Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/LXt0WjL8rzr-9_TPmu_JpFoi4zc.roa
File: LXt0WjL8rzr-9_TPmu_JpFoi4zc.roa (raw, json)
Hash identifier: 8qcXHbBwPWwZYHo9eyAG5Xs61iotyFljr3hyAWtAD10=
Subject key identifier: 2D:7B:74:5A:32:FC:AF:3A:FE:F7:F4:CF:9A:EF:C9:A4:5A:22:E3:37
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018CCE08AC219A3068FEAC1E3C239D02A16A
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/LXt0WjL8rzr-9_TPmu_JpFoi4zc.roa
Signing time: Wed 03 Jan 2024 06:35:24 +0000
ROA not before: Wed 03 Jan 2024 06:35:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210974
IP address blocks: 212.192.2.0/24 maxlen: 24
212.192.3.0/24 maxlen: 24
212.192.11.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
212.193.8.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 12:52:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ce:08:ac:21:9a:30:68:fe:ac:1e:3c:23:9d:02:a1:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 3 06:35:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2d7b745a32fcaf3afef7f4cf9aefc9a45a22e337
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:79:33:a2:ab:0f:98:b1:b9:0e:f9:d5:cf:c9:
66:35:c3:da:40:b0:ea:22:67:59:86:e7:dc:96:21:
f1:c2:f2:68:d9:92:3e:3b:81:e1:5f:f6:53:67:b1:
71:1a:8a:3f:fc:0b:bc:a9:a1:14:0a:93:83:5c:c5:
b1:e6:00:91:e2:e8:7e:07:5d:e4:e6:4a:ba:e3:14:
32:20:7e:0e:69:18:b0:a8:6e:b3:ce:c7:8c:68:71:
8b:75:f9:fc:b5:df:61:2e:6e:56:84:86:de:d8:5b:
f7:25:9d:0b:0f:ca:43:f0:f1:08:b2:65:d4:7e:5b:
3d:c0:42:88:ec:05:6f:84:f9:02:9d:5f:2b:fe:cd:
dc:61:41:43:c7:b5:b9:cf:65:62:ec:f5:0a:f7:0b:
34:50:23:51:29:14:5a:88:90:95:1b:eb:60:4f:77:
a0:85:97:b4:fc:21:87:f2:0e:7d:4c:f9:27:5f:d4:
0a:8e:54:31:75:89:01:54:56:de:63:bf:74:32:e1:
d6:5a:6f:84:db:3d:9f:a1:95:18:20:ff:75:fa:99:
24:e3:27:38:30:d8:fa:4b:e0:1a:66:8a:23:50:b8:
74:da:6f:2b:9b:38:79:a1:35:54:d5:d5:7a:8e:ca:
46:61:7e:3e:65:9e:0f:7b:a8:24:75:bf:45:de:bc:
3c:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:7B:74:5A:32:FC:AF:3A:FE:F7:F4:CF:9A:EF:C9:A4:5A:22:E3:37
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/LXt0WjL8rzr-9_TPmu_JpFoi4zc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.133.55.0/24
212.192.2.0/23
212.192.11.0/24
212.193.8.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:42:71:4f:32:dc:df:f6:9e:44:58:fe:46:db:fe:5f:a4:4a:
64:b7:62:17:89:76:29:c3:58:d5:40:71:2c:6b:8b:8b:1b:7a:
66:3d:6e:85:73:a8:c5:5e:70:40:bd:ff:6e:e2:49:5c:87:dd:
20:ad:40:d9:b1:33:a6:59:72:89:e7:0b:cf:a2:74:2e:ea:82:
a3:4b:c7:6f:64:55:07:c5:f9:0e:f0:43:eb:39:00:52:49:d6:
65:64:7c:eb:76:d1:8f:38:4e:7c:49:37:84:1b:80:71:b5:49:
f1:15:b1:16:4a:8c:86:10:7f:bd:7a:49:44:1b:17:07:d0:9a:
eb:60:5a:a3:e7:9a:d5:ff:87:ba:b5:52:6b:dc:b7:e2:4d:d9:
2d:42:d6:ed:c6:df:37:a3:0b:db:c2:84:cc:fa:b5:4c:bc:5e:
1e:7a:79:8c:d9:14:44:5f:23:b5:6d:ac:ac:d2:6e:ca:d2:9f:
68:e6:b2:13:70:62:36:aa:b1:12:73:97:5a:92:90:39:9d:9b:
8a:1c:50:6d:3d:f7:80:eb:d0:5e:5a:d1:65:ea:ca:30:d1:10:
78:66:af:1c:d1:dc:94:ec:d9:b9:71:4c:08:62:7f:69:21:ad:
7e:3c:f8:31:ec:c7:a9:39:e2:db:ca:1f:d3:86:bc:2a:b0:7c:
73:6f:27:27
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzOCKwhmjBo/qwePCOdAqFqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTAzMDYzNTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDdiNzQ1YTMyZmNhZjNhZmVmN2Y0Y2Y5YWVmYzlhNDVhMjJlMzM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlXkzoqsPmLG5DvnVz8lmNcPaQLDq
ImdZhufcliHxwvJo2ZI+O4HhX/ZTZ7FxGoo//Au8qaEUCpODXMWx5gCR4uh+B13k
5kq64xQyIH4OaRiwqG6zzseMaHGLdfn8td9hLm5WhIbe2Fv3JZ0LD8pD8PEIsmXU
fls9wEKI7AVvhPkCnV8r/s3cYUFDx7W5z2Vi7PUK9ws0UCNRKRRaiJCVG+tgT3eg
hZe0/CGH8g59TPknX9QKjlQxdYkBVFbeY790MuHWWm+E2z2foZUYIP91+pkk4yc4
MNj6S+AaZoojULh02m8rmzh5oTVU1dV6jspGYX4+ZZ4Pe6gkdb9F3rw8mwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFC17dFoy/K86/vf0z5rvyaRaIuM3MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvTFh0MFdqTDhyenItOV9UUG11X0pwRm9pNHpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAw4U3AwQB
1MACAwQA1MALAwQA1MEIMA0GCSqGSIb3DQEBCwUAA4IBAQAOQnFPMtzf9p5EWP5G
2/5fpEpkt2IXiXYpw1jVQHEsa4uLG3pmPW6Fc6jFXnBAvf9u4klch90grUDZsTOm
WXKJ5wvPonQu6oKjS8dvZFUHxfkO8EPrOQBSSdZlZHzrdtGPOE58STeEG4BxtUnx
FbEWSoyGEH+9eklEGxcH0JrrYFqj55rV/4e6tVJr3LfiTdktQtbtxt83owvbwoTM
+rVMvF4eenmM2RREXyO1bays0m7K0p9o5rITcGI2qrESc5dakpA5nZuKHFBtPfeA
69BeWtFl6sow0RB4Zq8c0dyU7Nm5cUwIYn9pIa1+PPgx7MepOeLbyh/ThrwqsHxz
bycn
-----END CERTIFICATE-----
Generated at Mon Nov 25 16:35:43 2024 by rpki-client on console-ams.rpki-client.org