Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/LHAD-3MpdkLFO6ykRaaCpDwtKT0.roa
File: LHAD-3MpdkLFO6ykRaaCpDwtKT0.roa (raw, json)
Hash identifier: DwguAhwk50cyyOuGrVjDVUNL8UkJKOYhlmTKrIRKHDU=
Subject key identifier: 2C:70:03:FB:73:29:76:42:C5:3B:AC:A4:45:A6:82:A4:3C:2D:29:3D
Certificate issuer: /CN=f84128146b7bec8bd1185bbe0c3b9340aaf5b714
Certificate serial: 018CC56EB20F4A8D6B76BFBD0E25A88F9E67
Authority key identifier: F8:41:28:14:6B:7B:EC:8B:D1:18:5B:BE:0C:3B:93:40:AA:F5:B7:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-EEoFGt77IvRGFu-DDuTQKr1txQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/LHAD-3MpdkLFO6ykRaaCpDwtKT0.roa
Signing time: Mon 01 Jan 2024 14:30:15 +0000
ROA not before: Mon 01 Jan 2024 14:30:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202103
IP address blocks: 176.39.0.0/19 maxlen: 20
92.52.128.0/18 maxlen: 20
31.134.64.0/19 maxlen: 20
176.39.48.0/20 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/1-EEoFGt77IvRGFu-DDuTQKr1txQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/1-EEoFGt77IvRGFu-DDuTQKr1txQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-EEoFGt77IvRGFu-DDuTQKr1txQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:b2:0f:4a:8d:6b:76:bf:bd:0e:25:a8:8f:9e:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f84128146b7bec8bd1185bbe0c3b9340aaf5b714
Validity
Not Before: Jan 1 14:30:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2c7003fb73297642c53baca445a682a43c2d293d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:fe:84:53:16:2f:50:7b:fc:e3:11:ab:6e:fc:
dd:61:b5:2e:d2:61:a1:e2:9a:19:4f:25:e7:0c:36:
52:d5:b2:d1:61:41:1a:e7:88:3b:04:96:c6:94:18:
43:83:52:58:85:89:00:48:7e:94:f8:9a:07:3f:08:
77:16:11:d7:31:e8:d1:02:6a:0b:d9:61:32:0c:37:
38:3d:72:e0:e2:f6:a3:f4:ea:fa:1d:e2:cb:12:a4:
ec:e1:97:74:00:a8:57:53:8c:23:bb:dd:7e:9f:c2:
90:ac:fd:a8:03:c7:ff:f2:42:19:49:6a:13:73:9f:
e9:63:3d:3b:45:09:a2:73:0b:19:20:f6:c9:83:17:
e2:18:3b:ee:df:8c:7a:46:f3:f7:60:5c:a0:af:09:
7a:9c:9c:ee:ef:5b:59:a8:86:96:f5:01:2b:b7:b3:
fa:f9:cb:cf:02:b2:58:5e:45:e4:68:a6:c9:a4:70:
f2:c3:98:69:b7:9d:0c:c5:e3:9e:e4:e2:5a:03:a4:
4a:09:00:44:b5:b0:93:8c:7f:4e:7f:62:bc:39:eb:
e3:18:a3:16:df:59:04:96:84:de:f6:c7:f9:0e:66:
29:f1:5a:0f:4b:cb:f5:bd:e3:7a:e5:c6:e7:d7:34:
d2:6c:b6:b8:20:10:1f:14:2d:35:ac:7f:60:81:4d:
1b:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:70:03:FB:73:29:76:42:C5:3B:AC:A4:45:A6:82:A4:3C:2D:29:3D
X509v3 Authority Key Identifier:
keyid:F8:41:28:14:6B:7B:EC:8B:D1:18:5B:BE:0C:3B:93:40:AA:F5:B7:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-EEoFGt77IvRGFu-DDuTQKr1txQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/LHAD-3MpdkLFO6ykRaaCpDwtKT0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/1-EEoFGt77IvRGFu-DDuTQKr1txQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.134.64.0/19
92.52.128.0/18
176.39.0.0/19
176.39.48.0/20
Signature Algorithm: sha256WithRSAEncryption
54:2b:dc:cc:b1:44:0f:c0:e3:dc:76:7d:b1:02:3e:0c:33:70:
9b:13:a5:df:91:95:49:98:a6:68:52:e9:0d:a9:d1:19:1d:14:
8f:84:19:f4:35:e5:c8:45:70:4f:3f:d4:c3:bd:37:f9:70:5c:
f6:23:bb:5c:b2:f0:d7:db:b9:9b:09:5e:d7:d4:6f:c9:c5:20:
b0:bd:13:14:a4:a9:fe:52:dc:d9:b9:f6:e8:bd:bf:dc:5a:0a:
e3:27:5a:47:9f:bc:14:c8:6d:71:71:99:d2:8b:1e:e7:88:56:
5a:10:00:1d:d1:60:13:54:99:15:38:1d:8f:10:e0:88:ad:c4:
33:74:ea:03:a0:45:8e:04:cb:99:81:3a:4d:1c:ea:d1:6d:66:
a8:8b:05:d3:67:bd:7a:4e:a8:c4:b1:68:d6:34:e3:33:eb:55:
77:15:75:3c:af:4f:54:c2:28:4b:79:e9:48:59:e2:ca:31:70:
38:82:d7:31:70:b0:c0:fa:c1:7a:05:40:33:d1:3e:c0:80:f8:
4d:e3:a0:0f:d3:1c:cf:7f:37:e2:c3:73:8e:79:ff:92:86:57:
d5:8b:82:0f:75:90:0c:18:66:d7:95:79:e7:b6:4a:49:ea:b6:
1b:3b:8f:fb:f8:86:65:48:cf:be:b4:c9:90:ca:fb:e7:8b:3d:
56:9b:90:0b
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzFbrIPSo1rdr+9DiWoj55nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4NDEyODE0NmI3YmVjOGJkMTE4NWJiZTBjM2I5MzQwYWFm
NWI3MTQwHhcNMjQwMTAxMTQzMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzcwMDNmYjczMjk3NjQyYzUzYmFjYTQ0NWE2ODJhNDNjMmQyOTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhP6EUxYvUHv84xGrbvzdYbUu0mGh
4poZTyXnDDZS1bLRYUEa54g7BJbGlBhDg1JYhYkASH6U+JoHPwh3FhHXMejRAmoL
2WEyDDc4PXLg4vaj9Or6HeLLEqTs4Zd0AKhXU4wju91+n8KQrP2oA8f/8kIZSWoT
c5/pYz07RQmicwsZIPbJgxfiGDvu34x6RvP3YFygrwl6nJzu71tZqIaW9QErt7P6
+cvPArJYXkXkaKbJpHDyw5hpt50MxeOe5OJaA6RKCQBEtbCTjH9Of2K8OevjGKMW
31kEloTe9sf5DmYp8VoPS8v1veN65cbn1zTSbLa4IBAfFC01rH9ggU0b+wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFCxwA/tzKXZCxTuspEWmgqQ8LSk9MB8GA1UdIwQY
MBaAFPhBKBRre+yL0Rhbvgw7k0Cq9bcUMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1FRW9GR3Q3N0l2UkdGdS1ERHVUUUtyMXR4US5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIvZmIyNDExLTQ4NWItNDE0My05MjQx
LTEzODM5NjQwYTYwNC8xL0xIQUQtM01wZGtMRk82eWtSYWFDcER3dEtUMC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNjIvZmIyNDExLTQ4NWItNDE0My05MjQxLTEzODM5NjQwYTYw
NC8xLzEtRUVvRkd0NzdJdlJHRnUtRER1VFFLcjF0eFEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBAUfhkAD
BAZcNIADBAWwJwADBASwJzAwDQYJKoZIhvcNAQELBQADggEBAFQr3MyxRA/A49x2
fbECPgwzcJsTpd+RlUmYpmhS6Q2p0RkdFI+EGfQ15chFcE8/1MO9N/lwXPYju1yy
8NfbuZsJXtfUb8nFILC9ExSkqf5S3Nm59ui9v9xaCuMnWkefvBTIbXFxmdKLHueI
VloQAB3RYBNUmRU4HY8Q4IitxDN06gOgRY4Ey5mBOk0c6tFtZqiLBdNnvXpOqMSx
aNY04zPrVXcVdTyvT1TCKEt56UhZ4soxcDiC1zFwsMD6wXoFQDPRPsCA+E3joA/T
HM9/N+LDc455/5KGV9WLgg91kAwYZteVeee2Sknqths7j/v4hmVIz760yZDK++eL
PVabkAs=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:41:20 2024 by rpki-client on console-ams.rpki-client.org