Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/Loa4kWXHd_gyVar7KKfuCbOTQSI.roa
File: Loa4kWXHd_gyVar7KKfuCbOTQSI.roa (raw, json)
Hash identifier: V+IAftZbMV1uaMDIpq8IX4vqfn+FazLdtHW0Gi6raiE=
Subject key identifier: 2E:86:B8:91:65:C7:77:F8:32:55:AA:FB:28:A7:EE:09:B3:93:41:22
Certificate issuer: /CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Certificate serial: 019423D7567CC1EE154F803BF54F7010A781
Authority key identifier: D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/Loa4kWXHd_gyVar7KKfuCbOTQSI.roa
Signing time: Wed 01 Jan 2025 21:48:22 +0000
ROA not before: Wed 01 Jan 2025 21:48:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207412
IP address blocks: 5.40.77.0/24 maxlen: 24
5.40.224.0/24 maxlen: 24
62.81.242.0/24 maxlen: 24
62.175.180.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.mft
rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 13:16:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:56:7c:c1:ee:15:4f:80:3b:f5:4f:70:10:a7:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Validity
Not Before: Jan 1 21:48:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2e86b89165c777f83255aafb28a7ee09b3934122
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:aa:57:7f:4b:b8:6b:fb:70:7c:92:ea:b2:65:
e5:a3:a1:ac:8b:2a:e1:60:86:cb:9d:6b:1c:e9:9a:
c0:a8:eb:a7:4c:b3:89:40:1f:d5:c7:c9:35:59:b6:
32:66:2b:dd:bf:c3:d7:9e:9f:80:b2:46:6f:ca:ac:
02:4d:31:21:dd:bd:47:a3:a2:41:6d:13:4a:b6:23:
22:00:45:5d:46:0d:12:36:0a:8c:52:8d:56:cf:bb:
ca:15:fb:a3:bd:bc:18:db:d4:0e:62:91:01:b2:2b:
cf:1a:7a:a4:8c:e8:46:7c:16:9e:83:66:41:f5:b9:
c4:16:16:5d:8a:0e:5a:12:d0:6e:2f:4a:24:c9:2b:
9d:08:aa:51:54:e5:bd:8f:65:27:c8:13:b0:51:af:
99:e1:35:e1:0c:4c:5f:fc:3a:c4:7f:ab:d2:81:77:
45:38:7b:c6:5b:a2:0d:1f:34:b8:ac:00:2b:f2:9b:
47:0d:54:d4:b0:53:27:3b:9f:a7:a1:5a:da:53:85:
7d:3e:e9:4e:f7:47:51:be:e6:3d:e8:7b:8f:a9:d9:
5c:16:f0:40:d6:84:d3:d2:75:49:10:88:2c:73:f7:
e7:13:56:97:a2:38:82:d8:fa:fd:60:ae:c6:2e:65:
12:93:70:76:2e:b0:bc:dc:60:12:86:73:f8:59:de:
0d:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:86:B8:91:65:C7:77:F8:32:55:AA:FB:28:A7:EE:09:B3:93:41:22
X509v3 Authority Key Identifier:
keyid:D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/Loa4kWXHd_gyVar7KKfuCbOTQSI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.40.77.0/24
5.40.224.0/24
62.81.242.0/24
62.175.180.0/24
Signature Algorithm: sha256WithRSAEncryption
48:ec:f9:0f:99:f6:3e:a1:fa:f7:29:dc:62:96:d4:3f:47:2e:
6b:3f:fb:1d:31:a7:03:b9:97:0b:b5:87:ba:2c:43:92:e6:b6:
b3:8f:92:f9:8f:63:0b:b6:7f:c2:90:63:82:9c:10:99:d1:e5:
7e:0e:4c:09:b0:83:b2:ff:e0:fd:2f:c2:ac:b7:4d:1a:a9:94:
b2:11:75:26:5f:8c:f3:3b:38:f4:14:08:c8:5c:f1:08:27:f4:
36:e6:92:a9:78:64:e6:b2:51:53:f1:fe:1e:7f:2f:c8:60:19:
04:a6:2f:2f:f9:e2:03:c1:78:62:17:6b:95:ec:c2:6f:0e:37:
6b:03:57:81:a2:eb:2b:65:05:a8:13:e2:c4:a7:9b:f0:53:0d:
d1:8c:f6:ae:a9:2c:10:f5:26:02:b3:2e:b1:f6:41:e0:be:db:
53:2a:47:57:42:6e:79:d0:26:e9:3c:e1:5c:06:b8:2d:13:72:
9c:f2:7b:a7:34:70:a7:3c:82:96:95:dc:0c:bc:0e:5b:87:ec:
fa:81:33:d3:82:d6:14:ec:bb:d8:9a:2a:2f:43:db:8a:e0:75:
ce:aa:6d:ef:b8:17:cb:1c:6a:8a:e3:c1:e2:4c:ae:a3:1a:d1:
b3:ba:be:62:ea:a4:70:bb:79:d0:5c:e9:d2:d0:c2:3d:77:fd:
aa:36:d4:ca
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQj11Z8we4VT4A79U9wEKeBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MzRmMTY4NjEwMjg3NmM2MjE2YmNlYTI4YTVlNTAyZWMw
ZDdiNmIwHhcNMjUwMTAxMjE0ODIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTg2Yjg5MTY1Yzc3N2Y4MzI1NWFhZmIyOGE3ZWUwOWIzOTM0MTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsapXf0u4a/twfJLqsmXlo6Gsiyrh
YIbLnWsc6ZrAqOunTLOJQB/Vx8k1WbYyZivdv8PXnp+AskZvyqwCTTEh3b1Ho6JB
bRNKtiMiAEVdRg0SNgqMUo1Wz7vKFfujvbwY29QOYpEBsivPGnqkjOhGfBaeg2ZB
9bnEFhZdig5aEtBuL0okySudCKpRVOW9j2UnyBOwUa+Z4TXhDExf/DrEf6vSgXdF
OHvGW6INHzS4rAAr8ptHDVTUsFMnO5+noVraU4V9PulO90dRvuY96HuPqdlcFvBA
1oTT0nVJEIgsc/fnE1aXojiC2Pr9YK7GLmUSk3B2LrC83GAShnP4Wd4NPwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFC6GuJFlx3f4MlWq+yin7gmzk0EiMB8GA1UdIwQY
MBaAFNQ08WhhAodsYha86iil5QLsDXtrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMURUeGFHRUNoMnhpRnJ6cUtLWGxBdXdOZTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC83MjZiYjQtNWQ4Ny00MDJkLTkxY2Ut
NTcxMmQ5NWFlNjM4LzEvTG9hNGtXWEhkX2d5VmFyN0tLZnVDYk9UUVNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC83MjZiYjQtNWQ4Ny00MDJkLTkxY2UtNTcxMmQ5NWFlNjM4
LzEvMURUeGFHRUNoMnhpRnJ6cUtLWGxBdXdOZTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABShNAwQA
BSjgAwQAPlHyAwQAPq+0MA0GCSqGSIb3DQEBCwUAA4IBAQBI7PkPmfY+ofr3Kdxi
ltQ/Ry5rP/sdMacDuZcLtYe6LEOS5razj5L5j2MLtn/CkGOCnBCZ0eV+DkwJsIOy
/+D9L8Kst00aqZSyEXUmX4zzOzj0FAjIXPEIJ/Q25pKpeGTmslFT8f4efy/IYBkE
pi8v+eIDwXhiF2uV7MJvDjdrA1eBousrZQWoE+LEp5vwUw3RjPauqSwQ9SYCsy6x
9kHgvttTKkdXQm550CbpPOFcBrgtE3Kc8nunNHCnPIKWldwMvA5bh+z6gTPTgtYU
7LvYmiovQ9uK4HXOqm3vuBfLHGqK48HiTK6jGtGzur5i6qRwu3nQXOnS0MI9d/2q
NtTK
-----END CERTIFICATE-----
Generated at Wed Apr 16 23:34:18 2025 by rpki-client