Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/LH5zM5ISR2In_5yvzq8WLrfwNEU.roa
File: LH5zM5ISR2In_5yvzq8WLrfwNEU.roa (raw, json)
Hash identifier: 9sOUUTob1Vy78Eg8rYSzpbF+YI44wC/uN+X1YgeQLZ8=
Subject key identifier: 2C:7E:73:33:92:12:47:62:27:FF:9C:AF:CE:AF:16:2E:B7:F0:34:45
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 018E8690926F271C54EF3D773B6F23FEBA42
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/LH5zM5ISR2In_5yvzq8WLrfwNEU.roa
Signing time: Thu 28 Mar 2024 19:36:45 +0000
ROA not before: Thu 28 Mar 2024 19:36:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13213
IP address blocks: 45.128.198.0/24 maxlen: 24
136.144.40.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 20:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:86:90:92:6f:27:1c:54:ef:3d:77:3b:6f:23:fe:ba:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Mar 28 19:36:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2c7e73339212476227ff9cafceaf162eb7f03445
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:f2:c7:e3:2b:d7:3e:2e:2c:31:17:1d:45:c9:
a9:83:52:76:02:3a:b0:16:12:df:ef:0a:61:d5:77:
eb:03:2f:53:ca:72:73:8f:d7:23:e7:4c:10:42:40:
29:83:a8:0c:9a:0b:8a:9e:ff:83:98:1d:82:8a:46:
a1:fa:82:64:59:eb:43:14:bb:f2:9a:20:d9:e9:87:
34:a4:5b:25:56:8c:ee:c7:db:42:bb:b5:38:be:4d:
d2:d7:6d:52:74:ec:d1:e6:58:48:41:8c:51:0c:71:
8c:9b:c5:c5:31:23:d8:14:fc:2d:1b:ed:66:19:03:
67:d0:77:c5:9c:ba:75:fa:41:f1:1a:63:f8:bc:32:
16:b5:42:c4:5f:12:fc:72:4a:c2:ad:de:35:56:0f:
1a:b5:81:39:6e:86:b8:8e:d6:92:14:d0:43:99:fd:
e6:44:dc:4f:1e:11:bb:f2:3f:20:a0:2f:a5:42:5b:
b8:07:19:d4:94:71:54:06:e9:26:55:b5:d8:55:aa:
8d:45:5c:d2:f8:7e:7f:b5:07:2a:ea:58:4a:98:d9:
b9:45:5a:4c:9b:72:01:e6:2e:bd:cc:ad:ca:6e:47:
3b:e6:24:c3:c5:05:43:6d:df:c6:7c:70:06:28:31:
d5:03:9f:e9:da:50:39:f2:e4:84:ff:db:12:07:7e:
90:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:7E:73:33:92:12:47:62:27:FF:9C:AF:CE:AF:16:2E:B7:F0:34:45
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/LH5zM5ISR2In_5yvzq8WLrfwNEU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.198.0/24
136.144.40.0/24
Signature Algorithm: sha256WithRSAEncryption
84:ec:39:2d:c8:8a:e8:eb:93:22:65:2f:21:16:40:2a:29:70:
c0:5c:5a:00:c4:93:61:a8:7b:7f:6d:4e:b0:3f:e4:b7:c1:39:
4a:6e:18:4e:24:62:15:2c:e0:e2:33:d7:3b:8e:fa:fe:29:c0:
c6:24:f6:71:f6:08:7c:2a:cf:99:76:61:0d:26:8d:03:72:9b:
bf:ad:03:30:ae:1c:b0:24:b2:e4:81:22:76:ee:07:e7:5b:fe:
1a:24:0c:fc:49:f9:95:43:72:71:b7:a1:f5:42:43:3e:de:d8:
8c:46:8c:f4:7b:7b:41:d8:d0:39:21:db:c2:50:c7:9a:78:8b:
53:b8:98:bb:69:e3:27:5e:60:17:d1:09:71:6d:50:ef:00:a9:
48:7e:8b:ae:2a:02:54:3c:4b:5e:77:07:23:4a:ff:4e:a9:fd:
e9:75:32:0b:43:ef:36:c1:fb:06:7f:8a:b0:66:6f:15:55:a8:
11:37:f6:49:c2:9c:db:83:32:e0:5f:39:e0:75:18:8e:94:c7:
73:3e:ea:d4:b1:d2:ab:a2:d0:33:b5:c1:f2:5d:0e:11:bf:39:
05:c5:88:b5:6e:f3:b3:42:79:94:90:39:1a:5b:92:7a:1e:7e:
9a:c4:97:e5:fa:7b:09:0b:92:e4:2e:ca:3a:82:4a:28:4f:f8:
93:ff:3d:83
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY6GkJJvJxxU7z13O28j/rpCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjQwMzI4MTkzNjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzdlNzMzMzkyMTI0NzYyMjdmZjljYWZjZWFmMTYyZWI3ZjAzNDQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArPLH4yvXPi4sMRcdRcmpg1J2Ajqw
FhLf7wph1XfrAy9TynJzj9cj50wQQkApg6gMmguKnv+DmB2Cikah+oJkWetDFLvy
miDZ6Yc0pFslVozux9tCu7U4vk3S121SdOzR5lhIQYxRDHGMm8XFMSPYFPwtG+1m
GQNn0HfFnLp1+kHxGmP4vDIWtULEXxL8ckrCrd41Vg8atYE5boa4jtaSFNBDmf3m
RNxPHhG78j8goC+lQlu4BxnUlHFUBukmVbXYVaqNRVzS+H5/tQcq6lhKmNm5RVpM
m3IB5i69zK3Kbkc75iTDxQVDbd/GfHAGKDHVA5/p2lA58uSE/9sSB36QnwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCx+czOSEkdiJ/+cr86vFi638DRFMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvTEg1ek01SVNSMkluXzV5dnpxOFdMcmZ3TkVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALYDGAwQA
iJAoMA0GCSqGSIb3DQEBCwUAA4IBAQCE7DktyIro65MiZS8hFkAqKXDAXFoAxJNh
qHt/bU6wP+S3wTlKbhhOJGIVLODiM9c7jvr+KcDGJPZx9gh8Ks+ZdmENJo0Dcpu/
rQMwrhywJLLkgSJ27gfnW/4aJAz8SfmVQ3Jxt6H1QkM+3tiMRoz0e3tB2NA5IdvC
UMeaeItTuJi7aeMnXmAX0QlxbVDvAKlIfouuKgJUPEtedwcjSv9Oqf3pdTILQ+82
wfsGf4qwZm8VVagRN/ZJwpzbgzLgXzngdRiOlMdzPurUsdKrotAztcHyXQ4RvzkF
xYi1bvOzQnmUkDkaW5J6Hn6axJfl+nsJC5LkLso6gkooT/iT/z2D
-----END CERTIFICATE-----
Generated at Sun May 19 01:08:34 2024 by rpki-client on console-fra.rpki-client.org