Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/lvhW-5gG1d7s0xRuajaOzZcrjmc.roa
File: lvhW-5gG1d7s0xRuajaOzZcrjmc.roa (raw, json)
Hash identifier: wyWBBM7VxY7dUmwGsLkWr3RC9unH4M0ZblDs1miD2Do=
Subject key identifier: 96:F8:56:FB:98:06:D5:DE:EC:D3:14:6E:6A:36:8E:CD:97:2B:8E:67
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 018CC4256F492ADCB9488D9FC3A721BE4AD5
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/lvhW-5gG1d7s0xRuajaOzZcrjmc.roa
Signing time: Mon 01 Jan 2024 08:30:36 +0000
ROA not before: Mon 01 Jan 2024 08:30:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210718
IP address blocks: 2a0b:b87:ff12::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 08:00:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:6f:49:2a:dc:b9:48:8d:9f:c3:a7:21:be:4a:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 1 08:30:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=96f856fb9806d5deecd3146e6a368ecd972b8e67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:c6:bd:ea:dc:96:5d:e7:e2:59:19:1c:41:16:
fe:10:82:7a:af:fe:af:73:a5:61:1f:be:96:79:88:
4f:25:8a:7d:69:8e:88:ae:6d:ab:88:46:3e:4e:b5:
f2:24:19:00:5b:32:b3:cb:e3:64:4a:c3:a7:4e:af:
57:25:63:3d:57:6c:bc:59:17:e2:1c:b9:af:df:4f:
01:1a:e2:b2:e8:66:39:1d:1c:75:38:cc:0f:02:4c:
c5:df:09:14:39:b5:c3:6e:c7:e1:34:a4:c1:d1:80:
8d:14:7d:b9:2b:8f:c5:4c:43:db:2b:11:34:c3:15:
f9:72:6b:cc:2d:00:83:32:b9:60:f2:56:c1:51:4f:
2b:b2:9a:56:dc:91:99:32:2e:96:d0:e7:c8:79:35:
a4:f7:38:0a:b3:c4:51:3e:a4:55:9c:b2:a5:d3:0f:
a7:f5:5b:f4:87:b5:ba:e8:53:bc:a1:66:86:bf:5d:
98:8f:de:bf:bc:2e:e8:da:19:5c:47:48:ce:52:a3:
fb:cd:86:b3:c5:ab:cd:37:3c:29:ca:6c:32:96:ce:
b1:28:13:37:d1:7e:b1:06:d4:44:9a:96:6c:96:55:
74:03:cb:81:7a:0a:9a:a1:eb:94:4d:35:a7:be:21:
85:40:47:30:30:dd:5a:cc:e4:a6:5a:78:8a:b8:d0:
1a:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:F8:56:FB:98:06:D5:DE:EC:D3:14:6E:6A:36:8E:CD:97:2B:8E:67
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/lvhW-5gG1d7s0xRuajaOzZcrjmc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:b87:ff12::/48
Signature Algorithm: sha256WithRSAEncryption
98:4d:3a:91:d6:ac:da:c0:48:75:33:2d:d1:c1:d6:01:f8:79:
f3:11:9e:4f:ee:7e:d7:f4:27:54:91:42:ae:b6:94:1d:0a:e3:
09:9a:b7:d1:59:0f:74:f2:98:fd:b1:5f:38:b9:d7:9c:34:3a:
e2:7b:12:c4:4d:97:35:e4:7d:be:b4:32:90:56:22:37:1e:c8:
41:f2:be:75:93:01:95:1a:6c:13:ea:24:9b:d4:d1:5c:c7:61:
3a:5e:67:f9:f9:70:f2:50:a4:02:90:9c:5c:13:72:16:4f:8d:
9f:75:a8:91:2e:f2:d7:5d:54:43:63:d7:fa:97:c2:a8:d8:94:
6f:c6:20:2e:b7:19:50:20:85:b0:7d:df:48:3d:fc:fe:ad:d4:
ab:2d:26:52:01:92:42:f8:4c:a1:d0:6a:b2:b8:1f:6a:93:b3:
63:7a:81:8e:9e:a7:ed:b7:a7:88:d2:15:f5:ef:73:3d:d1:4e:
63:02:d9:3d:c2:5b:70:77:07:fe:4d:d6:fa:68:41:73:a1:32:
a5:fc:0a:40:1a:5e:09:82:a3:c0:16:47:94:f5:12:f4:1a:1c:
43:64:ed:93:c8:e7:cb:e8:b7:69:5d:6e:ab:ce:d1:0f:ec:88:
e2:eb:31:a9:1e:db:5d:df:fb:e3:a3:7a:cd:79:a5:80:54:47:
7f:39:93:e9
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzEJW9JKty5SI2fw6chvkrVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjQwMTAxMDgzMDM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmY4NTZmYjk4MDZkNWRlZWNkMzE0NmU2YTM2OGVjZDk3MmI4ZTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlMa96tyWXefiWRkcQRb+EIJ6r/6v
c6VhH76WeYhPJYp9aY6Irm2riEY+TrXyJBkAWzKzy+NkSsOnTq9XJWM9V2y8WRfi
HLmv308BGuKy6GY5HRx1OMwPAkzF3wkUObXDbsfhNKTB0YCNFH25K4/FTEPbKxE0
wxX5cmvMLQCDMrlg8lbBUU8rsppW3JGZMi6W0OfIeTWk9zgKs8RRPqRVnLKl0w+n
9Vv0h7W66FO8oWaGv12Yj96/vC7o2hlcR0jOUqP7zYazxavNNzwpymwyls6xKBM3
0X6xBtREmpZsllV0A8uBegqaoeuUTTWnviGFQEcwMN1azOSmWniKuNAaWQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJb4VvuYBtXe7NMUbmo2js2XK45nMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvbHZoVy01Z0cxZDdzMHhSdWFqYU96WmNyam1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgsLh/8S
MA0GCSqGSIb3DQEBCwUAA4IBAQCYTTqR1qzawEh1My3RwdYB+HnzEZ5P7n7X9CdU
kUKutpQdCuMJmrfRWQ908pj9sV84udecNDriexLETZc15H2+tDKQViI3HshB8r51
kwGVGmwT6iSb1NFcx2E6Xmf5+XDyUKQCkJxcE3IWT42fdaiRLvLXXVRDY9f6l8Ko
2JRvxiAutxlQIIWwfd9IPfz+rdSrLSZSAZJC+Eyh0GqyuB9qk7NjeoGOnqftt6eI
0hX173M90U5jAtk9wltwdwf+Tdb6aEFzoTKl/ApAGl4JgqPAFkeU9RL0GhxDZO2T
yOfL6LdpXW6rztEP7Iji6zGpHttd3/vjo3rNeaWAVEd/OZPp
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:40:39 2024 by rpki-client on console-fra.rpki-client.org