Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/3bb178-b336-489c-9e8d-0d1164daa1e4/1/LXBxEENSf2cyFWTAqqxAHzZ40fo.roa
File: LXBxEENSf2cyFWTAqqxAHzZ40fo.roa (raw, json)
Hash identifier: C365c9H7+168wiyFPXDdck4P3KhokncSGAs3Qhh2PWs=
Subject key identifier: 2D:70:71:10:43:52:7F:67:32:15:64:C0:AA:AC:40:1F:36:78:D1:FA
Certificate issuer: /CN=92296e30487ba9463e4b6adc81ab7da647c39fe7
Certificate serial: 018CC4253BB6F3FECD84BA47602F1E3B27F9
Authority key identifier: 92:29:6E:30:48:7B:A9:46:3E:4B:6A:DC:81:AB:7D:A6:47:C3:9F:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kiluMEh7qUY-S2rcgat9pkfDn-c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/3bb178-b336-489c-9e8d-0d1164daa1e4/1/LXBxEENSf2cyFWTAqqxAHzZ40fo.roa
Signing time: Mon 01 Jan 2024 08:30:23 +0000
ROA not before: Mon 01 Jan 2024 08:30:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41268
IP address blocks: 93.186.96.0/20 maxlen: 32
193.203.60.0/22 maxlen: 32
185.140.160.0/22 maxlen: 32
37.235.128.0/17 maxlen: 32
2a03:2c00::/32 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/3bb178-b336-489c-9e8d-0d1164daa1e4/1/kiluMEh7qUY-S2rcgat9pkfDn-c.crl
rsync://rpki.ripe.net/repository/DEFAULT/43/3bb178-b336-489c-9e8d-0d1164daa1e4/1/kiluMEh7qUY-S2rcgat9pkfDn-c.mft
rsync://rpki.ripe.net/repository/DEFAULT/kiluMEh7qUY-S2rcgat9pkfDn-c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:03:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:3b:b6:f3:fe:cd:84:ba:47:60:2f:1e:3b:27:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92296e30487ba9463e4b6adc81ab7da647c39fe7
Validity
Not Before: Jan 1 08:30:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2d70711043527f67321564c0aaac401f3678d1fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:ca:29:7c:6f:e5:0b:54:44:f0:c8:8a:f4:7d:
46:50:f6:68:a9:5c:11:dc:d7:49:1e:93:39:b0:4a:
cc:cf:c7:f9:d3:5a:92:6e:d2:34:8f:18:72:1c:4c:
18:48:65:f2:ce:58:5b:67:c1:fe:f5:48:74:09:2a:
d4:26:48:22:ce:d1:2e:1e:a0:2f:38:2a:b2:90:23:
5a:1e:c4:f5:84:78:ec:6f:45:e4:0f:3f:f5:a9:6b:
19:ae:c1:7c:59:1f:32:5d:1d:5f:0a:a7:e9:dd:c5:
f0:8f:bd:f4:19:91:18:ce:ef:35:e9:da:a5:89:d9:
e4:96:8e:a7:cc:b3:2e:82:16:89:ca:7d:bd:c1:10:
36:85:94:8a:0d:52:37:37:fd:3e:b7:ba:77:39:68:
ed:42:02:b2:8f:ef:89:22:43:4e:45:81:39:a5:e3:
53:03:e9:4d:98:81:85:be:d3:80:fc:a3:4b:ac:9c:
a1:72:9f:94:90:04:c3:8c:7a:81:2b:01:8f:3f:3d:
b5:54:1f:86:8c:c3:3f:ec:12:76:f9:c0:91:37:af:
59:03:90:79:58:af:c9:86:7c:b2:f5:e8:11:10:88:
c1:f0:09:ec:af:de:12:42:ec:6c:56:ce:ac:3c:3e:
5d:9a:30:29:6d:1a:de:3d:a9:07:6f:b0:e6:7f:97:
18:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:70:71:10:43:52:7F:67:32:15:64:C0:AA:AC:40:1F:36:78:D1:FA
X509v3 Authority Key Identifier:
keyid:92:29:6E:30:48:7B:A9:46:3E:4B:6A:DC:81:AB:7D:A6:47:C3:9F:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kiluMEh7qUY-S2rcgat9pkfDn-c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/3bb178-b336-489c-9e8d-0d1164daa1e4/1/LXBxEENSf2cyFWTAqqxAHzZ40fo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/3bb178-b336-489c-9e8d-0d1164daa1e4/1/kiluMEh7qUY-S2rcgat9pkfDn-c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.128.0/17
93.186.96.0/20
185.140.160.0/22
193.203.60.0/22
IPv6:
2a03:2c00::/32
Signature Algorithm: sha256WithRSAEncryption
4c:0d:ae:85:09:16:b4:2f:8b:76:71:c6:48:c3:78:13:92:b1:
c0:1f:71:6a:89:91:b6:6c:1b:92:f3:5f:c3:84:ff:5f:de:96:
5e:ef:0a:c6:ac:73:ae:a3:a9:6e:1a:d0:80:4d:4b:50:dc:6d:
e7:6f:41:f7:33:81:a7:fa:70:44:a9:85:f8:b2:2e:08:00:d5:
24:8d:2b:3b:d8:d3:83:9e:19:20:ad:4c:40:36:da:0c:67:50:
39:2f:bc:d5:6f:9e:58:0c:39:39:e4:2b:76:37:b4:be:cb:85:
e5:be:73:49:50:f8:4f:6f:bc:04:44:df:bc:4f:1b:a3:f0:e3:
95:cc:39:d3:dc:66:97:a8:80:26:fc:91:ac:ea:49:5b:0c:a8:
ca:bc:68:f5:4e:b0:53:c1:54:8e:66:84:58:3d:60:41:cb:dd:
70:48:ca:38:c8:17:52:5d:82:c7:cf:d5:6b:27:53:c4:24:c3:
52:c1:2f:b5:a4:01:ef:04:e6:2e:f2:9f:13:fa:1e:d3:0f:2d:
5a:0f:09:a6:13:b4:69:98:e6:f4:45:8a:62:86:d6:8a:8b:8d:
fa:f0:20:dd:c9:e0:5d:86:5c:19:2e:85:03:0e:ce:4a:23:5c:
ae:91:6d:cc:46:24:07:e0:6a:27:68:63:99:f5:43:35:5b:ed:
31:84:b5:0b
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzEJTu28/7NhLpHYC8eOyf5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMjk2ZTMwNDg3YmE5NDYzZTRiNmFkYzgxYWI3ZGE2NDdj
MzlmZTcwHhcNMjQwMTAxMDgzMDIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDcwNzExMDQzNTI3ZjY3MzIxNTY0YzBhYWFjNDAxZjM2NzhkMWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8opfG/lC1RE8MiK9H1GUPZoqVwR
3NdJHpM5sErMz8f501qSbtI0jxhyHEwYSGXyzlhbZ8H+9Uh0CSrUJkgiztEuHqAv
OCqykCNaHsT1hHjsb0XkDz/1qWsZrsF8WR8yXR1fCqfp3cXwj730GZEYzu816dql
idnklo6nzLMughaJyn29wRA2hZSKDVI3N/0+t7p3OWjtQgKyj++JIkNORYE5peNT
A+lNmIGFvtOA/KNLrJyhcp+UkATDjHqBKwGPPz21VB+GjMM/7BJ2+cCRN69ZA5B5
WK/Jhnyy9egREIjB8Ansr94SQuxsVs6sPD5dmjApbRrePakHb7Dmf5cY0QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFC1wcRBDUn9nMhVkwKqsQB82eNH6MB8GA1UdIwQY
MBaAFJIpbjBIe6lGPktq3IGrfaZHw5/nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2lsdU1FaDdxVVktUzJyY2dhdDlwa2ZEbi1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My8zYmIxNzgtYjMzNi00ODljLTllOGQt
MGQxMTY0ZGFhMWU0LzEvTFhCeEVFTlNmMmN5RldUQXFxeEFIelo0MGZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My8zYmIxNzgtYjMzNi00ODljLTllOGQtMGQxMTY0ZGFhMWU0
LzEva2lsdU1FaDdxVVktUzJyY2dhdDlwa2ZEbi1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQHJeuAAwQE
XbpgAwQCuYygAwQCwcs8MA0EAgACMAcDBQAqAywAMA0GCSqGSIb3DQEBCwUAA4IB
AQBMDa6FCRa0L4t2ccZIw3gTkrHAH3FqiZG2bBuS81/DhP9f3pZe7wrGrHOuo6lu
GtCATUtQ3G3nb0H3M4Gn+nBEqYX4si4IANUkjSs72NODnhkgrUxANtoMZ1A5L7zV
b55YDDk55Ct2N7S+y4XlvnNJUPhPb7wERN+8Txuj8OOVzDnT3GaXqIAm/JGs6klb
DKjKvGj1TrBTwVSOZoRYPWBBy91wSMo4yBdSXYLHz9VrJ1PEJMNSwS+1pAHvBOYu
8p8T+h7TDy1aDwmmE7RpmOb0RYpihtaKi4368CDdyeBdhlwZLoUDDs5KI1yukW3M
RiQH4GonaGOZ9UM1W+0xhLUL
-----END CERTIFICATE-----
Generated at Sat Jun 1 11:51:00 2024 by rpki-client on console-fra.rpki-client.org