Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/lBmaEQ0r810o-fNWTqcVcihqmFU.roa
File: lBmaEQ0r810o-fNWTqcVcihqmFU.roa (raw, json)
Hash identifier: GPjz+APC+/hwKSl6iRW0XOHwwHsSVosZIhEJb6HEHJI=
Subject key identifier: 94:19:9A:11:0D:2B:F3:5D:28:F9:F3:56:4E:A7:15:72:28:6A:98:55
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01919D734576E740C2FD9604032C0E44EA69
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/lBmaEQ0r810o-fNWTqcVcihqmFU.roa
Signing time: Thu 29 Aug 2024 09:24:22 +0000
ROA not before: Thu 29 Aug 2024 09:24:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20911
IP address blocks: 45.90.90.0/23 maxlen: 24
84.21.174.0/23 maxlen: 24
87.120.118.0/24 maxlen: 24
87.120.119.0/24 maxlen: 24
87.120.122.0/24 maxlen: 24
87.120.123.0/24 maxlen: 24
87.120.124.0/24 maxlen: 24
93.123.26.0/23 maxlen: 24
193.42.34.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:9d:73:45:76:e7:40:c2:fd:96:04:03:2c:0e:44:ea:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Aug 29 09:24:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=94199a110d2bf35d28f9f3564ea71572286a9855
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:87:65:9f:1a:9a:8f:78:69:48:1b:84:b3:47:
73:7d:f0:80:9a:3d:66:9e:e6:fa:c8:08:e4:f2:97:
f2:b9:b3:f1:79:0c:f7:1c:72:b4:fa:08:f4:37:3a:
7a:40:2f:dc:56:ef:4b:06:16:26:bf:d4:45:83:f0:
46:46:0c:16:26:0c:c4:b6:84:e2:e7:ee:af:75:c6:
e6:d2:a9:b0:69:7f:57:d0:f6:90:47:b2:ff:00:32:
6c:c3:99:0c:67:da:d6:e3:55:b3:f4:b8:90:87:5f:
91:43:5c:55:58:80:33:00:32:84:68:8a:02:9c:96:
54:7f:b7:65:bb:37:36:88:f6:df:58:e1:3d:84:30:
f5:ec:e6:c3:e7:38:46:93:71:aa:b1:08:40:ea:da:
a0:e5:b9:d8:d5:e7:f3:98:09:82:4d:b3:4f:fb:a7:
30:65:4d:32:eb:d1:cd:eb:96:9b:b8:13:38:2a:07:
1f:61:83:16:7b:69:f6:b7:1c:de:51:06:94:30:96:
7f:78:8f:e6:47:d3:7c:f1:09:f0:46:4b:83:96:ec:
2b:f7:74:97:2e:7b:fe:95:61:a3:c9:16:5e:74:47:
ce:de:54:40:c2:c3:07:f0:5a:ab:2f:9f:6a:cc:f4:
b1:86:f0:b2:d9:f7:c3:9d:2f:b1:46:eb:71:d7:3a:
d2:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:19:9A:11:0D:2B:F3:5D:28:F9:F3:56:4E:A7:15:72:28:6A:98:55
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/lBmaEQ0r810o-fNWTqcVcihqmFU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.90.0/23
84.21.174.0/23
87.120.118.0/23
87.120.122.0-87.120.124.255
93.123.26.0/23
193.42.34.0/23
Signature Algorithm: sha256WithRSAEncryption
a0:23:f5:85:2d:35:2c:8f:34:17:b2:68:3a:eb:fa:b8:d9:98:
97:1f:a0:0f:53:06:b9:d2:9b:18:34:a5:33:5b:d3:00:bb:cf:
40:1e:e4:f2:5d:09:71:bd:9a:d5:a9:ef:99:0f:55:a1:8f:9c:
19:a7:1c:d9:fb:b6:ae:4e:5d:16:8f:e3:f4:56:7d:54:40:a6:
f0:7d:db:83:58:95:f0:06:67:80:da:85:95:30:ef:92:cc:f0:
ce:c5:f2:ff:31:32:6e:1e:5e:7a:b3:f4:33:5b:a9:3c:bb:6a:
ff:c2:c7:14:64:26:fa:e1:cc:32:e6:56:b0:fe:b9:03:a8:3a:
1e:4f:9a:d2:51:60:93:4a:16:04:60:c3:9d:24:84:67:aa:54:
0e:4f:a7:ea:21:08:ae:7f:77:b2:28:e0:6c:28:ff:cd:b3:cf:
83:bc:e8:e3:17:ec:5d:72:5d:45:f9:ab:99:ca:7e:62:f6:b2:
3c:b7:fa:0c:2c:10:10:0d:c2:3e:68:62:5d:26:f9:23:29:79:
c1:0e:00:38:2e:55:53:c3:30:a4:25:3f:09:1c:ef:02:28:65:
a8:6c:b9:36:ae:ac:bf:4c:40:f9:6e:50:8d:8d:39:bd:db:b6:
d1:b4:b9:19:5c:2b:20:d2:63:56:1f:65:1e:5e:d9:ee:37:59:
6a:5c:75:2b
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZGdc0V250DC/ZYEAywOROppMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwODI5MDkyNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDE5OWExMTBkMmJmMzVkMjhmOWYzNTY0ZWE3MTU3MjI4NmE5ODU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyIdlnxqaj3hpSBuEs0dzffCAmj1m
nub6yAjk8pfyubPxeQz3HHK0+gj0Nzp6QC/cVu9LBhYmv9RFg/BGRgwWJgzEtoTi
5+6vdcbm0qmwaX9X0PaQR7L/ADJsw5kMZ9rW41Wz9LiQh1+RQ1xVWIAzADKEaIoC
nJZUf7dluzc2iPbfWOE9hDD17ObD5zhGk3GqsQhA6tqg5bnY1efzmAmCTbNP+6cw
ZU0y69HN65abuBM4KgcfYYMWe2n2txzeUQaUMJZ/eI/mR9N88QnwRkuDluwr93SX
Lnv+lWGjyRZedEfO3lRAwsMH8FqrL59qzPSxhvCy2ffDnS+xRutx1zrSIwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFJQZmhENK/NdKPnzVk6nFXIoaphVMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvbEJtYUVRMHI4MTBvLWZOV1RxY1ZjaWhxbUZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQBLVpaAwQB
VBWuAwQBV3h2MAwDBAFXeHoDBABXeHwDBAFdexoDBAHBKiIwDQYJKoZIhvcNAQEL
BQADggEBAKAj9YUtNSyPNBeyaDrr+rjZmJcfoA9TBrnSmxg0pTNb0wC7z0Ae5PJd
CXG9mtWp75kPVaGPnBmnHNn7tq5OXRaP4/RWfVRApvB924NYlfAGZ4DahZUw75LM
8M7F8v8xMm4eXnqz9DNbqTy7av/CxxRkJvrhzDLmVrD+uQOoOh5PmtJRYJNKFgRg
w50khGeqVA5Pp+ohCK5/d7Io4Gwo/82zz4O86OMX7F1yXUX5q5nKfmL2sjy3+gws
EBANwj5oYl0m+SMpecEOADguVVPDMKQlPwkc7wIoZahsuTaurL9MQPluUI2NOb3b
ttG0uRlcKyDSY1YfZR5e2e43WWpcdSs=
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:44:07 2024 by rpki-client on console-fra.rpki-client.org