Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/9f5b81-ae4d-46a4-bb82-7655c89f14d6/1/lepZTO91Nrz3HkpOj8aq_sZ6MqE.roa
File: lepZTO91Nrz3HkpOj8aq_sZ6MqE.roa (raw, json)
Hash identifier: RmB6qGPFLyMtqh/W9CgECKeVGRltIECDz3wwF1ZpC4c=
Subject key identifier: 95:EA:59:4C:EF:75:36:BC:F7:1E:4A:4E:8F:C6:AA:FE:C6:7A:32:A1
Certificate issuer: /CN=c0cac8d524a5fec7fc83a23830fbf9226a7601ae
Certificate serial: 019301C2C41F24E9CB648BA453DECC59168C
Authority key identifier: C0:CA:C8:D5:24:A5:FE:C7:FC:83:A2:38:30:FB:F9:22:6A:76:01:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wMrI1SSl_sf8g6I4MPv5Imp2Aa4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/9f5b81-ae4d-46a4-bb82-7655c89f14d6/1/lepZTO91Nrz3HkpOj8aq_sZ6MqE.roa
Signing time: Wed 06 Nov 2024 13:56:01 +0000
ROA not before: Wed 06 Nov 2024 13:56:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35575
IP address blocks: 46.149.240.0/20 maxlen: 20
84.19.32.0/19 maxlen: 19
84.19.32.0/21 maxlen: 21
84.19.40.0/21 maxlen: 21
84.19.48.0/21 maxlen: 21
84.19.56.0/21 maxlen: 21
88.211.64.0/18 maxlen: 18
88.211.64.0/21 maxlen: 21
88.211.72.0/21 maxlen: 21
88.211.80.0/20 maxlen: 20
88.211.96.0/21 maxlen: 21
88.211.104.0/21 maxlen: 21
88.211.112.0/21 maxlen: 21
88.211.120.0/22 maxlen: 22
88.211.124.0/23 maxlen: 23
88.211.126.0/23 maxlen: 23
185.25.236.0/22 maxlen: 22
185.152.216.0/22 maxlen: 22
185.219.92.0/22 maxlen: 22
188.127.64.0/19 maxlen: 19
209.42.0.0/23 maxlen: 23
2a02:29d0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/9f5b81-ae4d-46a4-bb82-7655c89f14d6/1/wMrI1SSl_sf8g6I4MPv5Imp2Aa4.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/9f5b81-ae4d-46a4-bb82-7655c89f14d6/1/wMrI1SSl_sf8g6I4MPv5Imp2Aa4.mft
rsync://rpki.ripe.net/repository/DEFAULT/wMrI1SSl_sf8g6I4MPv5Imp2Aa4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:01:c2:c4:1f:24:e9:cb:64:8b:a4:53:de:cc:59:16:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c0cac8d524a5fec7fc83a23830fbf9226a7601ae
Validity
Not Before: Nov 6 13:56:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=95ea594cef7536bcf71e4a4e8fc6aafec67a32a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:92:15:03:ab:3e:3e:8a:fc:df:4c:cb:d0:fd:
94:b4:59:ee:ef:b7:9d:cb:30:c4:2b:b0:31:8b:fe:
86:c6:48:78:b3:c3:17:09:46:dc:23:6b:f5:3f:39:
c2:cc:05:50:89:d7:b2:ef:bf:70:7a:ae:ad:f6:78:
e1:e3:8a:a1:5b:b1:d0:01:a7:99:4b:b9:cd:c6:1b:
a4:ed:14:40:8a:e9:74:1e:80:00:f0:71:1d:51:b5:
f0:cd:26:c6:a2:2c:8a:7a:90:df:c6:4e:71:c6:c2:
60:a6:9e:45:ec:61:2c:ef:e6:01:4e:a9:7c:3e:83:
82:8d:bb:4c:16:8b:15:22:e5:6f:ec:33:e9:0a:df:
f8:91:ea:54:a6:a6:20:6f:92:08:ad:49:aa:23:5b:
04:6f:04:46:9e:23:73:17:8a:be:2e:92:26:c4:35:
c3:26:3a:0d:02:37:ff:fb:33:de:6e:81:c9:5f:15:
fb:18:17:ab:59:58:b8:7a:44:ef:3f:83:04:87:3b:
ee:8d:d9:94:8b:80:63:a4:2e:5c:bb:01:32:fd:2a:
04:4f:76:46:a2:ba:23:16:11:ba:e9:5d:9d:f8:5f:
23:c1:94:82:b4:33:d7:00:96:26:63:6c:9d:86:74:
15:ff:a5:14:45:2c:f6:e7:56:a0:0e:cd:71:47:3e:
7e:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:EA:59:4C:EF:75:36:BC:F7:1E:4A:4E:8F:C6:AA:FE:C6:7A:32:A1
X509v3 Authority Key Identifier:
keyid:C0:CA:C8:D5:24:A5:FE:C7:FC:83:A2:38:30:FB:F9:22:6A:76:01:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wMrI1SSl_sf8g6I4MPv5Imp2Aa4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/9f5b81-ae4d-46a4-bb82-7655c89f14d6/1/lepZTO91Nrz3HkpOj8aq_sZ6MqE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/9f5b81-ae4d-46a4-bb82-7655c89f14d6/1/wMrI1SSl_sf8g6I4MPv5Imp2Aa4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.149.240.0/20
84.19.32.0/19
88.211.64.0/18
185.25.236.0/22
185.152.216.0/22
185.219.92.0/22
188.127.64.0/19
209.42.0.0/23
IPv6:
2a02:29d0::/32
Signature Algorithm: sha256WithRSAEncryption
25:88:2d:81:be:57:f4:85:03:54:10:6b:98:96:15:a4:8c:bc:
75:69:9b:5a:1f:b1:80:77:74:59:ab:83:c5:8e:28:21:16:6d:
63:69:e8:30:70:b2:4c:26:0e:a3:08:db:49:75:d0:e8:12:b2:
a2:dc:0a:66:0d:36:3f:c7:1e:07:14:fa:fd:9e:a9:1e:ab:b5:
7c:d7:d7:4c:16:31:a0:4a:f7:d9:74:89:b2:29:f4:06:8c:cf:
a7:a9:69:9f:a4:d4:a2:e3:4c:eb:e9:b6:6a:c7:91:22:5a:48:
83:42:db:2f:55:eb:15:a6:5d:12:85:83:71:25:bf:5a:c0:6a:
3d:e8:8c:cc:ed:3f:41:6f:42:02:3b:81:e0:3f:0b:14:6b:16:
49:11:0e:bd:41:de:79:dd:3b:a6:33:ce:f0:eb:37:46:74:d1:
ad:18:3e:d0:1d:15:f0:e7:7a:be:19:cf:72:39:b1:77:19:7d:
c6:c8:97:cc:27:19:ff:22:03:ce:06:18:e9:de:7f:08:90:03:
59:59:a5:70:42:2c:32:95:8f:01:98:5b:f1:62:5f:13:3e:98:
9f:ad:fa:c1:63:0e:12:33:ec:38:29:77:95:e5:8d:be:43:76:
21:08:42:b3:9f:1c:e6:8b:78:3d:58:9d:08:a1:8f:d7:51:e9:
70:14:c5:05
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZMBwsQfJOnLZIukU97MWRaMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwY2FjOGQ1MjRhNWZlYzdmYzgzYTIzODMwZmJmOTIyNmE3
NjAxYWUwHhcNMjQxMTA2MTM1NjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWVhNTk0Y2VmNzUzNmJjZjcxZTRhNGU4ZmM2YWFmZWM2N2EzMmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZIVA6s+Por830zL0P2UtFnu77ed
yzDEK7Axi/6Gxkh4s8MXCUbcI2v1PznCzAVQidey779weq6t9njh44qhW7HQAaeZ
S7nNxhuk7RRAiul0HoAA8HEdUbXwzSbGoiyKepDfxk5xxsJgpp5F7GEs7+YBTql8
PoOCjbtMFosVIuVv7DPpCt/4kepUpqYgb5IIrUmqI1sEbwRGniNzF4q+LpImxDXD
JjoNAjf/+zPeboHJXxX7GBerWVi4ekTvP4MEhzvujdmUi4BjpC5cuwEy/SoET3ZG
orojFhG66V2d+F8jwZSCtDPXAJYmY2ydhnQV/6UURSz251agDs1xRz5+FQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFJXqWUzvdTa89x5KTo/Gqv7GejKhMB8GA1UdIwQY
MBaAFMDKyNUkpf7H/IOiODD7+SJqdgGuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd01ySTFTU2xfc2Y4ZzZJNE1QdjVJbXAyQWE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS85ZjViODEtYWU0ZC00NmE0LWJiODIt
NzY1NWM4OWYxNGQ2LzEvbGVwWlRPOTFOcnozSGtwT2o4YXFfc1o2TXFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS85ZjViODEtYWU0ZC00NmE0LWJiODItNzY1NWM4OWYxNGQ2
LzEvd01ySTFTU2xfc2Y4ZzZJNE1QdjVJbXAyQWE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQELpXwAwQF
VBMgAwQGWNNAAwQCuRnsAwQCuZjYAwQCudtcAwQFvH9AAwQB0SoAMA0EAgACMAcD
BQAqAinQMA0GCSqGSIb3DQEBCwUAA4IBAQAliC2Bvlf0hQNUEGuYlhWkjLx1aZta
H7GAd3RZq4PFjighFm1jaegwcLJMJg6jCNtJddDoErKi3ApmDTY/xx4HFPr9nqke
q7V819dMFjGgSvfZdImyKfQGjM+nqWmfpNSi40zr6bZqx5EiWkiDQtsvVesVpl0S
hYNxJb9awGo96IzM7T9Bb0ICO4HgPwsUaxZJEQ69Qd553TumM87w6zdGdNGtGD7Q
HRXw53q+Gc9yObF3GX3GyJfMJxn/IgPOBhjp3n8IkANZWaVwQiwylY8BmFvxYl8T
PpifrfrBYw4SM+w4KXeV5Y2+Q3YhCEKznxzmi3g9WJ0IoY/XUelwFMUF
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:46:27 2024 by rpki-client on console-ams.rpki-client.org