Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/6a88ac-efb4-45e4-9199-2abdb21941bc/1/O8xQyf4SlO_QA8u4YHx9nqfuT4c.roa
File: O8xQyf4SlO_QA8u4YHx9nqfuT4c.roa (raw, json)
Hash identifier: WyDwMMx1y5LT2GHueRZtXWT+BMFzzrzU6Km40azPSxA=
Subject key identifier: 3B:CC:50:C9:FE:12:94:EF:D0:03:CB:B8:60:7C:7D:9E:A7:EE:4F:87
Certificate issuer: /CN=96b87e5fd1aadc1bbea372b4269eebd393c5cd67
Certificate serial: 019421B233CDD369A235A87529369EFC9E3A
Authority key identifier: 96:B8:7E:5F:D1:AA:DC:1B:BE:A3:72:B4:26:9E:EB:D3:93:C5:CD:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/6a88ac-efb4-45e4-9199-2abdb21941bc/1/O8xQyf4SlO_QA8u4YHx9nqfuT4c.roa
Signing time: Wed 01 Jan 2025 11:48:34 +0000
ROA not before: Wed 01 Jan 2025 11:48:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56361
IP address blocks: 31.41.184.0/21 maxlen: 21
46.175.120.0/21 maxlen: 21
176.98.168.0/21 maxlen: 21
176.118.128.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1b/6a88ac-efb4-45e4-9199-2abdb21941bc/1/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.crl
rsync://rpki.ripe.net/repository/DEFAULT/1b/6a88ac-efb4-45e4-9199-2abdb21941bc/1/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.mft
rsync://rpki.ripe.net/repository/DEFAULT/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 29 Apr 2025 02:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:33:cd:d3:69:a2:35:a8:75:29:36:9e:fc:9e:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96b87e5fd1aadc1bbea372b4269eebd393c5cd67
Validity
Not Before: Jan 1 11:48:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3bcc50c9fe1294efd003cbb8607c7d9ea7ee4f87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:fb:a8:95:05:7a:0c:46:07:c3:6b:a7:e1:8e:
a5:68:e3:58:fb:6d:cd:54:5d:32:86:f2:9a:89:a7:
3b:68:93:2b:95:0d:aa:80:4c:c4:29:5f:a6:d3:c3:
01:56:4c:94:57:5e:03:ea:c4:2d:c4:f0:e9:c0:d5:
a5:ab:63:12:53:cd:45:98:5a:d2:c4:22:b5:7c:ef:
51:58:61:c7:7e:72:c9:c9:fd:54:82:be:b5:bf:20:
6f:c2:5d:ad:16:59:36:e0:3b:8a:0a:49:cf:6d:ab:
5b:f2:9d:fd:d6:06:65:84:ba:e4:41:96:ef:7a:b2:
62:e7:4e:d0:f8:59:78:c5:a6:1b:4f:9f:e7:1a:c9:
82:3d:c3:82:d0:58:ee:b2:c7:ba:2e:db:8b:8a:f2:
40:8f:e1:9c:14:38:34:b4:a8:84:1e:06:82:33:0d:
99:36:a6:f1:bc:ea:c8:ce:da:20:29:35:5f:f9:45:
da:64:f9:2d:00:13:ed:d8:aa:ff:63:01:e3:ee:56:
99:8e:ce:f9:ed:c7:85:54:60:24:8d:a8:78:d7:4e:
98:1c:41:d6:b9:84:cd:7a:f6:86:d1:f0:1e:5b:5e:
53:ee:5a:cb:2e:e3:a2:05:47:d6:38:f9:eb:f9:26:
6f:fe:db:e6:7e:28:e9:68:d7:5a:de:37:8e:53:81:
76:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:CC:50:C9:FE:12:94:EF:D0:03:CB:B8:60:7C:7D:9E:A7:EE:4F:87
X509v3 Authority Key Identifier:
keyid:96:B8:7E:5F:D1:AA:DC:1B:BE:A3:72:B4:26:9E:EB:D3:93:C5:CD:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/6a88ac-efb4-45e4-9199-2abdb21941bc/1/O8xQyf4SlO_QA8u4YHx9nqfuT4c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/6a88ac-efb4-45e4-9199-2abdb21941bc/1/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.41.184.0/21
46.175.120.0/21
176.98.168.0/21
176.118.128.0/21
Signature Algorithm: sha256WithRSAEncryption
58:e7:10:9b:03:c6:7b:ad:9f:30:65:48:9c:e7:27:e5:00:29:
af:03:74:5f:a8:f9:1d:f3:70:90:d0:ab:5f:aa:cb:09:14:96:
86:bc:b3:ff:9e:ca:32:c8:04:89:f6:67:c6:b4:a0:ad:f4:ec:
ce:3d:60:26:2a:b2:68:86:11:12:80:32:19:8e:56:39:e1:fa:
49:bb:31:76:83:a8:48:2c:f5:5b:f0:81:4b:aa:7b:cf:9d:c7:
d5:4b:f1:e2:36:65:bf:3e:57:26:59:5c:31:1b:f1:3e:6d:36:
fa:d5:42:0f:f9:65:ef:09:1c:8a:25:7e:6e:82:7e:47:78:bc:
17:a9:c9:ea:4b:fa:71:05:90:92:b5:05:f3:b6:5e:11:c3:95:
ca:09:57:cc:23:1f:dd:b4:fb:9f:2b:18:04:0f:65:fe:87:ed:
52:55:46:7f:b6:24:24:1d:4c:89:eb:e0:15:3f:2e:43:cb:25:
62:4e:97:30:55:b9:24:e3:ac:64:a4:9f:39:bf:e2:e3:f0:15:
b4:58:5b:9e:1e:90:b8:82:a4:9a:47:2a:2f:71:95:14:f6:65:
c2:ed:04:64:f7:75:38:9b:97:a1:93:15:e8:b6:dd:5a:a2:b8:
70:06:38:cd:db:e3:1c:89:ec:00:09:2f:c0:b3:83:1d:52:66:
f7:08:49:34
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQhsjPN02miNah1KTae/J46MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2Yjg3ZTVmZDFhYWRjMWJiZWEzNzJiNDI2OWVlYmQzOTNj
NWNkNjcwHhcNMjUwMTAxMTE0ODM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmNjNTBjOWZlMTI5NGVmZDAwM2NiYjg2MDdjN2Q5ZWE3ZWU0Zjg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv/uolQV6DEYHw2un4Y6laONY+23N
VF0yhvKaiac7aJMrlQ2qgEzEKV+m08MBVkyUV14D6sQtxPDpwNWlq2MSU81FmFrS
xCK1fO9RWGHHfnLJyf1Ugr61vyBvwl2tFlk24DuKCknPbatb8p391gZlhLrkQZbv
erJi507Q+Fl4xaYbT5/nGsmCPcOC0Fjusse6LtuLivJAj+GcFDg0tKiEHgaCMw2Z
NqbxvOrIztogKTVf+UXaZPktABPt2Kr/YwHj7laZjs757ceFVGAkjah4106YHEHW
uYTNevaG0fAeW15T7lrLLuOiBUfWOPnr+SZv/tvmfijpaNda3jeOU4F2pQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDvMUMn+EpTv0APLuGB8fZ6n7k+HMB8GA1UdIwQY
MBaAFJa4fl/RqtwbvqNytCae69OTxc1nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHJoLVg5R3EzQnUtbzNLMEpwN3IwNVBGeldjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi82YTg4YWMtZWZiNC00NWU0LTkxOTkt
MmFiZGIyMTk0MWJjLzEvTzh4UXlmNFNsT19RQTh1NFlIeDlucWZ1VDRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi82YTg4YWMtZWZiNC00NWU0LTkxOTktMmFiZGIyMTk0MWJj
LzEvbHJoLVg5R3EzQnUtbzNLMEpwN3IwNVBGeldjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDHym4AwQD
Lq94AwQDsGKoAwQDsHaAMA0GCSqGSIb3DQEBCwUAA4IBAQBY5xCbA8Z7rZ8wZUic
5yflACmvA3RfqPkd83CQ0KtfqssJFJaGvLP/nsoyyASJ9mfGtKCt9OzOPWAmKrJo
hhESgDIZjlY54fpJuzF2g6hILPVb8IFLqnvPncfVS/HiNmW/PlcmWVwxG/E+bTb6
1UIP+WXvCRyKJX5ugn5HeLwXqcnqS/pxBZCStQXztl4Rw5XKCVfMIx/dtPufKxgE
D2X+h+1SVUZ/tiQkHUyJ6+AVPy5DyyViTpcwVbkk46xkpJ85v+Lj8BW0WFueHpC4
gqSaRyovcZUU9mXC7QRk93U4m5ehkxXott1aorhwBjjN2+MciewACS/As4MdUmb3
CEk0
-----END CERTIFICATE-----
Generated at Mon Apr 28 10:26:21 2025 by rpki-client