Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/L3PmTxVcwjc5m-u-ANA1YJ0Cgbw.roa
File: L3PmTxVcwjc5m-u-ANA1YJ0Cgbw.roa (raw, json)
Hash identifier: T2Moze3Z7w9gEUX9GATB0CYu1BGd+gL6TNntwUvio+0=
Subject key identifier: 2F:73:E6:4F:15:5C:C2:37:39:9B:EB:BE:00:D0:35:60:9D:02:81:BC
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 01969B41EBA74439576AF97B235747412CF1
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/L3PmTxVcwjc5m-u-ANA1YJ0Cgbw.roa
Signing time: Sun 04 May 2025 12:25:10 +0000
ROA not before: Sun 04 May 2025 12:25:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 63023
IP address blocks: 5.8.18.0/24 maxlen: 24
5.101.81.0/24 maxlen: 24
5.101.82.0/24 maxlen: 24
5.101.83.0/24 maxlen: 24
5.101.84.0/24 maxlen: 24
46.161.0.0/24 maxlen: 24
146.185.233.0/24 maxlen: 24
146.185.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.mft
rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 12 May 2025 07:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:9b:41:eb:a7:44:39:57:6a:f9:7b:23:57:47:41:2c:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: May 4 12:25:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2f73e64f155cc237399bebbe00d035609d0281bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:f0:70:49:12:24:09:7f:bc:b4:39:a6:49:20:
26:11:17:ae:b2:fc:b9:16:b1:c2:ed:d3:cd:ca:ae:
4c:72:70:e7:4d:fe:4b:e4:16:ee:f1:1b:9d:bb:13:
36:ba:b8:f5:3d:e0:4b:f6:d7:89:0d:5f:8d:b5:d4:
47:6b:5b:cd:34:a2:9e:70:d5:d6:50:17:20:4a:4e:
ef:33:e0:15:91:35:bb:2d:5b:27:89:07:0e:92:81:
32:ce:af:98:7e:77:f6:26:f9:a4:db:84:c2:e4:ba:
59:e8:04:b0:7b:ef:8a:fd:69:14:b2:82:b7:07:92:
cc:5b:5e:1e:92:80:51:78:e8:5f:94:18:4d:05:a7:
fa:de:fd:91:b3:1f:17:ab:16:d5:29:2c:aa:b6:45:
57:c4:04:2f:15:99:f2:8a:9e:e6:23:3f:39:ca:cc:
65:50:4c:8a:33:4d:e7:32:3b:2e:c0:fb:3e:16:89:
75:3c:cd:39:8a:3d:77:3f:13:19:17:31:50:93:34:
53:6f:e0:ce:80:7f:83:53:a4:01:2a:ac:27:c3:15:
70:fd:79:13:a3:a5:0f:bb:2e:bb:1b:05:09:a2:1f:
04:69:b4:65:b2:fb:03:02:57:30:54:11:9c:b0:dd:
a0:48:55:06:dc:e9:d4:4c:40:60:82:27:2a:11:c3:
98:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:73:E6:4F:15:5C:C2:37:39:9B:EB:BE:00:D0:35:60:9D:02:81:BC
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/L3PmTxVcwjc5m-u-ANA1YJ0Cgbw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.18.0/24
5.101.81.0-5.101.84.255
46.161.0.0/24
146.185.233.0/24
146.185.239.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:69:a7:6b:68:50:f4:5a:8c:a3:4a:d8:fc:e6:ba:72:72:89:
fc:6a:0d:04:e2:c3:08:13:a5:81:04:66:cd:52:7a:b4:35:34:
ce:e3:1a:54:cc:42:2e:9e:69:fb:af:ba:1e:41:37:f3:3a:12:
6a:9e:b5:81:4c:b3:bc:1d:b4:dd:28:c1:7e:40:f0:db:0d:fd:
0e:7e:17:bb:c4:5f:c2:2e:6d:f5:7a:89:8b:f6:af:9e:24:36:
cb:3b:49:f8:8a:af:ef:fe:25:8a:4f:90:dc:0f:b6:5b:32:18:
c2:b5:01:83:8b:eb:e2:a7:d4:3c:7e:f6:90:c7:bc:90:08:71:
90:cc:41:58:9f:53:f6:d1:70:82:a5:c1:7d:27:d7:35:58:2d:
b3:9c:fa:97:a8:b4:57:51:3d:89:66:c4:9d:94:23:d6:27:99:
db:8d:6e:88:d4:58:fb:c5:3c:38:16:c7:76:ca:54:c9:d3:97:
45:60:c7:50:20:b1:44:71:18:b8:f7:e7:00:3d:5d:7b:68:bb:
d8:3a:3b:bc:0f:66:3f:3f:31:01:b4:ef:be:1b:ce:73:5f:8f:
6e:55:95:cb:f6:74:5c:b0:08:da:5a:97:c6:8c:29:7d:f1:a7:
9b:f6:ac:a5:99:5b:59:55:f7:d4:b3:32:3f:35:10:6f:b6:17:
8b:ed:47:01
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZabQeunRDlXavl7I1dHQSzxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjUwNTA0MTIyNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjczZTY0ZjE1NWNjMjM3Mzk5YmViYmUwMGQwMzU2MDlkMDI4MWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4fBwSRIkCX+8tDmmSSAmEReusvy5
FrHC7dPNyq5McnDnTf5L5Bbu8RuduxM2urj1PeBL9teJDV+NtdRHa1vNNKKecNXW
UBcgSk7vM+AVkTW7LVsniQcOkoEyzq+Yfnf2Jvmk24TC5LpZ6ASwe++K/WkUsoK3
B5LMW14ekoBReOhflBhNBaf63v2Rsx8XqxbVKSyqtkVXxAQvFZnyip7mIz85ysxl
UEyKM03nMjsuwPs+Fol1PM05ij13PxMZFzFQkzRTb+DOgH+DU6QBKqwnwxVw/XkT
o6UPuy67GwUJoh8EabRlsvsDAlcwVBGcsN2gSFUG3OnUTEBggicqEcOY+QIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFC9z5k8VXMI3OZvrvgDQNWCdAoG8MB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvTDNQbVR4VmN3amM1bS11LUFOQTFZSjBDZ2J3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQABQgSMAwD
BAAFZVEDBAAFZVQDBAAuoQADBACSuekDBACSue8wDQYJKoZIhvcNAQELBQADggEB
AA5pp2toUPRajKNK2PzmunJyifxqDQTiwwgTpYEEZs1SerQ1NM7jGlTMQi6eafuv
uh5BN/M6EmqetYFMs7wdtN0owX5A8NsN/Q5+F7vEX8IubfV6iYv2r54kNss7SfiK
r+/+JYpPkNwPtlsyGMK1AYOL6+Kn1Dx+9pDHvJAIcZDMQVifU/bRcIKlwX0n1zVY
LbOc+peotFdRPYlmxJ2UI9YnmduNbojUWPvFPDgWx3bKVMnTl0Vgx1AgsURxGLj3
5wA9XXtou9g6O7wPZj8/MQG0774bznNfj25Vlcv2dFywCNpal8aMKX3xp5v2rKWZ
W1lV99SzMj81EG+2F4vtRwE=
-----END CERTIFICATE-----
Generated at Sun May 11 13:33:07 2025 by rpki-client