Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/df140a-0ac3-4105-b83a-051886d0ed4e/1/LSGM7vSXp13ydrW98bnFaLd9hUc.roa
File: LSGM7vSXp13ydrW98bnFaLd9hUc.roa (raw, json)
Hash identifier: /jae2BIVvzfnsYv1M+LXz3ruqosU91IBGfDVSswFEPE=
Subject key identifier: 2D:21:8C:EE:F4:97:A7:5D:F2:76:B5:BD:F1:B9:C5:68:B7:7D:85:47
Certificate issuer: /CN=955fcf92798a9dbb30abd2b9fa29bfa8804220f3
Certificate serial: 018CCA2A2680DA95ADBEF1BACDDE32AE656B
Authority key identifier: 95:5F:CF:92:79:8A:9D:BB:30:AB:D2:B9:FA:29:BF:A8:80:42:20:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lV_PknmKnbswq9K5-im_qIBCIPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/df140a-0ac3-4105-b83a-051886d0ed4e/1/LSGM7vSXp13ydrW98bnFaLd9hUc.roa
Signing time: Tue 02 Jan 2024 12:33:29 +0000
ROA not before: Tue 02 Jan 2024 12:33:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21368
IP address blocks: 45.86.137.0/24 maxlen: 24
45.86.138.0/23 maxlen: 23
185.109.253.0/24 maxlen: 24
185.109.252.0/23 maxlen: 23
185.109.252.0/24 maxlen: 24
185.109.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/df140a-0ac3-4105-b83a-051886d0ed4e/1/lV_PknmKnbswq9K5-im_qIBCIPM.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/df140a-0ac3-4105-b83a-051886d0ed4e/1/lV_PknmKnbswq9K5-im_qIBCIPM.mft
rsync://rpki.ripe.net/repository/DEFAULT/lV_PknmKnbswq9K5-im_qIBCIPM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:26:80:da:95:ad:be:f1:ba:cd:de:32:ae:65:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=955fcf92798a9dbb30abd2b9fa29bfa8804220f3
Validity
Not Before: Jan 2 12:33:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2d218ceef497a75df276b5bdf1b9c568b77d8547
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:76:b6:57:c8:fa:dd:46:d3:9f:33:3d:9f:5b:
1f:1c:a6:98:40:ee:0f:fb:bb:30:18:45:a3:c6:38:
15:3d:94:21:78:69:4c:1d:ba:74:3a:f1:d6:c9:7e:
af:b9:ba:ae:e4:d7:8b:44:b1:fc:35:93:8b:44:40:
8a:60:e3:de:a5:26:63:83:e6:49:07:f8:8e:78:f4:
14:94:51:cc:2f:c1:b7:eb:88:db:b1:d5:8b:d9:a4:
26:db:8c:f0:a0:ba:cd:41:1a:ec:81:33:a0:30:de:
d5:48:d9:2a:26:53:a7:f4:95:f8:3d:75:53:3f:61:
52:b9:b4:d3:2d:67:f0:22:7f:9c:ad:57:ea:e3:4d:
c2:ad:47:96:dd:21:51:a4:a8:19:77:0f:c8:0f:7a:
d8:7c:56:b2:ca:d0:9f:28:04:67:73:e1:0c:cc:0b:
ee:24:d4:4e:bb:a0:a1:9c:91:1f:e0:b5:70:9a:21:
0d:f5:0a:7b:51:aa:79:05:33:76:32:ab:67:30:b6:
38:6d:68:cc:48:56:b2:6e:a1:1a:d1:82:0f:02:33:
5a:ae:4e:ce:ee:9c:21:cf:36:d3:53:0d:79:48:5a:
69:4c:82:c3:3c:26:0d:55:a4:10:9c:d6:f3:32:e2:
7a:49:30:61:88:fd:92:bc:b7:40:b8:2c:2f:28:1a:
d4:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:21:8C:EE:F4:97:A7:5D:F2:76:B5:BD:F1:B9:C5:68:B7:7D:85:47
X509v3 Authority Key Identifier:
keyid:95:5F:CF:92:79:8A:9D:BB:30:AB:D2:B9:FA:29:BF:A8:80:42:20:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lV_PknmKnbswq9K5-im_qIBCIPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/df140a-0ac3-4105-b83a-051886d0ed4e/1/LSGM7vSXp13ydrW98bnFaLd9hUc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/df140a-0ac3-4105-b83a-051886d0ed4e/1/lV_PknmKnbswq9K5-im_qIBCIPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.137.0-45.86.139.255
185.109.252.0/23
185.109.255.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:24:cb:36:13:c7:5c:75:da:b3:a6:c6:c2:91:07:82:f4:95:
95:a3:ec:19:50:34:c5:0b:fd:78:80:07:3f:7f:bd:fc:77:dc:
99:13:94:18:54:f7:30:6b:7d:ea:6e:81:17:88:44:5f:92:e1:
e5:0f:12:3c:52:30:de:d3:a9:ec:f8:cb:a5:90:56:50:c8:24:
33:87:c1:2b:b5:b8:0e:fc:65:6d:15:1a:35:c0:10:88:40:21:
99:ef:9d:d6:22:b2:14:6b:58:40:6b:71:46:2f:ef:2f:c5:74:
a7:73:e5:4e:36:49:be:ba:c3:58:ee:70:f8:a4:4e:b9:a2:a6:
5d:c0:f4:f6:d1:b2:15:7c:29:b3:f6:94:f1:85:96:c9:b9:c9:
0f:70:54:6d:40:ec:f3:6c:4c:24:95:ad:9e:c5:56:a0:8f:13:
14:1a:0e:b4:90:07:65:aa:6b:01:b0:8e:67:15:18:8a:8c:ea:
ea:0e:c4:dd:ac:b2:e2:42:25:6e:19:10:7c:80:55:09:27:47:
2e:b7:a1:8a:96:1c:64:dc:cf:ee:f9:48:4e:4a:04:c2:39:90:
01:e2:05:d9:fd:61:01:6e:cf:85:9e:f1:f7:d4:0e:00:08:f2:
cc:63:36:75:e8:d2:64:0b:64:ae:b5:f0:eb:2e:03:db:2e:a0:
6a:be:77:8d
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzKKiaA2pWtvvG6zd4yrmVrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1NWZjZjkyNzk4YTlkYmIzMGFiZDJiOWZhMjliZmE4ODA0
MjIwZjMwHhcNMjQwMTAyMTIzMzI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDIxOGNlZWY0OTdhNzVkZjI3NmI1YmRmMWI5YzU2OGI3N2Q4NTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApna2V8j63UbTnzM9n1sfHKaYQO4P
+7swGEWjxjgVPZQheGlMHbp0OvHWyX6vubqu5NeLRLH8NZOLRECKYOPepSZjg+ZJ
B/iOePQUlFHML8G364jbsdWL2aQm24zwoLrNQRrsgTOgMN7VSNkqJlOn9JX4PXVT
P2FSubTTLWfwIn+crVfq403CrUeW3SFRpKgZdw/ID3rYfFayytCfKARnc+EMzAvu
JNROu6ChnJEf4LVwmiEN9Qp7Uap5BTN2MqtnMLY4bWjMSFaybqEa0YIPAjNark7O
7pwhzzbTUw15SFppTILDPCYNVaQQnNbzMuJ6STBhiP2SvLdAuCwvKBrUAQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFC0hjO70l6dd8na1vfG5xWi3fYVHMB8GA1UdIwQY
MBaAFJVfz5J5ip27MKvSufopv6iAQiDzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFZfUGtubUtuYnN3cTlLNS1pbV9xSUJDSVBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi9kZjE0MGEtMGFjMy00MTA1LWI4M2Et
MDUxODg2ZDBlZDRlLzEvTFNHTTd2U1hwMTN5ZHJXOThibkZhTGQ5aFVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi9kZjE0MGEtMGFjMy00MTA1LWI4M2EtMDUxODg2ZDBlZDRl
LzEvbFZfUGtubUtuYnN3cTlLNS1pbV9xSUJDSVBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAAtVokD
BAItVogDBAG5bfwDBAC5bf8wDQYJKoZIhvcNAQELBQADggEBAEokyzYTx1x12rOm
xsKRB4L0lZWj7BlQNMUL/XiABz9/vfx33JkTlBhU9zBrfepugReIRF+S4eUPEjxS
MN7Tqez4y6WQVlDIJDOHwSu1uA78ZW0VGjXAEIhAIZnvndYishRrWEBrcUYv7y/F
dKdz5U42Sb66w1jucPikTrmipl3A9PbRshV8KbP2lPGFlsm5yQ9wVG1A7PNsTCSV
rZ7FVqCPExQaDrSQB2WqawGwjmcVGIqM6uoOxN2ssuJCJW4ZEHyAVQknRy63oYqW
HGTcz+75SE5KBMI5kAHiBdn9YQFuz4We8ffUDgAI8sxjNnXo0mQLZK618OsuA9su
oGq+d40=
-----END CERTIFICATE-----
Generated at Sat Jun 1 11:57:21 2024 by rpki-client on console-fra.rpki-client.org