Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/a0c444-9796-4f06-83f2-aa788a420aec/1/lKHPOFsDQakBgYV0VdSsvdMAJ8U.roa
File: lKHPOFsDQakBgYV0VdSsvdMAJ8U.roa (raw, json)
Hash identifier: m8WVkhF0cSaG9ISOggtKLwfq1l4ZkTJLrrV43loL3Xc=
Subject key identifier: 94:A1:CF:38:5B:03:41:A9:01:81:85:74:55:D4:AC:BD:D3:00:27:C5
Certificate issuer: /CN=a74c6706e3fbebdff146a8a14ec2a3284a92ba62
Certificate serial: 018CC56EB8F49599C028E3112AF18CB80F42
Authority key identifier: A7:4C:67:06:E3:FB:EB:DF:F1:46:A8:A1:4E:C2:A3:28:4A:92:BA:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p0xnBuP769_xRqihTsKjKEqSumI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/a0c444-9796-4f06-83f2-aa788a420aec/1/lKHPOFsDQakBgYV0VdSsvdMAJ8U.roa
Signing time: Mon 01 Jan 2024 14:30:17 +0000
ROA not before: Mon 01 Jan 2024 14:30:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12649
IP address blocks: 194.191.108.0/24 maxlen: 24
195.48.70.0/24 maxlen: 24
195.49.41.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/a0c444-9796-4f06-83f2-aa788a420aec/1/p0xnBuP769_xRqihTsKjKEqSumI.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/a0c444-9796-4f06-83f2-aa788a420aec/1/p0xnBuP769_xRqihTsKjKEqSumI.mft
rsync://rpki.ripe.net/repository/DEFAULT/p0xnBuP769_xRqihTsKjKEqSumI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:b8:f4:95:99:c0:28:e3:11:2a:f1:8c:b8:0f:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a74c6706e3fbebdff146a8a14ec2a3284a92ba62
Validity
Not Before: Jan 1 14:30:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=94a1cf385b0341a90181857455d4acbdd30027c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:7c:ee:64:40:4c:aa:28:5d:c2:5a:73:a2:6f:
90:e4:b2:4b:6f:c6:70:73:c5:ff:dd:06:65:02:32:
72:de:74:5f:95:4d:25:bd:c4:7b:0c:ab:b1:fd:27:
9b:d7:f4:69:75:47:ce:06:7e:02:6b:ab:6a:2a:d0:
70:6f:bf:6b:f6:31:42:33:35:08:7b:bd:ae:0a:bf:
f0:c4:4c:0a:26:8a:d2:93:82:c4:61:ce:e6:a1:87:
c8:18:e3:80:91:3b:74:07:85:49:a4:7e:f3:da:62:
9a:0b:08:19:c9:30:a8:5c:14:52:42:ea:34:fb:0b:
46:f5:a7:5e:4f:c5:6f:15:e1:b6:4d:88:43:db:3d:
74:01:5d:c9:02:47:92:d1:23:5d:85:3d:1d:c8:ee:
4a:c6:ca:f2:c2:2b:6b:11:24:95:ad:ed:08:9d:55:
ba:dd:1a:20:1d:1b:3a:9f:f3:b7:36:59:66:32:d7:
64:6d:1c:e7:d4:69:a3:c3:d1:85:70:1e:41:19:62:
3d:93:08:6f:2b:e9:46:47:e4:af:c5:0d:5d:70:0c:
1b:b3:67:5f:25:c5:ea:e0:61:8e:1e:f8:a0:30:18:
2b:62:15:fb:4b:41:c2:28:bb:6c:23:3e:06:b5:7a:
5b:1d:11:77:03:dd:9c:ff:ff:ac:7f:b1:5f:bb:47:
28:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:A1:CF:38:5B:03:41:A9:01:81:85:74:55:D4:AC:BD:D3:00:27:C5
X509v3 Authority Key Identifier:
keyid:A7:4C:67:06:E3:FB:EB:DF:F1:46:A8:A1:4E:C2:A3:28:4A:92:BA:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p0xnBuP769_xRqihTsKjKEqSumI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/a0c444-9796-4f06-83f2-aa788a420aec/1/lKHPOFsDQakBgYV0VdSsvdMAJ8U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/a0c444-9796-4f06-83f2-aa788a420aec/1/p0xnBuP769_xRqihTsKjKEqSumI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.191.108.0/24
195.48.70.0/24
195.49.41.0/24
Signature Algorithm: sha256WithRSAEncryption
78:83:79:bd:52:6a:f8:9f:41:89:3e:bc:db:1c:b4:71:cb:6f:
04:1b:8e:dc:5c:32:8d:da:cc:54:f4:0b:82:93:86:fc:e4:a2:
34:32:cb:e6:be:b7:1e:34:d5:77:d8:6f:be:2f:f0:1a:a8:7f:
1e:05:4f:4e:0c:29:a4:5b:20:32:35:58:ab:35:95:bb:35:bd:
62:e2:09:0e:cb:1f:b0:62:d5:85:cb:eb:6a:d1:fc:e2:63:99:
1c:b6:f2:52:a2:1a:f0:68:69:77:e9:5c:01:d0:c2:e9:37:a8:
42:9a:dc:d9:11:c7:64:9c:ed:6b:3a:76:5a:08:cd:01:35:8c:
f8:80:07:22:91:bb:40:b5:30:af:6d:a6:4e:95:d2:71:22:6d:
59:39:7c:27:57:c7:75:6d:58:f1:55:11:f0:86:07:8b:cf:9c:
91:40:84:6e:9b:a7:ff:fd:89:8a:d6:d5:ad:51:04:e2:82:e8:
26:e2:56:af:3b:e3:fb:a3:2b:62:6a:64:ac:a3:94:2b:41:7d:
de:03:65:bc:8c:10:04:ba:0c:94:ca:46:e4:56:12:4a:9f:c5:
11:bb:0c:45:8b:aa:ac:df:cc:22:a4:22:6b:78:c9:13:da:c0:
fe:3f:d0:9c:14:31:37:f4:56:3e:8a:61:1b:86:73:bf:3f:fe:
97:6c:cb:dc
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzFbrj0lZnAKOMRKvGMuA9CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3NGM2NzA2ZTNmYmViZGZmMTQ2YThhMTRlYzJhMzI4NGE5
MmJhNjIwHhcNMjQwMTAxMTQzMDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGExY2YzODViMDM0MWE5MDE4MTg1NzQ1NWQ0YWNiZGQzMDAyN2M1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtXzuZEBMqihdwlpzom+Q5LJLb8Zw
c8X/3QZlAjJy3nRflU0lvcR7DKux/Seb1/RpdUfOBn4Ca6tqKtBwb79r9jFCMzUI
e72uCr/wxEwKJorSk4LEYc7moYfIGOOAkTt0B4VJpH7z2mKaCwgZyTCoXBRSQuo0
+wtG9adeT8VvFeG2TYhD2z10AV3JAkeS0SNdhT0dyO5KxsrywitrESSVre0InVW6
3RogHRs6n/O3NllmMtdkbRzn1Gmjw9GFcB5BGWI9kwhvK+lGR+SvxQ1dcAwbs2df
JcXq4GGOHvigMBgrYhX7S0HCKLtsIz4GtXpbHRF3A92c//+sf7Ffu0coqQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJShzzhbA0GpAYGFdFXUrL3TACfFMB8GA1UdIwQY
MBaAFKdMZwbj++vf8UaooU7CoyhKkrpiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDB4bkJ1UDc2OV94UnFpaFRzS2pLRXFTdW1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9hMGM0NDQtOTc5Ni00ZjA2LTgzZjIt
YWE3ODhhNDIwYWVjLzEvbEtIUE9Gc0RRYWtCZ1lWMFZkU3N2ZE1BSjhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9hMGM0NDQtOTc5Ni00ZjA2LTgzZjItYWE3ODhhNDIwYWVj
LzEvcDB4bkJ1UDc2OV94UnFpaFRzS2pLRXFTdW1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwr9sAwQA
wzBGAwQAwzEpMA0GCSqGSIb3DQEBCwUAA4IBAQB4g3m9Umr4n0GJPrzbHLRxy28E
G47cXDKN2sxU9AuCk4b85KI0MsvmvrceNNV32G++L/AaqH8eBU9ODCmkWyAyNVir
NZW7Nb1i4gkOyx+wYtWFy+tq0fziY5kctvJSohrwaGl36VwB0MLpN6hCmtzZEcdk
nO1rOnZaCM0BNYz4gAcikbtAtTCvbaZOldJxIm1ZOXwnV8d1bVjxVRHwhgeLz5yR
QIRum6f//YmK1tWtUQTigugm4lavO+P7oytiamSso5QrQX3eA2W8jBAEugyUykbk
VhJKn8URuwxFi6qs38wipCJreMkT2sD+P9CcFDE39FY+imEbhnO/P/6XbMvc
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:49:20 2024 by rpki-client on console-ams.rpki-client.org