Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/068cb9-6cba-453d-858a-c5bbf95f8584/1/lishyzU5fcRQD0UnbZJENmou-sc.roa
File: lishyzU5fcRQD0UnbZJENmou-sc.roa (raw, json)
Hash identifier: OXZjviRf58gZnLzaiDcKdYvZD8OZRwCWQQj7e3qyEJY=
Subject key identifier: 96:2B:21:CB:35:39:7D:C4:50:0F:45:27:6D:92:44:36:6A:2E:FA:C7
Certificate issuer: /CN=700c030930a9d2e4da88d81852a44c3f78bfb440
Certificate serial: 019686116A06C1A6EF0760D8AFEEE348B93D
Authority key identifier: 70:0C:03:09:30:A9:D2:E4:DA:88:D8:18:52:A4:4C:3F:78:BF:B4:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cAwDCTCp0uTaiNgYUqRMP3i_tEA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/068cb9-6cba-453d-858a-c5bbf95f8584/1/lishyzU5fcRQD0UnbZJENmou-sc.roa
Signing time: Wed 30 Apr 2025 09:40:10 +0000
ROA not before: Wed 30 Apr 2025 09:40:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20596
IP address blocks: 185.113.24.0/22 maxlen: 22
2a06:6740::/29 maxlen: 32
2a06:6740::/30 maxlen: 30
2a06:6744::/31 maxlen: 31
2a06:6746::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/068cb9-6cba-453d-858a-c5bbf95f8584/1/cAwDCTCp0uTaiNgYUqRMP3i_tEA.crl
rsync://rpki.ripe.net/repository/DEFAULT/71/068cb9-6cba-453d-858a-c5bbf95f8584/1/cAwDCTCp0uTaiNgYUqRMP3i_tEA.mft
rsync://rpki.ripe.net/repository/DEFAULT/cAwDCTCp0uTaiNgYUqRMP3i_tEA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 11 May 2025 03:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:86:11:6a:06:c1:a6:ef:07:60:d8:af:ee:e3:48:b9:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=700c030930a9d2e4da88d81852a44c3f78bfb440
Validity
Not Before: Apr 30 09:40:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=962b21cb35397dc4500f45276d9244366a2efac7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:09:a4:18:96:f1:4e:14:a0:b1:0a:c0:82:8e:
32:63:b1:ab:2a:57:ed:c6:65:7b:31:87:e2:5e:78:
2d:59:50:1b:1f:21:08:76:d2:14:e3:f2:75:cc:b1:
14:37:bd:1c:40:e5:dc:59:41:a9:bf:fa:70:0b:ce:
7f:54:e4:bd:ac:f7:92:26:67:3e:df:5f:e9:c3:29:
b3:24:15:f3:00:11:cf:fc:da:0d:1e:70:f2:f7:26:
ac:87:55:92:68:8a:4f:a8:71:11:c4:a2:71:8e:d8:
e1:4b:e5:60:e9:e2:c0:56:a7:e1:d6:c7:2b:c8:48:
e2:ac:fe:2c:75:88:1a:9c:b4:1f:f6:17:55:f1:ee:
c3:cd:70:20:09:f9:8b:33:0f:68:92:7d:6c:ce:21:
bf:53:41:5d:70:91:ef:41:cf:cb:21:0c:9a:ec:5b:
f7:a5:70:da:86:15:7e:4e:84:68:6b:12:67:dd:84:
7e:06:ef:aa:63:f6:ea:63:16:03:83:48:ac:e8:0f:
a4:26:62:12:97:e9:8c:4e:fc:4c:cc:10:8f:b7:f9:
7d:db:0b:72:e2:34:73:f5:87:bd:0f:dc:65:21:a7:
6e:ab:fb:db:64:da:7c:8e:83:98:ca:41:cf:3b:36:
69:24:68:05:8a:04:08:38:be:bc:84:5c:f8:33:86:
30:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:2B:21:CB:35:39:7D:C4:50:0F:45:27:6D:92:44:36:6A:2E:FA:C7
X509v3 Authority Key Identifier:
keyid:70:0C:03:09:30:A9:D2:E4:DA:88:D8:18:52:A4:4C:3F:78:BF:B4:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cAwDCTCp0uTaiNgYUqRMP3i_tEA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/068cb9-6cba-453d-858a-c5bbf95f8584/1/lishyzU5fcRQD0UnbZJENmou-sc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/068cb9-6cba-453d-858a-c5bbf95f8584/1/cAwDCTCp0uTaiNgYUqRMP3i_tEA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.113.24.0/22
IPv6:
2a06:6740::/29
Signature Algorithm: sha256WithRSAEncryption
96:b4:2c:a3:3e:ac:08:fb:e1:ea:af:ac:ee:cb:df:dc:ab:28:
2d:be:80:c1:8b:e8:77:f6:e5:71:3a:a6:82:39:de:87:10:cd:
ce:0d:4b:3a:f5:82:ec:04:92:9a:73:94:c4:41:00:7c:31:46:
18:1d:4e:4c:51:82:00:0b:4c:c1:d4:a0:50:61:c0:32:fc:b6:
e2:db:bd:19:ba:bb:27:d9:cf:65:84:f7:07:8c:88:22:e5:16:
f9:d5:3f:50:a0:0b:85:83:17:1b:f0:91:eb:b5:ce:47:4c:b6:
dd:8d:80:0e:40:a2:cb:59:c1:24:12:86:67:5b:ed:91:32:52:
b4:c2:9a:4f:46:8b:70:cc:44:6c:72:61:5d:83:03:05:e2:90:
b5:0e:0e:8f:19:bf:1c:0f:02:1b:09:31:6f:16:59:01:bf:df:
6b:98:af:01:a6:83:76:f8:78:91:73:2c:56:70:1f:c7:4a:72:
ed:9d:07:d5:34:98:52:bb:3b:3e:16:61:dc:7c:f4:f5:3a:7f:
7a:08:a5:05:3a:76:5a:b4:0d:08:d5:29:71:cb:40:b2:3a:01:
c7:65:a3:6c:87:d6:66:78:69:d3:b7:ac:19:fa:b0:a8:e2:05:
3f:96:76:c4:e6:d2:0f:70:48:f9:32:75:1c:bd:1e:d8:68:7e:
5e:b3:34:bc
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZaGEWoGwabvB2DYr+7jSLk9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwMGMwMzA5MzBhOWQyZTRkYTg4ZDgxODUyYTQ0YzNmNzhi
ZmI0NDAwHhcNMjUwNDMwMDk0MDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjJiMjFjYjM1Mzk3ZGM0NTAwZjQ1Mjc2ZDkyNDQzNjZhMmVmYWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArAmkGJbxThSgsQrAgo4yY7GrKlft
xmV7MYfiXngtWVAbHyEIdtIU4/J1zLEUN70cQOXcWUGpv/pwC85/VOS9rPeSJmc+
31/pwymzJBXzABHP/NoNHnDy9yash1WSaIpPqHERxKJxjtjhS+Vg6eLAVqfh1scr
yEjirP4sdYganLQf9hdV8e7DzXAgCfmLMw9okn1sziG/U0FdcJHvQc/LIQya7Fv3
pXDahhV+ToRoaxJn3YR+Bu+qY/bqYxYDg0is6A+kJmISl+mMTvxMzBCPt/l92wty
4jRz9Ye9D9xlIaduq/vbZNp8joOYykHPOzZpJGgFigQIOL68hFz4M4YwkwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJYrIcs1OX3EUA9FJ22SRDZqLvrHMB8GA1UdIwQY
MBaAFHAMAwkwqdLk2ojYGFKkTD94v7RAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0F3RENUQ3AwdVRhaU5nWVVxUk1QM2lfdEVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS8wNjhjYjktNmNiYS00NTNkLTg1OGEt
YzViYmY5NWY4NTg0LzEvbGlzaHl6VTVmY1JRRDBVbmJaSkVObW91LXNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS8wNjhjYjktNmNiYS00NTNkLTg1OGEtYzViYmY5NWY4NTg0
LzEvY0F3RENUQ3AwdVRhaU5nWVVxUk1QM2lfdEVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuXEYMA0E
AgACMAcDBQMqBmdAMA0GCSqGSIb3DQEBCwUAA4IBAQCWtCyjPqwI++Hqr6zuy9/c
qygtvoDBi+h39uVxOqaCOd6HEM3ODUs69YLsBJKac5TEQQB8MUYYHU5MUYIAC0zB
1KBQYcAy/Lbi270Zursn2c9lhPcHjIgi5Rb51T9QoAuFgxcb8JHrtc5HTLbdjYAO
QKLLWcEkEoZnW+2RMlK0wppPRotwzERscmFdgwMF4pC1Dg6PGb8cDwIbCTFvFlkB
v99rmK8BpoN2+HiRcyxWcB/HSnLtnQfVNJhSuzs+FmHcfPT1On96CKUFOnZatA0I
1Slxy0CyOgHHZaNsh9ZmeGnTt6wZ+rCo4gU/lnbE5tIPcEj5MnUcvR7YaH5eszS8
-----END CERTIFICATE-----
Generated at Sat May 10 09:53:12 2025 by rpki-client