Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/LsGg-CJMcnNJkzsGbF5wndTQ-rE.roa
File: LsGg-CJMcnNJkzsGbF5wndTQ-rE.roa (raw, json)
Hash identifier: 7IAwQWABMzd83zgAGYaRdCt2MRMVe80yQhrgNxmbwM0=
Subject key identifier: 2E:C1:A0:F8:22:4C:72:73:49:93:3B:06:6C:5E:70:9D:D4:D0:FA:B1
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 018F7D5F9107CC35022A179B6CEA2F79780A
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/LsGg-CJMcnNJkzsGbF5wndTQ-rE.roa
Signing time: Wed 15 May 2024 17:49:25 +0000
ROA not before: Wed 15 May 2024 17:49:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207645
IP address blocks: 94.176.96.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 09:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:7d:5f:91:07:cc:35:02:2a:17:9b:6c:ea:2f:79:78:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: May 15 17:49:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2ec1a0f8224c727349933b066c5e709dd4d0fab1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:16:0c:6f:89:ce:40:8e:9d:61:54:c7:50:81:
f4:d0:aa:45:86:4c:22:ab:01:80:1c:09:15:da:5f:
b0:5c:1b:55:c4:4c:26:04:e5:7a:b0:d6:9e:e4:ed:
61:d6:fb:d3:69:75:29:b3:16:ec:4d:22:27:be:b8:
89:87:01:61:66:ff:ba:33:2c:46:72:c5:73:48:be:
08:05:4f:59:19:93:a5:25:37:14:b2:dd:be:31:8a:
49:3c:84:87:fa:cf:90:65:fe:72:58:f6:54:48:09:
25:f7:b8:68:84:0d:b9:63:e4:19:fc:e2:b2:b4:bc:
0b:b6:4c:3d:a0:11:60:ec:4f:47:b0:c7:bf:dc:08:
d7:49:67:38:45:57:e4:4c:ac:5a:09:3b:df:b7:5c:
3d:b3:e1:3e:3f:4e:a2:95:53:8d:d9:92:7e:bc:4f:
dd:5a:df:c5:62:a0:cc:6b:96:7e:a3:f8:fd:72:d9:
78:ed:d5:b6:44:26:40:c6:91:e2:54:a4:e2:dd:fb:
17:a6:d4:a8:2f:ce:71:c7:7c:ed:15:40:38:d3:94:
49:c8:7c:11:df:b4:c4:50:2f:d1:19:fd:b4:33:7e:
63:82:ab:1b:bf:75:ca:b0:10:2d:93:d5:42:fa:ab:
db:b1:06:45:b1:71:ed:99:e3:2f:e9:d0:2c:5e:74:
a1:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:C1:A0:F8:22:4C:72:73:49:93:3B:06:6C:5E:70:9D:D4:D0:FA:B1
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/LsGg-CJMcnNJkzsGbF5wndTQ-rE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.176.96.0/24
Signature Algorithm: sha256WithRSAEncryption
33:c4:cf:06:88:b4:c9:78:72:d1:55:4d:39:12:46:19:a3:64:
d7:77:ef:f4:e3:65:3a:29:c1:56:f8:6e:f7:25:25:1e:a2:f0:
67:59:cf:17:0a:83:69:dc:ea:f9:c7:da:db:a8:fa:f1:73:3a:
3f:8f:6b:74:98:d6:99:29:e0:19:fe:07:d0:bf:ed:f5:9d:7c:
21:7b:66:c9:f8:6a:1e:2c:33:df:57:67:ff:fc:51:f7:57:91:
69:35:3e:bf:80:b1:84:c3:da:7b:83:a1:c9:70:f0:e1:dd:6f:
aa:9c:4e:33:14:b1:bf:31:9a:5d:21:52:59:98:11:97:b4:72:
6f:28:49:67:6a:71:32:d6:36:bd:6f:18:ea:2d:ee:31:45:ec:
de:98:b5:8a:98:d0:86:52:e2:2f:1d:fc:d9:33:d3:90:01:dd:
11:b8:a7:cc:93:ed:37:4d:a5:e1:f4:2c:48:60:df:e3:6e:a8:
97:a0:cf:e4:6b:21:6d:6e:59:3d:d1:3c:e8:6b:99:3c:1c:8e:
b2:16:81:87:0a:09:2a:df:d8:e6:e0:49:e4:1e:ea:93:af:10:
13:47:89:dc:c6:2c:32:9e:5a:3c:76:6c:4f:c2:1d:03:12:da:
9e:4d:20:06:ee:13:1b:7a:95:31:4f:b2:b7:74:60:35:fe:56:
57:ae:77:54
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY99X5EHzDUCKhebbOoveXgKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjQwNTE1MTc0OTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWMxYTBmODIyNGM3MjczNDk5MzNiMDY2YzVlNzA5ZGQ0ZDBmYWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqxYMb4nOQI6dYVTHUIH00KpFhkwi
qwGAHAkV2l+wXBtVxEwmBOV6sNae5O1h1vvTaXUpsxbsTSInvriJhwFhZv+6MyxG
csVzSL4IBU9ZGZOlJTcUst2+MYpJPISH+s+QZf5yWPZUSAkl97hohA25Y+QZ/OKy
tLwLtkw9oBFg7E9HsMe/3AjXSWc4RVfkTKxaCTvft1w9s+E+P06ilVON2ZJ+vE/d
Wt/FYqDMa5Z+o/j9ctl47dW2RCZAxpHiVKTi3fsXptSoL85xx3ztFUA405RJyHwR
37TEUC/RGf20M35jgqsbv3XKsBAtk9VC+qvbsQZFsXHtmeMv6dAsXnShSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC7BoPgiTHJzSZM7BmxecJ3U0PqxMB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvTHNHZy1DSk1jbk5Ka3pzR2JGNXduZFRRLXJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXrBgMA0G
CSqGSIb3DQEBCwUAA4IBAQAzxM8GiLTJeHLRVU05EkYZo2TXd+/042U6KcFW+G73
JSUeovBnWc8XCoNp3Or5x9rbqPrxczo/j2t0mNaZKeAZ/gfQv+31nXwhe2bJ+Goe
LDPfV2f//FH3V5FpNT6/gLGEw9p7g6HJcPDh3W+qnE4zFLG/MZpdIVJZmBGXtHJv
KElnanEy1ja9bxjqLe4xRezemLWKmNCGUuIvHfzZM9OQAd0RuKfMk+03TaXh9CxI
YN/jbqiXoM/kayFtblk90Tzoa5k8HI6yFoGHCgkq39jm4EnkHuqTrxATR4ncxiwy
nlo8dmxPwh0DEtqeTSAG7hMbepUxT7K3dGA1/lZXrndU
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:28:31 2024 by rpki-client on console-fra.rpki-client.org