Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/9f8ae2-0fb5-4c04-ad93-4ce477dbb407/1/LPOYGcyMozu6XVbWQO12F9qIwDs.roa
File: LPOYGcyMozu6XVbWQO12F9qIwDs.roa (raw, json)
Hash identifier: 62CKuItStp9z1NjZVBvJFw8GhZqsOnaQSyCbHjsKUeM=
Subject key identifier: 2C:F3:98:19:CC:8C:A3:3B:BA:5D:56:D6:40:ED:76:17:DA:88:C0:3B
Certificate issuer: /CN=7c835498f35199a1571964d855c3877751681ab9
Certificate serial: 018CCA2BA74F72079CFF94C4F493A6AEF171
Authority key identifier: 7C:83:54:98:F3:51:99:A1:57:19:64:D8:55:C3:87:77:51:68:1A:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fINUmPNRmaFXGWTYVcOHd1FoGrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/9f8ae2-0fb5-4c04-ad93-4ce477dbb407/1/LPOYGcyMozu6XVbWQO12F9qIwDs.roa
Signing time: Tue 02 Jan 2024 12:35:07 +0000
ROA not before: Tue 02 Jan 2024 12:35:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29024
IP address blocks: 185.3.48.0/22 maxlen: 22
91.189.40.0/21 maxlen: 21
185.187.252.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/9f8ae2-0fb5-4c04-ad93-4ce477dbb407/1/fINUmPNRmaFXGWTYVcOHd1FoGrk.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/9f8ae2-0fb5-4c04-ad93-4ce477dbb407/1/fINUmPNRmaFXGWTYVcOHd1FoGrk.mft
rsync://rpki.ripe.net/repository/DEFAULT/fINUmPNRmaFXGWTYVcOHd1FoGrk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:a7:4f:72:07:9c:ff:94:c4:f4:93:a6:ae:f1:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c835498f35199a1571964d855c3877751681ab9
Validity
Not Before: Jan 2 12:35:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2cf39819cc8ca33bba5d56d640ed7617da88c03b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:56:a0:c0:cd:38:c7:f3:7f:85:ae:72:74:24:
a0:b8:db:d1:d0:ba:68:0b:17:7f:bc:b8:2f:0f:86:
22:77:e9:54:26:94:34:f3:f5:c2:92:de:68:6b:cf:
73:0d:42:a8:0d:35:4a:6b:a5:c0:90:6c:98:f4:e3:
ff:0f:49:fa:04:d2:7d:ae:02:89:f1:67:89:d3:d9:
12:c4:c4:83:26:aa:00:7e:57:e2:8e:ad:44:fb:5f:
5e:11:e8:13:44:70:a8:90:34:99:f4:a1:af:bd:64:
07:f3:8a:d9:b5:5c:d6:77:a8:ac:57:4a:66:75:11:
aa:61:48:3d:a3:95:b6:ce:f4:a1:ed:7a:2b:bc:67:
49:23:37:14:89:75:15:d9:a4:95:71:88:2f:19:83:
56:08:00:1e:67:4b:cf:7a:ae:3a:4b:fa:22:81:0b:
7c:e0:13:90:af:41:0d:07:12:ad:89:76:e2:de:57:
2b:07:8a:e3:3c:52:aa:71:20:be:58:f9:a7:1b:34:
26:c6:53:32:4f:c3:47:f6:20:18:56:d9:14:8d:1b:
42:f2:a8:db:5a:2f:3c:50:b8:4b:0e:d2:78:67:29:
99:d6:70:70:71:04:e8:e8:55:0b:de:b1:84:9a:82:
30:89:45:99:c8:00:67:5d:c8:b1:d0:c5:8c:2a:e3:
0a:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:F3:98:19:CC:8C:A3:3B:BA:5D:56:D6:40:ED:76:17:DA:88:C0:3B
X509v3 Authority Key Identifier:
keyid:7C:83:54:98:F3:51:99:A1:57:19:64:D8:55:C3:87:77:51:68:1A:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fINUmPNRmaFXGWTYVcOHd1FoGrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/9f8ae2-0fb5-4c04-ad93-4ce477dbb407/1/LPOYGcyMozu6XVbWQO12F9qIwDs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/9f8ae2-0fb5-4c04-ad93-4ce477dbb407/1/fINUmPNRmaFXGWTYVcOHd1FoGrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.189.40.0/21
185.3.48.0/22
185.187.252.0/22
Signature Algorithm: sha256WithRSAEncryption
21:24:bb:6d:70:04:d7:1f:20:65:1d:29:eb:78:65:af:0a:e6:
9d:c8:c8:7d:34:f8:4f:cd:28:7d:b9:b5:22:43:d8:64:48:1a:
82:53:96:f4:7a:a3:4f:46:b1:4f:b8:45:1d:e4:ff:6a:4c:89:
47:e5:38:5e:4a:5c:c8:06:97:3c:c6:81:55:d8:14:b6:5c:d2:
fb:af:e0:12:00:0f:f8:28:a2:04:3c:0f:15:1c:48:9f:f0:18:
5a:45:ed:e5:9e:45:c8:e2:82:db:11:30:e8:e7:2f:5f:8a:5b:
78:1a:9f:d0:ee:75:ac:97:2a:5f:de:59:c2:f1:9d:2b:73:5f:
6d:60:e1:0b:fe:25:33:54:09:ee:5f:e3:9c:b5:fe:1b:1e:63:
c0:f6:b9:aa:d8:15:69:9b:31:a7:95:68:ca:cb:b3:67:40:c3:
30:2f:e3:32:84:b6:55:21:77:ce:79:b4:86:de:94:df:de:60:
46:c1:25:4d:b7:e3:88:3f:d3:dd:d8:bc:cd:a8:6c:ba:b6:a5:
b1:3e:79:ac:cb:04:72:8a:4e:c3:34:90:00:39:1f:51:bb:b2:
ef:18:20:00:2a:84:3b:18:6c:e2:ff:54:6b:a9:3e:34:3a:80:
c1:ac:2c:95:83:28:82:71:a9:80:3a:b6:69:54:ba:94:d6:b7:
96:44:b6:5b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzKK6dPcgec/5TE9JOmrvFxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjODM1NDk4ZjM1MTk5YTE1NzE5NjRkODU1YzM4Nzc3NTE2
ODFhYjkwHhcNMjQwMTAyMTIzNTA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyY2YzOTgxOWNjOGNhMzNiYmE1ZDU2ZDY0MGVkNzYxN2RhODhjMDNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt1agwM04x/N/ha5ydCSguNvR0Lpo
Cxd/vLgvD4Yid+lUJpQ08/XCkt5oa89zDUKoDTVKa6XAkGyY9OP/D0n6BNJ9rgKJ
8WeJ09kSxMSDJqoAflfijq1E+19eEegTRHCokDSZ9KGvvWQH84rZtVzWd6isV0pm
dRGqYUg9o5W2zvSh7XorvGdJIzcUiXUV2aSVcYgvGYNWCAAeZ0vPeq46S/oigQt8
4BOQr0ENBxKtiXbi3lcrB4rjPFKqcSC+WPmnGzQmxlMyT8NH9iAYVtkUjRtC8qjb
Wi88ULhLDtJ4ZymZ1nBwcQTo6FUL3rGEmoIwiUWZyABnXcix0MWMKuMKgQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCzzmBnMjKM7ul1W1kDtdhfaiMA7MB8GA1UdIwQY
MBaAFHyDVJjzUZmhVxlk2FXDh3dRaBq5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZklOVW1QTlJtYUZYR1dUWVZjT0hkMUZvR3JrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy85ZjhhZTItMGZiNS00YzA0LWFkOTMt
NGNlNDc3ZGJiNDA3LzEvTFBPWUdjeU1venU2WFZiV1FPMTJGOXFJd0RzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy85ZjhhZTItMGZiNS00YzA0LWFkOTMtNGNlNDc3ZGJiNDA3
LzEvZklOVW1QTlJtYUZYR1dUWVZjT0hkMUZvR3JrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDW70oAwQC
uQMwAwQCubv8MA0GCSqGSIb3DQEBCwUAA4IBAQAhJLttcATXHyBlHSnreGWvCuad
yMh9NPhPzSh9ubUiQ9hkSBqCU5b0eqNPRrFPuEUd5P9qTIlH5TheSlzIBpc8xoFV
2BS2XNL7r+ASAA/4KKIEPA8VHEif8BhaRe3lnkXI4oLbETDo5y9filt4Gp/Q7nWs
lypf3lnC8Z0rc19tYOEL/iUzVAnuX+Octf4bHmPA9rmq2BVpmzGnlWjKy7NnQMMw
L+MyhLZVIXfOebSG3pTf3mBGwSVNt+OIP9Pd2LzNqGy6tqWxPnmsywRyik7DNJAA
OR9Ru7LvGCAAKoQ7GGzi/1RrqT40OoDBrCyVgyiCcamAOrZpVLqU1reWRLZb
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:35:49 2024 by rpki-client on console-fra.rpki-client.org