Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/c2d399-4ae9-4431-9161-58efa0bee084/1/LPbQhc19-JdikqMkS5r2to6SmIc.roa
File: LPbQhc19-JdikqMkS5r2to6SmIc.roa (raw, json)
Hash identifier: KoCdL0JL3mN74O33lQAh/ZziNnauN604I9YBxcIXbYs=
Subject key identifier: 2C:F6:D0:85:CD:7D:F8:97:62:92:A3:24:4B:9A:F6:B6:8E:92:98:87
Certificate issuer: /CN=12c603666719e979bef0921451a2ec264ed01209
Certificate serial: 018CC8DE5B40A3C113E82D88208E706839F8
Authority key identifier: 12:C6:03:66:67:19:E9:79:BE:F0:92:14:51:A2:EC:26:4E:D0:12:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EsYDZmcZ6Xm-8JIUUaLsJk7QEgk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/c2d399-4ae9-4431-9161-58efa0bee084/1/LPbQhc19-JdikqMkS5r2to6SmIc.roa
Signing time: Tue 02 Jan 2024 06:31:04 +0000
ROA not before: Tue 02 Jan 2024 06:31:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16296
IP address blocks: 80.241.128.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/c2d399-4ae9-4431-9161-58efa0bee084/1/EsYDZmcZ6Xm-8JIUUaLsJk7QEgk.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/c2d399-4ae9-4431-9161-58efa0bee084/1/EsYDZmcZ6Xm-8JIUUaLsJk7QEgk.mft
rsync://rpki.ripe.net/repository/DEFAULT/EsYDZmcZ6Xm-8JIUUaLsJk7QEgk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 10 May 2024 15:21:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:5b:40:a3:c1:13:e8:2d:88:20:8e:70:68:39:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12c603666719e979bef0921451a2ec264ed01209
Validity
Not Before: Jan 2 06:31:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2cf6d085cd7df8976292a3244b9af6b68e929887
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:fa:94:11:7f:6f:43:94:73:2e:59:4f:f1:d5:
12:09:0c:52:93:f0:8a:60:39:b8:c3:d3:ba:81:d4:
ed:f4:ac:4d:b4:bd:df:c8:c6:e3:a9:9c:48:1f:54:
fe:08:df:b2:15:0b:10:7f:1f:8f:0f:e9:77:8b:2e:
e2:d0:69:94:e6:23:e5:2b:bc:45:6c:10:45:87:04:
11:24:5e:57:15:1f:d5:8d:b2:d7:ed:b4:b4:a5:fe:
9d:a4:33:d4:66:7a:0b:a6:4d:1b:53:b5:d0:d2:be:
ff:ce:df:14:6a:8b:f2:a1:a9:23:9b:9d:eb:94:c5:
45:a7:17:b4:8b:6a:7f:fa:23:d9:4f:f6:d8:9c:91:
b9:d4:6c:4c:e8:43:f9:46:3a:94:26:74:75:16:33:
6c:29:94:b0:84:2e:7f:9d:75:d3:cd:25:d3:c8:da:
52:e1:33:5d:94:2e:0c:e2:1c:66:7a:f1:a0:24:01:
3e:54:a6:93:de:4c:42:c5:e6:49:b3:f2:ae:fb:ae:
46:2b:51:22:0e:07:51:bf:80:32:6e:03:44:05:92:
a0:3b:40:e6:01:74:a2:ba:3c:4f:b8:9c:a6:ea:35:
bd:9e:f1:29:f3:ff:ac:27:22:f5:ef:b1:8e:9e:0f:
4f:a1:f2:2b:df:fa:9b:73:21:2e:ac:78:7d:fc:f4:
01:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:F6:D0:85:CD:7D:F8:97:62:92:A3:24:4B:9A:F6:B6:8E:92:98:87
X509v3 Authority Key Identifier:
keyid:12:C6:03:66:67:19:E9:79:BE:F0:92:14:51:A2:EC:26:4E:D0:12:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EsYDZmcZ6Xm-8JIUUaLsJk7QEgk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c2d399-4ae9-4431-9161-58efa0bee084/1/LPbQhc19-JdikqMkS5r2to6SmIc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c2d399-4ae9-4431-9161-58efa0bee084/1/EsYDZmcZ6Xm-8JIUUaLsJk7QEgk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.241.128.0/21
Signature Algorithm: sha256WithRSAEncryption
07:6b:02:78:7e:c4:9c:90:d2:2f:c5:f3:85:e9:af:c1:3d:db:
89:07:dc:8c:50:be:88:e0:29:59:bc:01:45:73:ca:72:90:1d:
e2:a5:cf:87:1a:3f:8a:b4:ce:9b:a9:cf:a3:0b:cf:1c:d5:fd:
d0:dc:e9:cf:04:81:40:6b:f0:56:14:ec:43:90:c1:bf:72:c3:
1c:9d:30:c1:16:47:c7:a6:72:46:89:4e:21:60:65:3d:4a:90:
58:cc:d6:df:6d:79:71:8c:ff:57:a7:f1:54:18:11:76:67:78:
fe:a0:a4:6f:54:e4:83:a6:9c:f3:8a:8c:b1:d2:28:ca:8b:81:
1d:e5:07:b2:4c:19:60:a5:be:1d:3c:a0:09:b7:92:95:c0:bf:
20:de:68:24:23:24:da:72:eb:6c:6b:11:6e:b5:e1:d6:e9:0f:
57:24:28:d9:b3:3f:a6:1d:6c:02:c5:f2:3a:74:bc:2e:94:98:
92:05:f1:47:d2:98:8b:02:2d:1f:08:2d:a4:f8:73:e5:59:cf:
a0:34:52:8d:7c:cd:44:59:cf:f3:86:53:d2:4a:0d:fd:ff:2a:
57:cc:e2:b4:e3:0a:58:ed:71:26:71:ac:84:7c:7b:0c:92:8c:
8d:82:c2:5e:ea:92:52:78:7d:cf:c9:79:3f:a2:cc:db:36:a4:
ad:30:a8:7d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3ltAo8ET6C2III5waDn4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyYzYwMzY2NjcxOWU5NzliZWYwOTIxNDUxYTJlYzI2NGVk
MDEyMDkwHhcNMjQwMTAyMDYzMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyY2Y2ZDA4NWNkN2RmODk3NjI5MmEzMjQ0YjlhZjZiNjhlOTI5ODg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq/qUEX9vQ5RzLllP8dUSCQxSk/CK
YDm4w9O6gdTt9KxNtL3fyMbjqZxIH1T+CN+yFQsQfx+PD+l3iy7i0GmU5iPlK7xF
bBBFhwQRJF5XFR/VjbLX7bS0pf6dpDPUZnoLpk0bU7XQ0r7/zt8Uaovyoakjm53r
lMVFpxe0i2p/+iPZT/bYnJG51GxM6EP5RjqUJnR1FjNsKZSwhC5/nXXTzSXTyNpS
4TNdlC4M4hxmevGgJAE+VKaT3kxCxeZJs/Ku+65GK1EiDgdRv4AybgNEBZKgO0Dm
AXSiujxPuJym6jW9nvEp8/+sJyL177GOng9PofIr3/qbcyEurHh9/PQBAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCz20IXNffiXYpKjJEua9raOkpiHMB8GA1UdIwQY
MBaAFBLGA2ZnGel5vvCSFFGi7CZO0BIJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXNZRFptY1o2WG0tOEpJVVVhTHNKazdRRWdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9jMmQzOTktNGFlOS00NDMxLTkxNjEt
NThlZmEwYmVlMDg0LzEvTFBiUWhjMTktSmRpa3FNa1M1cjJ0bzZTbUljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9jMmQzOTktNGFlOS00NDMxLTkxNjEtNThlZmEwYmVlMDg0
LzEvRXNZRFptY1o2WG0tOEpJVVVhTHNKazdRRWdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDUPGAMA0G
CSqGSIb3DQEBCwUAA4IBAQAHawJ4fsSckNIvxfOF6a/BPduJB9yMUL6I4ClZvAFF
c8pykB3ipc+HGj+KtM6bqc+jC88c1f3Q3OnPBIFAa/BWFOxDkMG/csMcnTDBFkfH
pnJGiU4hYGU9SpBYzNbfbXlxjP9Xp/FUGBF2Z3j+oKRvVOSDppzzioyx0ijKi4Ed
5QeyTBlgpb4dPKAJt5KVwL8g3mgkIyTacutsaxFuteHW6Q9XJCjZsz+mHWwCxfI6
dLwulJiSBfFH0piLAi0fCC2k+HPlWc+gNFKNfM1EWc/zhlPSSg39/ypXzOK04wpY
7XEmcayEfHsMkoyNgsJe6pJSeH3PyXk/oszbNqStMKh9
-----END CERTIFICATE-----
Generated at Thu May 9 22:01:30 2024 by rpki-client on console-ams.rpki-client.org