Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/lPmMZR_nY5oe0KT3NvPntt5tHy4.roa
File: lPmMZR_nY5oe0KT3NvPntt5tHy4.roa (raw, json)
Hash identifier: 13OytpjuWZo04iqJk1+n/e1hEqKcCVVtD45Ifn8mxJE=
Subject key identifier: 94:F9:8C:65:1F:E7:63:9A:1E:D0:A4:F7:36:F3:E7:B6:DE:6D:1F:2E
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 01968A87159D86E76D3381305FE66ED39C54
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/lPmMZR_nY5oe0KT3NvPntt5tHy4.roa
Signing time: Thu 01 May 2025 06:27:10 +0000
ROA not before: Thu 01 May 2025 06:27:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202496
IP address blocks: 2a05:9a40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 10 May 2025 23:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:8a:87:15:9d:86:e7:6d:33:81:30:5f:e6:6e:d3:9c:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: May 1 06:27:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=94f98c651fe7639a1ed0a4f736f3e7b6de6d1f2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:78:be:55:8b:ab:69:dd:14:97:16:6b:3b:31:
00:38:31:03:de:f0:5e:ed:73:dd:42:da:ab:db:12:
55:01:6b:6b:42:ba:10:58:85:3d:6a:21:21:34:7f:
13:40:22:92:a9:71:77:75:ff:74:75:8b:2a:40:40:
16:e8:50:57:a3:25:3a:6d:05:42:4b:b5:d1:c1:36:
d4:4d:a0:c9:d9:00:e3:a9:f1:ba:d4:ac:d8:75:7e:
26:12:bc:1c:0f:d2:b4:41:60:30:03:cb:b9:c2:f5:
a8:d8:cc:b4:71:e3:44:f3:ad:e0:09:4f:66:36:3c:
39:ba:93:4e:04:4c:3f:1d:bb:6d:aa:ad:be:f6:2e:
c2:7c:4d:4e:d1:eb:12:fa:c2:2d:77:b2:78:0f:67:
19:96:95:df:41:30:ca:1c:6e:3c:4a:66:3b:9e:35:
18:17:f8:da:7f:b1:8b:ed:7f:9d:07:36:15:ca:51:
3b:aa:69:ac:11:9f:4a:af:4a:2c:b5:a8:fa:b4:fc:
8b:41:22:13:35:d8:6e:50:41:1a:7e:7d:ad:72:00:
5b:bb:8b:b9:25:c5:8e:df:f2:39:2d:ce:1e:e6:0f:
f5:c8:e2:76:2e:ff:b3:3f:65:cd:b4:c1:f8:bb:03:
e7:62:41:9b:36:22:7f:13:55:e8:35:88:4b:e1:4b:
c5:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:F9:8C:65:1F:E7:63:9A:1E:D0:A4:F7:36:F3:E7:B6:DE:6D:1F:2E
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/lPmMZR_nY5oe0KT3NvPntt5tHy4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:9a40::/29
Signature Algorithm: sha256WithRSAEncryption
2a:11:11:62:6e:26:22:50:18:f4:f2:30:b4:22:d3:ea:24:82:
7d:87:45:ff:c1:c4:8f:3c:9a:e1:4b:b9:ea:59:5e:05:24:c2:
06:1d:3e:5f:cb:1e:a6:86:79:ab:e7:d0:bb:2a:a5:df:b1:5b:
d6:d5:87:09:4e:f7:50:c1:2b:ea:f2:59:ea:c0:98:ee:e5:13:
89:95:19:79:a3:aa:1b:b9:0b:83:0c:64:b0:fa:37:e9:67:c1:
38:3d:f3:9b:42:77:53:4c:c6:ca:17:7e:da:7a:8e:d8:d1:b2:
dd:2a:bd:69:17:71:04:f1:09:0c:b9:d6:1c:08:6c:b9:a4:e6:
ba:21:50:2e:7b:14:94:5f:c8:72:fc:ea:c7:70:7f:36:76:35:
c3:05:b2:94:54:db:f4:d5:ee:d4:25:bf:e2:58:48:b1:86:ad:
6c:04:ff:b9:79:75:fe:41:fc:b9:a2:e9:95:83:5b:47:f4:3e:
61:cf:59:ba:f6:01:77:2f:7b:00:20:0d:1c:c8:4c:58:11:51:
e3:03:1b:af:69:d5:dd:53:a6:bf:84:3b:3b:dc:c4:58:5d:30:
74:98:cb:b2:27:20:f5:8c:7c:76:49:1a:41:b1:4c:2a:34:05:
9d:27:27:05:1c:73:2e:17:79:4a:8b:32:5a:c2:fd:d6:7e:6b:
20:10:0e:ec
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZaKhxWdhudtM4EwX+Zu05xUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjUwNTAxMDYyNzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGY5OGM2NTFmZTc2MzlhMWVkMGE0ZjczNmYzZTdiNmRlNmQxZjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxXi+VYurad0UlxZrOzEAODED3vBe
7XPdQtqr2xJVAWtrQroQWIU9aiEhNH8TQCKSqXF3df90dYsqQEAW6FBXoyU6bQVC
S7XRwTbUTaDJ2QDjqfG61KzYdX4mErwcD9K0QWAwA8u5wvWo2My0ceNE863gCU9m
Njw5upNOBEw/Hbttqq2+9i7CfE1O0esS+sItd7J4D2cZlpXfQTDKHG48SmY7njUY
F/jaf7GL7X+dBzYVylE7qmmsEZ9Kr0ostaj6tPyLQSITNdhuUEEafn2tcgBbu4u5
JcWO3/I5Lc4e5g/1yOJ2Lv+zP2XNtMH4uwPnYkGbNiJ/E1XoNYhL4UvFBQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJT5jGUf52OaHtCk9zbz57bebR8uMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvbFBtTVpSX25ZNW9lMEtUM052UG50dDV0SHk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgWaQDAN
BgkqhkiG9w0BAQsFAAOCAQEAKhERYm4mIlAY9PIwtCLT6iSCfYdF/8HEjzya4Uu5
6lleBSTCBh0+X8sepoZ5q+fQuyql37Fb1tWHCU73UMEr6vJZ6sCY7uUTiZUZeaOq
G7kLgwxksPo36WfBOD3zm0J3U0zGyhd+2nqO2NGy3Sq9aRdxBPEJDLnWHAhsuaTm
uiFQLnsUlF/Icvzqx3B/NnY1wwWylFTb9NXu1CW/4lhIsYatbAT/uXl1/kH8uaLp
lYNbR/Q+Yc9ZuvYBdy97ACANHMhMWBFR4wMbr2nV3VOmv4Q7O9zEWF0wdJjLsicg
9Yx8dkkaQbFMKjQFnScnBRxzLhd5SosyWsL91n5rIBAO7A==
-----END CERTIFICATE-----
Generated at Sat May 10 07:27:40 2025 by rpki-client