Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/LHSn4hmcEhVYt3mmylxo9K9eZBs.roa
File: LHSn4hmcEhVYt3mmylxo9K9eZBs.roa (raw, json)
Hash identifier: /mRVur9QlsumpRxG8SJ/u3Kb872Ife1CLOhCQq2wCVc=
Subject key identifier: 2C:74:A7:E2:19:9C:12:15:58:B7:79:A6:CA:5C:68:F4:AF:5E:64:1B
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 019427B562FFAF68B20A062E69A050906FA8
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/LHSn4hmcEhVYt3mmylxo9K9eZBs.roa
Signing time: Thu 02 Jan 2025 15:49:46 +0000
ROA not before: Thu 02 Jan 2025 15:49:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50340
IP address blocks: 2a0e:b900::/29 maxlen: 29
2a10:4900::/29 maxlen: 29
2a10:4900::/32 maxlen: 32
2a10:4901::/32 maxlen: 32
2a10:4902::/32 maxlen: 32
2a10:4903::/32 maxlen: 32
2a10:4904::/32 maxlen: 32
2a10:4906::/32 maxlen: 32
2a10:4907::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.mft
rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 13:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:62:ff:af:68:b2:0a:06:2e:69:a0:50:90:6f:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Jan 2 15:49:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2c74a7e2199c121558b779a6ca5c68f4af5e641b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:d1:ec:47:81:04:d1:3f:ae:87:2a:17:09:8d:
4d:e7:8e:64:cd:d5:fe:3a:83:37:e4:16:86:60:76:
6c:dc:cc:99:53:97:4f:c5:89:e8:60:cd:18:aa:f5:
14:4d:b0:eb:fc:b4:87:2a:14:aa:4d:f6:51:2f:fa:
39:f1:60:a1:51:56:ad:c5:8b:30:f2:23:2e:4a:6b:
cb:00:5b:b5:58:b8:d4:55:b6:40:62:03:0c:d5:51:
06:ea:c0:15:eb:cb:e3:e7:fc:11:95:d2:d5:95:0e:
36:98:af:ce:83:4c:15:5f:64:73:12:59:88:b4:f7:
96:9b:ea:50:bb:fc:6b:ab:40:b5:db:e0:96:80:84:
1d:b4:09:be:9b:e5:7b:c2:7c:8a:20:ae:fb:50:37:
e5:90:65:01:59:47:e4:80:ca:4c:55:a2:04:d5:e5:
c8:6b:40:23:c1:06:73:9e:61:01:5d:c3:d2:24:f9:
be:9e:a0:f4:df:6b:20:3a:93:7c:94:2f:f2:f0:23:
91:cf:13:98:00:ba:b8:27:e4:bd:b3:4f:cc:56:84:
82:af:b0:2a:f2:e1:41:a0:aa:7e:26:36:4e:43:3a:
e5:b6:da:6b:83:8c:e3:ce:81:6d:81:f3:6b:4b:75:
8f:25:75:69:a3:87:dc:2c:bd:36:88:de:bb:19:6d:
e8:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:74:A7:E2:19:9C:12:15:58:B7:79:A6:CA:5C:68:F4:AF:5E:64:1B
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/LHSn4hmcEhVYt3mmylxo9K9eZBs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b900::/29
2a10:4900::/29
Signature Algorithm: sha256WithRSAEncryption
5d:30:81:20:93:30:2c:1d:3f:07:44:99:34:2f:13:13:1b:53:
e4:59:80:e4:3b:ff:d2:7f:98:f6:89:81:9e:f8:4b:f0:6d:6c:
c1:81:4e:3c:9e:ed:34:26:1b:33:3a:f1:d2:f3:23:97:4b:66:
90:c7:b4:7f:15:3d:55:c4:f3:b5:8b:06:91:cb:51:7d:98:a0:
17:4f:57:ab:de:82:f6:6f:ad:8e:d5:41:45:2c:66:60:1a:6b:
86:db:91:e4:97:58:50:50:33:c3:64:8f:6d:df:f3:6b:72:92:
f1:17:61:bc:1e:01:3a:a6:66:b4:a5:ae:3c:33:97:38:c4:b8:
6f:1c:0a:05:3c:0a:30:34:25:83:50:14:76:aa:77:14:7d:48:
e7:3d:b4:53:ab:52:f2:24:ab:5a:85:db:64:d1:97:9e:d2:fe:
9f:5d:8c:93:cf:a2:eb:48:10:34:e0:0b:1f:e5:23:4d:b7:31:
87:50:14:07:5f:e0:e6:95:f5:98:a5:ac:6d:4c:f4:56:49:68:
0c:90:1e:05:c2:9a:a8:7d:88:5c:21:24:6f:47:c4:0d:6b:c6:
1e:a5:4e:55:0a:98:6c:2c:02:b9:a9:52:03:4b:24:83:35:b4:
f8:7b:5b:0c:ad:79:e1:91:b5:4a:df:c0:36:f4:df:67:e2:47:
d5:e3:88:c6
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQntWL/r2iyCgYuaaBQkG+oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjUwMTAyMTU0OTQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzc0YTdlMjE5OWMxMjE1NThiNzc5YTZjYTVjNjhmNGFmNWU2NDFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo9HsR4EE0T+uhyoXCY1N545kzdX+
OoM35BaGYHZs3MyZU5dPxYnoYM0YqvUUTbDr/LSHKhSqTfZRL/o58WChUVatxYsw
8iMuSmvLAFu1WLjUVbZAYgMM1VEG6sAV68vj5/wRldLVlQ42mK/Og0wVX2RzElmI
tPeWm+pQu/xrq0C12+CWgIQdtAm+m+V7wnyKIK77UDflkGUBWUfkgMpMVaIE1eXI
a0AjwQZznmEBXcPSJPm+nqD032sgOpN8lC/y8CORzxOYALq4J+S9s0/MVoSCr7Aq
8uFBoKp+JjZOQzrlttprg4zjzoFtgfNrS3WPJXVpo4fcLL02iN67GW3ogQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFCx0p+IZnBIVWLd5pspcaPSvXmQbMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvTEhTbjRobWNFaFZZdDNtbXlseG85SzllWkJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKg65AAMF
AyoQSQAwDQYJKoZIhvcNAQELBQADggEBAF0wgSCTMCwdPwdEmTQvExMbU+RZgOQ7
/9J/mPaJgZ74S/BtbMGBTjye7TQmGzM68dLzI5dLZpDHtH8VPVXE87WLBpHLUX2Y
oBdPV6vegvZvrY7VQUUsZmAaa4bbkeSXWFBQM8Nkj23f82tykvEXYbweATqmZrSl
rjwzlzjEuG8cCgU8CjA0JYNQFHaqdxR9SOc9tFOrUvIkq1qF22TRl57S/p9djJPP
outIEDTgCx/lI023MYdQFAdf4OaV9ZilrG1M9FZJaAyQHgXCmqh9iFwhJG9HxA1r
xh6lTlUKmGwsArmpUgNLJIM1tPh7WwyteeGRtUrfwDb032fiR9XjiMY=
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:06:23 2025 by rpki-client