Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/LNRuSE33PV79Sx7lSOXWH08HKJo.roa
File: LNRuSE33PV79Sx7lSOXWH08HKJo.roa (raw, json)
Hash identifier: M3WwsvE+DO8nxQceiR5foFM1Nf+//xVmHU67Mc+Kx/s=
Subject key identifier: 2C:D4:6E:48:4D:F7:3D:5E:FD:4B:1E:E5:48:E5:D6:1F:4F:07:28:9A
Certificate issuer: /CN=76a75826e991225a429ff8a1e7ffdc80466420df
Certificate serial: 018CC80132FEFBEDA407EB70E6392D19016D
Authority key identifier: 76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/LNRuSE33PV79Sx7lSOXWH08HKJo.roa
Signing time: Tue 02 Jan 2024 02:29:30 +0000
ROA not before: Tue 02 Jan 2024 02:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 680
IP address blocks: 192.76.245.0/24 maxlen: 24
192.76.246.0/23 maxlen: 23
192.76.241.0/24 maxlen: 24
192.76.248.0/24 maxlen: 24
192.109.177.0/24 maxlen: 24
192.35.150.0/24 maxlen: 24
192.35.150.0/23 maxlen: 23
192.35.149.0/24 maxlen: 24
192.35.151.0/24 maxlen: 24
192.35.153.0/24 maxlen: 24
129.26.0.0/16 maxlen: 16
192.76.148.0/24 maxlen: 24
129.233.128.0/18 maxlen: 18
192.88.108.0/24 maxlen: 24
212.44.192.0/19 maxlen: 19
192.102.150.0/23 maxlen: 23
192.102.152.0/23 maxlen: 23
192.102.156.0/24 maxlen: 24
192.102.158.0/23 maxlen: 23
192.102.164.0/24 maxlen: 24
192.102.161.0/24 maxlen: 24
192.102.160.0/24 maxlen: 24
192.102.162.0/23 maxlen: 23
192.102.168.0/24 maxlen: 24
192.102.167.0/24 maxlen: 24
192.102.170.0/24 maxlen: 24
192.102.169.0/24 maxlen: 24
192.102.172.0/24 maxlen: 24
192.102.175.0/24 maxlen: 24
192.102.174.0/24 maxlen: 24
192.102.176.0/23 maxlen: 23
129.233.210.0/24 maxlen: 24
129.233.224.0/20 maxlen: 20
192.44.4.0/24 maxlen: 24
192.54.34.0/23 maxlen: 23
192.44.8.0/24 maxlen: 24
192.44.5.0/24 maxlen: 24
192.44.6.0/24 maxlen: 24
192.44.15.0/24 maxlen: 24
192.44.12.0/24 maxlen: 24
192.44.23.0/24 maxlen: 24
192.44.18.0/24 maxlen: 24
192.44.20.0/23 maxlen: 23
192.44.30.0/23 maxlen: 23
192.44.29.0/24 maxlen: 24
192.44.26.0/24 maxlen: 24
192.44.25.0/24 maxlen: 24
192.44.28.0/24 maxlen: 24
192.44.37.0/24 maxlen: 24
192.44.36.0/24 maxlen: 24
84.246.64.0/21 maxlen: 21
192.44.38.0/23 maxlen: 23
192.44.40.0/24 maxlen: 24
2a03:db80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/dqdYJumRIlpCn_ih5__cgEZkIN8.crl
rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/dqdYJumRIlpCn_ih5__cgEZkIN8.mft
rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:01:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:32:fe:fb:ed:a4:07:eb:70:e6:39:2d:19:01:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76a75826e991225a429ff8a1e7ffdc80466420df
Validity
Not Before: Jan 2 02:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2cd46e484df73d5efd4b1ee548e5d61f4f07289a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:c9:5d:30:a5:44:ce:57:d4:e1:5d:03:1b:76:
f5:14:fa:d5:86:69:9b:f5:5a:c4:1c:85:df:42:50:
72:ba:cd:8b:ae:10:aa:38:78:8c:d7:17:64:97:60:
f2:24:8a:da:80:8a:86:95:43:f6:a4:c6:4d:1b:60:
af:dc:76:14:b8:16:12:c2:41:e4:a7:55:9c:0d:c8:
9c:a1:99:67:5a:b5:bf:ab:40:68:fa:e4:fb:fa:c0:
23:28:74:4d:89:97:b7:4e:51:eb:15:54:33:32:20:
75:68:c9:93:76:f0:90:61:b8:74:34:df:6a:99:6f:
e5:60:9a:25:61:58:16:f1:a1:f1:30:0a:be:7b:07:
f7:2d:a4:67:71:62:5b:68:0b:e0:42:c6:64:5e:e6:
c6:df:29:05:1a:f7:79:af:18:b1:13:89:de:b9:96:
32:45:a3:7b:b5:b3:4a:b8:bc:f7:27:73:a7:43:32:
a4:ff:ab:5e:ef:1a:d3:cc:d0:4f:8a:fe:80:a5:24:
78:e2:99:31:6c:4f:bb:1c:fd:98:a4:24:df:2a:7c:
a1:58:32:78:d9:e8:ab:fc:be:e2:76:89:bb:cb:1c:
8c:df:2e:25:c6:74:d2:0d:dc:38:f1:81:d9:51:34:
bb:5e:3c:cf:66:69:4a:8e:bf:35:9e:bc:da:50:66:
76:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:D4:6E:48:4D:F7:3D:5E:FD:4B:1E:E5:48:E5:D6:1F:4F:07:28:9A
X509v3 Authority Key Identifier:
keyid:76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/LNRuSE33PV79Sx7lSOXWH08HKJo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/dqdYJumRIlpCn_ih5__cgEZkIN8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.246.64.0/21
129.26.0.0/16
129.233.128.0/18
129.233.210.0/24
129.233.224.0/20
192.35.149.0-192.35.151.255
192.35.153.0/24
192.44.4.0-192.44.6.255
192.44.8.0/24
192.44.12.0/24
192.44.15.0/24
192.44.18.0/24
192.44.20.0/23
192.44.23.0/24
192.44.25.0-192.44.26.255
192.44.28.0/22
192.44.36.0-192.44.40.255
192.54.34.0/23
192.76.148.0/24
192.76.241.0/24
192.76.245.0-192.76.248.255
192.88.108.0/24
192.102.150.0-192.102.153.255
192.102.156.0/24
192.102.158.0-192.102.164.255
192.102.167.0-192.102.170.255
192.102.172.0/24
192.102.174.0-192.102.177.255
192.109.177.0/24
212.44.192.0/19
IPv6:
2a03:db80::/32
Signature Algorithm: sha256WithRSAEncryption
03:63:0f:e0:e6:37:37:17:99:35:5b:4f:30:55:a9:43:dc:76:
48:b0:9d:75:77:e6:84:53:4e:5c:b4:e9:33:d3:0a:77:11:d4:
da:a2:fe:d4:7a:1c:f5:59:5c:53:79:01:06:f7:5d:7f:bd:19:
b2:6b:e5:1b:aa:96:23:dd:96:7a:2f:94:5c:4b:d6:6a:5d:9a:
93:4f:7d:b1:19:d5:0f:b9:55:cb:ca:53:65:05:ca:12:88:9b:
27:2d:49:93:83:53:13:3e:89:96:2e:1d:bc:71:b4:c2:9f:61:
c6:0b:07:37:1a:6d:8b:d3:c3:7b:cb:37:54:1b:02:f6:e8:cb:
73:a7:2f:80:38:70:08:4d:08:08:34:cc:13:de:73:01:6c:93:
e9:48:da:d6:22:7b:a2:6c:f2:0d:d6:98:26:4c:c8:8a:54:3c:
9a:0e:4b:e6:d6:41:74:23:81:2d:ee:24:99:50:92:3a:c0:db:
2b:f0:f5:25:c2:f6:36:7d:ab:f5:2b:fb:68:00:84:99:c8:1c:
92:fd:09:48:eb:9a:0d:23:08:bb:26:73:46:5f:29:ff:5a:37:
08:80:4d:12:8c:c3:76:cb:3b:5c:6f:7a:88:83:d1:df:b2:70:
8a:78:8f:4b:70:85:5b:98:d4:be:9d:fc:8d:1c:2b:b5:07:3d:
11:0d:f4:c5
-----BEGIN CERTIFICATE-----
MIIGCjCCBPKgAwIBAgISAYzIATL+++2kB+tw5jktGQFtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2YTc1ODI2ZTk5MTIyNWE0MjlmZjhhMWU3ZmZkYzgwNDY2
NDIwZGYwHhcNMjQwMTAyMDIyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyY2Q0NmU0ODRkZjczZDVlZmQ0YjFlZTU0OGU1ZDYxZjRmMDcyODlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAocldMKVEzlfU4V0DG3b1FPrVhmmb
9VrEHIXfQlByus2LrhCqOHiM1xdkl2DyJIragIqGlUP2pMZNG2Cv3HYUuBYSwkHk
p1WcDcicoZlnWrW/q0Bo+uT7+sAjKHRNiZe3TlHrFVQzMiB1aMmTdvCQYbh0NN9q
mW/lYJolYVgW8aHxMAq+ewf3LaRncWJbaAvgQsZkXubG3ykFGvd5rxixE4neuZYy
RaN7tbNKuLz3J3OnQzKk/6te7xrTzNBPiv6ApSR44pkxbE+7HP2YpCTfKnyhWDJ4
2eir/L7idom7yxyM3y4lxnTSDdw48YHZUTS7XjzPZmlKjr81nrzaUGZ2twIDAQAB
o4IDFjCCAxIwHQYDVR0OBBYEFCzUbkhN9z1e/Use5Ujl1h9PByiaMB8GA1UdIwQY
MBaAFHanWCbpkSJaQp/4oef/3IBGZCDfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHFkWUp1bVJJbHBDbl9paDVfX2NnRVprSU44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS8xZDMzY2EtOGQxYy00OWMwLWJlOTct
YWQ4ZmJlYWE4ZGQ5LzEvTE5SdVNFMzNQVjc5U3g3bFNPWFdIMDhIS0pvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS8xZDMzY2EtOGQxYy00OWMwLWJlOTctYWQ4ZmJlYWE4ZGQ5
LzEvZHFkWUp1bVJJbHBDbl9paDVfX2NnRVprSU44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBKgYIKwYBBQUHAQcBAf8EggEZMIIBFTCCAQIEAgABMIH7
AwQDVPZAAwMAgRoDBAaB6YADBACB6dIDBASB6eAwDAMEAMAjlQMEA8AjkAMEAMAj
mTAMAwQCwCwEAwQAwCwGAwQAwCwIAwQAwCwMAwQAwCwPAwQAwCwSAwQBwCwUAwQA
wCwXMAwDBADALBkDBADALBoDBALALBwwDAMEAsAsJAMEAMAsKAMEAcA2IgMEAMBM
lAMEAMBM8TAMAwQAwEz1AwQAwEz4AwQAwFhsMAwDBAHAZpYDBAHAZpgDBADAZpww
DAMEAcBmngMEAMBmpDAMAwQAwGanAwQAwGaqAwQAwGasMAwDBAHAZq4DBAHAZrAD
BADAbbEDBAXULMAwDQQCAAIwBwMFACoD24AwDQYJKoZIhvcNAQELBQADggEBAANj
D+DmNzcXmTVbTzBVqUPcdkiwnXV35oRTTly06TPTCncR1Nqi/tR6HPVZXFN5AQb3
XX+9GbJr5RuqliPdlnovlFxL1mpdmpNPfbEZ1Q+5VcvKU2UFyhKImyctSZODUxM+
iZYuHbxxtMKfYcYLBzcabYvTw3vLN1QbAvboy3OnL4A4cAhNCAg0zBPecwFsk+lI
2tYie6Js8g3WmCZMyIpUPJoOS+bWQXQjgS3uJJlQkjrA2yvw9SXC9jZ9q/Ur+2gA
hJnIHJL9CUjrmg0jCLsmc0ZfKf9aNwiATRKMw3bLO1xveoiD0d+ycIp4j0twhVuY
1L6d/I0cK7UHPREN9MU=
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:47:15 2024 by rpki-client on console-ams.rpki-client.org