Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/Lk2FOEWUHHu93f5zdNpJ0rdH4BM.roa
File: Lk2FOEWUHHu93f5zdNpJ0rdH4BM.roa (raw, json)
Hash identifier: hBtbofxOzoEhgWplFEc5IO1N66Cstoc9Aydqa3EXPCI=
Subject key identifier: 2E:4D:85:38:45:94:1C:7B:BD:DD:FE:73:74:DA:49:D2:B7:47:E0:13
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 0192668E86424177014D72F9E2AA92E9F7A1
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/Lk2FOEWUHHu93f5zdNpJ0rdH4BM.roa
Signing time: Mon 07 Oct 2024 10:37:49 +0000
ROA not before: Mon 07 Oct 2024 10:37:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 396190
IP address blocks: 89.249.193.0/24 maxlen: 24
212.42.193.0/24 maxlen: 24
212.42.194.0/24 maxlen: 24
212.42.200.0/24 maxlen: 24
212.42.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.mft
rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 13:00:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:66:8e:86:42:41:77:01:4d:72:f9:e2:aa:92:e9:f7:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Oct 7 10:37:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2e4d853845941c7bbdddfe7374da49d2b747e013
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:34:91:ce:69:e5:e7:5d:0d:d2:d2:4b:42:e3:
b3:5f:3e:cf:a0:43:34:cd:26:56:9b:68:ad:78:9a:
39:4c:ac:d1:46:4d:08:79:b0:10:3f:d8:4e:5e:65:
ed:15:4a:7e:0f:4b:81:f9:9e:f3:42:3a:31:2a:24:
c5:f7:59:4a:2a:07:95:ce:cc:e3:82:f2:41:3a:6c:
08:f0:14:f8:7e:9b:ff:69:5a:59:39:a7:fe:b1:d1:
be:cc:e1:0b:c5:9f:73:37:01:95:63:47:d7:40:23:
44:f1:d5:c9:99:f0:82:b2:b4:19:c0:38:c0:81:cc:
28:9e:73:9e:d9:25:39:fc:37:70:49:1d:11:78:8c:
40:bf:5b:cd:45:ff:75:10:99:10:12:3b:01:70:95:
2f:7f:76:24:a0:b1:a2:b2:a0:08:56:7c:54:b2:ce:
73:6f:b9:32:aa:c9:82:fd:6c:84:8e:b2:98:d7:51:
97:a7:82:c9:f5:96:47:10:96:9a:52:6a:e5:ef:21:
48:20:3a:b5:24:d7:46:7d:f1:d4:df:df:72:9d:91:
82:01:ac:ff:62:01:84:2a:63:f9:5f:8b:27:b0:e7:
cc:ea:92:b0:aa:08:f9:dc:94:59:26:fa:5f:e1:0f:
ac:b9:ae:15:d2:f1:f4:04:fa:b4:4e:1d:4a:37:41:
85:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:4D:85:38:45:94:1C:7B:BD:DD:FE:73:74:DA:49:D2:B7:47:E0:13
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/Lk2FOEWUHHu93f5zdNpJ0rdH4BM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.193.0/24
212.42.193.0-212.42.194.255
212.42.200.0/24
212.42.207.0/24
Signature Algorithm: sha256WithRSAEncryption
bb:3d:91:e0:56:47:64:2a:00:3f:ae:8f:cc:f9:dd:0a:e8:54:
fb:a4:e3:81:c2:b9:9e:1a:57:47:24:74:98:84:b8:10:af:a7:
e3:d9:4f:6f:19:cc:a3:fc:35:92:3c:9a:f9:0b:d4:2b:11:00:
59:ba:66:f4:17:1d:4c:70:c9:ed:40:44:4d:03:1a:8c:ab:fc:
2e:23:f8:0c:32:be:6c:99:5a:fd:8d:bd:c7:29:63:8a:c1:c3:
e8:15:8f:7b:0a:04:42:85:a5:a2:d3:92:9d:5e:1a:2d:7d:b7:
4e:59:68:30:82:ab:cb:0d:1f:53:49:95:39:20:82:f1:a7:40:
33:a2:a6:92:a4:e8:85:65:0d:94:a2:1c:e2:2b:96:79:b1:c1:
0f:5f:68:95:24:71:59:fa:94:86:e6:38:f4:04:1d:b3:29:2f:
e1:2d:9b:43:58:70:1b:03:cd:00:fe:78:ca:51:75:5d:9c:e4:
db:b4:7f:54:68:6f:f2:ec:56:48:4a:c8:77:51:a1:80:d1:09:
b5:e1:9a:47:33:a0:2b:3d:8d:a3:2c:ad:26:93:59:30:3c:36:
bd:e9:20:41:06:b7:40:af:55:be:18:79:82:66:36:25:80:f3:
fd:c8:75:7e:21:3d:a7:2a:69:fb:a7:c0:18:95:db:72:fb:cc:
54:72:0d:af
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZJmjoZCQXcBTXL54qqS6fehMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjQxMDA3MTAzNzQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTRkODUzODQ1OTQxYzdiYmRkZGZlNzM3NGRhNDlkMmI3NDdlMDEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArjSRzmnl510N0tJLQuOzXz7PoEM0
zSZWm2iteJo5TKzRRk0IebAQP9hOXmXtFUp+D0uB+Z7zQjoxKiTF91lKKgeVzszj
gvJBOmwI8BT4fpv/aVpZOaf+sdG+zOELxZ9zNwGVY0fXQCNE8dXJmfCCsrQZwDjA
gcwonnOe2SU5/DdwSR0ReIxAv1vNRf91EJkQEjsBcJUvf3YkoLGisqAIVnxUss5z
b7kyqsmC/WyEjrKY11GXp4LJ9ZZHEJaaUmrl7yFIIDq1JNdGffHU399ynZGCAaz/
YgGEKmP5X4snsOfM6pKwqgj53JRZJvpf4Q+sua4V0vH0BPq0Th1KN0GFZQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFC5NhThFlBx7vd3+c3TaSdK3R+ATMB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvTGsyRk9FV1VISHU5M2Y1emROcEowcmRINEJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAWfnBMAwD
BADUKsEDBADUKsIDBADUKsgDBADUKs8wDQYJKoZIhvcNAQELBQADggEBALs9keBW
R2QqAD+uj8z53QroVPuk44HCuZ4aV0ckdJiEuBCvp+PZT28ZzKP8NZI8mvkL1CsR
AFm6ZvQXHUxwye1ARE0DGoyr/C4j+AwyvmyZWv2NvccpY4rBw+gVj3sKBEKFpaLT
kp1eGi19t05ZaDCCq8sNH1NJlTkggvGnQDOippKk6IVlDZSiHOIrlnmxwQ9faJUk
cVn6lIbmOPQEHbMpL+Etm0NYcBsDzQD+eMpRdV2c5Nu0f1Rob/LsVkhKyHdRoYDR
CbXhmkczoCs9jaMsrSaTWTA8Nr3pIEEGt0CvVb4YeYJmNiWA8/3IdX4hPacqafun
wBiV23L7zFRyDa8=
-----END CERTIFICATE-----
Generated at Mon Nov 25 16:41:39 2024 by rpki-client on console-ams.rpki-client.org