Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/828b0f-80e8-427b-971d-38bbcfaee6ce/1/LAcTs_vPDsJVAZyLicpfZgDtwD0.roa
File: LAcTs_vPDsJVAZyLicpfZgDtwD0.roa (raw, json)
Hash identifier: bs70cekw0LNBLQIt4LauupLN8PA4ildBRqWtR1tJFtY=
Subject key identifier: 2C:07:13:B3:FB:CF:0E:C2:55:01:9C:8B:89:CA:5F:66:00:ED:C0:3D
Certificate issuer: /CN=668d2f64c337465ed38da5f7cc4584df87d4a744
Certificate serial: 018CC3B7210ED29D5A347004F38F096EF68C
Authority key identifier: 66:8D:2F:64:C3:37:46:5E:D3:8D:A5:F7:CC:45:84:DF:87:D4:A7:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zo0vZMM3Rl7TjaX3zEWE34fUp0Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/828b0f-80e8-427b-971d-38bbcfaee6ce/1/LAcTs_vPDsJVAZyLicpfZgDtwD0.roa
Signing time: Mon 01 Jan 2024 06:30:07 +0000
ROA not before: Mon 01 Jan 2024 06:30:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28918
IP address blocks: 188.95.0.0/21 maxlen: 24
194.59.172.0/22 maxlen: 24
185.55.232.0/22 maxlen: 24
194.147.133.0/24 maxlen: 24
193.28.96.0/21 maxlen: 24
2a00:b400::/29 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/828b0f-80e8-427b-971d-38bbcfaee6ce/1/Zo0vZMM3Rl7TjaX3zEWE34fUp0Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/828b0f-80e8-427b-971d-38bbcfaee6ce/1/Zo0vZMM3Rl7TjaX3zEWE34fUp0Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/Zo0vZMM3Rl7TjaX3zEWE34fUp0Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 11 Jun 2024 14:33:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:21:0e:d2:9d:5a:34:70:04:f3:8f:09:6e:f6:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=668d2f64c337465ed38da5f7cc4584df87d4a744
Validity
Not Before: Jan 1 06:30:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2c0713b3fbcf0ec255019c8b89ca5f6600edc03d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:62:46:54:12:a7:21:a4:17:94:49:4c:04:af:
6a:6c:e6:fb:6c:84:7c:94:2c:66:fb:26:bc:95:5c:
c8:42:15:e0:d3:d3:c6:92:eb:c4:7a:53:17:8a:88:
5c:38:ac:ad:9b:bb:d1:14:b7:53:e6:e9:8d:14:92:
db:36:c9:4a:60:bb:93:9a:0e:82:99:e3:53:30:54:
6c:5b:bc:54:64:b6:d3:2a:83:43:35:88:d4:b1:29:
4b:8e:fc:43:df:21:88:23:9f:dc:d6:10:28:65:c6:
03:de:b3:6f:4b:6a:76:8e:a8:61:b7:c1:56:36:c9:
78:0d:2d:c9:04:43:8b:36:6a:a5:aa:5c:aa:9c:a4:
dc:f8:1f:cb:db:5d:45:14:52:f0:83:17:a4:c3:07:
3b:3c:2a:b0:bd:32:f3:ef:a7:61:7f:0b:d1:8f:c4:
0f:0f:15:62:f1:b7:ed:1f:0b:15:0c:87:2c:0b:f8:
96:bd:49:b5:55:18:a9:32:82:43:74:95:c9:0d:06:
7f:3b:ea:21:30:bd:2c:e4:f1:e4:b5:73:92:93:1e:
94:df:57:f0:b2:c7:4d:e5:8e:f5:43:0b:81:47:35:
30:4e:b7:53:c7:87:48:76:3e:f2:37:f5:31:8f:c5:
95:6c:02:a0:af:62:0b:c8:0c:17:98:5d:0b:91:7d:
29:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:07:13:B3:FB:CF:0E:C2:55:01:9C:8B:89:CA:5F:66:00:ED:C0:3D
X509v3 Authority Key Identifier:
keyid:66:8D:2F:64:C3:37:46:5E:D3:8D:A5:F7:CC:45:84:DF:87:D4:A7:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zo0vZMM3Rl7TjaX3zEWE34fUp0Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/828b0f-80e8-427b-971d-38bbcfaee6ce/1/LAcTs_vPDsJVAZyLicpfZgDtwD0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/828b0f-80e8-427b-971d-38bbcfaee6ce/1/Zo0vZMM3Rl7TjaX3zEWE34fUp0Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.55.232.0/22
188.95.0.0/21
193.28.96.0/21
194.59.172.0/22
194.147.133.0/24
IPv6:
2a00:b400::/29
Signature Algorithm: sha256WithRSAEncryption
5a:07:93:53:78:dd:9d:99:07:c3:ad:dd:ef:b7:ac:a1:45:1c:
4b:02:fa:1a:0a:8d:15:25:e4:a6:03:b2:d8:78:ba:f8:de:e3:
59:46:11:4c:d8:24:a1:77:c2:74:33:c4:c1:96:e7:15:79:6f:
a4:ab:ce:c3:21:83:ec:b8:e9:6a:36:c5:90:d5:95:b1:56:99:
2e:3b:bb:82:fe:4e:92:2d:03:f9:26:51:59:a4:67:fd:e5:c4:
33:60:2d:ea:ef:a3:47:6c:41:b0:56:49:00:0c:b3:ae:2f:33:
ce:eb:3d:ab:10:c8:80:5f:ed:d9:73:e1:b0:aa:48:56:0c:0e:
24:e0:c8:bd:5d:5d:de:f1:31:8f:0f:aa:8a:b4:37:12:23:b3:
17:a0:9c:bb:eb:5c:25:b8:c4:17:f6:34:64:ab:2d:e0:08:91:
0a:c7:cf:6b:c6:78:d7:ad:90:a1:dc:85:29:9b:33:94:a3:40:
08:29:99:a7:cc:d8:c2:c3:30:61:bf:74:5e:12:69:30:a0:fa:
c8:07:9a:99:7e:40:c6:0d:65:30:d6:5d:b9:96:91:18:8f:b5:
4b:94:04:a3:e3:2b:42:2d:c0:e8:ba:04:37:f2:83:0d:a4:dd:
0a:a6:94:f3:99:1b:dc:05:64:ca:81:31:17:28:0e:d1:9c:26:
73:86:a1:8c
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzDtyEO0p1aNHAE848JbvaMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2OGQyZjY0YzMzNzQ2NWVkMzhkYTVmN2NjNDU4NGRmODdk
NGE3NDQwHhcNMjQwMTAxMDYzMDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzA3MTNiM2ZiY2YwZWMyNTUwMTljOGI4OWNhNWY2NjAwZWRjMDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjWJGVBKnIaQXlElMBK9qbOb7bIR8
lCxm+ya8lVzIQhXg09PGkuvEelMXiohcOKytm7vRFLdT5umNFJLbNslKYLuTmg6C
meNTMFRsW7xUZLbTKoNDNYjUsSlLjvxD3yGII5/c1hAoZcYD3rNvS2p2jqhht8FW
Nsl4DS3JBEOLNmqlqlyqnKTc+B/L211FFFLwgxekwwc7PCqwvTLz76dhfwvRj8QP
DxVi8bftHwsVDIcsC/iWvUm1VRipMoJDdJXJDQZ/O+ohML0s5PHktXOSkx6U31fw
ssdN5Y71QwuBRzUwTrdTx4dIdj7yN/Uxj8WVbAKgr2ILyAwXmF0LkX0ptQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFCwHE7P7zw7CVQGci4nKX2YA7cA9MB8GA1UdIwQY
MBaAFGaNL2TDN0Ze042l98xFhN+H1KdEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWm8wdlpNTTNSbDdUamFYM3pFV0UzNGZVcDBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS84MjhiMGYtODBlOC00MjdiLTk3MWQt
MzhiYmNmYWVlNmNlLzEvTEFjVHNfdlBEc0pWQVp5TGljcGZaZ0R0d0QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS84MjhiMGYtODBlOC00MjdiLTk3MWQtMzhiYmNmYWVlNmNl
LzEvWm8wdlpNTTNSbDdUamFYM3pFV0UzNGZVcDBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCuTfoAwQD
vF8AAwQDwRxgAwQCwjusAwQAwpOFMA0EAgACMAcDBQMqALQAMA0GCSqGSIb3DQEB
CwUAA4IBAQBaB5NTeN2dmQfDrd3vt6yhRRxLAvoaCo0VJeSmA7LYeLr43uNZRhFM
2CShd8J0M8TBlucVeW+kq87DIYPsuOlqNsWQ1ZWxVpkuO7uC/k6SLQP5JlFZpGf9
5cQzYC3q76NHbEGwVkkADLOuLzPO6z2rEMiAX+3Zc+GwqkhWDA4k4Mi9XV3e8TGP
D6qKtDcSI7MXoJy761wluMQX9jRkqy3gCJEKx89rxnjXrZCh3IUpmzOUo0AIKZmn
zNjCwzBhv3ReEmkwoPrIB5qZfkDGDWUw1l25lpEYj7VLlASj4ytCLcDougQ38oMN
pN0KppTzmRvcBWTKgTEXKA7RnCZzhqGM
-----END CERTIFICATE-----
Generated at Mon Jun 10 22:16:58 2024 by rpki-client on console-fra.rpki-client.org