Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/2f5ec7-ac2b-4c66-9364-9a61831869ae/1/LKPzTE1hqqd0Z1Ylu5XHzUGQ154.roa
File: LKPzTE1hqqd0Z1Ylu5XHzUGQ154.roa (raw, json)
Hash identifier: O801WZy6lNWM6flq4HLiuhIaASbT6kqfSPwoJoa3RUg=
Subject key identifier: 2C:A3:F3:4C:4D:61:AA:A7:74:67:56:25:BB:95:C7:CD:41:90:D7:9E
Certificate issuer: /CN=6c05cf9c327b2fc877be8b561822b065e09690c2
Certificate serial: 018CC9BCF8B4A43B87305E871E717AD0B79A
Authority key identifier: 6C:05:CF:9C:32:7B:2F:C8:77:BE:8B:56:18:22:B0:65:E0:96:90:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bAXPnDJ7L8h3votWGCKwZeCWkMI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/2f5ec7-ac2b-4c66-9364-9a61831869ae/1/LKPzTE1hqqd0Z1Ylu5XHzUGQ154.roa
Signing time: Tue 02 Jan 2024 10:34:13 +0000
ROA not before: Tue 02 Jan 2024 10:34:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49321
IP address blocks: 194.93.68.0/22 maxlen: 24
185.245.56.0/23 maxlen: 24
2a0d:140::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/2f5ec7-ac2b-4c66-9364-9a61831869ae/1/bAXPnDJ7L8h3votWGCKwZeCWkMI.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/2f5ec7-ac2b-4c66-9364-9a61831869ae/1/bAXPnDJ7L8h3votWGCKwZeCWkMI.mft
rsync://rpki.ripe.net/repository/DEFAULT/bAXPnDJ7L8h3votWGCKwZeCWkMI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:f8:b4:a4:3b:87:30:5e:87:1e:71:7a:d0:b7:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c05cf9c327b2fc877be8b561822b065e09690c2
Validity
Not Before: Jan 2 10:34:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2ca3f34c4d61aaa774675625bb95c7cd4190d79e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:2a:6d:2b:60:b8:27:63:68:e5:60:8e:73:b6:
e2:11:8a:0c:c6:d1:7f:06:0c:4b:93:7d:0e:d2:83:
6f:9c:6f:10:e4:a2:66:46:7e:1c:4d:1b:d5:dc:75:
e3:eb:4b:42:61:e7:f7:c7:83:8a:19:44:06:d5:ac:
26:72:77:bd:be:d8:c5:e1:59:b9:b5:1e:6a:ac:4a:
91:1d:02:ac:26:52:b5:11:ff:1e:12:b9:d5:f3:4d:
ed:bc:f2:4b:34:c1:31:a2:63:03:50:d8:65:e4:58:
ae:d4:cd:c5:a0:84:e8:0c:e3:13:cd:d3:67:b4:7f:
43:98:31:0c:fc:f3:b1:bc:95:67:d5:5c:73:e2:5b:
62:db:76:18:aa:1c:aa:bc:aa:0d:ee:f2:f5:2d:48:
d2:98:8e:c7:a2:96:f8:4e:17:41:19:e1:f3:7b:bc:
03:ad:ed:87:fe:2c:ac:2a:92:db:e1:68:7a:42:1d:
b0:54:2b:c6:79:0a:e6:c8:13:c3:fc:d0:e0:8f:f5:
02:a1:63:ba:04:05:1f:ce:e9:4c:7c:6f:f8:ad:b6:
8f:62:fe:ee:5c:56:ee:ef:b9:f6:ac:6d:31:b9:ca:
23:84:ef:81:ec:02:e6:7f:e0:23:ac:9a:32:53:0c:
0d:ad:4a:e2:ea:01:4d:ad:38:dd:15:9f:e1:2e:e0:
e3:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:A3:F3:4C:4D:61:AA:A7:74:67:56:25:BB:95:C7:CD:41:90:D7:9E
X509v3 Authority Key Identifier:
keyid:6C:05:CF:9C:32:7B:2F:C8:77:BE:8B:56:18:22:B0:65:E0:96:90:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bAXPnDJ7L8h3votWGCKwZeCWkMI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/2f5ec7-ac2b-4c66-9364-9a61831869ae/1/LKPzTE1hqqd0Z1Ylu5XHzUGQ154.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/2f5ec7-ac2b-4c66-9364-9a61831869ae/1/bAXPnDJ7L8h3votWGCKwZeCWkMI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.245.56.0/23
194.93.68.0/22
IPv6:
2a0d:140::/29
Signature Algorithm: sha256WithRSAEncryption
53:e8:74:23:0e:d4:5d:4d:12:08:97:22:00:6e:56:79:3b:e4:
f2:e0:85:60:42:bb:a2:f9:c6:c3:5d:df:5c:9f:ee:52:7e:34:
a9:0b:63:03:ca:aa:d9:35:42:fa:63:ab:11:2e:02:fe:f8:ca:
71:0e:f2:84:85:2c:92:c8:01:76:c6:42:88:59:12:1a:44:33:
f2:26:a1:1f:d4:71:fc:33:3e:24:16:df:45:55:f9:b3:56:46:
87:e8:88:e7:1b:cb:b2:a3:5b:d5:54:8f:2b:ff:ef:ae:d3:f6:
90:af:a3:b9:6a:16:66:d8:24:4e:96:20:79:a4:cf:8c:d2:a8:
59:60:d4:30:47:81:fa:9c:69:b6:95:7a:24:f8:e3:f9:c7:09:
b9:37:59:22:ec:ea:7e:65:3d:3d:cf:0f:d8:72:f1:47:15:74:
90:01:16:f6:67:28:70:b7:4b:36:9f:f2:7b:f8:54:a2:67:77:
49:28:50:c4:01:9d:dc:dd:5e:3c:b2:01:ec:ee:c2:de:bc:8b:
e5:c1:f7:88:e4:ab:2b:3d:71:6f:54:49:f3:ed:54:e4:00:9d:
c2:ed:dc:78:3d:9b:6f:95:aa:46:93:b3:16:1e:75:f3:26:ca:
3b:d4:18:11:8f:46:62:63:76:d5:0e:10:69:d9:c0:e1:94:ab:
80:6f:59:1c
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzJvPi0pDuHMF6HHnF60LeaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjMDVjZjljMzI3YjJmYzg3N2JlOGI1NjE4MjJiMDY1ZTA5
NjkwYzIwHhcNMjQwMTAyMTAzNDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyY2EzZjM0YzRkNjFhYWE3NzQ2NzU2MjViYjk1YzdjZDQxOTBkNzllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtiptK2C4J2No5WCOc7biEYoMxtF/
BgxLk30O0oNvnG8Q5KJmRn4cTRvV3HXj60tCYef3x4OKGUQG1awmcne9vtjF4Vm5
tR5qrEqRHQKsJlK1Ef8eErnV803tvPJLNMExomMDUNhl5Fiu1M3FoIToDOMTzdNn
tH9DmDEM/POxvJVn1Vxz4lti23YYqhyqvKoN7vL1LUjSmI7Hopb4ThdBGeHze7wD
re2H/iysKpLb4Wh6Qh2wVCvGeQrmyBPD/NDgj/UCoWO6BAUfzulMfG/4rbaPYv7u
XFbu77n2rG0xucojhO+B7ALmf+AjrJoyUwwNrUri6gFNrTjdFZ/hLuDj5wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCyj80xNYaqndGdWJbuVx81BkNeeMB8GA1UdIwQY
MBaAFGwFz5wyey/Id76LVhgisGXglpDCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkFYUG5ESjdMOGgzdm90V0dDS3daZUNXa01JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8yZjVlYzctYWMyYi00YzY2LTkzNjQt
OWE2MTgzMTg2OWFlLzEvTEtQelRFMWhxcWQwWjFZbHU1WEh6VUdRMTU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8yZjVlYzctYWMyYi00YzY2LTkzNjQtOWE2MTgzMTg2OWFl
LzEvYkFYUG5ESjdMOGgzdm90V0dDS3daZUNXa01JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBufU4AwQC
wl1EMA0EAgACMAcDBQMqDQFAMA0GCSqGSIb3DQEBCwUAA4IBAQBT6HQjDtRdTRII
lyIAblZ5O+Ty4IVgQrui+cbDXd9cn+5SfjSpC2MDyqrZNUL6Y6sRLgL++MpxDvKE
hSySyAF2xkKIWRIaRDPyJqEf1HH8Mz4kFt9FVfmzVkaH6IjnG8uyo1vVVI8r/++u
0/aQr6O5ahZm2CROliB5pM+M0qhZYNQwR4H6nGm2lXok+OP5xwm5N1ki7Op+ZT09
zw/YcvFHFXSQARb2Zyhwt0s2n/J7+FSiZ3dJKFDEAZ3c3V48sgHs7sLevIvlwfeI
5KsrPXFvVEnz7VTkAJ3C7dx4PZtvlapGk7MWHnXzJso71BgRj0ZiY3bVDhBp2cDh
lKuAb1kc
-----END CERTIFICATE-----
Generated at Sat Jun 1 16:46:18 2024 by rpki-client on console-ams.rpki-client.org