Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/3fba05-daed-43b7-b870-fa02c1265d5e/1/lmnOUuMohy3Sg1RpAMUlbC3249Y.roa
File: lmnOUuMohy3Sg1RpAMUlbC3249Y.roa (raw, json)
Hash identifier: 2WAp2jNd9/Dx4lYHLMwvxpUAWeV8oW5jcjFujS96vxo=
Subject key identifier: 96:69:CE:52:E3:28:87:2D:D2:83:54:69:00:C5:25:6C:2D:F6:E3:D6
Certificate issuer: /CN=e20f87dab96b50f76eea49b181ea94d26a205327
Certificate serial: 018CC6B93FE01CEF0464F3B2D5CC24E0D904
Authority key identifier: E2:0F:87:DA:B9:6B:50:F7:6E:EA:49:B1:81:EA:94:D2:6A:20:53:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4g-H2rlrUPdu6kmxgeqU0mogUyc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/3fba05-daed-43b7-b870-fa02c1265d5e/1/lmnOUuMohy3Sg1RpAMUlbC3249Y.roa
Signing time: Mon 01 Jan 2024 20:31:18 +0000
ROA not before: Mon 01 Jan 2024 20:31:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29148
IP address blocks: 87.239.56.0/21 maxlen: 21
185.228.215.0/24 maxlen: 24
185.228.214.0/24 maxlen: 24
185.228.214.0/23 maxlen: 23
91.221.110.0/24 maxlen: 24
91.221.110.0/23 maxlen: 23
91.221.111.0/24 maxlen: 24
185.228.212.0/23 maxlen: 23
185.228.212.0/24 maxlen: 24
185.228.213.0/24 maxlen: 24
2a0d:4a00:a000::/36 maxlen: 36
2a0d:4a00:b000::/36 maxlen: 36
2a0d:4a00:c000::/36 maxlen: 36
2a0d:4a00:d000::/36 maxlen: 36
2a0d:4a00:e000::/36 maxlen: 36
2a0d:4a00:f000::/36 maxlen: 36
2a0d:4a00::/32 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/3fba05-daed-43b7-b870-fa02c1265d5e/1/4g-H2rlrUPdu6kmxgeqU0mogUyc.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/3fba05-daed-43b7-b870-fa02c1265d5e/1/4g-H2rlrUPdu6kmxgeqU0mogUyc.mft
rsync://rpki.ripe.net/repository/DEFAULT/4g-H2rlrUPdu6kmxgeqU0mogUyc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 26 Jun 2024 23:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:3f:e0:1c:ef:04:64:f3:b2:d5:cc:24:e0:d9:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e20f87dab96b50f76eea49b181ea94d26a205327
Validity
Not Before: Jan 1 20:31:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9669ce52e328872dd283546900c5256c2df6e3d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:f9:8a:5e:4b:26:b0:c5:23:3b:76:90:dd:7b:
02:17:f0:79:8f:69:f7:14:e2:84:0a:4d:f6:7a:44:
f6:69:60:9f:6c:48:7b:ac:cc:4d:86:23:ed:e2:fe:
36:e3:96:90:fd:b9:e9:c1:0d:3e:f1:25:c3:72:bc:
80:e5:8d:99:76:f7:d0:ea:cf:bf:c7:08:18:ee:52:
f1:0d:76:a1:5b:ae:7a:06:8c:db:bd:bf:b3:4b:db:
27:b9:37:01:ef:08:f2:1a:a6:26:64:a5:55:72:f6:
7a:59:51:15:81:fa:a5:52:4e:2c:1a:01:b0:9c:37:
84:d9:02:93:99:e9:4b:db:09:41:9c:90:7d:d6:fe:
59:2a:ae:54:9c:1c:87:3c:95:6e:71:49:09:0e:ee:
57:e7:eb:a4:7b:99:0f:94:69:d5:69:cc:51:35:8c:
9b:52:ec:c3:33:a8:9e:e4:11:4f:b2:0f:01:19:d7:
3e:1f:72:b8:98:26:d8:71:b2:b2:0b:23:ea:3e:c6:
e1:4a:09:ce:9c:f6:ec:a4:ac:2a:9b:5c:23:56:26:
37:3b:6f:a5:25:b9:66:86:e3:91:70:2a:dc:57:b4:
9b:a3:57:e5:42:14:d7:81:fc:16:d5:4e:f9:a2:7a:
18:00:7c:03:91:86:ae:12:a0:95:68:b8:1e:f7:88:
76:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:69:CE:52:E3:28:87:2D:D2:83:54:69:00:C5:25:6C:2D:F6:E3:D6
X509v3 Authority Key Identifier:
keyid:E2:0F:87:DA:B9:6B:50:F7:6E:EA:49:B1:81:EA:94:D2:6A:20:53:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4g-H2rlrUPdu6kmxgeqU0mogUyc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/3fba05-daed-43b7-b870-fa02c1265d5e/1/lmnOUuMohy3Sg1RpAMUlbC3249Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/3fba05-daed-43b7-b870-fa02c1265d5e/1/4g-H2rlrUPdu6kmxgeqU0mogUyc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.239.56.0/21
91.221.110.0/23
185.228.212.0/22
IPv6:
2a0d:4a00::/32
Signature Algorithm: sha256WithRSAEncryption
43:ff:56:88:fd:f2:42:85:60:8e:a8:ad:ff:77:74:f4:f7:3a:
d9:82:c1:41:91:14:ee:8e:90:84:13:d7:59:e6:3b:67:a7:f3:
c1:e1:2c:2e:aa:d4:e7:b6:88:4f:54:f6:5b:62:04:ac:99:59:
33:00:59:ae:00:e9:5d:c0:c0:f1:37:fd:04:02:24:1e:59:f8:
b1:17:57:e1:9d:03:97:58:6a:88:5f:fa:79:65:0a:21:27:29:
80:f1:46:b8:a2:0e:fa:9b:f2:d5:4a:9b:cc:03:28:d2:9a:9e:
40:d1:70:af:0e:bf:da:7e:fd:c9:89:ee:f8:ef:a6:29:af:34:
56:64:ea:bd:c3:64:a5:68:7b:1b:3e:bc:35:2b:a9:e3:db:55:
ac:fe:69:a4:76:1e:17:b8:d4:13:de:68:2b:d0:eb:0c:00:a3:
f9:89:62:b0:d4:79:7d:bc:0d:c0:74:96:f0:ca:ab:d7:38:c7:
f9:c6:43:d8:0f:91:e3:64:72:38:c0:24:10:71:b8:b8:27:84:
16:b8:ec:4e:b1:9b:a9:c8:cf:d2:fc:5d:9e:72:04:42:47:92:
5c:18:f9:e1:36:46:88:1e:81:40:40:0e:29:59:2d:0b:da:9e:
33:4c:5c:9e:98:8a:36:20:53:af:80:e5:92:2b:a8:4b:17:ba:
f4:8c:97:95
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzGuT/gHO8EZPOy1cwk4NkEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyMGY4N2RhYjk2YjUwZjc2ZWVhNDliMTgxZWE5NGQyNmEy
MDUzMjcwHhcNMjQwMTAxMjAzMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjY5Y2U1MmUzMjg4NzJkZDI4MzU0NjkwMGM1MjU2YzJkZjZlM2Q2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhvmKXksmsMUjO3aQ3XsCF/B5j2n3
FOKECk32ekT2aWCfbEh7rMxNhiPt4v4245aQ/bnpwQ0+8SXDcryA5Y2ZdvfQ6s+/
xwgY7lLxDXahW656Bozbvb+zS9snuTcB7wjyGqYmZKVVcvZ6WVEVgfqlUk4sGgGw
nDeE2QKTmelL2wlBnJB91v5ZKq5UnByHPJVucUkJDu5X5+uke5kPlGnVacxRNYyb
UuzDM6ie5BFPsg8BGdc+H3K4mCbYcbKyCyPqPsbhSgnOnPbspKwqm1wjViY3O2+l
JblmhuORcCrcV7Sbo1flQhTXgfwW1U75onoYAHwDkYauEqCVaLge94h2bwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJZpzlLjKIct0oNUaQDFJWwt9uPWMB8GA1UdIwQY
MBaAFOIPh9q5a1D3bupJsYHqlNJqIFMnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGctSDJybHJVUGR1NmtteGdlcVUwbW9nVXljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC8zZmJhMDUtZGFlZC00M2I3LWI4NzAt
ZmEwMmMxMjY1ZDVlLzEvbG1uT1V1TW9oeTNTZzFScEFNVWxiQzMyNDlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC8zZmJhMDUtZGFlZC00M2I3LWI4NzAtZmEwMmMxMjY1ZDVl
LzEvNGctSDJybHJVUGR1NmtteGdlcVUwbW9nVXljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDV+84AwQB
W91uAwQCueTUMA0EAgACMAcDBQAqDUoAMA0GCSqGSIb3DQEBCwUAA4IBAQBD/1aI
/fJChWCOqK3/d3T09zrZgsFBkRTujpCEE9dZ5jtnp/PB4SwuqtTntohPVPZbYgSs
mVkzAFmuAOldwMDxN/0EAiQeWfixF1fhnQOXWGqIX/p5ZQohJymA8Ua4og76m/LV
SpvMAyjSmp5A0XCvDr/afv3Jie7476YprzRWZOq9w2SlaHsbPrw1K6nj21Ws/mmk
dh4XuNQT3mgr0OsMAKP5iWKw1Hl9vA3AdJbwyqvXOMf5xkPYD5HjZHI4wCQQcbi4
J4QWuOxOsZupyM/S/F2ecgRCR5JcGPnhNkaIHoFAQA4pWS0L2p4zTFyemIo2IFOv
gOWSK6hLF7r0jJeV
-----END CERTIFICATE-----
Generated at Wed Jun 26 06:39:51 2024 by rpki-client on console-fra.rpki-client.org