Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/r0LmmfKSGCSBeK9EMZSmEZm-sGg.roa
File: r0LmmfKSGCSBeK9EMZSmEZm-sGg.roa (raw, json)
Hash identifier: VczZSCH+Id63klUW9LwHoM2/Hc0biZptK52bTAwk4n4=
Subject key identifier: AF:42:E6:99:F2:92:18:24:81:78:AF:44:31:94:A6:11:99:BE:B0:68
Certificate issuer: /CN=2f3136ed10998580a517d9598abca33d9ba66599
Certificate serial: 018E866933A1121C39D8871BBA331AE3F859
Authority key identifier: 2F:31:36:ED:10:99:85:80:A5:17:D9:59:8A:BC:A3:3D:9B:A6:65:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LzE27RCZhYClF9lZiryjPZumZZk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/r0LmmfKSGCSBeK9EMZSmEZm-sGg.roa
Signing time: Thu 28 Mar 2024 18:53:44 +0000
ROA not before: Thu 28 Mar 2024 18:53:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 145.224.128.0/20 maxlen: 24
145.224.192.0/19 maxlen: 24
145.224.192.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/LzE27RCZhYClF9lZiryjPZumZZk.crl
rsync://rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/LzE27RCZhYClF9lZiryjPZumZZk.mft
rsync://rpki.ripe.net/repository/DEFAULT/LzE27RCZhYClF9lZiryjPZumZZk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 21:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:86:69:33:a1:12:1c:39:d8:87:1b:ba:33:1a:e3:f8:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f3136ed10998580a517d9598abca33d9ba66599
Validity
Not Before: Mar 28 18:53:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=af42e699f29218248178af443194a61199beb068
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:a3:06:4c:0f:d4:d4:87:e7:cc:24:fd:f1:dc:
48:ee:35:fb:a2:79:52:b0:c9:31:c6:93:08:91:6c:
de:c9:7d:4d:e2:c7:ed:77:da:59:f7:27:9b:6a:10:
99:38:51:75:2a:19:d4:1b:95:ca:75:68:41:b5:53:
4a:b3:d7:f7:3a:d6:17:0d:30:fc:e0:78:da:74:91:
fb:55:d6:2f:0d:e3:e4:ba:90:74:49:37:69:af:92:
68:41:8d:42:bd:41:b0:78:bd:21:b3:e9:43:d2:6f:
26:38:ba:24:fc:08:c4:4d:4e:8b:90:e1:e3:27:f3:
74:c1:30:b4:19:04:de:06:a5:d1:ce:21:78:7e:72:
bf:ad:38:2f:4a:7b:65:d2:ca:3c:7c:9c:00:f7:7e:
fe:e0:99:5f:5a:4b:7e:af:d2:74:98:bc:bc:aa:28:
d0:60:5c:06:4e:38:db:37:a3:32:46:52:ee:2f:52:
f0:33:67:47:78:5a:a1:00:dc:b5:6b:03:36:ad:1b:
d5:e4:a2:cc:9f:b6:d6:07:1c:44:92:9f:c7:f5:a2:
49:e9:07:8a:85:22:54:69:b5:34:09:24:a8:5e:62:
a4:fa:6a:02:b2:50:fc:bb:81:37:a8:c2:ed:da:1d:
f8:49:65:27:f2:17:5d:bb:f6:b4:5e:4b:6f:8c:f0:
ee:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:42:E6:99:F2:92:18:24:81:78:AF:44:31:94:A6:11:99:BE:B0:68
X509v3 Authority Key Identifier:
keyid:2F:31:36:ED:10:99:85:80:A5:17:D9:59:8A:BC:A3:3D:9B:A6:65:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LzE27RCZhYClF9lZiryjPZumZZk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/r0LmmfKSGCSBeK9EMZSmEZm-sGg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/LzE27RCZhYClF9lZiryjPZumZZk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.224.128.0/20
145.224.192.0/19
Signature Algorithm: sha256WithRSAEncryption
7a:34:42:85:6c:f6:a9:15:59:bf:87:d0:bd:26:2b:22:b7:6b:
7e:9d:be:c2:21:50:7a:1b:a9:c7:45:a7:c1:1d:97:d4:21:bb:
40:0f:7f:df:5c:2f:93:44:94:70:98:de:03:61:bf:b4:cd:4f:
63:b7:49:05:0b:53:b0:f4:4c:ae:f9:3b:6d:7d:5b:9c:9e:e3:
cd:a6:92:73:f0:38:d8:72:6d:e5:ab:fd:a5:3f:c3:ab:3e:e2:
87:32:ec:1a:a0:a7:71:5a:6a:b4:f8:c0:73:f9:0c:ae:8d:89:
e5:cc:21:79:2b:79:63:8b:7f:ea:ae:c6:19:43:4c:14:18:c6:
dd:c3:20:e2:b4:37:96:e7:f7:ed:1a:96:a9:1a:18:4f:73:74:
b7:9f:a0:12:f9:27:50:54:73:05:d4:a3:5e:db:7d:e7:71:1a:
f4:aa:6b:4d:a8:8f:4f:54:d4:7b:da:cd:a8:f2:b0:33:64:d2:
6a:65:33:08:78:89:2a:36:d5:51:b3:e0:e2:d6:5e:e4:49:52:
f6:92:2b:5c:68:7d:47:d6:21:33:3a:23:d9:25:87:f6:7e:89:
7e:c3:3c:5c:e0:23:07:eb:e3:d2:89:17:32:a8:91:c1:ac:ad:
08:3f:c8:9a:81:79:6e:b3:26:12:57:92:98:bf:d7:97:db:4a:
fa:de:aa:59
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY6GaTOhEhw52IcbujMa4/hZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmMzEzNmVkMTA5OTg1ODBhNTE3ZDk1OThhYmNhMzNkOWJh
NjY1OTkwHhcNMjQwMzI4MTg1MzQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjQyZTY5OWYyOTIxODI0ODE3OGFmNDQzMTk0YTYxMTk5YmViMDY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh6MGTA/U1IfnzCT98dxI7jX7onlS
sMkxxpMIkWzeyX1N4sftd9pZ9yebahCZOFF1KhnUG5XKdWhBtVNKs9f3OtYXDTD8
4HjadJH7VdYvDePkupB0STdpr5JoQY1CvUGweL0hs+lD0m8mOLok/AjETU6LkOHj
J/N0wTC0GQTeBqXRziF4fnK/rTgvSntl0so8fJwA937+4JlfWkt+r9J0mLy8qijQ
YFwGTjjbN6MyRlLuL1LwM2dHeFqhANy1awM2rRvV5KLMn7bWBxxEkp/H9aJJ6QeK
hSJUabU0CSSoXmKk+moCslD8u4E3qMLt2h34SWUn8hddu/a0XktvjPDuLwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFK9C5pnykhgkgXivRDGUphGZvrBoMB8GA1UdIwQY
MBaAFC8xNu0QmYWApRfZWYq8oz2bpmWZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHpFMjdSQ1poWUNsRjlsWmlyeWpQWnVtWlprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9mOTBkODMtMDJiZS00ZTVmLWJkMGYt
OTI5ZjEwNjYzMGYxLzEvcjBMbW1mS1NHQ1NCZUs5RU1aU21FWm0tc0dnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9mOTBkODMtMDJiZS00ZTVmLWJkMGYtOTI5ZjEwNjYzMGYx
LzEvTHpFMjdSQ1poWUNsRjlsWmlyeWpQWnVtWlprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEkeCAAwQF
keDAMA0GCSqGSIb3DQEBCwUAA4IBAQB6NEKFbPapFVm/h9C9Jisit2t+nb7CIVB6
G6nHRafBHZfUIbtAD3/fXC+TRJRwmN4DYb+0zU9jt0kFC1Ow9Eyu+TttfVucnuPN
ppJz8DjYcm3lq/2lP8OrPuKHMuwaoKdxWmq0+MBz+QyujYnlzCF5K3lji3/qrsYZ
Q0wUGMbdwyDitDeW5/ftGpapGhhPc3S3n6AS+SdQVHMF1KNe233ncRr0qmtNqI9P
VNR72s2o8rAzZNJqZTMIeIkqNtVRs+Di1l7kSVL2kitcaH1H1iEzOiPZJYf2fol+
wzxc4CMH6+PSiRcyqJHBrK0IP8iagXlusyYSV5KYv9eX20r63qpZ
-----END CERTIFICATE-----
Generated at Thu May 2 01:30:16 2024 by rpki-client on console-ams.rpki-client.org