IKfS-fVC7Phqe2iVJ8A4.roa
File: lFooOW_IKfS-fVC7Phqe2iVJ8A4.roa (raw, json)
Hash identifier: +NMjFCmzCYJINVT57k7ZnFNXqgOc6tNDPfdDZEFk2UY=
Subject key identifier: 94:5A:28:39:6F:C8:29:F4:BE:7D:50:BB:3E:1A:9E:DA:25:49:F0:0E
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 019422FBB0F63ADF56880524060DAA1F1E3A
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/lFooOW_IKfS-fVC7Phqe2iVJ8A4.roa
Signing time: Wed 01 Jan 2025 17:48:27 +0000
ROA not before: Wed 01 Jan 2025 17:48:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 36620
IP address blocks: 81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
185.100.0.53/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:b0:f6:3a:df:56:88:05:24:06:0d:aa:1f:1e:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Jan 1 17:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=945a28396fc829f4be7d50bb3e1a9eda2549f00e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:73:fa:bb:f6:a8:40:56:95:5f:38:0e:6f:db:
83:a7:62:c2:50:72:e3:69:72:25:c4:3e:a3:33:ad:
db:22:3c:9a:3a:fb:79:7d:10:79:d0:5f:11:2c:e1:
16:1a:2f:cf:8b:21:f9:26:7c:6e:e1:a0:ad:bb:d3:
ae:94:38:4f:0e:87:18:d1:6a:af:3b:3e:f2:f4:97:
fd:7b:bc:4e:7f:79:cb:9a:92:81:0d:7f:71:4a:aa:
c7:dd:c2:2c:b5:4c:af:87:79:c3:e9:c6:10:ec:d8:
46:2e:f9:b9:46:ec:51:4d:8e:4e:ac:ac:62:7f:ad:
a6:2d:96:40:c2:b8:6b:e0:63:9e:a0:2d:6b:b5:fc:
2c:e7:54:eb:99:cb:0b:79:bc:ae:95:13:5e:99:5d:
5c:d7:1c:9a:d0:ef:6e:9b:d9:ec:bc:31:0b:07:14:
b7:9e:96:a0:01:5f:f2:56:37:de:05:b5:2c:02:19:
bc:c9:ea:6c:83:2d:33:dc:3f:54:e5:22:31:a2:56:
d9:2a:6b:8b:c9:01:c8:da:62:80:bd:cc:5a:ac:32:
d6:92:df:19:7c:0b:27:65:4c:fe:2d:86:e3:d2:fa:
35:72:68:a8:52:d2:a4:eb:d6:3a:7c:19:f4:3a:8f:
82:4b:df:9c:60:98:81:a4:4a:5a:14:ff:35:6e:8a:
b9:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:5A:28:39:6F:C8:29:F4:BE:7D:50:BB:3E:1A:9E:DA:25:49:F0:0E
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/lFooOW_IKfS-fVC7Phqe2iVJ8A4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.195.30/31
185.100.0.53/32
Signature Algorithm: sha256WithRSAEncryption
14:9c:a6:bf:6c:53:94:19:cf:74:9f:19:a3:d2:e1:cb:c2:c4:
b3:2b:4a:84:a1:3e:0c:6b:2a:a2:e4:bb:9b:ba:f2:0f:97:ac:
7b:e5:78:f4:35:4d:16:69:15:54:ef:f1:6e:fc:13:25:8e:76:
57:1e:ed:5b:66:ab:a4:bb:9c:4e:ce:27:67:3c:3b:9b:2c:3b:
1e:68:e5:4e:5c:af:97:c3:56:64:4b:c4:ad:b2:5b:70:00:f5:
e7:30:4f:9e:3d:7e:47:fd:07:28:fa:9d:46:f5:40:1c:75:21:
f6:64:ab:94:37:3b:01:f4:05:a8:43:bc:0f:3e:0e:72:6b:41:
97:22:16:6b:9b:6e:8b:ff:c7:7c:a4:22:8a:1e:43:24:46:cb:
b1:84:29:be:44:78:29:ff:e7:87:be:53:5a:19:a2:8e:66:68:
cd:fd:f5:ee:98:7f:b4:a7:b1:df:a4:a0:fb:e8:a7:23:8e:68:
2c:6c:fe:0b:fa:05:14:43:86:8f:23:c3:00:c1:7f:ff:85:42:
9c:d8:ab:28:bc:a6:a6:79:e0:db:76:5e:09:a1:d4:42:ad:d7:
0c:a4:22:d5:fa:4d:bf:e0:4b:ba:65:5b:26:7c:cc:a8:4a:f6:
df:52:54:d1:c7:93:60:12:20:62:5e:f1:77:d5:01:5f:00:46:
a4:08:c0:5a
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQi+7D2Ot9WiAUkBg2qHx46MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjUwMTAxMTc0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDVhMjgzOTZmYzgyOWY0YmU3ZDUwYmIzZTFhOWVkYTI1NDlmMDBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA73P6u/aoQFaVXzgOb9uDp2LCUHLj
aXIlxD6jM63bIjyaOvt5fRB50F8RLOEWGi/PiyH5Jnxu4aCtu9OulDhPDocY0Wqv
Oz7y9Jf9e7xOf3nLmpKBDX9xSqrH3cIstUyvh3nD6cYQ7NhGLvm5RuxRTY5OrKxi
f62mLZZAwrhr4GOeoC1rtfws51TrmcsLebyulRNemV1c1xya0O9um9nsvDELBxS3
npagAV/yVjfeBbUsAhm8yepsgy0z3D9U5SIxolbZKmuLyQHI2mKAvcxarDLWkt8Z
fAsnZUz+LYbj0vo1cmioUtKk69Y6fBn0Oo+CS9+cYJiBpEpaFP81boq50QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJRaKDlvyCn0vn1Quz4antolSfAOMB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvbEZvb09XX0lLZlMtZlZDN1BocWUyaVZKOEE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOAwUBURPDHgMF
ALlkADUwDQYJKoZIhvcNAQELBQADggEBABScpr9sU5QZz3SfGaPS4cvCxLMrSoSh
PgxrKqLku5u68g+XrHvlePQ1TRZpFVTv8W78EyWOdlce7Vtmq6S7nE7OJ2c8O5ss
Ox5o5U5cr5fDVmRLxK2yW3AA9ecwT549fkf9Byj6nUb1QBx1IfZkq5Q3OwH0BahD
vA8+DnJrQZciFmubbov/x3ykIooeQyRGy7GEKb5EeCn/54e+U1oZoo5maM399e6Y
f7Snsd+koPvopyOOaCxs/gv6BRRDho8jwwDBf/+FQpzYqyi8pqZ54Nt2Xgmh1EKt
1wykItX6Tb/gS7plWyZ8zKhK9t9SVNHHk2ASIGJe8XfVAV8ARqQIwFo=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:24:09 2025 by rpki-client