Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/lbAswIuihNwA0R4ylOFQfi9Y6zM.roa
File: lbAswIuihNwA0R4ylOFQfi9Y6zM.roa (raw, json)
Hash identifier: oyih1RQHCrGPNvy9uIogUltA0JC+KddA7jV8PiQbMNQ=
Subject key identifier: 95:B0:2C:C0:8B:A2:84:DC:00:D1:1E:32:94:E1:50:7E:2F:58:EB:33
Certificate issuer: /CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Certificate serial: 018CC649E5CB59C52EF7125A76698F8DBB10
Authority key identifier: 05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/lbAswIuihNwA0R4ylOFQfi9Y6zM.roa
Signing time: Mon 01 Jan 2024 18:29:40 +0000
ROA not before: Mon 01 Jan 2024 18:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197897
IP address blocks: 88.203.249.0/24 maxlen: 24
88.203.250.0/24 maxlen: 24
88.203.248.0/24 maxlen: 24
88.203.251.0/24 maxlen: 24
88.203.248.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.mft
rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 05:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:49:e5:cb:59:c5:2e:f7:12:5a:76:69:8f:8d:bb:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Validity
Not Before: Jan 1 18:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=95b02cc08ba284dc00d11e3294e1507e2f58eb33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:a8:5a:8c:dd:fd:10:06:ed:20:a9:29:36:53:
b4:33:e1:71:38:12:1c:d8:8b:ae:48:2a:12:0a:7a:
52:df:f5:23:a3:a0:65:19:d3:ea:ab:7e:ac:08:d1:
b3:f7:09:57:b3:04:c6:5a:c6:da:1a:77:c9:d9:ac:
5d:bb:92:96:9c:67:d5:9f:57:ee:36:55:3a:06:cc:
ba:a2:92:1d:75:2e:94:2c:16:cc:3c:a9:88:11:e4:
ec:4d:13:09:e7:7b:d8:b5:7a:d4:15:5f:67:83:ca:
19:2c:7c:2e:9f:f7:01:46:ed:57:06:36:ba:78:9d:
21:0f:bc:45:ff:0a:42:d6:a9:dc:e0:bb:13:6a:9b:
eb:00:31:f6:9d:02:56:5a:60:50:19:aa:f2:d9:28:
ef:43:7f:a5:e9:47:c1:d8:e6:11:dc:34:6c:89:92:
1b:4b:2c:10:8f:d5:ed:b5:bf:1b:54:52:53:28:18:
fb:f9:b1:29:ee:ba:2f:e5:19:04:75:4b:88:d2:63:
5b:b1:0c:58:df:b5:28:fb:f3:cf:05:a5:fd:8e:67:
7d:99:03:ff:87:a3:43:27:4a:f1:36:8c:16:12:82:
4c:4c:93:ac:b5:ad:60:06:a8:3f:60:21:2a:f0:26:
cc:cd:35:8d:d3:f6:a4:29:19:a9:40:f6:12:47:c5:
65:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:B0:2C:C0:8B:A2:84:DC:00:D1:1E:32:94:E1:50:7E:2F:58:EB:33
X509v3 Authority Key Identifier:
keyid:05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/lbAswIuihNwA0R4ylOFQfi9Y6zM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.203.248.0/22
Signature Algorithm: sha256WithRSAEncryption
55:0d:1e:af:ba:d4:b7:d4:c1:45:dd:0b:6d:c9:a3:3f:0a:36:
eb:4f:56:bd:83:cb:8a:e6:5e:a6:11:53:c8:11:f7:ba:27:10:
77:70:3b:58:d4:c4:bd:c4:12:f2:a2:4a:1f:ea:55:b0:ec:9b:
e3:1c:8e:87:b3:f1:5d:4c:78:9a:9a:8f:a6:a3:c9:bd:a8:42:
fe:1c:51:22:2a:98:76:86:04:2e:b4:16:ae:6a:35:58:4b:11:
b2:d6:8a:1a:82:c1:94:29:c4:d9:ab:55:18:82:da:68:71:cd:
80:49:47:6f:e1:3e:e9:25:be:09:90:16:f2:69:69:9a:e8:2a:
81:1d:a3:08:82:24:fa:af:28:d0:e3:9b:dc:f2:20:90:c2:36:
16:43:a9:53:de:07:2a:00:4d:2a:64:d4:dc:26:18:c1:02:3d:
e7:93:cb:1e:6f:0c:59:e1:00:b8:68:cf:55:9b:87:bb:2b:c8:
09:90:fb:14:6c:3e:35:ca:9b:85:cc:38:8b:d8:85:35:bd:c0:
f4:04:ac:ac:8d:fd:9a:6e:fd:90:5c:de:83:57:05:d2:db:7f:
06:2d:59:64:75:9a:55:dd:af:75:da:72:4f:55:57:e7:c5:66:
db:8a:eb:e8:ea:f9:76:83:f3:81:91:60:f0:6d:f8:6e:2d:18:
e5:55:7d:3f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSeXLWcUu9xJadmmPjbsQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NDhjZWRmMTcwMjllZDk4YTEwODExM2M2YzEwOWVjYWNj
ZDgyZWMwHhcNMjQwMTAxMTgyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWIwMmNjMDhiYTI4NGRjMDBkMTFlMzI5NGUxNTA3ZTJmNThlYjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiahajN39EAbtIKkpNlO0M+FxOBIc
2IuuSCoSCnpS3/Ujo6BlGdPqq36sCNGz9wlXswTGWsbaGnfJ2axdu5KWnGfVn1fu
NlU6Bsy6opIddS6ULBbMPKmIEeTsTRMJ53vYtXrUFV9ng8oZLHwun/cBRu1XBja6
eJ0hD7xF/wpC1qnc4LsTapvrADH2nQJWWmBQGary2SjvQ3+l6UfB2OYR3DRsiZIb
SywQj9Xttb8bVFJTKBj7+bEp7rov5RkEdUuI0mNbsQxY37Uo+/PPBaX9jmd9mQP/
h6NDJ0rxNowWEoJMTJOsta1gBqg/YCEq8CbMzTWN0/akKRmpQPYSR8Vl3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJWwLMCLooTcANEeMpThUH4vWOszMB8GA1UdIwQY
MBaAFAVIzt8XAp7ZihCBE8bBCeyszYLsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAt
N2ZiYmFlNmY5NDM3LzEvbGJBc3dJdWloTndBMFI0eWxPRlFmaTlZNnpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAtN2ZiYmFlNmY5NDM3
LzEvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWMv4MA0G
CSqGSIb3DQEBCwUAA4IBAQBVDR6vutS31MFF3QttyaM/CjbrT1a9g8uK5l6mEVPI
Efe6JxB3cDtY1MS9xBLyokof6lWw7JvjHI6Hs/FdTHiamo+mo8m9qEL+HFEiKph2
hgQutBauajVYSxGy1ooagsGUKcTZq1UYgtpocc2ASUdv4T7pJb4JkBbyaWma6CqB
HaMIgiT6ryjQ45vc8iCQwjYWQ6lT3gcqAE0qZNTcJhjBAj3nk8sebwxZ4QC4aM9V
m4e7K8gJkPsUbD41ypuFzDiL2IU1vcD0BKysjf2abv2QXN6DVwXS238GLVlkdZpV
3a912nJPVVfnxWbbiuvo6vl2g/OBkWDwbfhuLRjlVX0/
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:39:05 2024 by rpki-client on console-fra.rpki-client.org