Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/lBwmV3hL0FKN4qzhrBU04e2gABg.roa
File: lBwmV3hL0FKN4qzhrBU04e2gABg.roa (raw, json)
Hash identifier: cOIzU9p2WViuaxDo7lwA4JVq+jjllJeEatxbxkhwXTY=
Subject key identifier: 94:1C:26:57:78:4B:D0:52:8D:E2:AC:E1:AC:15:34:E1:ED:A0:00:18
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018CCA2A38C031BA8825F82E23A535501B28
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/lBwmV3hL0FKN4qzhrBU04e2gABg.roa
Signing time: Tue 02 Jan 2024 12:33:33 +0000
ROA not before: Tue 02 Jan 2024 12:33:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201069
IP address blocks: 93.170.187.0/24 maxlen: 24
93.170.96.0/24 maxlen: 24
95.47.119.0/24 maxlen: 24
93.171.218.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.mft
rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:38:c0:31:ba:88:25:f8:2e:23:a5:35:50:1b:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 12:33:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=941c2657784bd0528de2ace1ac1534e1eda00018
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:39:80:a4:2c:89:c2:b7:90:57:46:96:ec:7b:
93:b1:67:79:66:a8:df:49:81:bf:32:f5:3d:f1:d5:
e6:24:be:20:37:1f:20:73:f9:48:b1:25:07:88:81:
65:55:b1:bd:fb:5a:91:61:2b:8d:ac:d3:8e:aa:c5:
ca:30:bf:31:fa:bc:d3:37:64:28:b6:63:6b:41:af:
12:0b:51:b1:8d:d7:87:0f:8c:db:7f:ae:88:f8:67:
d6:76:eb:c3:06:60:f9:12:59:99:c0:b7:69:e3:7a:
1a:b5:0b:c2:71:5d:1c:c4:8b:64:6a:36:f4:3b:be:
f2:30:82:50:9e:96:d7:f9:10:f3:55:8e:be:ce:1f:
2f:86:a2:37:f8:0f:16:9d:07:08:17:9a:8d:37:f5:
77:3a:bd:82:65:72:e4:25:c0:be:05:21:31:5f:65:
d4:79:a1:75:b8:bd:82:dc:ea:b2:61:11:e9:da:1c:
af:93:33:e3:96:20:d0:4b:6f:6b:28:71:d0:8a:4a:
2c:47:92:95:9f:8e:37:3d:62:9b:2f:ff:b4:f8:96:
06:13:c0:c7:1e:ba:ab:29:46:0e:58:ec:06:ba:5c:
22:55:f2:cd:a1:64:87:d6:1e:25:54:cb:81:ab:29:
60:7c:d5:64:da:28:1e:ac:ef:2f:3d:4a:46:d8:8f:
f0:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:1C:26:57:78:4B:D0:52:8D:E2:AC:E1:AC:15:34:E1:ED:A0:00:18
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/lBwmV3hL0FKN4qzhrBU04e2gABg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.170.96.0/24
93.170.187.0/24
93.171.218.0/24
95.47.119.0/24
Signature Algorithm: sha256WithRSAEncryption
46:48:83:46:1d:c8:d9:05:22:07:b2:6c:f5:bc:35:49:86:86:
62:4a:77:04:11:af:33:e7:23:36:30:23:1c:3a:1c:4f:f7:9c:
f7:d3:f5:63:eb:4b:06:42:5a:fe:2b:e4:04:b5:2b:48:6e:92:
96:54:7b:e9:c1:53:65:ce:3a:65:33:d7:fa:41:24:ff:90:64:
ac:97:e3:1d:a3:27:b7:dd:64:58:68:63:67:b4:3f:dd:b6:9a:
81:48:8a:f7:a2:0f:77:db:fb:5c:04:1d:d3:c8:fb:2e:6b:33:
5d:37:53:d2:ee:f4:55:03:57:23:8a:dd:6a:12:75:31:37:9d:
22:30:b6:1a:9e:d9:32:cf:48:6f:c5:92:bc:3a:6e:8a:11:02:
5a:e7:25:47:e3:2b:a7:f1:e4:b7:12:f5:3e:06:de:17:27:2e:
b1:c5:31:21:4d:29:3a:aa:9e:8b:c7:db:67:31:15:7f:54:5b:
ba:40:c4:aa:57:3d:f7:67:ef:d9:89:c9:d8:7a:94:8a:ca:f3:
30:be:9f:a1:b8:90:6f:4a:50:66:96:dd:6d:25:a6:e7:8f:e2:
d3:e5:b0:c0:42:19:46:82:b1:40:f7:51:da:27:7f:7e:11:71:
aa:74:e7:9a:2a:66:7f:6d:f0:8e:c3:0c:cd:a2:cd:88:bc:5f:
f0:16:32:02
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzKKjjAMbqIJfguI6U1UBsoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjQwMTAyMTIzMzMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDFjMjY1Nzc4NGJkMDUyOGRlMmFjZTFhYzE1MzRlMWVkYTAwMDE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAujmApCyJwreQV0aW7HuTsWd5Zqjf
SYG/MvU98dXmJL4gNx8gc/lIsSUHiIFlVbG9+1qRYSuNrNOOqsXKML8x+rzTN2Qo
tmNrQa8SC1GxjdeHD4zbf66I+GfWduvDBmD5ElmZwLdp43oatQvCcV0cxItkajb0
O77yMIJQnpbX+RDzVY6+zh8vhqI3+A8WnQcIF5qNN/V3Or2CZXLkJcC+BSExX2XU
eaF1uL2C3OqyYRHp2hyvkzPjliDQS29rKHHQikosR5KVn443PWKbL/+0+JYGE8DH
HrqrKUYOWOwGulwiVfLNoWSH1h4lVMuBqylgfNVk2igerO8vPUpG2I/wHwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJQcJld4S9BSjeKs4awVNOHtoAAYMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvbEJ3bVYzaEwwRktONHF6aHJCVTA0ZTJnQUJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAXapgAwQA
Xaq7AwQAXavaAwQAXy93MA0GCSqGSIb3DQEBCwUAA4IBAQBGSINGHcjZBSIHsmz1
vDVJhoZiSncEEa8z5yM2MCMcOhxP95z30/Vj60sGQlr+K+QEtStIbpKWVHvpwVNl
zjplM9f6QST/kGSsl+Mdoye33WRYaGNntD/dtpqBSIr3og932/tcBB3TyPsuazNd
N1PS7vRVA1cjit1qEnUxN50iMLYantkyz0hvxZK8Om6KEQJa5yVH4yun8eS3EvU+
Bt4XJy6xxTEhTSk6qp6Lx9tnMRV/VFu6QMSqVz33Z+/ZicnYepSKyvMwvp+huJBv
SlBmlt1tJabnj+LT5bDAQhlGgrFA91HaJ39+EXGqdOeaKmZ/bfCOwwzNos2IvF/w
FjIC
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:25:42 2024 by rpki-client on console-ams.rpki-client.org