Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/726a52-5c73-4905-a19d-9f72f8dec468/1/0LZMir0uuDoFg0PdGmRq1GGJBKk.roa
File: 0LZMir0uuDoFg0PdGmRq1GGJBKk.roa (raw, json)
Hash identifier: UyhgKSRuuQ9SKkT+mmeIg60OXHvJlNCVomnqrO9cXYU=
Subject key identifier: D0:B6:4C:8A:BD:2E:B8:3A:05:83:43:DD:1A:64:6A:D4:61:89:04:A9
Certificate issuer: /CN=7184c805d4e53c2a132c739c4e3752afc35ae995
Certificate serial: 018CC3492B6D229C0DCFD80ED1812D5407D4
Authority key identifier: 71:84:C8:05:D4:E5:3C:2A:13:2C:73:9C:4E:37:52:AF:C3:5A:E9:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cYTIBdTlPCoTLHOcTjdSr8Na6ZU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/726a52-5c73-4905-a19d-9f72f8dec468/1/0LZMir0uuDoFg0PdGmRq1GGJBKk.roa
Signing time: Mon 01 Jan 2024 04:30:01 +0000
ROA not before: Mon 01 Jan 2024 04:30:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3347
IP address blocks: 217.117.192.0/20 maxlen: 24
192.207.142.0/24 maxlen: 24
2a00:10f8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/726a52-5c73-4905-a19d-9f72f8dec468/1/cYTIBdTlPCoTLHOcTjdSr8Na6ZU.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/726a52-5c73-4905-a19d-9f72f8dec468/1/cYTIBdTlPCoTLHOcTjdSr8Na6ZU.mft
rsync://rpki.ripe.net/repository/DEFAULT/cYTIBdTlPCoTLHOcTjdSr8Na6ZU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:2b:6d:22:9c:0d:cf:d8:0e:d1:81:2d:54:07:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7184c805d4e53c2a132c739c4e3752afc35ae995
Validity
Not Before: Jan 1 04:30:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d0b64c8abd2eb83a058343dd1a646ad4618904a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:cb:4e:83:05:23:20:a5:c2:a1:73:b5:eb:b6:
5a:5c:52:c2:3a:64:74:bd:9d:ab:4f:0d:39:43:a9:
08:38:b2:c3:7d:c7:1a:f9:3f:e8:ed:a6:e0:02:c3:
bb:da:e8:9d:c6:a8:d3:2d:51:57:96:fd:e6:6a:ec:
26:47:aa:87:d0:40:27:eb:84:68:a6:89:69:4f:e0:
10:9d:c9:98:82:81:53:10:4a:d8:45:dd:9d:46:d3:
49:84:83:83:5a:b6:db:3e:2a:ce:6c:9f:43:b0:30:
00:10:03:5d:52:e2:45:d0:45:7e:db:c5:1d:ac:af:
2d:86:22:1e:85:3c:2f:fb:9e:58:52:de:d4:05:20:
e8:ab:8f:fc:13:5f:86:8c:34:ea:d8:04:6b:95:48:
87:15:d3:29:b0:0f:55:d9:3e:18:56:97:d5:9b:f1:
b9:99:58:b7:2f:43:2b:6a:fc:91:fd:f2:78:04:be:
1e:d3:c4:39:8b:9c:33:5a:98:20:31:25:be:47:07:
85:0c:11:df:51:1c:69:b4:87:76:93:8b:19:ca:75:
62:1e:58:bb:d3:f0:6c:af:20:3a:29:61:3e:e9:43:
9f:83:00:21:fb:ef:39:ff:8b:51:a6:ba:4e:dc:51:
e9:95:48:83:fe:fc:da:2a:e4:20:c6:e4:5b:7f:03:
fc:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:B6:4C:8A:BD:2E:B8:3A:05:83:43:DD:1A:64:6A:D4:61:89:04:A9
X509v3 Authority Key Identifier:
keyid:71:84:C8:05:D4:E5:3C:2A:13:2C:73:9C:4E:37:52:AF:C3:5A:E9:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cYTIBdTlPCoTLHOcTjdSr8Na6ZU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/726a52-5c73-4905-a19d-9f72f8dec468/1/0LZMir0uuDoFg0PdGmRq1GGJBKk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/726a52-5c73-4905-a19d-9f72f8dec468/1/cYTIBdTlPCoTLHOcTjdSr8Na6ZU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.207.142.0/24
217.117.192.0/20
IPv6:
2a00:10f8::/32
Signature Algorithm: sha256WithRSAEncryption
a8:e9:95:43:9a:79:48:d4:6e:5e:80:45:d1:b8:be:e4:60:29:
b8:ff:c4:aa:c4:7e:da:52:8b:7c:8a:b6:ba:a0:1a:2d:bc:f4:
a2:16:2b:f1:a1:c9:08:71:f2:49:97:a5:36:4f:1e:e8:5b:f7:
09:35:95:ba:9b:97:2a:43:c1:57:d6:46:f7:bd:aa:06:c4:ac:
fd:61:19:e1:c6:2f:78:4d:12:4d:3d:d9:d3:60:a8:f9:d1:90:
a5:0e:52:ef:61:09:b6:3b:d5:01:75:e6:bd:1d:11:6d:30:01:
0b:a3:67:de:2d:04:7d:95:26:e2:b0:66:ca:35:a1:6b:f4:2b:
41:a8:df:04:bd:be:d8:2d:df:b6:8d:9d:e2:23:95:b3:ca:e9:
28:04:c7:70:f3:9f:84:4b:14:77:18:d6:ae:06:8c:66:ea:8f:
f2:77:45:88:09:12:42:b7:03:b4:ac:99:29:70:b3:2a:47:08:
6b:74:f5:ec:90:49:2a:16:82:77:36:e2:09:f1:5a:25:93:94:
68:6a:74:bf:f5:ed:fe:e7:0a:5d:e8:2d:64:73:5a:8e:48:5e:
e8:00:80:06:c7:f4:55:76:7c:02:38:6f:e3:af:f1:f2:c8:36:
82:ff:b2:61:be:28:21:0d:f6:7f:61:57:90:75:63:f5:e6:73:
f9:fd:7e:1f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzDSSttIpwNz9gO0YEtVAfUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxODRjODA1ZDRlNTNjMmExMzJjNzM5YzRlMzc1MmFmYzM1
YWU5OTUwHhcNMjQwMTAxMDQzMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGI2NGM4YWJkMmViODNhMDU4MzQzZGQxYTY0NmFkNDYxODkwNGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArctOgwUjIKXCoXO167ZaXFLCOmR0
vZ2rTw05Q6kIOLLDfcca+T/o7abgAsO72uidxqjTLVFXlv3mauwmR6qH0EAn64Ro
polpT+AQncmYgoFTEErYRd2dRtNJhIODWrbbPirObJ9DsDAAEANdUuJF0EV+28Ud
rK8thiIehTwv+55YUt7UBSDoq4/8E1+GjDTq2ARrlUiHFdMpsA9V2T4YVpfVm/G5
mVi3L0MravyR/fJ4BL4e08Q5i5wzWpggMSW+RweFDBHfURxptId2k4sZynViHli7
0/BsryA6KWE+6UOfgwAh++85/4tRprpO3FHplUiD/vzaKuQgxuRbfwP8rwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNC2TIq9Lrg6BYND3RpkatRhiQSpMB8GA1UdIwQY
MBaAFHGEyAXU5TwqEyxznE43Uq/DWumVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1lUSUJkVGxQQ29UTEhPY1RqZFNyOE5hNlpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC83MjZhNTItNWM3My00OTA1LWExOWQt
OWY3MmY4ZGVjNDY4LzEvMExaTWlyMHV1RG9GZzBQZEdtUnExR0dKQktrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC83MjZhNTItNWM3My00OTA1LWExOWQtOWY3MmY4ZGVjNDY4
LzEvY1lUSUJkVGxQQ29UTEhPY1RqZFNyOE5hNlpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAwM+OAwQE
2XXAMA0EAgACMAcDBQAqABD4MA0GCSqGSIb3DQEBCwUAA4IBAQCo6ZVDmnlI1G5e
gEXRuL7kYCm4/8SqxH7aUot8ira6oBotvPSiFivxockIcfJJl6U2Tx7oW/cJNZW6
m5cqQ8FX1kb3vaoGxKz9YRnhxi94TRJNPdnTYKj50ZClDlLvYQm2O9UBdea9HRFt
MAELo2feLQR9lSbisGbKNaFr9CtBqN8Evb7YLd+2jZ3iI5WzyukoBMdw85+ESxR3
GNauBoxm6o/yd0WICRJCtwO0rJkpcLMqRwhrdPXskEkqFoJ3NuIJ8Volk5RoanS/
9e3+5wpd6C1kc1qOSF7oAIAGx/RVdnwCOG/jr/HyyDaC/7JhvighDfZ/YVeQdWP1
5nP5/X4f
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:39:00 2024 by rpki-client on console-ams.rpki-client.org