Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/aa06a5-7ef6-4bc9-b0a0-2fa839017d75/1/lAisKxLyVb9sc-MNU4dYGyoKT1c.roa
File: lAisKxLyVb9sc-MNU4dYGyoKT1c.roa (raw, json)
Hash identifier: jv4SFL+pty6OT/Ingd+D9CtU47sztW9/60bSWmSXank=
Subject key identifier: 94:08:AC:2B:12:F2:55:BF:6C:73:E3:0D:53:87:58:1B:2A:0A:4F:57
Certificate issuer: /CN=fbd83efdd9996f8c75e7f4114e466ebf836968ea
Certificate serial: 018CC9BC315399812FA0CEA9FE85647DB758
Authority key identifier: FB:D8:3E:FD:D9:99:6F:8C:75:E7:F4:11:4E:46:6E:BF:83:69:68:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-9g-_dmZb4x15_QRTkZuv4NpaOo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/aa06a5-7ef6-4bc9-b0a0-2fa839017d75/1/lAisKxLyVb9sc-MNU4dYGyoKT1c.roa
Signing time: Tue 02 Jan 2024 10:33:22 +0000
ROA not before: Tue 02 Jan 2024 10:33:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28854
IP address blocks: 185.60.128.0/22 maxlen: 24
80.84.32.0/20 maxlen: 24
88.206.128.0/17 maxlen: 24
2a04:f40::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/aa06a5-7ef6-4bc9-b0a0-2fa839017d75/1/1-9g-_dmZb4x15_QRTkZuv4NpaOo.crl
rsync://rpki.ripe.net/repository/DEFAULT/2c/aa06a5-7ef6-4bc9-b0a0-2fa839017d75/1/1-9g-_dmZb4x15_QRTkZuv4NpaOo.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-9g-_dmZb4x15_QRTkZuv4NpaOo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:31:53:99:81:2f:a0:ce:a9:fe:85:64:7d:b7:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fbd83efdd9996f8c75e7f4114e466ebf836968ea
Validity
Not Before: Jan 2 10:33:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9408ac2b12f255bf6c73e30d5387581b2a0a4f57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:5d:bd:1b:e2:8e:ab:98:e5:97:84:e3:fb:b7:
0f:9f:a9:1f:42:f9:bc:82:f2:19:0a:f7:8d:ad:d5:
17:9a:73:0d:8b:d8:00:b5:14:e9:e6:af:d1:36:2a:
ec:4f:75:2a:56:67:a5:87:9f:36:66:bb:7d:d9:50:
72:21:13:95:95:df:90:cd:51:36:35:b0:ea:c1:49:
a5:98:10:db:c1:ec:0e:f1:26:56:ee:03:65:1d:df:
a3:b5:77:40:35:f0:d8:78:a4:0d:c9:be:70:19:37:
43:e1:33:46:c3:e3:ea:0e:cb:a7:ab:b1:de:bd:08:
f1:86:4a:ae:e3:1e:e5:fa:56:d1:43:75:83:d6:8b:
47:45:94:2b:56:37:90:b1:9b:2f:36:8c:a2:74:d9:
46:0f:74:50:6d:b2:22:c1:57:11:fe:3f:31:89:9a:
de:bc:bf:fa:e0:d5:bc:5b:67:de:9c:91:5b:fd:58:
3c:e3:4c:80:61:21:22:c9:40:dd:99:31:1e:21:46:
cc:06:ce:94:af:e8:e1:1d:38:7e:28:75:1a:5d:4b:
29:7d:9d:b0:02:2d:5c:db:01:35:c6:44:8d:38:7f:
69:74:5b:a1:51:58:cf:11:68:bb:c8:0d:26:8e:ed:
8c:a3:3b:e2:3b:2b:99:8a:01:ad:46:ed:34:33:2b:
a5:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:08:AC:2B:12:F2:55:BF:6C:73:E3:0D:53:87:58:1B:2A:0A:4F:57
X509v3 Authority Key Identifier:
keyid:FB:D8:3E:FD:D9:99:6F:8C:75:E7:F4:11:4E:46:6E:BF:83:69:68:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-9g-_dmZb4x15_QRTkZuv4NpaOo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/aa06a5-7ef6-4bc9-b0a0-2fa839017d75/1/lAisKxLyVb9sc-MNU4dYGyoKT1c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/aa06a5-7ef6-4bc9-b0a0-2fa839017d75/1/1-9g-_dmZb4x15_QRTkZuv4NpaOo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.84.32.0/20
88.206.128.0/17
185.60.128.0/22
IPv6:
2a04:f40::/29
Signature Algorithm: sha256WithRSAEncryption
94:5a:24:cb:63:b1:c2:be:fb:02:be:54:2d:ea:4b:66:74:e5:
2c:3a:b9:4d:bf:64:a7:28:79:bd:61:53:d1:40:c4:8f:8f:0c:
97:72:76:86:28:fe:48:93:27:58:51:0b:5c:69:33:e8:0f:fd:
6b:95:fe:d9:89:a6:f1:88:50:d5:70:a5:95:b7:fd:3f:d9:71:
b3:3e:1a:b0:1f:82:4d:ba:d6:62:d7:06:e0:65:a1:97:8d:a8:
b3:05:38:cd:b8:7b:f8:65:78:cd:24:5a:06:c6:8c:99:15:e8:
9c:23:c3:fc:57:71:0a:dd:86:47:1e:79:cf:c5:2e:8e:f5:94:
cf:7b:ae:04:d6:09:bb:34:e2:6a:b4:3f:1a:31:19:4a:43:48:
b4:9c:b4:05:19:d5:73:61:4c:b1:09:c1:28:8b:b4:cf:7f:94:
ed:3f:24:77:1e:81:85:49:ff:9c:80:d3:30:4e:48:59:f1:38:
be:ae:46:7f:d2:e8:dd:77:6c:fd:39:4b:2a:dc:86:43:eb:3a:
9b:aa:59:60:74:bd:ae:f5:94:73:cd:5e:63:46:8c:56:ea:f0:
ae:a1:0b:74:e6:ef:f0:78:0c:c1:51:31:f8:2d:76:99:a5:c6:
3e:35:f5:2d:64:34:03:39:60:5b:a8:3f:a7:16:fa:c7:99:39:
ba:5f:eb:63
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzJvDFTmYEvoM6p/oVkfbdYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiZDgzZWZkZDk5OTZmOGM3NWU3ZjQxMTRlNDY2ZWJmODM2
OTY4ZWEwHhcNMjQwMTAyMTAzMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDA4YWMyYjEyZjI1NWJmNmM3M2UzMGQ1Mzg3NTgxYjJhMGE0ZjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyF29G+KOq5jll4Tj+7cPn6kfQvm8
gvIZCveNrdUXmnMNi9gAtRTp5q/RNirsT3UqVmelh582Zrt92VByIROVld+QzVE2
NbDqwUmlmBDbwewO8SZW7gNlHd+jtXdANfDYeKQNyb5wGTdD4TNGw+PqDsunq7He
vQjxhkqu4x7l+lbRQ3WD1otHRZQrVjeQsZsvNoyidNlGD3RQbbIiwVcR/j8xiZre
vL/64NW8W2fenJFb/Vg840yAYSEiyUDdmTEeIUbMBs6Ur+jhHTh+KHUaXUspfZ2w
Ai1c2wE1xkSNOH9pdFuhUVjPEWi7yA0mju2MozviOyuZigGtRu00MyuliQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFJQIrCsS8lW/bHPjDVOHWBsqCk9XMB8GA1UdIwQY
MBaAFPvYPv3ZmW+Mdef0EU5Gbr+DaWjqMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS05Zy1fZG1aYjR4MTVfUVJUa1p1djROcGFPby5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmMvYWEwNmE1LTdlZjYtNGJjOS1iMGEw
LTJmYTgzOTAxN2Q3NS8xL2xBaXNLeEx5VmI5c2MtTU5VNGRZR3lvS1QxYy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMmMvYWEwNmE1LTdlZjYtNGJjOS1iMGEwLTJmYTgzOTAxN2Q3
NS8xLzEtOWctX2RtWmI0eDE1X1FSVGtadXY0TnBhT28uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwOgYIKwYBBQUHAQcBAf8EKzApMBgEAgABMBIDBARQVCAD
BAdYzoADBAK5PIAwDQQCAAIwBwMFAyoED0AwDQYJKoZIhvcNAQELBQADggEBAJRa
JMtjscK++wK+VC3qS2Z05Sw6uU2/ZKcoeb1hU9FAxI+PDJdydoYo/kiTJ1hRC1xp
M+gP/WuV/tmJpvGIUNVwpZW3/T/ZcbM+GrAfgk261mLXBuBloZeNqLMFOM24e/hl
eM0kWgbGjJkV6Jwjw/xXcQrdhkceec/FLo71lM97rgTWCbs04mq0PxoxGUpDSLSc
tAUZ1XNhTLEJwSiLtM9/lO0/JHcegYVJ/5yA0zBOSFnxOL6uRn/S6N13bP05Syrc
hkPrOpuqWWB0va71lHPNXmNGjFbq8K6hC3Tm7/B4DMFRMfgtdpmlxj419S1kNAM5
YFuoP6cW+seZObpf62M=
-----END CERTIFICATE-----
Generated at Sat Nov 23 06:14:35 2024 by rpki-client on console-ams.rpki-client.org