Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/e49ae7-a51a-4764-85c8-a7810e3a1beb/1/LWzTzZdjWMUN6aHhKOz142wnEVE.roa
File: LWzTzZdjWMUN6aHhKOz142wnEVE.roa (raw, json)
Hash identifier: 6geZ0fuYWwZAZvQU/5+QCK0FxKviFqgDA0CHRGs0xrE=
Subject key identifier: 2D:6C:D3:CD:97:63:58:C5:0D:E9:A1:E1:28:EC:F5:E3:6C:27:11:51
Certificate issuer: /CN=086438e9889389829fa5f51b6a210731082eac22
Certificate serial: 018EA568FDDA3272AC5FF6C959D4B1D426F9
Authority key identifier: 08:64:38:E9:88:93:89:82:9F:A5:F5:1B:6A:21:07:31:08:2E:AC:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CGQ46YiTiYKfpfUbaiEHMQgurCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/e49ae7-a51a-4764-85c8-a7810e3a1beb/1/LWzTzZdjWMUN6aHhKOz142wnEVE.roa
Signing time: Wed 03 Apr 2024 19:21:45 +0000
ROA not before: Wed 03 Apr 2024 19:21:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31898
IP address blocks: 194.165.37.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/e49ae7-a51a-4764-85c8-a7810e3a1beb/1/CGQ46YiTiYKfpfUbaiEHMQgurCI.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/e49ae7-a51a-4764-85c8-a7810e3a1beb/1/CGQ46YiTiYKfpfUbaiEHMQgurCI.mft
rsync://rpki.ripe.net/repository/DEFAULT/CGQ46YiTiYKfpfUbaiEHMQgurCI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a5:68:fd:da:32:72:ac:5f:f6:c9:59:d4:b1:d4:26:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=086438e9889389829fa5f51b6a210731082eac22
Validity
Not Before: Apr 3 19:21:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2d6cd3cd976358c50de9a1e128ecf5e36c271151
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:2a:07:ac:d3:18:86:5e:bd:02:ef:17:ec:84:
ce:d6:f6:8f:68:f7:14:38:41:6a:da:7f:74:bb:8d:
f4:db:40:9d:3c:62:96:cf:fd:f6:7a:1e:4a:52:f8:
f0:f7:e5:06:bc:54:30:e7:9e:d7:cd:f1:f9:dc:55:
25:23:55:2e:5f:be:1a:95:22:5b:d1:3e:14:77:2a:
79:eb:66:f7:68:d8:d8:fa:c3:67:a8:22:51:f1:d2:
20:94:6c:68:49:d4:b3:9c:a9:e0:46:67:69:c7:8c:
94:60:82:ec:5e:54:35:ce:14:1c:6a:84:0d:fa:ea:
b2:f8:e1:0b:fc:51:f4:0f:15:fb:3d:6d:e4:2a:66:
7c:6e:cf:ac:f4:7c:42:c5:4a:f7:e7:85:d0:ff:4b:
bc:75:7d:49:48:b5:d9:ea:ea:d7:75:4a:9b:44:bb:
b9:37:54:ca:80:9a:f1:0a:90:b1:07:6a:a7:81:26:
d7:60:ca:a3:0d:f1:e5:97:fb:d9:71:18:3a:38:a0:
2e:08:16:b6:5f:1e:97:10:4d:22:df:b9:95:a6:0a:
7e:60:67:22:22:91:12:35:97:ac:a8:6f:a5:2b:d9:
cd:7b:03:67:01:03:e1:50:06:dd:31:3f:9f:bb:f1:
9e:de:7b:44:88:e8:81:da:97:30:6c:28:ec:aa:8c:
64:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:6C:D3:CD:97:63:58:C5:0D:E9:A1:E1:28:EC:F5:E3:6C:27:11:51
X509v3 Authority Key Identifier:
keyid:08:64:38:E9:88:93:89:82:9F:A5:F5:1B:6A:21:07:31:08:2E:AC:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CGQ46YiTiYKfpfUbaiEHMQgurCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/e49ae7-a51a-4764-85c8-a7810e3a1beb/1/LWzTzZdjWMUN6aHhKOz142wnEVE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/e49ae7-a51a-4764-85c8-a7810e3a1beb/1/CGQ46YiTiYKfpfUbaiEHMQgurCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.165.37.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:73:a5:ad:1a:6d:b4:49:37:1b:ca:48:b5:06:5b:88:a7:a8:
71:9e:ad:d1:e9:97:03:e9:78:99:39:b4:ca:ae:07:18:86:19:
6a:e6:98:90:ba:66:22:a1:3b:3f:d2:29:38:f2:ed:68:ae:58:
54:65:ea:a6:02:4e:89:0b:b2:32:30:bf:9b:ca:2f:31:ce:06:
f5:f8:91:d9:14:d1:67:98:f0:e6:b4:2b:ac:98:a9:76:33:1a:
c8:52:9e:df:33:be:7d:0e:ce:7a:19:0c:ce:3c:4b:5a:87:eb:
22:a6:ef:68:3b:1b:d9:a3:b1:8d:f6:ad:d3:37:56:ef:cd:07:
ca:71:11:1c:bb:4e:5c:d9:e2:d5:c3:71:b7:df:0b:00:4a:04:
ef:a2:53:96:fe:ae:36:23:6e:b6:7b:d6:3e:0d:fd:08:2b:be:
f9:23:aa:a4:cb:95:83:ce:58:f1:5a:42:5e:b4:01:8a:98:86:
70:aa:ca:65:3a:ba:66:13:77:da:8f:c5:50:07:68:f5:32:ef:
86:46:72:72:ae:83:04:59:75:c4:4d:21:1d:42:37:2d:c5:1b:
0d:65:32:8e:fe:c0:90:c7:6d:fc:69:ea:ce:aa:28:88:f9:6e:
82:fe:db:21:bb:b5:13:4c:10:f6:2e:75:2f:05:da:9b:b4:4c:
e8:8e:63:16
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY6laP3aMnKsX/bJWdSx1Cb5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4NjQzOGU5ODg5Mzg5ODI5ZmE1ZjUxYjZhMjEwNzMxMDgy
ZWFjMjIwHhcNMjQwNDAzMTkyMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDZjZDNjZDk3NjM1OGM1MGRlOWExZTEyOGVjZjVlMzZjMjcxMTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkCoHrNMYhl69Au8X7ITO1vaPaPcU
OEFq2n90u43020CdPGKWz/32eh5KUvjw9+UGvFQw557XzfH53FUlI1UuX74alSJb
0T4Udyp562b3aNjY+sNnqCJR8dIglGxoSdSznKngRmdpx4yUYILsXlQ1zhQcaoQN
+uqy+OEL/FH0DxX7PW3kKmZ8bs+s9HxCxUr354XQ/0u8dX1JSLXZ6urXdUqbRLu5
N1TKgJrxCpCxB2qngSbXYMqjDfHll/vZcRg6OKAuCBa2Xx6XEE0i37mVpgp+YGci
IpESNZesqG+lK9nNewNnAQPhUAbdMT+fu/Ge3ntEiOiB2pcwbCjsqoxkvwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC1s082XY1jFDemh4Sjs9eNsJxFRMB8GA1UdIwQY
MBaAFAhkOOmIk4mCn6X1G2ohBzEILqwiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0dRNDZZaVRpWUtmcGZVYmFpRUhNUWd1ckNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9lNDlhZTctYTUxYS00NzY0LTg1Yzgt
YTc4MTBlM2ExYmViLzEvTFd6VHpaZGpXTVVONmFIaEtPejE0MnduRVZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9lNDlhZTctYTUxYS00NzY0LTg1YzgtYTc4MTBlM2ExYmVi
LzEvQ0dRNDZZaVRpWUtmcGZVYmFpRUhNUWd1ckNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwqUlMA0G
CSqGSIb3DQEBCwUAA4IBAQBPc6WtGm20STcbyki1BluIp6hxnq3R6ZcD6XiZObTK
rgcYhhlq5piQumYioTs/0ik48u1orlhUZeqmAk6JC7IyML+byi8xzgb1+JHZFNFn
mPDmtCusmKl2MxrIUp7fM759Ds56GQzOPEtah+sipu9oOxvZo7GN9q3TN1bvzQfK
cREcu05c2eLVw3G33wsASgTvolOW/q42I262e9Y+Df0IK775I6qky5WDzljxWkJe
tAGKmIZwqsplOrpmE3faj8VQB2j1Mu+GRnJyroMEWXXETSEdQjctxRsNZTKO/sCQ
x238aerOqiiI+W6C/tshu7UTTBD2LnUvBdqbtEzojmMW
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:30:21 2024 by rpki-client on console-fra.rpki-client.org