Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/LU5SNh5KUEkX4904tCcaUFHuyl0.roa
File: LU5SNh5KUEkX4904tCcaUFHuyl0.roa (raw, json)
Hash identifier: CZjme2XG9xt6H5DiYbkcZ8LAxaAJAY1muPR5BVY+8U8=
Subject key identifier: 2D:4E:52:36:1E:4A:50:49:17:E3:DD:38:B4:27:1A:50:51:EE:CA:5D
Certificate issuer: /CN=568fe35cc962633a2757af10a0e6e8ab6d01f4c9
Certificate serial: 018D597CFC9686EC000FA98933D42826C834
Authority key identifier: 56:8F:E3:5C:C9:62:63:3A:27:57:AF:10:A0:E6:E8:AB:6D:01:F4:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Vo_jXMliYzonV68QoOboq20B9Mk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/LU5SNh5KUEkX4904tCcaUFHuyl0.roa
Signing time: Tue 30 Jan 2024 08:29:39 +0000
ROA not before: Tue 30 Jan 2024 08:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35080
IP address blocks: 85.119.64.0/24 maxlen: 24
85.119.65.0/24 maxlen: 24
85.119.68.0/24 maxlen: 24
85.119.71.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/Vo_jXMliYzonV68QoOboq20B9Mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/Vo_jXMliYzonV68QoOboq20B9Mk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Vo_jXMliYzonV68QoOboq20B9Mk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:59:7c:fc:96:86:ec:00:0f:a9:89:33:d4:28:26:c8:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=568fe35cc962633a2757af10a0e6e8ab6d01f4c9
Validity
Not Before: Jan 30 08:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2d4e52361e4a504917e3dd38b4271a5051eeca5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:de:26:00:e0:04:aa:9f:19:db:28:ee:dd:1b:
29:90:37:56:68:08:64:eb:fe:14:b2:4c:85:09:b6:
98:49:cf:c7:12:a7:84:c4:c8:1f:f3:ab:32:a0:b7:
fc:ec:e5:0f:3b:d7:2f:87:a1:01:3f:13:a5:4e:95:
10:97:39:27:ae:de:9a:20:31:88:eb:f2:16:f6:90:
b5:4c:e8:42:b6:e9:59:16:13:b0:ee:06:77:bf:5b:
fb:0e:c6:14:b0:92:7c:21:01:a7:b3:76:63:77:f8:
47:bd:c2:60:b4:cc:d1:aa:5d:e6:5d:5c:31:e4:37:
9a:f4:b9:2f:72:89:92:a8:89:a8:8b:98:34:5c:cb:
47:25:42:59:3d:0a:95:bb:69:e0:ab:5c:33:02:5e:
d5:87:2f:c8:bf:f7:37:e6:1e:bf:60:6b:d1:19:c9:
66:ce:e7:64:a8:0d:b1:ca:6d:38:c4:e7:cf:9b:6c:
d6:68:27:42:3a:90:52:c1:82:2e:9b:ee:4d:b8:3a:
fc:6b:15:d6:ef:47:eb:1a:e2:29:b4:2f:02:05:55:
a5:e8:c4:7b:d0:2f:a5:c7:5b:94:37:50:81:d4:bc:
fd:b9:ae:56:ed:ba:69:33:cb:18:2c:cc:2b:e6:e4:
8d:cc:a1:b3:5b:8c:2a:45:5c:5f:d9:01:8d:b0:e1:
74:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:4E:52:36:1E:4A:50:49:17:E3:DD:38:B4:27:1A:50:51:EE:CA:5D
X509v3 Authority Key Identifier:
keyid:56:8F:E3:5C:C9:62:63:3A:27:57:AF:10:A0:E6:E8:AB:6D:01:F4:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vo_jXMliYzonV68QoOboq20B9Mk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/LU5SNh5KUEkX4904tCcaUFHuyl0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/Vo_jXMliYzonV68QoOboq20B9Mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.119.64.0/23
85.119.68.0/24
85.119.71.0/24
Signature Algorithm: sha256WithRSAEncryption
bf:5d:cb:6e:a2:e0:4f:9a:5c:85:86:cc:fc:26:b0:a2:72:28:
71:03:2e:3f:ba:57:f2:f7:0a:c4:b7:ac:f4:4a:21:15:0d:27:
cc:37:e0:bc:6b:c5:96:d3:b3:f3:d5:db:ea:a7:56:cc:77:45:
53:07:cd:f7:57:0c:47:60:ec:53:e1:5e:09:c5:c5:98:e2:36:
69:6d:62:e5:e8:7d:5d:48:a1:17:fe:e7:7f:d4:ba:32:75:d6:
e5:d3:eb:c0:c2:63:25:e8:f4:c0:13:0f:b2:34:52:ed:56:c6:
85:00:ce:26:22:5b:e7:35:82:3a:1c:83:81:dd:2d:b6:65:7f:
e2:34:d0:11:20:0a:78:64:59:74:d9:6a:26:da:aa:91:3a:fe:
40:dc:d6:c8:1f:bf:c6:82:ee:8a:c4:4a:68:06:b4:41:ed:b1:
e4:25:c8:3c:21:17:77:2a:61:5d:f9:87:68:c2:59:8b:28:d0:
6c:f3:92:6f:af:07:41:8b:91:17:6a:d8:36:8c:3c:b5:6a:f6:
56:8c:9a:71:50:ec:a5:01:f9:37:1a:22:22:d1:e4:1c:a9:ba:
4b:ba:72:63:d5:b1:31:c3:9c:c0:b3:12:c2:05:b2:89:72:66:
6f:6e:a0:9a:a8:af:3f:85:2a:ad:75:09:5e:f9:c8:0b:73:8b:
28:01:5a:40
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY1ZfPyWhuwAD6mJM9QoJsg0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2OGZlMzVjYzk2MjYzM2EyNzU3YWYxMGEwZTZlOGFiNmQw
MWY0YzkwHhcNMjQwMTMwMDgyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDRlNTIzNjFlNGE1MDQ5MTdlM2RkMzhiNDI3MWE1MDUxZWVjYTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwd4mAOAEqp8Z2yju3RspkDdWaAhk
6/4UskyFCbaYSc/HEqeExMgf86syoLf87OUPO9cvh6EBPxOlTpUQlzknrt6aIDGI
6/IW9pC1TOhCtulZFhOw7gZ3v1v7DsYUsJJ8IQGns3Zjd/hHvcJgtMzRql3mXVwx
5Dea9LkvcomSqImoi5g0XMtHJUJZPQqVu2ngq1wzAl7Vhy/Iv/c35h6/YGvRGclm
zudkqA2xym04xOfPm2zWaCdCOpBSwYIum+5NuDr8axXW70frGuIptC8CBVWl6MR7
0C+lx1uUN1CB1Lz9ua5W7bppM8sYLMwr5uSNzKGzW4wqRVxf2QGNsOF0WQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFC1OUjYeSlBJF+PdOLQnGlBR7spdMB8GA1UdIwQY
MBaAFFaP41zJYmM6J1evEKDm6KttAfTJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVm9falhNbGlZem9uVjY4UW9PYm9xMjBCOU1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC8zN2ViZTYtOGJmZS00YzFmLWExODMt
ODNkNjQ4Zjc5NzQ2LzEvTFU1U05oNUtVRWtYNDkwNHRDY2FVRkh1eWwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC8zN2ViZTYtOGJmZS00YzFmLWExODMtODNkNjQ4Zjc5NzQ2
LzEvVm9falhNbGlZem9uVjY4UW9PYm9xMjBCOU1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBVXdAAwQA
VXdEAwQAVXdHMA0GCSqGSIb3DQEBCwUAA4IBAQC/XctuouBPmlyFhsz8JrCicihx
Ay4/ulfy9wrEt6z0SiEVDSfMN+C8a8WW07Pz1dvqp1bMd0VTB833VwxHYOxT4V4J
xcWY4jZpbWLl6H1dSKEX/ud/1Loyddbl0+vAwmMl6PTAEw+yNFLtVsaFAM4mIlvn
NYI6HIOB3S22ZX/iNNARIAp4ZFl02Wom2qqROv5A3NbIH7/Ggu6KxEpoBrRB7bHk
Jcg8IRd3KmFd+YdowlmLKNBs85JvrwdBi5EXatg2jDy1avZWjJpxUOylAfk3GiIi
0eQcqbpLunJj1bExw5zAsxLCBbKJcmZvbqCaqK8/hSqtdQle+cgLc4soAVpA
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:31:42 2024 by rpki-client on console-ams.rpki-client.org