Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/LmHyNnccfewvP0yavxTGiWcfoO4.roa
File: LmHyNnccfewvP0yavxTGiWcfoO4.roa (raw, json)
Hash identifier: FvHkFRi2F3ZemDaN5LIII28lnmqqLwziTZKLFsw8v0o=
Subject key identifier: 2E:61:F2:36:77:1C:7D:EC:2F:3F:4C:9A:BF:14:C6:89:67:1F:A0:EE
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 0192096C5A01BDC58067C91613726BC5CAAF
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/LmHyNnccfewvP0yavxTGiWcfoO4.roa
Signing time: Thu 19 Sep 2024 08:35:48 +0000
ROA not before: Thu 19 Sep 2024 08:35:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216050
IP address blocks: 37.49.146.0/24 maxlen: 24
37.49.149.0/24 maxlen: 24
94.74.140.0/24 maxlen: 24
109.203.162.0/24 maxlen: 24
109.203.164.0/24 maxlen: 24
109.203.165.0/24 maxlen: 24
109.203.167.0/24 maxlen: 24
176.46.128.0/24 maxlen: 24
176.46.131.0/24 maxlen: 24
185.34.160.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.mft
rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:09:6c:5a:01:bd:c5:80:67:c9:16:13:72:6b:c5:ca:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Sep 19 08:35:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2e61f236771c7dec2f3f4c9abf14c689671fa0ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:b6:0e:7e:18:bd:c6:e6:27:ff:82:1b:04:e8:
f2:c8:9e:52:a2:94:ed:4a:60:bd:e5:19:0a:75:f3:
b8:59:67:75:76:20:ba:ff:24:cb:66:77:b2:cc:b0:
4e:21:2a:a2:18:d8:65:7f:e1:9f:5f:32:88:ec:79:
71:30:69:2c:9c:92:f0:36:b0:08:76:76:fb:f4:58:
7f:b8:ae:95:a6:7d:ef:3f:b6:b7:96:30:0a:92:83:
7d:3c:48:d5:8d:55:2d:ac:6a:32:ee:85:fa:31:12:
43:0a:f4:07:88:bb:b8:b6:02:ac:88:56:0c:3f:71:
d4:c4:0d:ba:84:db:0b:cd:57:31:37:b4:dc:a8:c2:
b0:0f:97:f3:64:ce:c7:c9:0c:89:7f:a3:92:6d:1f:
c2:43:19:23:f2:d6:af:db:c0:7f:17:a5:d1:88:6a:
57:c9:6a:dd:41:3c:95:99:7a:55:55:0e:fd:e6:76:
b8:52:64:20:0b:11:b2:a1:aa:0b:61:1d:1c:84:02:
c0:b1:26:76:57:52:05:47:e6:45:b2:5d:a5:c9:e6:
c8:fe:6c:43:ff:86:74:58:59:8e:34:37:8f:f4:ed:
7d:80:52:37:2c:7c:19:19:25:25:44:8c:36:8c:47:
66:d2:d2:81:83:e9:39:9a:cb:1e:17:8d:d5:7a:16:
9c:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:61:F2:36:77:1C:7D:EC:2F:3F:4C:9A:BF:14:C6:89:67:1F:A0:EE
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/LmHyNnccfewvP0yavxTGiWcfoO4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.49.146.0/24
37.49.149.0/24
94.74.140.0/24
109.203.162.0/24
109.203.164.0/23
109.203.167.0/24
176.46.128.0/24
176.46.131.0/24
185.34.160.0/22
Signature Algorithm: sha256WithRSAEncryption
5c:18:a7:cc:c1:a8:43:50:00:63:2c:2f:a8:d4:e8:da:77:e2:
da:a0:77:46:be:25:79:14:2d:42:7f:3e:45:5a:54:b8:60:b0:
ae:fc:45:61:2d:fb:a1:69:9e:d3:41:42:ea:d8:38:2c:72:c7:
3e:83:25:4b:2f:41:8d:ef:28:a7:98:d2:23:5b:73:9b:a0:cd:
9a:a9:5f:63:d7:a2:77:24:ea:49:b4:e0:6f:6e:e3:dc:80:d0:
92:84:f6:56:f1:ba:bb:0e:6c:07:12:be:97:99:70:4b:e8:73:
b9:b5:fd:34:62:54:e1:84:bb:98:72:de:f3:85:3f:56:45:f4:
af:61:35:67:a3:f9:54:61:60:f3:dc:53:8a:cb:d7:d4:dd:de:
ab:97:63:f7:63:7c:f3:8b:71:13:39:f2:2f:62:9f:c0:d4:54:
2a:ad:a6:06:6b:2a:86:cc:ec:ec:c8:6f:7f:cd:f7:63:0d:5c:
85:57:1c:1a:c3:9f:66:19:02:79:22:f7:2b:c9:de:d7:d6:2d:
2e:1c:69:96:14:fd:69:f8:07:1c:39:ad:e6:44:d4:69:f0:f1:
95:ea:7d:39:7c:32:16:85:49:f5:2f:f1:16:72:b4:20:14:0e:
53:b5:4a:01:14:47:b1:51:c5:a7:67:a3:67:70:7c:a2:c0:43:
10:c8:00:6c
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZIJbFoBvcWAZ8kWE3JrxcqvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjQwOTE5MDgzNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTYxZjIzNjc3MWM3ZGVjMmYzZjRjOWFiZjE0YzY4OTY3MWZhMGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtrYOfhi9xuYn/4IbBOjyyJ5SopTt
SmC95RkKdfO4WWd1diC6/yTLZneyzLBOISqiGNhlf+GfXzKI7HlxMGksnJLwNrAI
dnb79Fh/uK6Vpn3vP7a3ljAKkoN9PEjVjVUtrGoy7oX6MRJDCvQHiLu4tgKsiFYM
P3HUxA26hNsLzVcxN7TcqMKwD5fzZM7HyQyJf6OSbR/CQxkj8tav28B/F6XRiGpX
yWrdQTyVmXpVVQ795na4UmQgCxGyoaoLYR0chALAsSZ2V1IFR+ZFsl2lyebI/mxD
/4Z0WFmONDeP9O19gFI3LHwZGSUlRIw2jEdm0tKBg+k5msseF43Vehac5wIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFC5h8jZ3HH3sLz9Mmr8UxolnH6DuMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvTG1IeU5uY2NmZXd2UDB5YXZ4VEdpV2Nmb080LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAJTGSAwQA
JTGVAwQAXkqMAwQAbcuiAwQBbcukAwQAbcunAwQAsC6AAwQAsC6DAwQCuSKgMA0G
CSqGSIb3DQEBCwUAA4IBAQBcGKfMwahDUABjLC+o1Ojad+LaoHdGviV5FC1Cfz5F
WlS4YLCu/EVhLfuhaZ7TQULq2Dgscsc+gyVLL0GN7yinmNIjW3OboM2aqV9j16J3
JOpJtOBvbuPcgNCShPZW8bq7DmwHEr6XmXBL6HO5tf00YlThhLuYct7zhT9WRfSv
YTVno/lUYWDz3FOKy9fU3d6rl2P3Y3zzi3ETOfIvYp/A1FQqraYGayqGzOzsyG9/
zfdjDVyFVxwaw59mGQJ5Ivcryd7X1i0uHGmWFP1p+AccOa3mRNRp8PGV6n05fDIW
hUn1L/EWcrQgFA5TtUoBFEexUcWnZ6NncHyiwEMQyABs
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:29:11 2024 by rpki-client on console-fra.rpki-client.org