Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/4d5e4a-8a16-4537-be1f-1b1362b9b6a2/1/Lfgvvc4r9S4vX_cdFVGoZNVYsXo.roa
File: Lfgvvc4r9S4vX_cdFVGoZNVYsXo.roa (raw, json)
Hash identifier: 6WqQGQnq3ZaJKY23fEvJ2bjjbLI8dD/pZEZaaV+szHo=
Subject key identifier: 2D:F8:2F:BD:CE:2B:F5:2E:2F:5F:F7:1D:15:51:A8:64:D5:58:B1:7A
Certificate issuer: /CN=fe54ab2d481cf1622a2c52183ab4f5a930a4ae41
Certificate serial: 018CC9BCED279B206F87E172A86C7892252D
Authority key identifier: FE:54:AB:2D:48:1C:F1:62:2A:2C:52:18:3A:B4:F5:A9:30:A4:AE:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_lSrLUgc8WIqLFIYOrT1qTCkrkE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/4d5e4a-8a16-4537-be1f-1b1362b9b6a2/1/Lfgvvc4r9S4vX_cdFVGoZNVYsXo.roa
Signing time: Tue 02 Jan 2024 10:34:11 +0000
ROA not before: Tue 02 Jan 2024 10:34:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25252
IP address blocks: 171.25.128.0/21 maxlen: 21
193.221.28.0/24 maxlen: 24
193.221.36.0/24 maxlen: 24
193.221.37.0/24 maxlen: 24
193.221.38.0/24 maxlen: 24
193.221.32.0/22 maxlen: 22
193.221.47.0/24 maxlen: 24
193.221.53.0/24 maxlen: 24
193.221.52.0/24 maxlen: 24
193.221.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/4d5e4a-8a16-4537-be1f-1b1362b9b6a2/1/_lSrLUgc8WIqLFIYOrT1qTCkrkE.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/4d5e4a-8a16-4537-be1f-1b1362b9b6a2/1/_lSrLUgc8WIqLFIYOrT1qTCkrkE.mft
rsync://rpki.ripe.net/repository/DEFAULT/_lSrLUgc8WIqLFIYOrT1qTCkrkE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 21 Apr 2024 20:00:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:ed:27:9b:20:6f:87:e1:72:a8:6c:78:92:25:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe54ab2d481cf1622a2c52183ab4f5a930a4ae41
Validity
Not Before: Jan 2 10:34:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2df82fbdce2bf52e2f5ff71d1551a864d558b17a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:70:dc:d2:26:1c:2c:9a:34:10:d2:e9:a3:52:
68:ac:62:2f:62:3e:53:93:b0:87:0b:74:fd:dc:04:
34:e6:40:44:1f:04:b1:df:56:26:b8:d5:aa:17:38:
08:d0:fe:64:d3:91:0d:eb:ba:57:59:38:74:ff:c2:
9a:d8:d7:34:e4:28:26:e2:37:74:32:f8:63:76:ed:
a2:44:e5:fb:3c:7d:32:af:93:0e:a8:7e:47:26:32:
2a:27:5d:81:ed:7b:55:58:0f:bf:e7:97:71:b8:12:
79:ff:8b:71:79:4e:ad:f6:53:79:09:cf:b7:76:2e:
d4:e3:51:27:33:64:e4:9c:65:ae:96:aa:d5:31:39:
61:6e:da:d1:3e:44:dd:99:9b:16:4b:64:53:d7:cf:
43:86:c6:4c:74:0e:83:19:6c:98:aa:27:6a:a2:09:
53:77:c9:9e:b5:dd:31:74:2c:b7:e8:14:6a:29:6b:
bd:ca:0e:00:90:48:da:1b:d4:f9:1c:b7:75:6c:ee:
95:50:45:4b:3b:21:57:4e:12:df:2f:ce:e6:f9:0d:
81:c0:fd:09:2b:8a:e7:e5:47:88:09:5c:df:f2:7a:
30:6e:37:b9:53:c3:45:6a:c9:1b:8c:c6:61:8e:1c:
fa:2d:49:db:5b:41:ea:c3:88:de:40:e1:cd:84:4a:
79:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:F8:2F:BD:CE:2B:F5:2E:2F:5F:F7:1D:15:51:A8:64:D5:58:B1:7A
X509v3 Authority Key Identifier:
keyid:FE:54:AB:2D:48:1C:F1:62:2A:2C:52:18:3A:B4:F5:A9:30:A4:AE:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_lSrLUgc8WIqLFIYOrT1qTCkrkE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/4d5e4a-8a16-4537-be1f-1b1362b9b6a2/1/Lfgvvc4r9S4vX_cdFVGoZNVYsXo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/4d5e4a-8a16-4537-be1f-1b1362b9b6a2/1/_lSrLUgc8WIqLFIYOrT1qTCkrkE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.25.128.0/21
193.221.28.0/24
193.221.32.0-193.221.38.255
193.221.47.0/24
193.221.52.0/23
193.221.59.0/24
Signature Algorithm: sha256WithRSAEncryption
41:fc:07:bf:e0:e1:fe:5f:aa:3d:1b:c0:d1:f9:4f:d4:6e:eb:
93:81:76:c3:5d:c8:1d:05:e4:a0:80:29:26:d8:2c:b2:96:06:
a0:c0:55:b1:f0:b4:5f:f7:1b:5f:cf:46:d7:8e:02:e4:b9:7f:
15:58:18:64:1e:5d:e5:6c:06:b1:45:a5:30:74:8a:cd:92:0b:
8a:f3:b2:e5:99:a2:86:64:df:a0:4a:25:5f:dd:42:ae:ba:aa:
1e:c5:4e:47:a8:84:3a:e9:f9:e1:56:8b:19:4a:09:ea:e8:f5:
59:41:ee:be:3d:50:a3:6a:96:a9:9f:89:04:03:b6:9f:bd:64:
28:c1:7b:be:51:72:ba:40:d4:2b:97:db:77:c7:75:f7:1a:8a:
1a:47:04:e3:c6:9e:ff:6a:7f:ea:07:6f:c8:0b:1c:c6:bc:c9:
a8:09:d2:cc:ac:9c:c6:76:d3:36:b4:cd:08:f5:b6:31:d7:d9:
61:ba:2e:48:19:60:9e:e3:d4:b4:de:a9:5b:10:ec:6c:b0:6e:
43:3a:fd:43:95:73:39:65:51:57:d1:24:01:86:13:59:13:f4:
9f:a4:e8:65:a3:3e:bc:ce:2d:45:32:90:9d:aa:ac:a0:f9:b7:
f7:20:5e:9e:24:e8:44:e9:e3:a2:96:71:3b:85:ab:b8:41:b6:
dc:95:78:a6
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYzJvO0nmyBvh+FyqGx4kiUtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTRhYjJkNDgxY2YxNjIyYTJjNTIxODNhYjRmNWE5MzBh
NGFlNDEwHhcNMjQwMTAyMTAzNDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGY4MmZiZGNlMmJmNTJlMmY1ZmY3MWQxNTUxYTg2NGQ1NThiMTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmXDc0iYcLJo0ENLpo1JorGIvYj5T
k7CHC3T93AQ05kBEHwSx31YmuNWqFzgI0P5k05EN67pXWTh0/8Ka2Nc05Cgm4jd0
Mvhjdu2iROX7PH0yr5MOqH5HJjIqJ12B7XtVWA+/55dxuBJ5/4txeU6t9lN5Cc+3
di7U41EnM2TknGWulqrVMTlhbtrRPkTdmZsWS2RT189DhsZMdA6DGWyYqidqoglT
d8metd0xdCy36BRqKWu9yg4AkEjaG9T5HLd1bO6VUEVLOyFXThLfL87m+Q2BwP0J
K4rn5UeICVzf8nowbje5U8NFaskbjMZhjhz6LUnbW0Hqw4jeQOHNhEp5pQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFC34L73OK/UuL1/3HRVRqGTVWLF6MB8GA1UdIwQY
MBaAFP5Uqy1IHPFiKixSGDq09akwpK5BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xTckxVZ2M4V0lxTEZJWU9yVDFxVENrcmtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC80ZDVlNGEtOGExNi00NTM3LWJlMWYt
MWIxMzYyYjliNmEyLzEvTGZndnZjNHI5UzR2WF9jZEZWR29aTlZZc1hvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC80ZDVlNGEtOGExNi00NTM3LWJlMWYtMWIxMzYyYjliNmEy
LzEvX2xTckxVZ2M4V0lxTEZJWU9yVDFxVENrcmtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQDqxmAAwQA
wd0cMAwDBAXB3SADBADB3SYDBADB3S8DBAHB3TQDBADB3TswDQYJKoZIhvcNAQEL
BQADggEBAEH8B7/g4f5fqj0bwNH5T9Ru65OBdsNdyB0F5KCAKSbYLLKWBqDAVbHw
tF/3G1/PRteOAuS5fxVYGGQeXeVsBrFFpTB0is2SC4rzsuWZooZk36BKJV/dQq66
qh7FTkeohDrp+eFWixlKCero9VlB7r49UKNqlqmfiQQDtp+9ZCjBe75RcrpA1CuX
23fHdfcaihpHBOPGnv9qf+oHb8gLHMa8yagJ0sysnMZ20za0zQj1tjHX2WG6LkgZ
YJ7j1LTeqVsQ7GywbkM6/UOVczllUVfRJAGGE1kT9J+k6GWjPrzOLUUykJ2qrKD5
t/cgXp4k6ETp46KWcTuFq7hBttyVeKY=
-----END CERTIFICATE-----
Generated at Sun Apr 21 03:59:43 2024 by rpki-client on console-fra.rpki-client.org