Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/c63c94-e569-41b8-8e2b-d18b09cf3a1d/1/LrhGDwEseOaCT_Ax0uFHimCjfd4.roa
File: LrhGDwEseOaCT_Ax0uFHimCjfd4.roa (raw, json)
Hash identifier: LpJDQOBbupdbf3DSoQbvt6U8WtXQk9sc3Q8oJGyEnrI=
Subject key identifier: 2E:B8:46:0F:01:2C:78:E6:82:4F:F0:31:D2:E1:47:8A:60:A3:7D:DE
Certificate issuer: /CN=cb1383473e8aa8727068fc752e060e3dbf63e0ef
Certificate serial: 018CC492377C11BC636A2D9D8A291A561DD1
Authority key identifier: CB:13:83:47:3E:8A:A8:72:70:68:FC:75:2E:06:0E:3D:BF:63:E0:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yxODRz6KqHJwaPx1LgYOPb9j4O8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/c63c94-e569-41b8-8e2b-d18b09cf3a1d/1/LrhGDwEseOaCT_Ax0uFHimCjfd4.roa
Signing time: Mon 01 Jan 2024 10:29:25 +0000
ROA not before: Mon 01 Jan 2024 10:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 33915
IP address blocks: 194.34.199.0/24 maxlen: 24
194.35.73.0/24 maxlen: 24
194.35.75.0/24 maxlen: 24
194.104.99.0/24 maxlen: 24
194.35.11.0/24 maxlen: 24
2a00:7940::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/c63c94-e569-41b8-8e2b-d18b09cf3a1d/1/yxODRz6KqHJwaPx1LgYOPb9j4O8.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/c63c94-e569-41b8-8e2b-d18b09cf3a1d/1/yxODRz6KqHJwaPx1LgYOPb9j4O8.mft
rsync://rpki.ripe.net/repository/DEFAULT/yxODRz6KqHJwaPx1LgYOPb9j4O8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:37:7c:11:bc:63:6a:2d:9d:8a:29:1a:56:1d:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb1383473e8aa8727068fc752e060e3dbf63e0ef
Validity
Not Before: Jan 1 10:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2eb8460f012c78e6824ff031d2e1478a60a37dde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:1e:a7:27:1e:8f:9a:66:35:a0:5b:e0:20:49:
af:0b:24:87:8c:16:f6:c9:52:b8:88:8a:9b:52:bc:
b0:43:8c:dd:fd:6c:ea:b3:bf:4f:c5:1f:20:ef:99:
42:86:6f:e9:ae:82:e5:fa:b4:ef:5e:e3:25:d6:9e:
fa:da:96:a8:58:46:85:41:9d:5a:6a:08:a2:38:61:
77:8c:2a:09:fb:3a:1e:d0:6b:66:66:8d:bb:5b:66:
b6:b5:9b:55:e6:da:98:d9:f2:3e:8a:2e:20:ec:2e:
6a:96:b5:22:13:72:12:18:5a:af:f9:b1:ed:21:21:
2e:32:48:e9:e8:bc:c7:40:28:93:31:5a:a3:dd:6d:
98:66:53:05:bd:8d:ff:dd:65:81:52:a4:2c:ce:36:
93:c3:4e:96:15:70:77:82:34:ca:3a:e4:9b:d7:1e:
a8:48:44:4e:67:66:1b:02:3c:1e:0e:8f:0b:a6:3b:
fc:33:9f:c4:72:f3:c0:0d:1f:8b:8a:61:7d:e1:1c:
b5:0d:4e:d2:20:1e:c7:5c:3b:55:c2:57:05:d8:33:
e2:4e:2b:65:bf:3c:35:01:0c:fe:5f:d2:98:98:6b:
4a:50:c4:f0:41:ed:23:ab:a2:89:37:4e:52:e9:73:
c2:81:b3:d3:6c:08:af:81:b8:2b:fc:12:17:10:9b:
3b:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:B8:46:0F:01:2C:78:E6:82:4F:F0:31:D2:E1:47:8A:60:A3:7D:DE
X509v3 Authority Key Identifier:
keyid:CB:13:83:47:3E:8A:A8:72:70:68:FC:75:2E:06:0E:3D:BF:63:E0:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yxODRz6KqHJwaPx1LgYOPb9j4O8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/c63c94-e569-41b8-8e2b-d18b09cf3a1d/1/LrhGDwEseOaCT_Ax0uFHimCjfd4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/c63c94-e569-41b8-8e2b-d18b09cf3a1d/1/yxODRz6KqHJwaPx1LgYOPb9j4O8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.34.199.0/24
194.35.11.0/24
194.35.73.0/24
194.35.75.0/24
194.104.99.0/24
IPv6:
2a00:7940::/32
Signature Algorithm: sha256WithRSAEncryption
29:36:fa:16:9e:19:48:8f:4e:bc:02:06:40:e0:f0:6a:1b:d3:
a5:30:63:7a:e1:91:4d:ea:f5:f1:84:36:b5:71:c8:8d:49:37:
53:9e:a0:2c:74:08:60:a5:49:36:69:c9:d1:25:36:73:85:de:
52:de:72:b0:b0:db:f7:f6:4a:4f:8d:f4:24:2b:f6:64:7b:f2:
b6:bd:77:9a:9e:8b:84:0c:da:1e:48:c2:52:78:20:92:b5:f3:
86:77:e9:96:6d:22:d5:97:f3:e9:32:aa:ee:6c:be:76:14:c9:
3e:7d:83:f1:97:96:f2:9f:01:d0:ba:8f:14:80:80:59:95:89:
5f:5f:8d:61:b5:b7:f2:9c:17:00:75:32:8d:f7:fe:37:e0:30:
ca:c2:6c:c2:98:63:fd:22:4a:fa:56:63:52:3a:6b:6a:ad:3b:
af:4a:f4:e9:6d:fb:23:74:f2:b5:d7:af:66:b2:6a:49:6d:0e:
ea:d8:f3:31:17:ea:b5:b2:b0:dd:fd:86:a7:c3:71:b7:55:07:
88:a0:ae:57:aa:4d:f8:d6:9c:87:e5:c9:85:29:fa:51:e2:32:
85:53:2b:73:15:40:af:d4:c2:b9:a3:ca:55:23:f8:81:12:34:
01:e9:74:2d:f8:03:3e:e5:d9:03:67:fa:3e:6f:dd:a5:c3:76:
b9:5f:f2:84
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzEkjd8Ebxjai2diikaVh3RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiMTM4MzQ3M2U4YWE4NzI3MDY4ZmM3NTJlMDYwZTNkYmY2
M2UwZWYwHhcNMjQwMTAxMTAyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWI4NDYwZjAxMmM3OGU2ODI0ZmYwMzFkMmUxNDc4YTYwYTM3ZGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsB6nJx6PmmY1oFvgIEmvCySHjBb2
yVK4iIqbUrywQ4zd/Wzqs79PxR8g75lChm/proLl+rTvXuMl1p762paoWEaFQZ1a
agiiOGF3jCoJ+zoe0GtmZo27W2a2tZtV5tqY2fI+ii4g7C5qlrUiE3ISGFqv+bHt
ISEuMkjp6LzHQCiTMVqj3W2YZlMFvY3/3WWBUqQszjaTw06WFXB3gjTKOuSb1x6o
SEROZ2YbAjweDo8Lpjv8M5/EcvPADR+LimF94Ry1DU7SIB7HXDtVwlcF2DPiTitl
vzw1AQz+X9KYmGtKUMTwQe0jq6KJN05S6XPCgbPTbAivgbgr/BIXEJs7YwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFC64Rg8BLHjmgk/wMdLhR4pgo33eMB8GA1UdIwQY
MBaAFMsTg0c+iqhycGj8dS4GDj2/Y+DvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXhPRFJ6NktxSEp3YVB4MUxnWU9QYjlqNE84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9jNjNjOTQtZTU2OS00MWI4LThlMmIt
ZDE4YjA5Y2YzYTFkLzEvTHJoR0R3RXNlT2FDVF9BeDB1RkhpbUNqZmQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9jNjNjOTQtZTU2OS00MWI4LThlMmItZDE4YjA5Y2YzYTFk
LzEveXhPRFJ6NktxSEp3YVB4MUxnWU9QYjlqNE84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAwiLHAwQA
wiMLAwQAwiNJAwQAwiNLAwQAwmhjMA0EAgACMAcDBQAqAHlAMA0GCSqGSIb3DQEB
CwUAA4IBAQApNvoWnhlIj068AgZA4PBqG9OlMGN64ZFN6vXxhDa1cciNSTdTnqAs
dAhgpUk2acnRJTZzhd5S3nKwsNv39kpPjfQkK/Zke/K2vXeanouEDNoeSMJSeCCS
tfOGd+mWbSLVl/PpMqrubL52FMk+fYPxl5bynwHQuo8UgIBZlYlfX41htbfynBcA
dTKN9/434DDKwmzCmGP9Ikr6VmNSOmtqrTuvSvTpbfsjdPK1169msmpJbQ7q2PMx
F+q1srDd/Yanw3G3VQeIoK5Xqk341pyH5cmFKfpR4jKFUytzFUCv1MK5o8pVI/iB
EjQB6XQt+AM+5dkDZ/o+b92lw3a5X/KE
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:56:46 2024 by rpki-client on console-ams.rpki-client.org