Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/0aa6e6-3054-4888-865e-265f2bd0f8f3/1/LXHvM85_k4NCUT4kjCnVQn0AKog.roa
File: LXHvM85_k4NCUT4kjCnVQn0AKog.roa (raw, json)
Hash identifier: s+GO7iYsmxj4xYH6096SRVKlBRxyiqH3efbRqT56KxU=
Subject key identifier: 2D:71:EF:33:CE:7F:93:83:42:51:3E:24:8C:29:D5:42:7D:00:2A:88
Certificate issuer: /CN=8b69fc6128be591401acf82bc2461af636ebe8e6
Certificate serial: 018CCA2A65305537391F21692B81CAA93EA6
Authority key identifier: 8B:69:FC:61:28:BE:59:14:01:AC:F8:2B:C2:46:1A:F6:36:EB:E8:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2n8YSi-WRQBrPgrwkYa9jbr6OY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/0aa6e6-3054-4888-865e-265f2bd0f8f3/1/LXHvM85_k4NCUT4kjCnVQn0AKog.roa
Signing time: Tue 02 Jan 2024 12:33:45 +0000
ROA not before: Tue 02 Jan 2024 12:33:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205530
IP address blocks: 45.140.112.0/22 maxlen: 22
195.211.56.0/22 maxlen: 22
81.89.88.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/0aa6e6-3054-4888-865e-265f2bd0f8f3/1/i2n8YSi-WRQBrPgrwkYa9jbr6OY.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/0aa6e6-3054-4888-865e-265f2bd0f8f3/1/i2n8YSi-WRQBrPgrwkYa9jbr6OY.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2n8YSi-WRQBrPgrwkYa9jbr6OY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 07:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:65:30:55:37:39:1f:21:69:2b:81:ca:a9:3e:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b69fc6128be591401acf82bc2461af636ebe8e6
Validity
Not Before: Jan 2 12:33:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2d71ef33ce7f938342513e248c29d5427d002a88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:6a:b5:1d:51:b4:99:a8:22:9d:c7:ff:1d:d1:
c9:55:cf:c1:47:22:b3:c1:46:b3:12:dd:e8:35:96:
f7:8a:df:af:8c:31:e5:0e:27:48:ed:22:ac:4f:0d:
3c:c4:65:4a:53:4c:70:fe:ca:ed:0c:ec:63:e2:18:
2c:dc:87:6e:f9:88:80:c3:93:35:75:b6:a4:76:49:
a0:c8:3a:5e:ec:d8:e1:72:10:e1:03:2e:bf:35:04:
a3:f3:9f:a4:6b:d4:1d:97:fa:82:e6:d1:af:9e:d8:
2a:17:ff:e4:69:e9:ad:8e:44:e4:3f:60:d9:a3:4a:
62:00:79:1a:e9:63:bd:c7:a8:b8:e5:8f:77:a0:9d:
c3:8e:83:82:39:95:63:c9:a3:b6:bc:b9:05:0c:d4:
ff:83:0d:a4:a5:0b:f8:ce:ce:81:cb:85:4e:94:fd:
f9:1e:12:92:e3:15:e3:d7:bc:eb:c3:3e:e3:a3:74:
4f:76:8d:26:20:b1:42:e0:1b:78:53:7c:fc:9d:27:
39:a9:52:52:39:22:7d:90:e2:e4:b6:f1:2f:58:f4:
0d:e8:c5:53:3e:c0:bf:4f:10:89:7b:7a:d4:8c:d5:
ce:23:e6:d1:6d:bf:b8:2d:73:ba:8c:c3:b1:51:96:
db:9c:bd:65:f5:4f:7d:21:89:06:4f:d5:89:a1:ba:
39:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:71:EF:33:CE:7F:93:83:42:51:3E:24:8C:29:D5:42:7D:00:2A:88
X509v3 Authority Key Identifier:
keyid:8B:69:FC:61:28:BE:59:14:01:AC:F8:2B:C2:46:1A:F6:36:EB:E8:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2n8YSi-WRQBrPgrwkYa9jbr6OY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0aa6e6-3054-4888-865e-265f2bd0f8f3/1/LXHvM85_k4NCUT4kjCnVQn0AKog.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0aa6e6-3054-4888-865e-265f2bd0f8f3/1/i2n8YSi-WRQBrPgrwkYa9jbr6OY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.112.0/22
81.89.88.0/24
195.211.56.0/22
Signature Algorithm: sha256WithRSAEncryption
39:05:c5:99:f7:8b:1e:c3:90:c0:9c:2e:f3:bb:e6:b1:b5:44:
4d:2a:8a:ad:ac:97:99:85:bf:2c:98:3a:e3:e9:99:1a:bb:7f:
4e:4c:a1:ad:f4:8a:38:58:3a:70:c4:6f:c0:42:15:d6:1f:ee:
43:18:5f:f2:8f:a5:2a:ed:ad:0a:0c:8e:21:f1:92:58:6b:cf:
af:14:1a:f3:a2:09:c3:73:50:ca:7c:a7:1d:88:0e:c5:cc:98:
59:df:a3:28:5b:5d:64:96:5e:e4:2b:4a:7e:d1:69:4c:aa:f6:
12:ac:70:96:36:b5:99:5a:04:77:1a:bf:69:80:70:d9:98:30:
27:83:eb:f2:05:70:25:7b:1a:3d:c2:2e:f5:e3:42:ac:cc:56:
e8:6e:05:74:5e:5b:e4:61:b0:eb:96:02:ea:a8:13:19:9e:eb:
2a:86:8d:d2:89:da:91:54:28:38:46:ac:e6:89:2e:36:d1:52:
1b:9b:2f:16:19:cf:23:0f:e7:44:67:9b:f3:bd:d4:63:9f:1e:
96:1c:1e:49:b0:5e:a6:c9:21:32:01:1c:9b:3a:47:c2:ed:35:
36:13:28:cd:57:6e:d8:59:81:b1:74:71:48:f9:a3:78:7d:4e:
5c:1f:85:3b:72:22:6f:5a:3e:c8:96:bf:5e:e0:c2:03:f2:5c:
9f:ca:85:17
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzKKmUwVTc5HyFpK4HKqT6mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiNjlmYzYxMjhiZTU5MTQwMWFjZjgyYmMyNDYxYWY2MzZl
YmU4ZTYwHhcNMjQwMTAyMTIzMzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDcxZWYzM2NlN2Y5MzgzNDI1MTNlMjQ4YzI5ZDU0MjdkMDAyYTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Gq1HVG0magincf/HdHJVc/BRyKz
wUazEt3oNZb3it+vjDHlDidI7SKsTw08xGVKU0xw/srtDOxj4hgs3Idu+YiAw5M1
dbakdkmgyDpe7NjhchDhAy6/NQSj85+ka9Qdl/qC5tGvntgqF//kaemtjkTkP2DZ
o0piAHka6WO9x6i45Y93oJ3DjoOCOZVjyaO2vLkFDNT/gw2kpQv4zs6By4VOlP35
HhKS4xXj17zrwz7jo3RPdo0mILFC4Bt4U3z8nSc5qVJSOSJ9kOLktvEvWPQN6MVT
PsC/TxCJe3rUjNXOI+bRbb+4LXO6jMOxUZbbnL1l9U99IYkGT9WJobo5FQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFC1x7zPOf5ODQlE+JIwp1UJ9ACqIMB8GA1UdIwQY
MBaAFItp/GEovlkUAaz4K8JGGvY26+jmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTJuOFlTaS1XUlFCclBncndrWWE5amJyNk9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8wYWE2ZTYtMzA1NC00ODg4LTg2NWUt
MjY1ZjJiZDBmOGYzLzEvTFhIdk04NV9rNE5DVVQ0a2pDblZRbjBBS29nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8wYWE2ZTYtMzA1NC00ODg4LTg2NWUtMjY1ZjJiZDBmOGYz
LzEvaTJuOFlTaS1XUlFCclBncndrWWE5amJyNk9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLYxwAwQA
UVlYAwQCw9M4MA0GCSqGSIb3DQEBCwUAA4IBAQA5BcWZ94sew5DAnC7zu+axtURN
KoqtrJeZhb8smDrj6Zkau39OTKGt9Io4WDpwxG/AQhXWH+5DGF/yj6Uq7a0KDI4h
8ZJYa8+vFBrzognDc1DKfKcdiA7FzJhZ36MoW11kll7kK0p+0WlMqvYSrHCWNrWZ
WgR3Gr9pgHDZmDAng+vyBXAlexo9wi7140KszFbobgV0XlvkYbDrlgLqqBMZnusq
ho3SidqRVCg4RqzmiS420VIbmy8WGc8jD+dEZ5vzvdRjnx6WHB5JsF6mySEyARyb
OkfC7TU2EyjNV27YWYGxdHFI+aN4fU5cH4U7ciJvWj7Ilr9e4MID8lyfyoUX
-----END CERTIFICATE-----
Generated at Mon May 20 10:05:02 2024 by rpki-client on console-ams.rpki-client.org