Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/lbhCVD1dbCpQBFpWptC4DBfRpO4.roa
File: lbhCVD1dbCpQBFpWptC4DBfRpO4.roa (raw, json)
Hash identifier: AfJWtjcLD3NjZSxtYBcOHRFJJhE+HOykW23+eGfrIYY=
Subject key identifier: 95:B8:42:54:3D:5D:6C:2A:50:04:5A:56:A6:D0:B8:0C:17:D1:A4:EE
Certificate issuer: /CN=76a75826e991225a429ff8a1e7ffdc80466420df
Certificate serial: 018CC80136FFCBD4DB91D438F2195F3B09DD
Authority key identifier: 76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/lbhCVD1dbCpQBFpWptC4DBfRpO4.roa
Signing time: Tue 02 Jan 2024 02:29:31 +0000
ROA not before: Tue 02 Jan 2024 02:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47610
IP address blocks: 192.44.11.0/24 maxlen: 24
192.102.148.0/24 maxlen: 24
153.96.180.0/24 maxlen: 24
153.96.208.0/23 maxlen: 23
129.233.212.0/24 maxlen: 24
129.233.213.0/24 maxlen: 24
2a03:db80:2c10::/48 maxlen: 48
2a03:db80:2c14::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/dqdYJumRIlpCn_ih5__cgEZkIN8.crl
rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/dqdYJumRIlpCn_ih5__cgEZkIN8.mft
rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:36:ff:cb:d4:db:91:d4:38:f2:19:5f:3b:09:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76a75826e991225a429ff8a1e7ffdc80466420df
Validity
Not Before: Jan 2 02:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=95b842543d5d6c2a50045a56a6d0b80c17d1a4ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:6c:c3:49:89:01:20:97:e2:bb:ef:2a:d3:89:
02:87:c7:34:0f:9f:dd:59:6c:7b:f0:ae:3d:5d:cb:
c1:be:66:0a:d7:bf:fc:9a:66:71:7d:e9:82:71:d1:
7c:60:52:a5:95:f6:72:b4:b3:02:11:3b:f8:67:0c:
e0:7a:c0:b8:b3:e6:e8:8c:d0:08:f0:c0:6f:cf:a7:
20:7c:84:24:d6:3a:ab:41:9e:93:8f:1a:fc:03:57:
ab:85:e0:2f:30:18:92:8a:d0:9c:4d:82:2a:38:47:
99:58:00:cf:3c:38:cb:6d:9c:61:95:f0:7a:82:51:
05:04:9c:18:99:3c:60:07:9c:a4:02:e1:c1:7b:10:
22:21:bd:e5:f2:c6:dd:9a:6e:61:e1:ac:f7:30:90:
81:b6:61:ec:e5:5b:2d:33:94:dc:42:5f:d7:10:7c:
7d:94:20:c8:e6:72:77:72:83:75:13:af:f0:79:5f:
17:f1:7c:bf:8e:9a:09:84:e6:34:d3:96:f9:c8:05:
72:92:37:5c:b4:8c:73:b6:0e:48:59:db:7d:a0:07:
14:54:b1:9a:3c:a0:92:bd:84:ff:d1:c0:ee:54:6d:
cb:ee:8a:1c:1f:54:a7:4d:81:44:72:fb:10:e4:61:
7d:64:0a:96:f5:97:58:9e:e0:19:08:5c:24:7e:86:
77:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:B8:42:54:3D:5D:6C:2A:50:04:5A:56:A6:D0:B8:0C:17:D1:A4:EE
X509v3 Authority Key Identifier:
keyid:76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/lbhCVD1dbCpQBFpWptC4DBfRpO4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/dqdYJumRIlpCn_ih5__cgEZkIN8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
129.233.212.0/23
153.96.180.0/24
153.96.208.0/23
192.44.11.0/24
192.102.148.0/24
IPv6:
2a03:db80:2c10::/48
2a03:db80:2c14::/48
Signature Algorithm: sha256WithRSAEncryption
96:54:a3:09:48:06:0f:30:86:c9:85:28:ee:14:22:c7:57:5f:
4b:eb:d4:e3:ad:a8:d9:ac:05:31:74:9b:d6:fb:dc:ad:1b:29:
47:b1:86:f6:c9:e8:a2:7d:1e:14:d8:27:bf:00:30:e5:ea:e9:
3e:f7:07:d9:eb:c6:45:d8:86:94:10:4b:75:69:df:ee:cf:88:
6f:15:8a:fa:8c:65:70:59:12:a1:4f:b4:8d:e8:a3:58:3f:39:
44:0c:b8:e6:30:f3:e6:b6:63:02:6c:c4:27:67:a5:2d:eb:41:
d7:8f:26:2b:f1:39:6d:01:50:74:c2:a9:56:9f:61:73:bb:42:
31:68:e1:78:08:ad:f6:29:48:3f:88:10:38:e1:7f:db:62:7a:
01:d2:69:82:6d:d1:b3:48:f6:02:c0:06:27:0b:77:44:2c:a3:
3a:97:b1:92:72:37:9c:0f:c3:dc:4a:03:40:17:74:f4:65:b2:
63:fc:55:ae:51:ff:10:fa:07:d2:01:ec:38:53:55:ba:1f:3e:
62:09:17:d2:60:a6:52:69:0f:3b:8a:de:7d:3c:8e:1e:46:22:
8a:f5:03:52:9d:dc:cc:41:8e:45:94:f1:c7:e6:17:27:1b:35:
93:33:79:a1:71:47:ae:2c:56:77:39:dd:54:94:44:02:a1:93:
5b:0e:12:1e
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYzIATb/y9TbkdQ48hlfOwndMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2YTc1ODI2ZTk5MTIyNWE0MjlmZjhhMWU3ZmZkYzgwNDY2
NDIwZGYwHhcNMjQwMTAyMDIyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWI4NDI1NDNkNWQ2YzJhNTAwNDVhNTZhNmQwYjgwYzE3ZDFhNGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArGzDSYkBIJfiu+8q04kCh8c0D5/d
WWx78K49XcvBvmYK17/8mmZxfemCcdF8YFKllfZytLMCETv4ZwzgesC4s+bojNAI
8MBvz6cgfIQk1jqrQZ6Tjxr8A1erheAvMBiSitCcTYIqOEeZWADPPDjLbZxhlfB6
glEFBJwYmTxgB5ykAuHBexAiIb3l8sbdmm5h4az3MJCBtmHs5VstM5TcQl/XEHx9
lCDI5nJ3coN1E6/weV8X8Xy/jpoJhOY005b5yAVykjdctIxztg5IWdt9oAcUVLGa
PKCSvYT/0cDuVG3L7oocH1SnTYFEcvsQ5GF9ZAqW9ZdYnuAZCFwkfoZ3TQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFJW4QlQ9XWwqUARaVqbQuAwX0aTuMB8GA1UdIwQY
MBaAFHanWCbpkSJaQp/4oef/3IBGZCDfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHFkWUp1bVJJbHBDbl9paDVfX2NnRVprSU44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS8xZDMzY2EtOGQxYy00OWMwLWJlOTct
YWQ4ZmJlYWE4ZGQ5LzEvbGJoQ1ZEMWRiQ3BRQkZwV3B0QzREQmZScE80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS8xZDMzY2EtOGQxYy00OWMwLWJlOTctYWQ4ZmJlYWE4ZGQ5
LzEvZHFkWUp1bVJJbHBDbl9paDVfX2NnRVprSU44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDAkBAIAATAeAwQBgenUAwQA
mWC0AwQBmWDQAwQAwCwLAwQAwGaUMBgEAgACMBIDBwAqA9uALBADBwAqA9uALBQw
DQYJKoZIhvcNAQELBQADggEBAJZUowlIBg8whsmFKO4UIsdXX0vr1OOtqNmsBTF0
m9b73K0bKUexhvbJ6KJ9HhTYJ78AMOXq6T73B9nrxkXYhpQQS3Vp3+7PiG8VivqM
ZXBZEqFPtI3oo1g/OUQMuOYw8+a2YwJsxCdnpS3rQdePJivxOW0BUHTCqVafYXO7
QjFo4XgIrfYpSD+IEDjhf9tiegHSaYJt0bNI9gLABicLd0QsozqXsZJyN5wPw9xK
A0AXdPRlsmP8Va5R/xD6B9IB7DhTVbofPmIJF9JgplJpDzuK3n08jh5GIor1A1Kd
3MxBjkWU8cfmFycbNZMzeaFxR64sVnc53VSURAKhk1sOEh4=
-----END CERTIFICATE-----
Generated at Fri Nov 22 16:12:33 2024 by rpki-client on console-fra.rpki-client.org