Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/f143d0-aeb8-4b52-9c35-b3a50910c2a8/1/L4GT8gOEuL97CVEc6SLYv27uQGY.roa
File: L4GT8gOEuL97CVEc6SLYv27uQGY.roa (raw, json)
Hash identifier: oA7pIDoRQZCeRvmX/JuwXtCGqvbpngo/uRvoynK93P8=
Subject key identifier: 2F:81:93:F2:03:84:B8:BF:7B:09:51:1C:E9:22:D8:BF:6E:EE:40:66
Certificate issuer: /CN=a999cffa6e48fa2c4f8d09803396b457a630a33d
Certificate serial: 01961AB94691F4EA3A98D025420FDD989B8C
Authority key identifier: A9:99:CF:FA:6E:48:FA:2C:4F:8D:09:80:33:96:B4:57:A6:30:A3:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qZnP-m5I-ixPjQmAM5a0V6Ywoz0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/f143d0-aeb8-4b52-9c35-b3a50910c2a8/1/L4GT8gOEuL97CVEc6SLYv27uQGY.roa
Signing time: Wed 09 Apr 2025 13:24:31 +0000
ROA not before: Wed 09 Apr 2025 13:24:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212655
IP address blocks: 45.92.44.0/22 maxlen: 24
83.217.160.0/20 maxlen: 20
185.8.92.0/24 maxlen: 24
185.8.94.0/23 maxlen: 24
185.26.240.0/22 maxlen: 22
185.43.128.0/22 maxlen: 22
185.154.144.0/22 maxlen: 22
193.28.90.0/24 maxlen: 24
2a0e:1d40::/29 maxlen: 41
2a10:6940::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/f143d0-aeb8-4b52-9c35-b3a50910c2a8/1/qZnP-m5I-ixPjQmAM5a0V6Ywoz0.crl
rsync://rpki.ripe.net/repository/DEFAULT/b7/f143d0-aeb8-4b52-9c35-b3a50910c2a8/1/qZnP-m5I-ixPjQmAM5a0V6Ywoz0.mft
rsync://rpki.ripe.net/repository/DEFAULT/qZnP-m5I-ixPjQmAM5a0V6Ywoz0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 30 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:1a:b9:46:91:f4:ea:3a:98:d0:25:42:0f:dd:98:9b:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a999cffa6e48fa2c4f8d09803396b457a630a33d
Validity
Not Before: Apr 9 13:24:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2f8193f20384b8bf7b09511ce922d8bf6eee4066
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:73:f6:34:cf:44:dd:7f:6e:00:b1:1c:cf:cd:
e6:3c:5d:71:6a:78:5b:e9:ac:29:d0:71:d7:80:3b:
92:24:ea:08:1b:1c:aa:6a:56:5b:81:2e:ef:89:a7:
9b:b4:f9:55:a3:32:29:7a:d1:63:bd:af:4a:3e:2f:
fd:33:c3:f4:67:f4:04:e2:7e:91:56:da:20:5d:b4:
15:14:7f:e3:f6:4d:3f:5c:06:16:d7:f5:50:e0:b7:
23:9a:ab:59:59:f2:d8:9e:ca:a8:c1:6c:1b:6d:e0:
5c:09:ab:da:17:54:93:41:4d:54:3d:56:f6:6b:68:
b0:f3:35:26:cd:c1:7c:8d:42:09:de:67:cf:fc:d0:
e8:ab:95:68:f5:08:19:28:18:c0:6b:e0:7e:0c:5c:
b0:c7:8b:33:a9:f2:e9:0c:f4:43:a5:65:52:69:54:
4e:5a:bc:54:b3:23:18:bb:f5:07:e1:70:73:26:40:
59:84:ea:86:e2:15:51:90:d8:a9:0c:81:f5:db:26:
d2:23:6f:1a:0e:89:53:25:3a:22:10:cc:de:c5:4a:
2d:46:65:cc:c4:b0:67:3f:97:26:00:bb:7d:fd:ff:
17:4e:a5:ea:5a:1c:39:59:6d:99:ef:fa:80:c1:18:
97:20:92:22:3b:d7:9d:95:c5:d1:ab:ca:f0:be:f8:
ca:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:81:93:F2:03:84:B8:BF:7B:09:51:1C:E9:22:D8:BF:6E:EE:40:66
X509v3 Authority Key Identifier:
keyid:A9:99:CF:FA:6E:48:FA:2C:4F:8D:09:80:33:96:B4:57:A6:30:A3:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qZnP-m5I-ixPjQmAM5a0V6Ywoz0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/f143d0-aeb8-4b52-9c35-b3a50910c2a8/1/L4GT8gOEuL97CVEc6SLYv27uQGY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/f143d0-aeb8-4b52-9c35-b3a50910c2a8/1/qZnP-m5I-ixPjQmAM5a0V6Ywoz0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.92.44.0/22
83.217.160.0/20
185.8.92.0/24
185.8.94.0/23
185.26.240.0/22
185.43.128.0/22
185.154.144.0/22
193.28.90.0/24
IPv6:
2a0e:1d40::/29
2a10:6940::/29
Signature Algorithm: sha256WithRSAEncryption
23:1f:54:7c:5f:a2:2f:80:6f:6f:bb:d9:75:2a:ee:ca:32:a9:
72:d2:45:85:9e:e6:b5:82:2e:7f:c0:45:85:43:fb:12:ce:fa:
1d:d4:fa:5b:b8:5f:56:30:99:4d:54:d9:3b:b9:0e:a8:4c:bf:
7a:f3:e5:83:0b:04:8f:d7:8d:40:08:2d:5d:cc:ab:bc:7d:5b:
d7:21:f7:1e:06:e6:67:28:61:23:91:72:a6:75:be:13:7c:88:
16:c3:a8:eb:c5:cf:b3:c3:bd:9a:3f:5d:e0:ce:95:a2:90:a6:
b3:7c:fd:88:69:4b:70:1b:1d:a1:ab:a5:27:94:14:0e:70:9f:
35:1c:b9:14:0b:9a:2c:d8:13:d3:88:0c:ee:a4:d0:0f:11:f7:
05:7b:8b:7c:87:c4:b3:4b:b3:15:e0:01:85:f0:22:9e:5a:17:
77:e3:04:dc:f7:f7:b7:3b:ff:71:c2:9a:27:52:18:92:3c:c7:
0b:60:3b:42:d5:3b:fa:ab:2a:1f:bf:16:a4:da:de:24:f7:1a:
3a:f6:70:3e:6a:34:54:e9:21:9c:a7:82:fd:17:62:72:6e:59:
69:ee:75:26:a2:93:c7:78:fe:bb:b3:66:b3:da:87:cb:4d:00:
10:a8:9c:31:96:9b:4a:55:02:33:8a:57:29:7a:7e:e6:84:69:
32:cd:49:f1
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZYauUaR9Oo6mNAlQg/dmJuMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5OTljZmZhNmU0OGZhMmM0ZjhkMDk4MDMzOTZiNDU3YTYz
MGEzM2QwHhcNMjUwNDA5MTMyNDMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjgxOTNmMjAzODRiOGJmN2IwOTUxMWNlOTIyZDhiZjZlZWU0MDY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApnP2NM9E3X9uALEcz83mPF1xanhb
6awp0HHXgDuSJOoIGxyqalZbgS7viaebtPlVozIpetFjva9KPi/9M8P0Z/QE4n6R
VtogXbQVFH/j9k0/XAYW1/VQ4LcjmqtZWfLYnsqowWwbbeBcCavaF1STQU1UPVb2
a2iw8zUmzcF8jUIJ3mfP/NDoq5Vo9QgZKBjAa+B+DFywx4szqfLpDPRDpWVSaVRO
WrxUsyMYu/UH4XBzJkBZhOqG4hVRkNipDIH12ybSI28aDolTJToiEMzexUotRmXM
xLBnP5cmALt9/f8XTqXqWhw5WW2Z7/qAwRiXIJIiO9edlcXRq8rwvvjK2wIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFC+Bk/IDhLi/ewlRHOki2L9u7kBmMB8GA1UdIwQY
MBaAFKmZz/puSPosT40JgDOWtFemMKM9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVpuUC1tNUktaXhQalFtQU01YTBWNll3b3owLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9mMTQzZDAtYWViOC00YjUyLTljMzUt
YjNhNTA5MTBjMmE4LzEvTDRHVDhnT0V1TDk3Q1ZFYzZTTFl2Mjd1UUdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9mMTQzZDAtYWViOC00YjUyLTljMzUtYjNhNTA5MTBjMmE4
LzEvcVpuUC1tNUktaXhQalFtQU01YTBWNll3b3owLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjA2BAIAATAwAwQCLVwsAwQE
U9mgAwQAuQhcAwQBuQheAwQCuRrwAwQCuSuAAwQCuZqQAwQAwRxaMBQEAgACMA4D
BQMqDh1AAwUDKhBpQDANBgkqhkiG9w0BAQsFAAOCAQEAIx9UfF+iL4Bvb7vZdSru
yjKpctJFhZ7mtYIuf8BFhUP7Es76HdT6W7hfVjCZTVTZO7kOqEy/evPlgwsEj9eN
QAgtXcyrvH1b1yH3HgbmZyhhI5FypnW+E3yIFsOo68XPs8O9mj9d4M6VopCms3z9
iGlLcBsdoaulJ5QUDnCfNRy5FAuaLNgT04gM7qTQDxH3BXuLfIfEs0uzFeABhfAi
nloXd+ME3Pf3tzv/ccKaJ1IYkjzHC2A7QtU7+qsqH78WpNreJPcaOvZwPmo0VOkh
nKeC/Rdicm5Zae51JqKTx3j+u7Nms9qHy00AEKicMZabSlUCM4pXKXp+5oRpMs1J
8Q==
-----END CERTIFICATE-----
Generated at Tue Apr 29 21:06:37 2025 by rpki-client