Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/LS624u-GFxxou4nDhgd_AwPtpk0.roa
File: LS624u-GFxxou4nDhgd_AwPtpk0.roa (raw, json)
Hash identifier: 02XFaeUhBYxa91kOuOirY1IjvJix1ATkQrYmQugwFtQ=
Subject key identifier: 2D:2E:B6:E2:EF:86:17:1C:68:BB:89:C3:86:07:7F:03:03:ED:A6:4D
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 018CCA295E50EBC6EC058CDFA7F6FFD64BC0
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/LS624u-GFxxou4nDhgd_AwPtpk0.roa
Signing time: Tue 02 Jan 2024 12:32:37 +0000
ROA not before: Tue 02 Jan 2024 12:32:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206477
IP address blocks: 2a0e:8f02:f02e::/48 maxlen: 48
2a0e:8f02:f02b::/48 maxlen: 48
2a0e:8f02:f02d::/48 maxlen: 48
2a0e:8f02:f02c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.mft
rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 04:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:5e:50:eb:c6:ec:05:8c:df:a7:f6:ff:d6:4b:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 2 12:32:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2d2eb6e2ef86171c68bb89c386077f0303eda64d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:31:fb:f5:57:2e:b6:90:e1:7f:39:26:ca:90:
0e:4e:3b:a3:45:3e:53:1e:f6:32:e7:d1:d0:ad:9b:
7f:22:7d:83:19:f2:12:fb:6f:bb:4b:70:9b:88:35:
a8:41:0e:73:67:3d:3b:3d:95:f4:91:6b:e0:34:f3:
ec:c1:2e:64:d0:6f:0d:43:55:67:46:0e:0a:cd:eb:
8d:30:db:22:fb:35:a6:f6:7b:c3:d7:69:d6:4f:bf:
09:77:d1:b1:ad:29:86:73:f6:b5:91:ae:e7:7d:7f:
ec:4c:7a:e5:d2:0f:dc:b6:5f:10:4b:31:2f:b4:62:
32:94:a0:bd:58:b2:ea:7b:2c:6f:2f:76:3f:b8:a3:
3c:c6:70:d3:09:c5:a9:ad:66:a4:36:85:d9:31:fd:
9c:11:69:f1:d0:08:83:36:4d:fc:f8:0a:4b:ee:2b:
88:51:ca:af:7b:35:9e:c7:58:2e:70:25:43:fb:a6:
f0:ad:a7:87:ba:24:e6:0b:d7:c3:6a:cf:14:d8:0b:
c8:86:7e:77:52:ca:f2:75:b9:17:b7:81:53:19:b8:
b8:0f:16:6f:38:6d:03:7a:d3:ba:31:b3:46:c5:f7:
dd:8d:94:16:be:dd:a2:6f:50:51:90:fd:2a:d8:73:
66:0a:6e:81:f5:8c:d9:02:ba:a0:f0:a2:9a:54:a5:
fe:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:2E:B6:E2:EF:86:17:1C:68:BB:89:C3:86:07:7F:03:03:ED:A6:4D
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/LS624u-GFxxou4nDhgd_AwPtpk0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:f02b::-2a0e:8f02:f02e:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
11:30:54:06:d7:ec:03:04:9a:ff:c1:55:e0:d3:03:a8:e0:6d:
69:81:ff:09:2a:9a:9c:52:5c:49:12:03:95:c5:8e:4b:fe:e6:
66:9c:e7:3c:c7:fd:b6:25:a2:46:0e:84:42:1a:3c:85:5b:1c:
89:f9:1f:7d:d0:bd:dc:2c:56:70:e1:4b:04:41:29:3c:f3:bb:
2d:32:8b:f2:54:c2:f9:a2:e4:36:ee:61:8a:f2:16:f5:21:93:
d3:1b:25:2b:34:9f:35:52:bf:cd:fb:f4:f4:bb:5e:93:47:83:
b7:24:61:f6:e4:ed:4d:e5:85:48:36:2f:79:1b:99:c8:b2:ec:
b6:76:a7:51:14:4d:72:60:18:84:b7:f4:6e:57:1a:ec:6f:60:
af:f9:9e:3f:0e:14:e7:47:99:8f:39:38:08:16:9b:5a:fe:79:
29:68:d5:28:a5:69:99:e1:92:fa:a5:a4:64:9d:a6:4e:01:5d:
5f:cf:72:69:46:aa:c9:5d:7d:a0:e8:70:ab:72:6d:1d:43:ae:
1e:4d:55:8e:5f:11:4a:72:19:86:0a:52:b7:d7:93:99:db:6b:
4c:aa:fd:d9:7d:ec:85:14:8a:e0:f4:a2:94:2d:f6:91:65:c5:
4b:b6:c4:7b:46:34:5a:3e:81:1b:8c:03:9c:e7:6d:e3:88:2e:
b2:3b:41:8f
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzKKV5Q68bsBYzfp/b/1kvAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjQwMTAyMTIzMjM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDJlYjZlMmVmODYxNzFjNjhiYjg5YzM4NjA3N2YwMzAzZWRhNjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6TH79VcutpDhfzkmypAOTjujRT5T
HvYy59HQrZt/In2DGfIS+2+7S3CbiDWoQQ5zZz07PZX0kWvgNPPswS5k0G8NQ1Vn
Rg4KzeuNMNsi+zWm9nvD12nWT78Jd9GxrSmGc/a1ka7nfX/sTHrl0g/ctl8QSzEv
tGIylKC9WLLqeyxvL3Y/uKM8xnDTCcWprWakNoXZMf2cEWnx0AiDNk38+ApL7iuI
UcqvezWex1gucCVD+6bwraeHuiTmC9fDas8U2AvIhn53UsrydbkXt4FTGbi4DxZv
OG0DetO6MbNGxffdjZQWvt2ib1BRkP0q2HNmCm6B9YzZArqg8KKaVKX+jQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFC0utuLvhhccaLuJw4YHfwMD7aZNMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvTFM2MjR1LUdGeHhvdTRuRGhnZF9Bd1B0cGswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwAqDo8C
8CsDBwAqDo8C8C4wDQYJKoZIhvcNAQELBQADggEBABEwVAbX7AMEmv/BVeDTA6jg
bWmB/wkqmpxSXEkSA5XFjkv+5mac5zzH/bYlokYOhEIaPIVbHIn5H33QvdwsVnDh
SwRBKTzzuy0yi/JUwvmi5DbuYYryFvUhk9MbJSs0nzVSv8379PS7XpNHg7ckYfbk
7U3lhUg2L3kbmciy7LZ2p1EUTXJgGIS39G5XGuxvYK/5nj8OFOdHmY85OAgWm1r+
eSlo1SilaZnhkvqlpGSdpk4BXV/PcmlGqsldfaDocKtybR1Drh5NVY5fEUpyGYYK
UrfXk5nba0yq/dl97IUUiuD0opQt9pFlxUu2xHtGNFo+gRuMA5znbeOILrI7QY8=
-----END CERTIFICATE-----
Generated at Tue May 21 12:50:21 2024 by rpki-client on console-fra.rpki-client.org