Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/9f9590-7f0a-41b3-ac4f-efd14db957fb/1/LnEWAWj4Yy9N55JR0PrHPHtohI0.roa
File: LnEWAWj4Yy9N55JR0PrHPHtohI0.roa (raw, json)
Hash identifier: uQel0tuF0dJaXAR1VdM4KKeAu8Lltat4RXh/DVARb6c=
Subject key identifier: 2E:71:16:01:68:F8:63:2F:4D:E7:92:51:D0:FA:C7:3C:7B:68:84:8D
Certificate issuer: /CN=f9856d674f0e9dbf6012d5b5d3d96b43afd76473
Certificate serial: 018CC64B3EA1EB61D96DFDAF142C79EE5BCC
Authority key identifier: F9:85:6D:67:4F:0E:9D:BF:60:12:D5:B5:D3:D9:6B:43:AF:D7:64:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-YVtZ08Onb9gEtW109lrQ6_XZHM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/9f9590-7f0a-41b3-ac4f-efd14db957fb/1/LnEWAWj4Yy9N55JR0PrHPHtohI0.roa
Signing time: Mon 01 Jan 2024 18:31:09 +0000
ROA not before: Mon 01 Jan 2024 18:31:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39159
IP address blocks: 213.8.65.0/24 maxlen: 24
81.5.20.0/24 maxlen: 24
212.199.62.0/24 maxlen: 24
213.8.151.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0a/9f9590-7f0a-41b3-ac4f-efd14db957fb/1/1-YVtZ08Onb9gEtW109lrQ6_XZHM.crl
rsync://rpki.ripe.net/repository/DEFAULT/0a/9f9590-7f0a-41b3-ac4f-efd14db957fb/1/1-YVtZ08Onb9gEtW109lrQ6_XZHM.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-YVtZ08Onb9gEtW109lrQ6_XZHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 04:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:3e:a1:eb:61:d9:6d:fd:af:14:2c:79:ee:5b:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f9856d674f0e9dbf6012d5b5d3d96b43afd76473
Validity
Not Before: Jan 1 18:31:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2e71160168f8632f4de79251d0fac73c7b68848d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:67:0c:d6:a6:35:31:22:4b:dd:d5:95:35:c2:
5f:af:5b:2f:3d:5c:37:fd:42:03:ae:3c:1f:47:18:
92:66:b6:1d:ec:a1:2e:21:04:26:0f:43:12:c7:55:
80:2a:a6:94:07:87:c6:e1:dc:2b:62:b3:11:86:b2:
7a:31:5d:e0:52:99:03:54:a6:90:b1:36:7c:49:07:
f6:3a:45:46:2b:15:90:c2:a2:a7:6a:e3:49:e2:31:
44:15:91:33:12:7a:05:fc:1a:01:9e:78:6a:11:e4:
fd:05:70:5d:76:b3:df:09:7a:63:95:d0:67:6b:89:
8f:b8:b1:73:97:59:4a:54:17:33:59:04:62:65:87:
18:37:e3:72:42:fc:c6:27:a3:8b:20:b2:3e:11:64:
f4:83:f9:c8:a5:73:d4:54:b5:7b:b8:b9:b7:6e:99:
d6:4c:0e:f1:e4:86:8c:1a:62:b2:a7:71:ad:3d:d5:
bf:90:2a:5b:94:50:8c:f8:05:15:e0:47:f5:12:45:
1c:67:92:16:19:36:ab:89:e7:f5:1c:f1:1e:bf:f4:
71:c0:b7:cb:ce:1a:b0:f3:f8:59:c2:98:42:f3:cf:
ef:24:09:08:07:ef:46:f4:5e:d5:e7:be:82:1f:1a:
34:02:a5:ab:e3:54:22:77:51:11:3b:fb:fe:11:c9:
81:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:71:16:01:68:F8:63:2F:4D:E7:92:51:D0:FA:C7:3C:7B:68:84:8D
X509v3 Authority Key Identifier:
keyid:F9:85:6D:67:4F:0E:9D:BF:60:12:D5:B5:D3:D9:6B:43:AF:D7:64:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-YVtZ08Onb9gEtW109lrQ6_XZHM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/9f9590-7f0a-41b3-ac4f-efd14db957fb/1/LnEWAWj4Yy9N55JR0PrHPHtohI0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/9f9590-7f0a-41b3-ac4f-efd14db957fb/1/1-YVtZ08Onb9gEtW109lrQ6_XZHM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.5.20.0/24
212.199.62.0/24
213.8.65.0/24
213.8.151.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:bd:6d:47:9e:b8:de:e2:db:4a:80:c7:94:00:cf:7f:7a:c3:
32:3d:74:2d:d4:e5:d7:14:e4:d3:ac:9f:f8:d7:3c:47:d2:c2:
a4:81:4c:23:33:6d:d4:06:be:d7:75:a3:50:bc:d2:ed:76:e3:
59:1a:f3:a1:d0:ba:76:35:8b:58:10:5a:49:b9:f9:ee:85:a1:
c5:7b:1b:dc:92:3e:05:51:b9:44:bb:04:d5:dc:30:22:fe:4a:
86:09:6b:21:8d:0b:4c:55:f7:a4:18:5f:2c:b8:ce:f4:d9:66:
3d:3c:e3:30:1e:44:57:b4:bc:da:39:f9:e9:d7:54:96:5f:a5:
d5:5f:cb:48:05:c3:f9:fb:60:11:2d:77:03:84:9e:3b:ff:03:
d5:70:e5:79:b0:cc:11:39:a8:ee:f6:32:24:c6:0f:18:f0:16:
0b:36:1a:91:52:55:3a:3f:31:f1:18:86:be:af:33:4d:b3:42:
ed:65:0e:25:58:5b:89:e7:fa:81:19:c1:36:81:bb:84:1e:63:
48:65:e3:99:53:6f:95:69:12:b2:52:a1:af:a6:3f:2a:50:1a:
2f:64:9b:28:d2:92:c3:24:3f:b4:40:b9:8a:86:77:75:49:2a:
f9:04:46:8a:30:87:53:2d:f7:d8:fc:a5:27:53:94:74:19:21:
e3:b2:92:26
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzGSz6h62HZbf2vFCx57lvMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5ODU2ZDY3NGYwZTlkYmY2MDEyZDViNWQzZDk2YjQzYWZk
NzY0NzMwHhcNMjQwMTAxMTgzMTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTcxMTYwMTY4Zjg2MzJmNGRlNzkyNTFkMGZhYzczYzdiNjg4NDhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg2cM1qY1MSJL3dWVNcJfr1svPVw3
/UIDrjwfRxiSZrYd7KEuIQQmD0MSx1WAKqaUB4fG4dwrYrMRhrJ6MV3gUpkDVKaQ
sTZ8SQf2OkVGKxWQwqKnauNJ4jFEFZEzEnoF/BoBnnhqEeT9BXBddrPfCXpjldBn
a4mPuLFzl1lKVBczWQRiZYcYN+NyQvzGJ6OLILI+EWT0g/nIpXPUVLV7uLm3bpnW
TA7x5IaMGmKyp3GtPdW/kCpblFCM+AUV4Ef1EkUcZ5IWGTarief1HPEev/RxwLfL
zhqw8/hZwphC88/vJAkIB+9G9F7V576CHxo0AqWr41Qid1ERO/v+EcmBvwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFC5xFgFo+GMvTeeSUdD6xzx7aISNMB8GA1UdIwQY
MBaAFPmFbWdPDp2/YBLVtdPZa0Ov12RzMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1ZVnRaMDhPbmI5Z0V0VzEwOWxyUTZfWFpITS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGEvOWY5NTkwLTdmMGEtNDFiMy1hYzRm
LWVmZDE0ZGI5NTdmYi8xL0xuRVdBV2o0WXk5TjU1SlIwUHJIUEh0b2hJMC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMGEvOWY5NTkwLTdmMGEtNDFiMy1hYzRmLWVmZDE0ZGI5NTdm
Yi8xLzEtWVZ0WjA4T25iOWdFdFcxMDlsclE2X1haSE0uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBABRBRQD
BADUxz4DBADVCEEDBADVCJcwDQYJKoZIhvcNAQELBQADggEBAI+9bUeeuN7i20qA
x5QAz396wzI9dC3U5dcU5NOsn/jXPEfSwqSBTCMzbdQGvtd1o1C80u1241ka86HQ
unY1i1gQWkm5+e6FocV7G9ySPgVRuUS7BNXcMCL+SoYJayGNC0xV96QYXyy4zvTZ
Zj084zAeRFe0vNo5+enXVJZfpdVfy0gFw/n7YBEtdwOEnjv/A9Vw5XmwzBE5qO72
MiTGDxjwFgs2GpFSVTo/MfEYhr6vM02zQu1lDiVYW4nn+oEZwTaBu4QeY0hl45lT
b5VpErJSoa+mPypQGi9kmyjSksMkP7RAuYqGd3VJKvkERoowh1Mt99j8pSdTlHQZ
IeOykiY=
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:51:45 2024 by rpki-client on console-fra.rpki-client.org