Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/eab4d8-6afd-4f81-ab10-464eb183b568/1/LWD1_vBHNT078UnSp0X3qAilt3I.roa
File: LWD1_vBHNT078UnSp0X3qAilt3I.roa (raw, json)
Hash identifier: J0soT0h0xBK+oLR9yVctan+wVix7w7NVtfttQfvAcTo=
Subject key identifier: 2D:60:F5:FE:F0:47:35:3D:3B:F1:49:D2:A7:45:F7:A8:08:A5:B7:72
Certificate issuer: /CN=e801f23ce821c264d67727536ec183537594c5f2
Certificate serial: 018CC4936BAEC35CCB512E0F6DE31D93D175
Authority key identifier: E8:01:F2:3C:E8:21:C2:64:D6:77:27:53:6E:C1:83:53:75:94:C5:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6AHyPOghwmTWdydTbsGDU3WUxfI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/eab4d8-6afd-4f81-ab10-464eb183b568/1/LWD1_vBHNT078UnSp0X3qAilt3I.roa
Signing time: Mon 01 Jan 2024 10:30:44 +0000
ROA not before: Mon 01 Jan 2024 10:30:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41001
IP address blocks: 89.45.232.0/22 maxlen: 22
89.47.184.0/23 maxlen: 23
86.105.118.0/24 maxlen: 24
2001:6b0:5a::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/eab4d8-6afd-4f81-ab10-464eb183b568/1/6AHyPOghwmTWdydTbsGDU3WUxfI.crl
rsync://rpki.ripe.net/repository/DEFAULT/60/eab4d8-6afd-4f81-ab10-464eb183b568/1/6AHyPOghwmTWdydTbsGDU3WUxfI.mft
rsync://rpki.ripe.net/repository/DEFAULT/6AHyPOghwmTWdydTbsGDU3WUxfI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 04:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:6b:ae:c3:5c:cb:51:2e:0f:6d:e3:1d:93:d1:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e801f23ce821c264d67727536ec183537594c5f2
Validity
Not Before: Jan 1 10:30:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2d60f5fef047353d3bf149d2a745f7a808a5b772
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:a6:d1:f0:4a:43:a6:07:04:7c:63:d6:45:74:
50:4f:40:31:96:a5:01:bb:7a:a2:a6:74:19:f4:2b:
c1:46:5e:af:2c:b6:45:2c:53:02:97:95:c2:7a:9e:
2e:9f:50:69:e8:3b:65:39:08:e5:a2:7c:e4:29:56:
b8:de:34:bb:62:cf:dd:74:ae:56:d7:43:f1:c1:27:
1d:97:ab:53:8a:1e:41:b4:95:92:e4:6a:80:34:e5:
65:da:18:8c:f8:cd:34:04:05:0f:93:78:dc:c5:65:
ec:61:46:6d:4c:16:d8:73:1a:c8:be:f7:36:9a:dc:
8d:76:4b:38:fc:b1:6c:bf:b3:8e:e8:7b:03:b2:b4:
b8:ef:7e:70:4f:42:ea:af:22:3b:ef:6f:64:00:85:
84:fb:eb:1d:ad:83:87:f2:25:61:65:7d:ad:60:2e:
21:cb:43:fb:0f:fc:b5:8d:5f:b7:80:58:5b:d1:3b:
66:77:fa:f8:ae:6d:93:91:8f:26:e0:70:21:82:b8:
dd:7e:ac:53:18:32:18:21:27:ae:72:9e:ff:95:52:
7e:ed:59:cc:19:9d:34:af:56:5f:0d:16:57:6e:c7:
38:85:7b:3d:5d:96:b0:12:b6:ad:6b:0e:10:ff:29:
dd:c3:a3:99:8a:cf:e0:22:47:a6:b7:27:71:3f:87:
ee:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:60:F5:FE:F0:47:35:3D:3B:F1:49:D2:A7:45:F7:A8:08:A5:B7:72
X509v3 Authority Key Identifier:
keyid:E8:01:F2:3C:E8:21:C2:64:D6:77:27:53:6E:C1:83:53:75:94:C5:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6AHyPOghwmTWdydTbsGDU3WUxfI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/eab4d8-6afd-4f81-ab10-464eb183b568/1/LWD1_vBHNT078UnSp0X3qAilt3I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/eab4d8-6afd-4f81-ab10-464eb183b568/1/6AHyPOghwmTWdydTbsGDU3WUxfI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.105.118.0/24
89.45.232.0/22
89.47.184.0/23
IPv6:
2001:6b0:5a::/48
Signature Algorithm: sha256WithRSAEncryption
2e:5f:fe:00:23:bc:eb:2a:b2:49:e3:3c:9f:a5:4e:ac:04:60:
e5:9a:02:7a:76:e9:7d:4d:af:e2:1a:01:b0:28:ab:bf:0f:5f:
dd:c5:bf:cc:ab:6b:81:ca:40:08:e3:fd:14:4e:62:5f:47:8b:
48:a8:1f:c1:11:6e:56:5c:f6:73:54:59:82:32:b0:82:4b:77:
5f:a2:6b:16:5b:a3:59:44:ce:b3:ae:f2:db:fb:e5:e8:9b:25:
86:23:ee:67:37:7c:09:3d:b6:c3:73:d3:95:5d:6d:59:cd:25:
1b:4f:0a:47:e6:a2:f4:01:79:b4:04:88:e3:31:91:0d:21:bd:
b3:f4:ec:cf:77:f1:95:08:c3:e5:bb:b6:db:cd:64:0b:3f:aa:
9f:f8:9c:1d:71:77:b6:18:56:42:8c:88:c5:20:2a:e5:04:0e:
ed:57:b8:47:0a:cc:f2:5c:9f:c2:7d:cd:ea:7a:99:28:30:4c:
29:a6:da:ab:e4:11:e7:47:40:f0:45:e0:5a:e1:8b:f0:86:fe:
65:64:2a:6a:d5:7d:69:db:1f:1e:2c:ea:f2:b4:20:6a:28:d7:
6e:04:00:4d:a6:31:8f:6d:89:e3:c1:35:a9:1b:bc:bf:be:d5:
c5:cd:ae:7d:73:5a:96:9d:23:20:da:0d:9a:30:0e:67:9e:dc:
ca:0e:a0:b4
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzEk2uuw1zLUS4PbeMdk9F1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4MDFmMjNjZTgyMWMyNjRkNjc3Mjc1MzZlYzE4MzUzNzU5
NGM1ZjIwHhcNMjQwMTAxMTAzMDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDYwZjVmZWYwNDczNTNkM2JmMTQ5ZDJhNzQ1ZjdhODA4YTViNzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxKbR8EpDpgcEfGPWRXRQT0AxlqUB
u3qipnQZ9CvBRl6vLLZFLFMCl5XCep4un1Bp6DtlOQjlonzkKVa43jS7Ys/ddK5W
10PxwScdl6tTih5BtJWS5GqANOVl2hiM+M00BAUPk3jcxWXsYUZtTBbYcxrIvvc2
mtyNdks4/LFsv7OO6HsDsrS4735wT0LqryI7729kAIWE++sdrYOH8iVhZX2tYC4h
y0P7D/y1jV+3gFhb0Ttmd/r4rm2TkY8m4HAhgrjdfqxTGDIYISeucp7/lVJ+7VnM
GZ00r1ZfDRZXbsc4hXs9XZawErataw4Q/yndw6OZis/gIkemtydxP4fuCQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFC1g9f7wRzU9O/FJ0qdF96gIpbdyMB8GA1UdIwQY
MBaAFOgB8jzoIcJk1ncnU27Bg1N1lMXyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkFIeVBPZ2h3bVRXZHlkVGJzR0RVM1dVeGZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9lYWI0ZDgtNmFmZC00ZjgxLWFiMTAt
NDY0ZWIxODNiNTY4LzEvTFdEMV92QkhOVDA3OFVuU3AwWDNxQWlsdDNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9lYWI0ZDgtNmFmZC00ZjgxLWFiMTAtNDY0ZWIxODNiNTY4
LzEvNkFIeVBPZ2h3bVRXZHlkVGJzR0RVM1dVeGZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAVml2AwQC
WS3oAwQBWS+4MA8EAgACMAkDBwAgAQawAFowDQYJKoZIhvcNAQELBQADggEBAC5f
/gAjvOsqsknjPJ+lTqwEYOWaAnp26X1Nr+IaAbAoq78PX93Fv8yra4HKQAjj/RRO
Yl9Hi0ioH8ERblZc9nNUWYIysIJLd1+iaxZbo1lEzrOu8tv75eibJYYj7mc3fAk9
tsNz05VdbVnNJRtPCkfmovQBebQEiOMxkQ0hvbP07M938ZUIw+W7ttvNZAs/qp/4
nB1xd7YYVkKMiMUgKuUEDu1XuEcKzPJcn8J9zep6mSgwTCmm2qvkEedHQPBF4Frh
i/CG/mVkKmrVfWnbHx4s6vK0IGoo124EAE2mMY9tiePBNakbvL++1cXNrn1zWpad
IyDaDZowDmee3MoOoLQ=
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:47:04 2024 by rpki-client on console-fra.rpki-client.org