Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/LN-LnaK88FGvfAVlogtvDaHebR0.roa
File: LN-LnaK88FGvfAVlogtvDaHebR0.roa (raw, json)
Hash identifier: MNdcqQ8uR93CitIZzKJcicFICk64eXFkf6pSgDJYLnk=
Subject key identifier: 2C:DF:8B:9D:A2:BC:F0:51:AF:7C:05:65:A2:0B:6F:0D:A1:DE:6D:1D
Certificate issuer: /CN=bc4703e08ca0d6a310cbc643ffcb307ff6cdc65c
Certificate serial: 018CC86EFA2F1F94D21580142185A4511A8D
Authority key identifier: BC:47:03:E0:8C:A0:D6:A3:10:CB:C6:43:FF:CB:30:7F:F6:CD:C6:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/LN-LnaK88FGvfAVlogtvDaHebR0.roa
Signing time: Tue 02 Jan 2024 04:29:25 +0000
ROA not before: Tue 02 Jan 2024 04:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20552
IP address blocks: 185.119.15.0/24 maxlen: 24
185.119.12.0/24 maxlen: 24
185.119.12.0/22 maxlen: 22
185.119.14.0/24 maxlen: 24
185.119.13.0/24 maxlen: 24
185.24.200.0/22 maxlen: 22
217.168.128.0/20 maxlen: 20
217.168.129.0/24 maxlen: 24
217.168.141.0/24 maxlen: 24
185.52.171.0/24 maxlen: 24
185.52.168.0/22 maxlen: 24
185.52.170.0/24 maxlen: 24
185.52.169.0/24 maxlen: 24
164.40.240.0/24 maxlen: 24
164.40.241.0/24 maxlen: 24
164.40.240.0/21 maxlen: 21
164.40.246.0/24 maxlen: 24
91.216.30.0/24 maxlen: 24
164.40.245.0/24 maxlen: 24
164.40.243.0/24 maxlen: 24
164.40.242.0/24 maxlen: 24
164.40.244.0/24 maxlen: 24
164.40.247.0/24 maxlen: 24
2a02:d88::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.mft
rsync://rpki.ripe.net/repository/DEFAULT/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 02:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6e:fa:2f:1f:94:d2:15:80:14:21:85:a4:51:1a:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc4703e08ca0d6a310cbc643ffcb307ff6cdc65c
Validity
Not Before: Jan 2 04:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2cdf8b9da2bcf051af7c0565a20b6f0da1de6d1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:fc:e9:61:ce:d0:c8:02:fd:d8:4b:1c:17:e8:
9a:49:c5:53:3f:7f:71:e0:bf:55:d2:b6:89:27:d5:
6d:8c:a3:ed:6e:7c:7b:f6:ba:83:b7:ed:ce:30:1d:
94:e3:11:61:82:d2:f5:68:7f:b0:4a:df:3e:bf:b0:
48:02:e3:a0:f7:8a:66:78:e0:c1:4c:e5:65:69:5e:
20:ed:42:40:50:23:05:48:e0:da:36:2b:ba:fc:57:
d7:01:ac:22:82:5f:e7:1e:80:84:58:97:f3:45:e9:
0a:fe:96:a4:c4:c9:3b:1f:0e:d4:bb:e3:64:ff:60:
ce:37:5d:99:1a:e2:b9:db:2c:98:1f:51:2b:c3:e4:
ee:d1:f1:89:a5:2d:9e:a2:66:30:38:7b:cf:d6:64:
f5:b4:35:c2:4f:6a:c3:6e:2b:9f:ae:20:3b:33:b2:
5f:9a:44:27:3d:17:78:21:a1:05:20:7d:8b:c4:7b:
46:ae:22:d3:d8:bf:bb:84:7c:eb:fb:50:e2:c9:60:
43:f9:84:1e:86:d5:05:73:1c:4c:fd:81:32:da:5d:
37:44:1f:c6:b9:d5:9b:27:33:c5:d1:cb:ff:40:d1:
cb:9f:fd:59:66:a8:4b:3b:a6:8b:20:48:a5:fc:8e:
db:e6:d5:b7:f9:e0:c0:7a:2a:1a:b6:2f:10:c2:78:
4c:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:DF:8B:9D:A2:BC:F0:51:AF:7C:05:65:A2:0B:6F:0D:A1:DE:6D:1D
X509v3 Authority Key Identifier:
keyid:BC:47:03:E0:8C:A0:D6:A3:10:CB:C6:43:FF:CB:30:7F:F6:CD:C6:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/LN-LnaK88FGvfAVlogtvDaHebR0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.30.0/24
164.40.240.0/21
185.24.200.0/22
185.52.168.0/22
185.119.12.0/22
217.168.128.0/20
IPv6:
2a02:d88::/32
Signature Algorithm: sha256WithRSAEncryption
17:36:9c:7b:ac:76:9b:dc:44:7d:e7:fd:c2:e1:4d:9c:71:10:
98:bb:f3:7a:ec:82:61:34:0b:48:5a:6d:4f:2f:d5:97:da:e6:
7c:f2:ab:d0:5c:7b:a8:5f:dc:28:1f:7f:2f:8e:24:11:8a:58:
61:c4:8f:03:0e:10:70:f0:a2:1e:79:9f:f6:d3:3b:51:c5:c7:
c3:85:6c:c2:a8:57:ef:b6:67:ae:98:e6:aa:9a:4b:c9:0c:07:
db:72:17:c8:43:43:0b:fe:13:35:b8:e4:d6:73:67:90:ed:70:
2a:98:ca:b1:73:ba:2d:01:55:74:b0:c7:45:e8:25:4a:73:98:
c8:f0:19:a3:3e:e0:2d:26:07:c7:91:6e:77:5a:64:63:7a:d9:
b7:c0:a3:8b:1d:b4:06:28:86:bc:93:ba:61:32:04:13:54:6d:
e5:68:30:d0:47:47:e0:d2:77:55:5c:27:1b:26:c8:8d:c4:bc:
b4:ce:80:ff:51:7f:e6:7c:fe:61:bb:6e:cc:8e:6a:15:e3:41:
20:83:08:64:4f:48:15:e6:4e:a6:62:5e:7d:62:f6:cf:d0:b7:
40:a2:7c:34:9e:ed:de:82:b1:88:f3:12:98:d9:d1:00:b9:03:
f1:0f:c7:d1:ed:ed:ac:d8:30:d4:0b:ea:85:40:66:b7:54:17:
dd:3c:89:35
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYzIbvovH5TSFYAUIYWkURqNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjNDcwM2UwOGNhMGQ2YTMxMGNiYzY0M2ZmY2IzMDdmZjZj
ZGM2NWMwHhcNMjQwMTAyMDQyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyY2RmOGI5ZGEyYmNmMDUxYWY3YzA1NjVhMjBiNmYwZGExZGU2ZDFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgfzpYc7QyAL92EscF+iaScVTP39x
4L9V0raJJ9VtjKPtbnx79rqDt+3OMB2U4xFhgtL1aH+wSt8+v7BIAuOg94pmeODB
TOVlaV4g7UJAUCMFSODaNiu6/FfXAawigl/nHoCEWJfzRekK/pakxMk7Hw7Uu+Nk
/2DON12ZGuK52yyYH1Erw+Tu0fGJpS2eomYwOHvP1mT1tDXCT2rDbiufriA7M7Jf
mkQnPRd4IaEFIH2LxHtGriLT2L+7hHzr+1DiyWBD+YQehtUFcxxM/YEy2l03RB/G
udWbJzPF0cv/QNHLn/1ZZqhLO6aLIEil/I7b5tW3+eDAeioati8QwnhMSQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFCzfi52ivPBRr3wFZaILbw2h3m0dMB8GA1UdIwQY
MBaAFLxHA+CMoNajEMvGQ//LMH/2zcZcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkVjRDRJeWcxcU1ReThaRF84c3dmX2JOeGx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy84NjNiYTAtMDQ3Ni00M2Q3LThiZTct
NjZlZGEyMjhmZWM3LzEvTE4tTG5hSzg4Rkd2ZkFWbG9ndHZEYUhlYlIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy84NjNiYTAtMDQ3Ni00M2Q3LThiZTctNjZlZGEyMjhmZWM3
LzEvdkVjRDRJeWcxcU1ReThaRF84c3dmX2JOeGx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQAW9geAwQD
pCjwAwQCuRjIAwQCuTSoAwQCuXcMAwQE2aiAMA0EAgACMAcDBQAqAg2IMA0GCSqG
SIb3DQEBCwUAA4IBAQAXNpx7rHab3ER95/3C4U2ccRCYu/N67IJhNAtIWm1PL9WX
2uZ88qvQXHuoX9woH38vjiQRilhhxI8DDhBw8KIeeZ/20ztRxcfDhWzCqFfvtmeu
mOaqmkvJDAfbchfIQ0ML/hM1uOTWc2eQ7XAqmMqxc7otAVV0sMdF6CVKc5jI8Bmj
PuAtJgfHkW53WmRjetm3wKOLHbQGKIa8k7phMgQTVG3laDDQR0fg0ndVXCcbJsiN
xLy0zoD/UX/mfP5hu27MjmoV40EggwhkT0gV5k6mYl59YvbP0LdAonw0nu3egrGI
8xKY2dEAuQPxD8fR7e2s2DDUC+qFQGa3VBfdPIk1
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:55:27 2024 by rpki-client on console-fra.rpki-client.org