Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/7c2e84-e6cc-4751-887b-bc7a24c2e219/1/lkexsvhXkpOG4-ii5Z7dRuFkPSI.roa
File: lkexsvhXkpOG4-ii5Z7dRuFkPSI.roa (raw, json)
Hash identifier: Vfc/D3cAr13HtBGM3alsmbopT4OwZSKL1oYnRTAoGkw=
Subject key identifier: 96:47:B1:B2:F8:57:92:93:86:E3:E8:A2:E5:9E:DD:46:E1:64:3D:22
Certificate issuer: /CN=2ceadee58f864f472eb422b0b95497b85075a12b
Certificate serial: 018CC4932AF8F49FF1E23BEDC7458D0355C1
Authority key identifier: 2C:EA:DE:E5:8F:86:4F:47:2E:B4:22:B0:B9:54:97:B8:50:75:A1:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LOre5Y-GT0cutCKwuVSXuFB1oSs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/7c2e84-e6cc-4751-887b-bc7a24c2e219/1/lkexsvhXkpOG4-ii5Z7dRuFkPSI.roa
Signing time: Mon 01 Jan 2024 10:30:28 +0000
ROA not before: Mon 01 Jan 2024 10:30:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200675
IP address blocks: 185.232.76.0/22 maxlen: 22
138.124.188.0/22 maxlen: 22
185.71.176.0/22 maxlen: 22
2a05:3400::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/7c2e84-e6cc-4751-887b-bc7a24c2e219/1/LOre5Y-GT0cutCKwuVSXuFB1oSs.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/7c2e84-e6cc-4751-887b-bc7a24c2e219/1/LOre5Y-GT0cutCKwuVSXuFB1oSs.mft
rsync://rpki.ripe.net/repository/DEFAULT/LOre5Y-GT0cutCKwuVSXuFB1oSs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:2a:f8:f4:9f:f1:e2:3b:ed:c7:45:8d:03:55:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ceadee58f864f472eb422b0b95497b85075a12b
Validity
Not Before: Jan 1 10:30:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9647b1b2f857929386e3e8a2e59edd46e1643d22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:42:ef:df:b1:9f:b1:70:6f:00:4d:c9:11:a4:
af:9e:03:d9:0f:2e:86:65:1e:dd:2b:b7:33:50:cb:
52:ba:b9:0e:10:f9:30:c4:f9:d3:b3:67:28:bc:f1:
40:dd:6a:77:51:3a:55:42:4d:31:05:ba:0f:68:bf:
4c:96:0b:42:70:0f:c2:d9:0d:57:1b:21:b8:3c:c9:
71:26:c8:94:c8:75:39:cf:7e:2a:5c:c4:17:65:7a:
3b:3b:0c:61:47:95:c6:5f:d3:cf:b9:47:4a:47:5c:
d0:96:34:5c:13:90:04:5f:14:61:81:39:3d:04:fe:
e7:9d:79:2a:ab:8f:ab:ea:d6:32:06:2f:86:fa:ba:
b4:a0:17:3b:09:ba:56:71:81:f8:1f:6b:6f:10:85:
fc:0e:8f:1c:2b:58:e7:0a:47:bb:29:76:65:b6:08:
78:50:7a:59:3f:9a:61:b6:8f:89:ff:69:9d:3b:43:
6f:4c:1c:b2:ed:db:ea:0f:b3:8c:ff:e7:27:ce:32:
91:1f:ed:2c:0f:87:5b:72:fd:bd:10:b2:16:b6:ff:
b2:e6:6b:c2:3f:72:7e:fa:f0:16:7f:74:64:f9:26:
1d:c7:13:b9:88:d0:39:7f:95:a4:e0:74:e7:3a:b9:
83:3a:98:bc:e9:43:67:0d:93:15:fe:c7:b9:d6:24:
dd:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:47:B1:B2:F8:57:92:93:86:E3:E8:A2:E5:9E:DD:46:E1:64:3D:22
X509v3 Authority Key Identifier:
keyid:2C:EA:DE:E5:8F:86:4F:47:2E:B4:22:B0:B9:54:97:B8:50:75:A1:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LOre5Y-GT0cutCKwuVSXuFB1oSs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/7c2e84-e6cc-4751-887b-bc7a24c2e219/1/lkexsvhXkpOG4-ii5Z7dRuFkPSI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/7c2e84-e6cc-4751-887b-bc7a24c2e219/1/LOre5Y-GT0cutCKwuVSXuFB1oSs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
138.124.188.0/22
185.71.176.0/22
185.232.76.0/22
IPv6:
2a05:3400::/29
Signature Algorithm: sha256WithRSAEncryption
38:07:f0:8e:0d:17:64:49:6d:5e:4e:fb:51:61:f2:89:6a:ed:
a4:74:a4:cc:9d:9d:d8:1f:01:cd:74:2b:df:7d:6b:b0:4a:bc:
ce:37:d0:99:54:6b:fc:52:56:5d:70:57:ae:53:94:18:2a:e4:
40:a0:d5:c5:1a:61:d2:57:3c:5e:62:28:a6:0f:ab:ad:83:63:
fc:a1:52:51:85:68:94:03:87:bd:2d:bc:57:fe:27:06:8b:d1:
ce:2b:1e:58:0c:f9:02:0a:41:14:b9:98:3b:3a:9f:98:ea:5a:
08:1b:a6:eb:82:4f:44:ec:b5:d7:69:d2:51:67:9a:fc:7e:07:
e1:fe:7f:e1:9e:b2:c0:47:a1:6c:e7:52:15:80:21:1c:2b:c0:
12:f9:bc:0a:89:52:0f:a8:3b:f4:72:95:ed:4a:59:59:16:37:
3c:b8:53:62:ab:a0:62:5c:a5:4e:28:25:31:1c:88:ba:d7:ae:
47:15:82:cc:81:d7:c0:ad:ba:35:97:58:66:b4:ae:87:1e:58:
f7:b7:18:b8:ed:34:cf:50:0a:ae:f2:dc:2d:df:f3:07:98:cb:
fe:da:69:17:ae:d7:2e:13:9a:7b:d1:52:40:d5:f7:df:1a:f1:
d9:0e:5a:f8:d9:7b:37:b4:96:ae:43:fe:9e:79:27:cc:9f:a9:
61:bc:37:1d
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzEkyr49J/x4jvtx0WNA1XBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjZWFkZWU1OGY4NjRmNDcyZWI0MjJiMGI5NTQ5N2I4NTA3
NWExMmIwHhcNMjQwMTAxMTAzMDI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjQ3YjFiMmY4NTc5MjkzODZlM2U4YTJlNTllZGQ0NmUxNjQzZDIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgULv37GfsXBvAE3JEaSvngPZDy6G
ZR7dK7czUMtSurkOEPkwxPnTs2covPFA3Wp3UTpVQk0xBboPaL9MlgtCcA/C2Q1X
GyG4PMlxJsiUyHU5z34qXMQXZXo7OwxhR5XGX9PPuUdKR1zQljRcE5AEXxRhgTk9
BP7nnXkqq4+r6tYyBi+G+rq0oBc7CbpWcYH4H2tvEIX8Do8cK1jnCke7KXZltgh4
UHpZP5phto+J/2mdO0NvTByy7dvqD7OM/+cnzjKRH+0sD4dbcv29ELIWtv+y5mvC
P3J++vAWf3Rk+SYdxxO5iNA5f5Wk4HTnOrmDOpi86UNnDZMV/se51iTdxwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJZHsbL4V5KThuPoouWe3UbhZD0iMB8GA1UdIwQY
MBaAFCzq3uWPhk9HLrQisLlUl7hQdaErMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTE9yZTVZLUdUMGN1dENLd3VWU1h1RkIxb1NzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi83YzJlODQtZTZjYy00NzUxLTg4N2It
YmM3YTI0YzJlMjE5LzEvbGtleHN2aFhrcE9HNC1paTVaN2RSdUZrUFNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi83YzJlODQtZTZjYy00NzUxLTg4N2ItYmM3YTI0YzJlMjE5
LzEvTE9yZTVZLUdUMGN1dENLd3VWU1h1RkIxb1NzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCiny8AwQC
uUewAwQCuehMMA0EAgACMAcDBQMqBTQAMA0GCSqGSIb3DQEBCwUAA4IBAQA4B/CO
DRdkSW1eTvtRYfKJau2kdKTMnZ3YHwHNdCvffWuwSrzON9CZVGv8UlZdcFeuU5QY
KuRAoNXFGmHSVzxeYiimD6utg2P8oVJRhWiUA4e9LbxX/icGi9HOKx5YDPkCCkEU
uZg7Op+Y6loIG6brgk9E7LXXadJRZ5r8fgfh/n/hnrLAR6Fs51IVgCEcK8AS+bwK
iVIPqDv0cpXtSllZFjc8uFNiq6BiXKVOKCUxHIi6165HFYLMgdfArbo1l1hmtK6H
Hlj3txi47TTPUAqu8twt3/MHmMv+2mkXrtcuE5p70VJA1fffGvHZDlr42Xs3tJau
Q/6eeSfMn6lhvDcd
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:55:05 2024 by rpki-client on console-fra.rpki-client.org