Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/dbd951-259b-4759-a519-9c5e1deb2c33/1/LzBAFHH2MxRHMNBpyGAmVh3RklE.roa
File: LzBAFHH2MxRHMNBpyGAmVh3RklE.roa (raw, json)
Hash identifier: 6lbpFQc4lA73ugNDu4RigakZjWU2aAlqd47MD+8aAeU=
Subject key identifier: 2F:30:40:14:71:F6:33:14:47:30:D0:69:C8:60:26:56:1D:D1:92:51
Certificate issuer: /CN=2400b20606314858a7b3f2a975e8e9d919ec753a
Certificate serial: 01920F3DE9E2ECA5ED72C05826C52DB1330C
Authority key identifier: 24:00:B2:06:06:31:48:58:A7:B3:F2:A9:75:E8:E9:D9:19:EC:75:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JACyBgYxSFins_Kpdejp2RnsdTo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/dbd951-259b-4759-a519-9c5e1deb2c33/1/LzBAFHH2MxRHMNBpyGAmVh3RklE.roa
Signing time: Fri 20 Sep 2024 11:42:48 +0000
ROA not before: Fri 20 Sep 2024 11:42:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43578
IP address blocks: 77.246.176.0/24 maxlen: 24
77.246.177.0/24 maxlen: 24
77.246.178.0/24 maxlen: 24
77.246.179.0/24 maxlen: 24
77.246.180.0/24 maxlen: 24
77.246.181.0/24 maxlen: 24
77.246.182.0/24 maxlen: 24
77.246.182.128/29 maxlen: 29
77.246.183.0/24 maxlen: 24
77.246.184.0/24 maxlen: 24
77.246.185.0/24 maxlen: 24
77.246.186.0/24 maxlen: 24
77.246.186.96/27 maxlen: 27
77.246.187.0/24 maxlen: 24
77.246.188.0/24 maxlen: 24
77.246.190.0/24 maxlen: 24
77.246.190.160/27 maxlen: 27
77.246.191.0/24 maxlen: 24
185.74.80.0/24 maxlen: 24
185.74.81.0/24 maxlen: 24
2a05:4700:b::/48 maxlen: 48
2a05:4700:50::/48 maxlen: 48
2a05:4700:53::/48 maxlen: 48
2a05:4700:100::/48 maxlen: 48
2a05:4700:101::/48 maxlen: 48
2a05:4700:200::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/dbd951-259b-4759-a519-9c5e1deb2c33/1/JACyBgYxSFins_Kpdejp2RnsdTo.crl
rsync://rpki.ripe.net/repository/DEFAULT/43/dbd951-259b-4759-a519-9c5e1deb2c33/1/JACyBgYxSFins_Kpdejp2RnsdTo.mft
rsync://rpki.ripe.net/repository/DEFAULT/JACyBgYxSFins_Kpdejp2RnsdTo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 21 Sep 2024 16:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:0f:3d:e9:e2:ec:a5:ed:72:c0:58:26:c5:2d:b1:33:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2400b20606314858a7b3f2a975e8e9d919ec753a
Validity
Not Before: Sep 20 11:42:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2f30401471f633144730d069c86026561dd19251
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:82:51:a4:6c:89:28:47:6d:68:7d:ae:3c:53:
b1:a5:d7:19:09:af:64:b7:e5:4f:04:29:c9:53:f9:
47:d8:fc:93:89:0b:2d:92:80:2d:e6:db:03:14:00:
a4:58:bc:a1:43:3d:56:77:ca:b3:9a:33:21:5b:1f:
c4:3d:15:e3:31:bb:43:0c:af:a6:04:04:c9:d6:59:
70:1f:fb:1b:ef:24:f5:a0:2a:bd:b7:86:3f:ba:ef:
bb:09:23:6f:c2:3a:34:06:25:24:b0:d2:8e:18:e5:
b3:73:cc:e7:a9:ea:23:6f:f2:ca:2f:a7:11:78:20:
e8:43:3a:db:cd:05:4d:37:c8:0b:10:0d:5e:16:0c:
21:09:4e:1c:84:e7:a1:5d:f9:d9:b8:12:9b:69:62:
33:2e:dd:c3:d4:6e:f8:4e:fe:61:90:f3:ca:94:78:
cf:f7:87:2c:de:4a:42:77:d8:db:95:35:4b:a9:1e:
e1:41:27:0a:e0:33:f5:db:d5:02:dc:e7:73:7a:2a:
0a:6c:99:cd:6d:aa:fc:bd:f3:67:cd:a7:25:b6:3a:
fe:6b:30:40:bb:3e:61:df:f2:99:06:a2:96:85:38:
e7:dd:87:d6:43:0c:57:80:d6:95:2e:c0:ac:d3:be:
4e:31:0b:d0:04:e2:a9:57:e3:92:16:96:d5:2b:71:
fa:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:30:40:14:71:F6:33:14:47:30:D0:69:C8:60:26:56:1D:D1:92:51
X509v3 Authority Key Identifier:
keyid:24:00:B2:06:06:31:48:58:A7:B3:F2:A9:75:E8:E9:D9:19:EC:75:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JACyBgYxSFins_Kpdejp2RnsdTo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/dbd951-259b-4759-a519-9c5e1deb2c33/1/LzBAFHH2MxRHMNBpyGAmVh3RklE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/dbd951-259b-4759-a519-9c5e1deb2c33/1/JACyBgYxSFins_Kpdejp2RnsdTo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.246.176.0-77.246.188.255
77.246.190.0/23
185.74.80.0/23
IPv6:
2a05:4700:b::/48
2a05:4700:50::/48
2a05:4700:53::/48
2a05:4700:100::/47
2a05:4700:200::/48
Signature Algorithm: sha256WithRSAEncryption
dd:1e:2c:b0:4b:94:0c:9a:ff:ae:d0:10:95:39:55:de:e9:fb:
6c:8e:40:44:13:35:8c:da:0d:20:7f:1c:94:5d:85:96:3a:1e:
3f:d6:66:3f:50:96:a6:c4:8d:09:d5:f1:ad:7e:6b:7d:9f:36:
b5:d9:00:d8:96:53:10:46:de:84:19:25:4d:77:9f:70:75:10:
7a:fc:ad:80:fd:c4:5a:0a:8d:b0:9e:ac:68:07:1e:ac:27:e7:
ef:0e:d7:8f:88:c0:e2:61:fa:57:88:55:82:08:42:05:b9:ae:
bf:b1:c6:8b:f1:08:29:44:2b:25:a1:a4:c1:d1:67:10:2e:78:
03:73:13:e1:93:53:88:c5:87:c2:16:cf:f2:49:10:c8:f1:66:
95:2d:ea:ad:b5:84:03:69:4a:f0:06:ce:34:02:2b:d2:a1:ce:
fb:c2:a7:e1:3e:ea:5c:df:2f:86:55:d4:26:3f:31:c4:81:54:
db:7c:88:ac:e3:9c:02:39:61:70:06:35:c6:18:0e:00:5e:1b:
52:48:fc:cf:05:90:11:62:b1:13:53:a4:15:fe:c5:b0:d0:03:
81:f9:de:9b:f1:53:1f:52:93:3f:82:5f:53:5e:2b:14:05:fe:
2d:60:e1:28:dc:69:59:28:13:87:55:45:79:7d:34:82:28:18:
92:f3:48:0b
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgISAZIPPeni7KXtcsBYJsUtsTMMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0MDBiMjA2MDYzMTQ4NThhN2IzZjJhOTc1ZThlOWQ5MTll
Yzc1M2EwHhcNMjQwOTIwMTE0MjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjMwNDAxNDcxZjYzMzE0NDczMGQwNjljODYwMjY1NjFkZDE5MjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsIJRpGyJKEdtaH2uPFOxpdcZCa9k
t+VPBCnJU/lH2PyTiQstkoAt5tsDFACkWLyhQz1Wd8qzmjMhWx/EPRXjMbtDDK+m
BATJ1llwH/sb7yT1oCq9t4Y/uu+7CSNvwjo0BiUksNKOGOWzc8znqeojb/LKL6cR
eCDoQzrbzQVNN8gLEA1eFgwhCU4chOehXfnZuBKbaWIzLt3D1G74Tv5hkPPKlHjP
94cs3kpCd9jblTVLqR7hQScK4DP129UC3OdzeioKbJnNbar8vfNnzacltjr+azBA
uz5h3/KZBqKWhTjn3YfWQwxXgNaVLsCs075OMQvQBOKpV+OSFpbVK3H61wIDAQAB
o4ICUjCCAk4wHQYDVR0OBBYEFC8wQBRx9jMURzDQachgJlYd0ZJRMB8GA1UdIwQY
MBaAFCQAsgYGMUhYp7PyqXXo6dkZ7HU6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkFDeUJnWXhTRmluc19LcGRlanAyUm5zZFRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9kYmQ5NTEtMjU5Yi00NzU5LWE1MTkt
OWM1ZTFkZWIyYzMzLzEvTHpCQUZISDJNeFJITU5CcHlHQW1WaDNSa2xFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9kYmQ5NTEtMjU5Yi00NzU5LWE1MTktOWM1ZTFkZWIyYzMz
LzEvSkFDeUJnWXhTRmluc19LcGRlanAyUm5zZFRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGgGCCsGAQUFBwEHAQH/BFkwVzAgBAIAATAaMAwDBARN9rAD
BABN9rwDBAFN9r4DBAG5SlAwMwQCAAIwLQMHACoFRwAACwMHACoFRwAAUAMHACoF
RwAAUwMHASoFRwABAAMHACoFRwACADANBgkqhkiG9w0BAQsFAAOCAQEA3R4ssEuU
DJr/rtAQlTlV3un7bI5ARBM1jNoNIH8clF2FljoeP9ZmP1CWpsSNCdXxrX5rfZ82
tdkA2JZTEEbehBklTXefcHUQevytgP3EWgqNsJ6saAcerCfn7w7Xj4jA4mH6V4hV
gghCBbmuv7HGi/EIKUQrJaGkwdFnEC54A3MT4ZNTiMWHwhbP8kkQyPFmlS3qrbWE
A2lK8AbONAIr0qHO+8Kn4T7qXN8vhlXUJj8xxIFU23yIrOOcAjlhcAY1xhgOAF4b
Ukj8zwWQEWKxE1OkFf7FsNADgfnem/FTH1KTP4JfU14rFAX+LWDhKNxpWSgTh1VF
eX00gigYkvNICw==
-----END CERTIFICATE-----
Generated at Fri Sep 20 23:20:20 2024 by rpki-client on console-fra.rpki-client.org