Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/dbde8c-a0fc-44d7-993b-2a28416d45b2/1/LH4cJZ5S3NvpdiebArzyxtRiJU0.roa
File: LH4cJZ5S3NvpdiebArzyxtRiJU0.roa (raw, json)
Hash identifier: ytFwvzK4RhE2+j8BmSgLkWY7Grr9ScUdtauRKk1htr0=
Subject key identifier: 2C:7E:1C:25:9E:52:DC:DB:E9:76:27:9B:02:BC:F2:C6:D4:62:25:4D
Certificate issuer: /CN=068cc8f57a2b3c2299b1f482b67e15d9de43ad3c
Certificate serial: 018E0EA7961846C004ED55EEC447997F7B29
Authority key identifier: 06:8C:C8:F5:7A:2B:3C:22:99:B1:F4:82:B6:7E:15:D9:DE:43:AD:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BozI9XorPCKZsfSCtn4V2d5DrTw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/dbde8c-a0fc-44d7-993b-2a28416d45b2/1/LH4cJZ5S3NvpdiebArzyxtRiJU0.roa
Signing time: Tue 05 Mar 2024 12:47:27 +0000
ROA not before: Tue 05 Mar 2024 12:47:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25133
IP address blocks: 193.0.240.0/24 maxlen: 24
193.254.196.0/24 maxlen: 24
193.254.197.0/24 maxlen: 24
195.95.232.0/23 maxlen: 23
2a02:c080::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/dbde8c-a0fc-44d7-993b-2a28416d45b2/1/BozI9XorPCKZsfSCtn4V2d5DrTw.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/dbde8c-a0fc-44d7-993b-2a28416d45b2/1/BozI9XorPCKZsfSCtn4V2d5DrTw.mft
rsync://rpki.ripe.net/repository/DEFAULT/BozI9XorPCKZsfSCtn4V2d5DrTw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:0e:a7:96:18:46:c0:04:ed:55:ee:c4:47:99:7f:7b:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=068cc8f57a2b3c2299b1f482b67e15d9de43ad3c
Validity
Not Before: Mar 5 12:47:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2c7e1c259e52dcdbe976279b02bcf2c6d462254d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:d9:2f:c0:ba:ec:3e:66:6d:4f:49:50:05:c4:
4d:b7:a1:f1:58:01:1d:a1:58:bd:01:44:b3:1c:64:
84:0a:d2:9e:5b:5f:d0:f3:8a:43:6b:08:5a:90:88:
06:35:1b:c9:de:fe:0b:e6:3e:37:67:d4:c3:15:53:
57:c2:e7:1c:e0:ff:22:33:4d:a6:2c:91:1a:a8:05:
bf:61:31:63:f8:97:a8:a3:48:bd:58:89:b0:47:3c:
28:eb:bd:29:d4:28:75:57:78:de:5f:47:7c:7c:0d:
f1:46:f4:4b:64:b2:a7:ce:05:1d:3b:41:76:c9:33:
b6:22:e3:fe:ce:70:fb:a2:b5:20:a7:ff:22:f1:2d:
26:61:4a:ab:20:59:77:0d:98:da:3f:fe:8a:06:0a:
27:b4:cb:7b:a8:9f:34:ff:13:8a:a9:36:41:b7:a3:
b2:74:72:f5:92:07:06:75:85:8b:fa:fd:55:3f:20:
a4:e4:43:89:28:af:be:33:8f:eb:15:b5:6a:82:f6:
44:51:9c:26:3c:38:ac:7b:4e:c0:57:a0:c7:1b:d6:
7a:cb:ea:95:09:d3:22:dd:7e:43:6f:ba:a4:6e:a5:
6f:a0:d0:5e:62:f9:61:ca:53:26:20:1c:49:bb:9b:
66:be:54:02:14:64:78:ed:d3:52:c2:7b:aa:ef:1e:
47:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:7E:1C:25:9E:52:DC:DB:E9:76:27:9B:02:BC:F2:C6:D4:62:25:4D
X509v3 Authority Key Identifier:
keyid:06:8C:C8:F5:7A:2B:3C:22:99:B1:F4:82:B6:7E:15:D9:DE:43:AD:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BozI9XorPCKZsfSCtn4V2d5DrTw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/dbde8c-a0fc-44d7-993b-2a28416d45b2/1/LH4cJZ5S3NvpdiebArzyxtRiJU0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/dbde8c-a0fc-44d7-993b-2a28416d45b2/1/BozI9XorPCKZsfSCtn4V2d5DrTw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.240.0/24
193.254.196.0/23
195.95.232.0/23
IPv6:
2a02:c080::/29
Signature Algorithm: sha256WithRSAEncryption
5a:8f:da:a7:ea:b4:be:8f:71:94:ee:e9:6a:af:d7:37:b3:ac:
17:a5:5a:04:dd:e5:e3:bc:89:8d:80:21:6b:f5:cb:7e:ed:32:
0f:a1:27:d6:5a:25:82:24:9e:8e:1f:87:0d:c5:d6:c3:fb:fc:
be:c4:25:e7:04:1a:c4:e2:37:06:cc:a1:b8:a3:cb:37:c8:a1:
96:3c:01:44:51:e7:b4:c4:6a:bb:78:c2:e3:01:98:2c:02:c4:
82:a8:fc:ca:1a:c7:e4:4a:70:fb:48:63:31:d4:36:9d:c2:91:
d8:d4:2d:f1:bb:0b:79:af:af:70:32:3c:20:b5:80:f6:30:9c:
75:a3:5c:70:61:95:76:62:b1:d4:51:a9:88:8a:0d:9e:b6:40:
78:35:78:e3:c6:6a:0b:90:49:6d:70:d4:30:ac:4c:d0:6c:99:
23:88:b1:14:6e:e4:e8:f8:ec:cc:e5:72:32:7a:f7:42:f7:5d:
31:01:ce:b5:89:2c:38:60:9b:6f:c9:86:47:3d:fd:40:f8:4a:
c9:10:64:e6:a1:d2:99:dd:86:64:bc:5f:6a:cc:3a:86:01:33:
65:42:a0:e8:f7:41:2d:fc:91:ba:a1:86:b8:28:b2:ca:43:da:
2e:4d:a6:4e:08:2f:11:ee:b3:50:72:86:5e:54:64:c6:6c:50:
a9:17:73:26
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY4Op5YYRsAE7VXuxEeZf3spMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2OGNjOGY1N2EyYjNjMjI5OWIxZjQ4MmI2N2UxNWQ5ZGU0
M2FkM2MwHhcNMjQwMzA1MTI0NzI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzdlMWMyNTllNTJkY2RiZTk3NjI3OWIwMmJjZjJjNmQ0NjIyNTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAktkvwLrsPmZtT0lQBcRNt6HxWAEd
oVi9AUSzHGSECtKeW1/Q84pDawhakIgGNRvJ3v4L5j43Z9TDFVNXwucc4P8iM02m
LJEaqAW/YTFj+Jeoo0i9WImwRzwo670p1Ch1V3jeX0d8fA3xRvRLZLKnzgUdO0F2
yTO2IuP+znD7orUgp/8i8S0mYUqrIFl3DZjaP/6KBgontMt7qJ80/xOKqTZBt6Oy
dHL1kgcGdYWL+v1VPyCk5EOJKK++M4/rFbVqgvZEUZwmPDise07AV6DHG9Z6y+qV
CdMi3X5Db7qkbqVvoNBeYvlhylMmIBxJu5tmvlQCFGR47dNSwnuq7x5HnwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFCx+HCWeUtzb6XYnmwK88sbUYiVNMB8GA1UdIwQY
MBaAFAaMyPV6KzwimbH0grZ+FdneQ608MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm96STlYb3JQQ0tac2ZTQ3RuNFYyZDVEclR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9kYmRlOGMtYTBmYy00NGQ3LTk5M2It
MmEyODQxNmQ0NWIyLzEvTEg0Y0paNVMzTnZwZGllYkFyenl4dFJpSlUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9kYmRlOGMtYTBmYy00NGQ3LTk5M2ItMmEyODQxNmQ0NWIy
LzEvQm96STlYb3JQQ0tac2ZTQ3RuNFYyZDVEclR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAwQDwAwQB
wf7EAwQBw1/oMA0EAgACMAcDBQMqAsCAMA0GCSqGSIb3DQEBCwUAA4IBAQBaj9qn
6rS+j3GU7ulqr9c3s6wXpVoE3eXjvImNgCFr9ct+7TIPoSfWWiWCJJ6OH4cNxdbD
+/y+xCXnBBrE4jcGzKG4o8s3yKGWPAFEUee0xGq7eMLjAZgsAsSCqPzKGsfkSnD7
SGMx1DadwpHY1C3xuwt5r69wMjwgtYD2MJx1o1xwYZV2YrHUUamIig2etkB4NXjj
xmoLkEltcNQwrEzQbJkjiLEUbuTo+OzM5XIyevdC910xAc61iSw4YJtvyYZHPf1A
+ErJEGTmodKZ3YZkvF9qzDqGATNlQqDo90Et/JG6oYa4KLLKQ9ouTaZOCC8R7rNQ
coZeVGTGbFCpF3Mm
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:56:04 2024 by rpki-client on console-fra.rpki-client.org