Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/9120cb-0b06-4861-b657-757838670948/1/2AlLNL3THYetz9XZ-6nxi_HPRww.roa
File: 2AlLNL3THYetz9XZ-6nxi_HPRww.roa (raw, json)
Hash identifier: SrOYhchcIJhWlEM0z4RyB/ckd+y79tqZQXdOVJo+1kg=
Subject key identifier: D8:09:4B:34:BD:D3:1D:87:AD:CF:D5:D9:FB:A9:F1:8B:F1:CF:47:0C
Certificate issuer: /CN=96773e9cc974301a78b7ee6d994528f1f882e46f
Certificate serial: 018CC9BB4218853587525AD9AC7AA550CF7F
Authority key identifier: 96:77:3E:9C:C9:74:30:1A:78:B7:EE:6D:99:45:28:F1:F8:82:E4:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lnc-nMl0MBp4t-5tmUUo8fiC5G8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/9120cb-0b06-4861-b657-757838670948/1/2AlLNL3THYetz9XZ-6nxi_HPRww.roa
Signing time: Tue 02 Jan 2024 10:32:21 +0000
ROA not before: Tue 02 Jan 2024 10:32:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48294
IP address blocks: 185.38.244.0/22 maxlen: 24
185.126.248.0/22 maxlen: 22
188.164.224.0/21 maxlen: 24
185.81.244.0/22 maxlen: 24
185.81.252.0/22 maxlen: 24
194.150.200.0/23 maxlen: 24
91.194.46.0/23 maxlen: 24
94.126.208.0/21 maxlen: 24
185.77.56.0/22 maxlen: 22
2a02:5d80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/9120cb-0b06-4861-b657-757838670948/1/lnc-nMl0MBp4t-5tmUUo8fiC5G8.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/9120cb-0b06-4861-b657-757838670948/1/lnc-nMl0MBp4t-5tmUUo8fiC5G8.mft
rsync://rpki.ripe.net/repository/DEFAULT/lnc-nMl0MBp4t-5tmUUo8fiC5G8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 13:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:42:18:85:35:87:52:5a:d9:ac:7a:a5:50:cf:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96773e9cc974301a78b7ee6d994528f1f882e46f
Validity
Not Before: Jan 2 10:32:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d8094b34bdd31d87adcfd5d9fba9f18bf1cf470c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:a0:b2:0d:23:86:b2:4c:81:1a:0b:d7:28:ac:
19:d7:d1:5d:6c:b4:4a:d5:a4:5f:0d:ff:a4:7e:54:
80:05:64:b6:c0:3d:50:98:c7:ad:d0:7d:22:53:e2:
f7:db:aa:a7:e8:ee:81:69:54:87:b6:4a:bb:42:a3:
f6:ac:e7:e7:22:bd:6e:15:00:21:5d:d5:0e:56:de:
54:28:c5:1d:52:5e:43:43:ba:35:57:2f:bd:de:cb:
84:9b:a2:49:9a:fd:be:82:12:7d:ca:47:b1:8e:18:
e5:e9:c2:ac:69:ba:99:32:7f:af:09:d1:83:6c:01:
45:4f:0f:68:36:63:46:02:9f:81:4c:ed:2c:8b:82:
7c:89:f8:db:89:71:5e:6d:7a:ea:2c:f8:e2:f1:8a:
fc:bc:d5:82:a5:70:36:65:91:0d:50:ee:ad:79:07:
d2:ae:f7:c1:a8:90:b9:a1:91:4a:0c:c7:ee:ef:a1:
7e:77:f7:6d:ac:ed:bc:3f:41:5d:97:81:10:c0:c3:
d4:10:42:0c:b5:8e:58:61:1c:8e:f4:5b:d1:aa:35:
00:cb:f0:a2:83:d7:2c:b8:b1:1a:ac:c7:1e:42:cf:
2a:3d:39:5f:b6:67:82:da:0a:57:23:fe:33:ad:07:
54:a5:0b:3d:57:f8:55:ae:9f:da:70:cb:61:40:01:
92:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:09:4B:34:BD:D3:1D:87:AD:CF:D5:D9:FB:A9:F1:8B:F1:CF:47:0C
X509v3 Authority Key Identifier:
keyid:96:77:3E:9C:C9:74:30:1A:78:B7:EE:6D:99:45:28:F1:F8:82:E4:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lnc-nMl0MBp4t-5tmUUo8fiC5G8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/9120cb-0b06-4861-b657-757838670948/1/2AlLNL3THYetz9XZ-6nxi_HPRww.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/9120cb-0b06-4861-b657-757838670948/1/lnc-nMl0MBp4t-5tmUUo8fiC5G8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.46.0/23
94.126.208.0/21
185.38.244.0/22
185.77.56.0/22
185.81.244.0/22
185.81.252.0/22
185.126.248.0/22
188.164.224.0/21
194.150.200.0/23
IPv6:
2a02:5d80::/29
Signature Algorithm: sha256WithRSAEncryption
8f:07:4e:c9:8c:5b:0d:65:1a:c0:64:be:75:48:b6:a6:63:77:
6f:b0:15:b7:da:d5:84:60:37:47:ee:f8:96:8e:e3:8e:ac:20:
49:06:25:4a:7a:88:73:0a:24:55:74:34:55:69:69:62:55:a3:
d6:ec:6f:fb:17:ff:b1:ee:04:bd:4f:5a:e8:4d:fe:2d:32:89:
f3:c2:2a:31:f7:e2:46:60:64:46:e9:26:68:37:59:17:66:a3:
a5:c0:86:f7:58:7f:c7:82:8d:6e:7b:8e:1d:86:02:26:92:5c:
be:59:f7:4e:55:1f:87:ea:77:5b:a5:ff:20:00:11:03:7c:36:
34:14:3b:89:ec:37:52:56:fb:c3:07:f0:2a:68:5f:43:65:f7:
33:19:8f:2c:b8:f8:40:f6:bd:7a:48:8a:0c:99:29:9d:9c:5d:
a1:56:7c:14:c9:48:72:c4:2c:ba:01:93:28:56:46:1a:59:aa:
f6:11:0c:0b:8d:51:e7:53:be:6c:50:e4:75:eb:bb:54:fb:79:
1c:cc:7d:b9:0a:87:4c:cf:79:86:54:03:88:2e:e0:24:22:f8:
28:d1:93:c0:e7:1e:3c:33:7b:cf:2a:aa:b1:3b:da:9b:ed:3b:
e3:7c:5a:6f:80:ed:d6:27:9d:ca:78:69:8f:51:d4:af:a2:60:
72:25:88:03
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYzJu0IYhTWHUlrZrHqlUM9/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2NzczZTljYzk3NDMwMWE3OGI3ZWU2ZDk5NDUyOGYxZjg4
MmU0NmYwHhcNMjQwMTAyMTAzMjIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODA5NGIzNGJkZDMxZDg3YWRjZmQ1ZDlmYmE5ZjE4YmYxY2Y0NzBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoKCyDSOGskyBGgvXKKwZ19FdbLRK
1aRfDf+kflSABWS2wD1QmMet0H0iU+L326qn6O6BaVSHtkq7QqP2rOfnIr1uFQAh
XdUOVt5UKMUdUl5DQ7o1Vy+93suEm6JJmv2+ghJ9ykexjhjl6cKsabqZMn+vCdGD
bAFFTw9oNmNGAp+BTO0si4J8ifjbiXFebXrqLPji8Yr8vNWCpXA2ZZENUO6teQfS
rvfBqJC5oZFKDMfu76F+d/dtrO28P0Fdl4EQwMPUEEIMtY5YYRyO9FvRqjUAy/Ci
g9csuLEarMceQs8qPTlftmeC2gpXI/4zrQdUpQs9V/hVrp/acMthQAGSLwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFNgJSzS90x2Hrc/V2fup8Yvxz0cMMB8GA1UdIwQY
MBaAFJZ3PpzJdDAaeLfubZlFKPH4guRvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbG5jLW5NbDBNQnA0dC01dG1VVW84ZmlDNUc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS85MTIwY2ItMGIwNi00ODYxLWI2NTct
NzU3ODM4NjcwOTQ4LzEvMkFsTE5MM1RIWWV0ejlYWi02bnhpX0hQUnd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS85MTIwY2ItMGIwNi00ODYxLWI2NTctNzU3ODM4NjcwOTQ4
LzEvbG5jLW5NbDBNQnA0dC01dG1VVW84ZmlDNUc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQBW8IuAwQD
Xn7QAwQCuSb0AwQCuU04AwQCuVH0AwQCuVH8AwQCuX74AwQDvKTgAwQBwpbIMA0E
AgACMAcDBQMqAl2AMA0GCSqGSIb3DQEBCwUAA4IBAQCPB07JjFsNZRrAZL51SLam
Y3dvsBW32tWEYDdH7viWjuOOrCBJBiVKeohzCiRVdDRVaWliVaPW7G/7F/+x7gS9
T1roTf4tMonzwiox9+JGYGRG6SZoN1kXZqOlwIb3WH/Hgo1ue44dhgImkly+WfdO
VR+H6ndbpf8gABEDfDY0FDuJ7DdSVvvDB/AqaF9DZfczGY8suPhA9r16SIoMmSmd
nF2hVnwUyUhyxCy6AZMoVkYaWar2EQwLjVHnU75sUOR167tU+3kczH25CodMz3mG
VAOILuAkIvgo0ZPA5x48M3vPKqqxO9qb7TvjfFpvgO3WJ53KeGmPUdSvomByJYgD
-----END CERTIFICATE-----
Generated at Sat Jun 1 20:15:48 2024 by rpki-client on console-fra.rpki-client.org