Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/17cc4a-292c-4d50-8d3e-f5b97c0f0f24/1/Lhp5h20BeVNgzdpV3oZtU0U74Hw.roa
File: Lhp5h20BeVNgzdpV3oZtU0U74Hw.roa (raw, json)
Hash identifier: 9TF5OwHLkOPq24bDn1r3IZB4+7hRCdG0OjvClob1+co=
Subject key identifier: 2E:1A:79:87:6D:01:79:53:60:CD:DA:55:DE:86:6D:53:45:3B:E0:7C
Certificate issuer: /CN=f5bba55e1f0bf8613ea9bbbe297a281b3c838180
Certificate serial: 018CC26D28E9D0C2A29172BD0BF56EC519FE
Authority key identifier: F5:BB:A5:5E:1F:0B:F8:61:3E:A9:BB:BE:29:7A:28:1B:3C:83:81:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9bulXh8L-GE-qbu-KXooGzyDgYA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/17cc4a-292c-4d50-8d3e-f5b97c0f0f24/1/Lhp5h20BeVNgzdpV3oZtU0U74Hw.roa
Signing time: Mon 01 Jan 2024 00:29:42 +0000
ROA not before: Mon 01 Jan 2024 00:29:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12593
IP address blocks: 185.151.104.0/22 maxlen: 22
94.176.196.0/22 maxlen: 22
94.125.120.0/21 maxlen: 21
212.90.160.0/19 maxlen: 19
2a04:42c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/17cc4a-292c-4d50-8d3e-f5b97c0f0f24/1/9bulXh8L-GE-qbu-KXooGzyDgYA.crl
rsync://rpki.ripe.net/repository/DEFAULT/0f/17cc4a-292c-4d50-8d3e-f5b97c0f0f24/1/9bulXh8L-GE-qbu-KXooGzyDgYA.mft
rsync://rpki.ripe.net/repository/DEFAULT/9bulXh8L-GE-qbu-KXooGzyDgYA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 02 Jul 2024 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:28:e9:d0:c2:a2:91:72:bd:0b:f5:6e:c5:19:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5bba55e1f0bf8613ea9bbbe297a281b3c838180
Validity
Not Before: Jan 1 00:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2e1a79876d01795360cdda55de866d53453be07c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:ca:2d:d0:10:6d:fa:8c:9c:3e:53:38:c4:c3:
c6:be:b0:c5:90:d9:e8:6a:9c:14:99:42:42:06:13:
db:55:5d:82:08:b8:a8:90:36:88:88:3c:e2:f6:1e:
fe:b4:f5:2f:3a:3b:7b:03:38:65:6d:8d:0e:9b:43:
95:d2:a8:d0:70:2c:f3:68:0f:03:b8:c3:c8:d0:5d:
50:d8:1e:84:9b:09:63:6f:02:c1:12:13:29:6b:6a:
07:70:c8:6c:0c:5b:02:b8:57:cb:c7:68:05:7d:06:
2d:c7:6f:45:1c:0d:ef:4e:38:a5:cc:fd:73:3d:49:
df:6e:0f:a5:84:5a:96:6f:fd:6f:d6:b7:89:2c:8c:
9a:1a:44:1f:91:a1:94:da:64:24:49:15:5b:53:30:
bf:31:82:19:aa:84:1c:1f:6b:a4:32:8a:eb:c8:00:
2f:05:5e:35:d8:ff:0e:57:66:a8:e9:b2:39:8e:6e:
fe:88:43:44:06:5f:bc:f5:64:be:53:e6:79:eb:72:
23:77:6b:08:d6:b1:69:35:6e:7f:87:d8:08:79:03:
02:6d:4e:3a:f6:11:0a:ea:55:ec:ee:60:03:aa:0e:
25:09:ba:98:a7:78:2f:a1:c8:47:b3:72:a2:13:b6:
c1:e7:5e:33:eb:94:4f:83:21:71:08:9c:65:c4:0b:
90:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:1A:79:87:6D:01:79:53:60:CD:DA:55:DE:86:6D:53:45:3B:E0:7C
X509v3 Authority Key Identifier:
keyid:F5:BB:A5:5E:1F:0B:F8:61:3E:A9:BB:BE:29:7A:28:1B:3C:83:81:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9bulXh8L-GE-qbu-KXooGzyDgYA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/17cc4a-292c-4d50-8d3e-f5b97c0f0f24/1/Lhp5h20BeVNgzdpV3oZtU0U74Hw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/17cc4a-292c-4d50-8d3e-f5b97c0f0f24/1/9bulXh8L-GE-qbu-KXooGzyDgYA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.125.120.0/21
94.176.196.0/22
185.151.104.0/22
212.90.160.0/19
IPv6:
2a04:42c0::/29
Signature Algorithm: sha256WithRSAEncryption
bd:58:ab:0e:4b:55:2f:0f:ae:b8:7a:39:98:fd:7c:fc:af:b0:
33:76:ec:cc:42:cc:b0:7d:60:d6:eb:68:e3:a2:f1:29:17:7e:
eb:32:06:93:52:eb:53:12:81:74:83:ce:c5:ed:28:24:33:77:
14:b4:47:1d:c5:6c:f2:0c:55:8f:3b:ab:6b:34:69:ea:30:2c:
b2:78:86:64:39:45:ac:fa:55:99:c5:7e:1f:1b:6e:ce:9a:68:
7c:4a:b8:32:62:0f:cf:3e:de:4b:59:fe:52:80:a0:69:62:53:
6d:b9:d3:78:cb:4b:05:db:fe:7a:f8:6d:93:14:eb:26:31:66:
ee:cf:e5:7e:ff:63:f0:2e:77:d9:8f:71:4f:36:74:45:19:84:
f5:80:51:ed:07:4a:65:6f:67:fa:cc:90:55:1f:ce:bd:36:84:
a4:a1:db:19:37:d7:ce:e0:57:e9:b2:ca:1b:01:20:68:b3:41:
08:eb:3c:02:e3:34:fa:56:ed:93:02:5a:b9:96:45:93:a1:db:
d4:04:18:6d:40:b3:ec:62:50:9e:51:a1:0b:b1:86:a2:e9:b6:
4b:16:ba:f7:7e:e3:b9:8b:21:c7:4d:a7:57:e0:00:48:ed:db:
f4:4b:cd:04:3c:5e:3f:a9:f7:6d:6e:5a:09:73:38:a3:90:55:
02:1a:b4:b6
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzCbSjp0MKikXK9C/VuxRn+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1YmJhNTVlMWYwYmY4NjEzZWE5YmJiZTI5N2EyODFiM2M4
MzgxODAwHhcNMjQwMTAxMDAyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTFhNzk4NzZkMDE3OTUzNjBjZGRhNTVkZTg2NmQ1MzQ1M2JlMDdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhMot0BBt+oycPlM4xMPGvrDFkNno
apwUmUJCBhPbVV2CCLiokDaIiDzi9h7+tPUvOjt7AzhlbY0Om0OV0qjQcCzzaA8D
uMPI0F1Q2B6EmwljbwLBEhMpa2oHcMhsDFsCuFfLx2gFfQYtx29FHA3vTjilzP1z
PUnfbg+lhFqWb/1v1reJLIyaGkQfkaGU2mQkSRVbUzC/MYIZqoQcH2ukMorryAAv
BV412P8OV2ao6bI5jm7+iENEBl+89WS+U+Z563Ijd2sI1rFpNW5/h9gIeQMCbU46
9hEK6lXs7mADqg4lCbqYp3gvochHs3KiE7bB514z65RPgyFxCJxlxAuQbQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFC4aeYdtAXlTYM3aVd6GbVNFO+B8MB8GA1UdIwQY
MBaAFPW7pV4fC/hhPqm7vil6KBs8g4GAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWJ1bFhoOEwtR0UtcWJ1LUtYb29HenlEZ1lBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8xN2NjNGEtMjkyYy00ZDUwLThkM2Ut
ZjViOTdjMGYwZjI0LzEvTGhwNWgyMEJlVk5nemRwVjNvWnRVMFU3NEh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8xN2NjNGEtMjkyYy00ZDUwLThkM2UtZjViOTdjMGYwZjI0
LzEvOWJ1bFhoOEwtR0UtcWJ1LUtYb29HenlEZ1lBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDXn14AwQC
XrDEAwQCuZdoAwQF1FqgMA0EAgACMAcDBQMqBELAMA0GCSqGSIb3DQEBCwUAA4IB
AQC9WKsOS1UvD664ejmY/Xz8r7AzduzMQsywfWDW62jjovEpF37rMgaTUutTEoF0
g87F7SgkM3cUtEcdxWzyDFWPO6trNGnqMCyyeIZkOUWs+lWZxX4fG27Ommh8Srgy
Yg/PPt5LWf5SgKBpYlNtudN4y0sF2/56+G2TFOsmMWbuz+V+/2PwLnfZj3FPNnRF
GYT1gFHtB0plb2f6zJBVH869NoSkodsZN9fO4FfpssobASBos0EI6zwC4zT6Vu2T
Alq5lkWTodvUBBhtQLPsYlCeUaELsYai6bZLFrr3fuO5iyHHTadX4ABI7dv0S80E
PF4/qfdtbloJczijkFUCGrS2
-----END CERTIFICATE-----
Generated at Mon Jul 1 15:53:18 2024 by rpki-client on console-ams.rpki-client.org