Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/edb4d3-33c8-45dc-a40e-c85b60fd8c8b/1/laxmDoZvPBdpZ1GNzOLODpBGyYE.roa
File: laxmDoZvPBdpZ1GNzOLODpBGyYE.roa (raw, json)
Hash identifier: xQt0dqPw/nahYuGh5lH9nB9s2RYkm0pQSHJ+1w7VWWk=
Subject key identifier: 95:AC:66:0E:86:6F:3C:17:69:67:51:8D:CC:E2:CE:0E:90:46:C9:81
Certificate issuer: /CN=8e36117135f6b86d0a9e1fa67e04baf5bcd86169
Certificate serial: 018CC4246928CF2584B27DA33E25BED71398
Authority key identifier: 8E:36:11:71:35:F6:B8:6D:0A:9E:1F:A6:7E:04:BA:F5:BC:D8:61:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jjYRcTX2uG0Knh-mfgS69bzYYWk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/edb4d3-33c8-45dc-a40e-c85b60fd8c8b/1/laxmDoZvPBdpZ1GNzOLODpBGyYE.roa
Signing time: Mon 01 Jan 2024 08:29:29 +0000
ROA not before: Mon 01 Jan 2024 08:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200064
IP address blocks: 92.118.252.0/22 maxlen: 24
79.98.216.0/21 maxlen: 24
185.28.140.0/22 maxlen: 24
92.118.172.0/22 maxlen: 22
92.118.172.0/24 maxlen: 24
92.118.174.0/24 maxlen: 24
92.118.173.0/24 maxlen: 24
92.118.175.0/24 maxlen: 24
45.156.40.0/22 maxlen: 24
139.28.56.0/22 maxlen: 24
141.105.96.0/20 maxlen: 24
2a02:2f80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/edb4d3-33c8-45dc-a40e-c85b60fd8c8b/1/jjYRcTX2uG0Knh-mfgS69bzYYWk.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/edb4d3-33c8-45dc-a40e-c85b60fd8c8b/1/jjYRcTX2uG0Knh-mfgS69bzYYWk.mft
rsync://rpki.ripe.net/repository/DEFAULT/jjYRcTX2uG0Knh-mfgS69bzYYWk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 05:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:69:28:cf:25:84:b2:7d:a3:3e:25:be:d7:13:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e36117135f6b86d0a9e1fa67e04baf5bcd86169
Validity
Not Before: Jan 1 08:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=95ac660e866f3c176967518dcce2ce0e9046c981
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:1a:39:d1:bb:cf:57:47:95:af:58:46:dc:8e:
d1:29:5e:bc:5f:25:3c:ed:1d:c1:25:e6:f0:1b:bb:
c4:e7:b1:ff:6a:19:9c:d9:98:df:79:72:1f:14:66:
b8:c1:f8:e8:c0:25:83:ab:48:05:61:25:c4:2c:f7:
c7:8f:ef:72:58:05:a8:1d:d2:b4:4c:2a:78:f4:a7:
34:96:8a:05:dc:0c:65:4a:31:ed:25:15:a5:5c:2f:
40:cc:a8:6a:5c:ab:e1:ef:7a:9c:8c:db:1a:45:f0:
08:7f:32:4c:63:a2:30:4e:75:ab:96:94:be:8e:f8:
fa:11:12:88:30:78:93:46:27:6c:db:7d:72:24:f7:
17:09:4c:79:25:8b:a1:a0:e2:96:c5:14:f0:ff:c8:
a1:de:bb:c7:20:b6:d2:de:4c:06:d4:18:9e:61:2a:
a1:5b:3c:a6:e8:01:0b:fb:f6:bf:41:cf:02:1b:cc:
06:6f:ef:de:7b:1f:d7:cc:99:82:d2:8a:5e:88:64:
8f:02:bc:22:ea:1f:5e:1c:ff:67:99:c8:15:39:df:
56:4c:46:23:dd:f5:5e:8b:87:1c:4f:fb:65:3c:8d:
e1:51:3e:5a:50:ea:26:05:0b:57:88:91:b4:c5:16:
75:5c:7d:fa:6c:b6:1d:9c:73:18:ef:13:27:ec:31:
78:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:AC:66:0E:86:6F:3C:17:69:67:51:8D:CC:E2:CE:0E:90:46:C9:81
X509v3 Authority Key Identifier:
keyid:8E:36:11:71:35:F6:B8:6D:0A:9E:1F:A6:7E:04:BA:F5:BC:D8:61:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jjYRcTX2uG0Knh-mfgS69bzYYWk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/edb4d3-33c8-45dc-a40e-c85b60fd8c8b/1/laxmDoZvPBdpZ1GNzOLODpBGyYE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/edb4d3-33c8-45dc-a40e-c85b60fd8c8b/1/jjYRcTX2uG0Knh-mfgS69bzYYWk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.40.0/22
79.98.216.0/21
92.118.172.0/22
92.118.252.0/22
139.28.56.0/22
141.105.96.0/20
185.28.140.0/22
IPv6:
2a02:2f80::/29
Signature Algorithm: sha256WithRSAEncryption
43:d9:43:ed:72:c2:e8:ef:d9:de:37:f8:8f:14:14:98:42:21:
e0:97:a2:00:92:6d:74:98:96:df:65:3f:93:d9:4b:82:cf:e8:
76:cb:76:f0:bd:b7:e2:e3:8e:84:9d:95:c8:33:eb:38:ea:7f:
66:c5:c1:4a:f0:b0:f8:c8:fe:2d:fd:96:8c:ea:17:8c:eb:fe:
05:0e:e8:dd:bb:6b:4d:79:84:0a:1c:f3:60:f8:2c:a1:ac:a3:
1b:b3:11:c7:89:86:37:5e:df:b1:0a:4f:9c:3c:3f:58:f0:f9:
6d:07:73:db:67:4b:05:8a:42:22:2d:b3:e0:49:7e:84:7a:05:
cb:6e:18:a3:0f:07:59:60:bd:48:d0:ad:18:1f:16:06:f3:a6:
bb:81:0c:3a:fb:26:f4:34:dc:be:e2:4c:fd:f0:63:0a:d0:9d:
d7:7b:a3:bb:8b:15:2a:90:e2:73:4c:aa:bb:97:2e:ac:34:23:
d7:93:90:06:2f:98:c9:81:2b:68:4e:e8:21:45:30:e8:05:69:
56:2f:52:a0:ec:23:df:09:68:0f:09:f1:64:88:c4:85:8b:13:
b0:04:2a:e3:95:d9:bb:da:67:98:09:dc:76:77:21:a3:8b:97:
3b:02:12:c6:28:46:fe:df:8a:b0:cd:35:85:f7:e5:91:b9:07:
d7:e4:0d:8d
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYzEJGkozyWEsn2jPiW+1xOYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlMzYxMTcxMzVmNmI4NmQwYTllMWZhNjdlMDRiYWY1YmNk
ODYxNjkwHhcNMjQwMTAxMDgyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWFjNjYwZTg2NmYzYzE3Njk2NzUxOGRjY2UyY2UwZTkwNDZjOTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApxo50bvPV0eVr1hG3I7RKV68XyU8
7R3BJebwG7vE57H/ahmc2ZjfeXIfFGa4wfjowCWDq0gFYSXELPfHj+9yWAWoHdK0
TCp49Kc0looF3AxlSjHtJRWlXC9AzKhqXKvh73qcjNsaRfAIfzJMY6IwTnWrlpS+
jvj6ERKIMHiTRids231yJPcXCUx5JYuhoOKWxRTw/8ih3rvHILbS3kwG1BieYSqh
Wzym6AEL+/a/Qc8CG8wGb+/eex/XzJmC0opeiGSPArwi6h9eHP9nmcgVOd9WTEYj
3fVei4ccT/tlPI3hUT5aUOomBQtXiJG0xRZ1XH36bLYdnHMY7xMn7DF4qQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFJWsZg6GbzwXaWdRjczizg6QRsmBMB8GA1UdIwQY
MBaAFI42EXE19rhtCp4fpn4EuvW82GFpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvampZUmNUWDJ1RzBLbmgtbWZnUzY5YnpZWVdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS9lZGI0ZDMtMzNjOC00NWRjLWE0MGUt
Yzg1YjYwZmQ4YzhiLzEvbGF4bURvWnZQQmRwWjFHTnpPTE9EcEJHeVlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS9lZGI0ZDMtMzNjOC00NWRjLWE0MGUtYzg1YjYwZmQ4Yzhi
LzEvampZUmNUWDJ1RzBLbmgtbWZnUzY5YnpZWVdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQCLZwoAwQD
T2LYAwQCXHasAwQCXHb8AwQCixw4AwQEjWlgAwQCuRyMMA0EAgACMAcDBQMqAi+A
MA0GCSqGSIb3DQEBCwUAA4IBAQBD2UPtcsLo79neN/iPFBSYQiHgl6IAkm10mJbf
ZT+T2UuCz+h2y3bwvbfi446EnZXIM+s46n9mxcFK8LD4yP4t/ZaM6heM6/4FDujd
u2tNeYQKHPNg+CyhrKMbsxHHiYY3Xt+xCk+cPD9Y8PltB3PbZ0sFikIiLbPgSX6E
egXLbhijDwdZYL1I0K0YHxYG86a7gQw6+yb0NNy+4kz98GMK0J3Xe6O7ixUqkOJz
TKq7ly6sNCPXk5AGL5jJgStoTughRTDoBWlWL1Kg7CPfCWgPCfFkiMSFixOwBCrj
ldm72meYCdx2dyGji5c7AhLGKEb+34qwzTWF9+WRuQfX5A2N
-----END CERTIFICATE-----
Generated at Fri Jun 7 13:02:35 2024 by rpki-client on console-ams.rpki-client.org