Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/2a8f7e-e605-4114-90e8-f600d0fd03ce/1/LKhnv9hiKADsxHu3D6dmKV3Uxjg.roa
File: LKhnv9hiKADsxHu3D6dmKV3Uxjg.roa (raw, json)
Hash identifier: 0L9zVHVS309CjYdnW1dV9AT/2h16ixsLw5MG8iD7p+4=
Subject key identifier: 2C:A8:67:BF:D8:62:28:00:EC:C4:7B:B7:0F:A7:66:29:5D:D4:C6:38
Certificate issuer: /CN=ac2119178bfd923a4b5ec406d9fe1452b2776efa
Certificate serial: 018CC64AF37C82EDC67263F2E9AED859792C
Authority key identifier: AC:21:19:17:8B:FD:92:3A:4B:5E:C4:06:D9:FE:14:52:B2:77:6E:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rCEZF4v9kjpLXsQG2f4UUrJ3bvo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/2a8f7e-e605-4114-90e8-f600d0fd03ce/1/LKhnv9hiKADsxHu3D6dmKV3Uxjg.roa
Signing time: Mon 01 Jan 2024 18:30:49 +0000
ROA not before: Mon 01 Jan 2024 18:30:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39790
IP address blocks: 81.91.80.0/20 maxlen: 21
185.14.224.0/22 maxlen: 23
2001:1568::/32 maxlen: 33
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/2a8f7e-e605-4114-90e8-f600d0fd03ce/1/rCEZF4v9kjpLXsQG2f4UUrJ3bvo.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/2a8f7e-e605-4114-90e8-f600d0fd03ce/1/rCEZF4v9kjpLXsQG2f4UUrJ3bvo.mft
rsync://rpki.ripe.net/repository/DEFAULT/rCEZF4v9kjpLXsQG2f4UUrJ3bvo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:f3:7c:82:ed:c6:72:63:f2:e9:ae:d8:59:79:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac2119178bfd923a4b5ec406d9fe1452b2776efa
Validity
Not Before: Jan 1 18:30:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2ca867bfd8622800ecc47bb70fa766295dd4c638
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:6a:9a:24:63:1e:de:a2:17:22:0e:00:29:d8:
a5:6b:e5:13:65:ee:48:b0:15:f0:d0:b1:8d:0e:4b:
c9:62:19:0e:92:f6:f0:69:ac:f1:42:3c:ba:3c:ac:
1b:97:7c:4f:99:f3:a7:fc:39:1e:d7:6e:ae:9a:0e:
bb:f4:8c:53:a7:d5:21:a4:37:3c:aa:31:ce:28:5f:
6b:94:0d:50:2e:1b:29:9b:b4:e9:14:74:ef:f9:9e:
2a:6a:45:91:ae:2b:fd:70:4d:75:0d:0d:a5:c2:ca:
d5:6b:97:18:c9:e5:a7:76:46:0d:c9:0f:00:2e:fc:
93:5c:18:57:cb:da:72:68:28:42:72:c0:af:9e:b5:
a3:f9:7e:bb:53:b1:a1:2f:35:ca:5a:b5:61:43:b2:
24:73:2d:bd:b9:78:71:be:dd:f9:e8:e3:87:b3:64:
ee:57:0a:89:68:5f:f9:17:d6:92:73:65:98:cb:d5:
a6:32:59:d4:02:76:cb:36:8b:c4:21:2f:97:a4:b0:
61:f8:50:23:66:e8:47:6b:71:32:f5:11:de:64:c3:
b4:ed:40:79:3e:07:e3:ed:e4:d0:68:49:64:56:b3:
41:87:bf:b6:3f:91:d5:f0:65:1e:79:79:38:b5:4b:
c5:1e:db:99:e1:7b:4a:d5:64:09:21:52:9f:91:97:
0e:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:A8:67:BF:D8:62:28:00:EC:C4:7B:B7:0F:A7:66:29:5D:D4:C6:38
X509v3 Authority Key Identifier:
keyid:AC:21:19:17:8B:FD:92:3A:4B:5E:C4:06:D9:FE:14:52:B2:77:6E:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rCEZF4v9kjpLXsQG2f4UUrJ3bvo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/2a8f7e-e605-4114-90e8-f600d0fd03ce/1/LKhnv9hiKADsxHu3D6dmKV3Uxjg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/2a8f7e-e605-4114-90e8-f600d0fd03ce/1/rCEZF4v9kjpLXsQG2f4UUrJ3bvo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.91.80.0/20
185.14.224.0/22
IPv6:
2001:1568::/32
Signature Algorithm: sha256WithRSAEncryption
49:7c:bc:b6:2f:6f:42:11:5f:af:4f:8e:26:07:de:f0:88:59:
82:e4:e1:17:22:46:ae:e9:b7:6e:75:a9:78:91:da:89:75:0f:
a1:3e:dc:d5:bf:42:bf:51:ec:ed:4e:b1:63:91:7b:f2:64:b9:
1d:e5:38:9d:44:7c:36:d6:aa:6a:c1:41:a8:18:1a:21:ff:66:
f8:d8:f8:e7:5c:43:55:4a:8a:ab:92:56:27:66:ed:ab:87:ec:
b1:00:ff:28:cc:78:fe:cb:b3:54:9d:d5:80:1b:55:a5:73:3b:
e4:58:d4:27:96:a7:ad:52:7b:6a:40:b4:64:51:a8:fa:16:76:
0d:2f:ed:23:ed:9c:ff:65:59:18:bd:4b:b1:82:8f:81:c5:d4:
ee:da:37:8a:65:fe:6b:24:2e:80:1a:55:2e:21:51:bc:f1:e4:
ab:a9:65:ec:b5:80:9e:10:23:52:4c:49:bd:a2:5b:6d:9d:18:
65:48:64:4c:a7:56:4b:ec:d3:ce:60:e4:62:fc:d4:ae:f3:1d:
0c:99:31:ad:e4:cd:9b:17:e8:56:05:9c:c3:f4:16:32:27:76:
ea:15:70:dc:19:89:bb:84:2e:2d:e7:b4:37:a0:1b:80:e0:c2:
07:35:b7:6b:74:f9:c3:3c:7a:70:d2:c2:9b:ef:34:73:4f:2e:
68:85:0a:f3
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzGSvN8gu3GcmPy6a7YWXksMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjMjExOTE3OGJmZDkyM2E0YjVlYzQwNmQ5ZmUxNDUyYjI3
NzZlZmEwHhcNMjQwMTAxMTgzMDQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyY2E4NjdiZmQ4NjIyODAwZWNjNDdiYjcwZmE3NjYyOTVkZDRjNjM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoGqaJGMe3qIXIg4AKdila+UTZe5I
sBXw0LGNDkvJYhkOkvbwaazxQjy6PKwbl3xPmfOn/Dke126umg679IxTp9UhpDc8
qjHOKF9rlA1QLhspm7TpFHTv+Z4qakWRriv9cE11DQ2lwsrVa5cYyeWndkYNyQ8A
LvyTXBhXy9pyaChCcsCvnrWj+X67U7GhLzXKWrVhQ7Ikcy29uXhxvt356OOHs2Tu
VwqJaF/5F9aSc2WYy9WmMlnUAnbLNovEIS+XpLBh+FAjZuhHa3Ey9RHeZMO07UB5
Pgfj7eTQaElkVrNBh7+2P5HV8GUeeXk4tUvFHtuZ4XtK1WQJIVKfkZcO2wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCyoZ7/YYigA7MR7tw+nZild1MY4MB8GA1UdIwQY
MBaAFKwhGReL/ZI6S17EBtn+FFKyd276MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckNFWkY0djlranBMWHNRRzJmNFVVckozYnZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8yYThmN2UtZTYwNS00MTE0LTkwZTgt
ZjYwMGQwZmQwM2NlLzEvTEtobnY5aGlLQURzeEh1M0Q2ZG1LVjNVeGpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8yYThmN2UtZTYwNS00MTE0LTkwZTgtZjYwMGQwZmQwM2Nl
LzEvckNFWkY0djlranBMWHNRRzJmNFVVckozYnZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEUVtQAwQC
uQ7gMA0EAgACMAcDBQAgARVoMA0GCSqGSIb3DQEBCwUAA4IBAQBJfLy2L29CEV+v
T44mB97wiFmC5OEXIkau6bdudal4kdqJdQ+hPtzVv0K/UeztTrFjkXvyZLkd5Tid
RHw21qpqwUGoGBoh/2b42PjnXENVSoqrklYnZu2rh+yxAP8ozHj+y7NUndWAG1Wl
czvkWNQnlqetUntqQLRkUaj6FnYNL+0j7Zz/ZVkYvUuxgo+BxdTu2jeKZf5rJC6A
GlUuIVG88eSrqWXstYCeECNSTEm9olttnRhlSGRMp1ZL7NPOYORi/NSu8x0MmTGt
5M2bF+hWBZzD9BYyJ3bqFXDcGYm7hC4t57Q3oBuA4MIHNbdrdPnDPHpw0sKb7zRz
Ty5ohQrz
-----END CERTIFICATE-----
Generated at Tue Nov 26 21:06:45 2024 by rpki-client on console-fra.rpki-client.org