Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/d7e668-f07e-438b-9fa8-80ab779eed10/1/l_LngkSHoUT3vTsmFjRKUpczYuw.roa
File: l_LngkSHoUT3vTsmFjRKUpczYuw.roa (raw, json)
Hash identifier: hgM7A689d2PJFnRYtUwVATFcZfXybmgQOYTHchyYJO8=
Subject key identifier: 97:F2:E7:82:44:87:A1:44:F7:BD:3B:26:16:34:4A:52:97:33:62:EC
Certificate issuer: /CN=a30f6fb6f5c80ca4a603827c96b3bdf60ad563aa
Certificate serial: 018CC7942AB46B9F377D3C916624412660D0
Authority key identifier: A3:0F:6F:B6:F5:C8:0C:A4:A6:03:82:7C:96:B3:BD:F6:0A:D5:63:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ow9vtvXIDKSmA4J8lrO99grVY6o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/d7e668-f07e-438b-9fa8-80ab779eed10/1/l_LngkSHoUT3vTsmFjRKUpczYuw.roa
Signing time: Tue 02 Jan 2024 00:30:25 +0000
ROA not before: Tue 02 Jan 2024 00:30:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207063
IP address blocks: 193.177.129.0/24 maxlen: 24
193.177.128.0/24 maxlen: 24
193.177.128.0/22 maxlen: 24
2a0c:dec0:3008::/48 maxlen: 48
2a0c:dec0:f100::/48 maxlen: 48
2a0c:dec0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/d7e668-f07e-438b-9fa8-80ab779eed10/1/ow9vtvXIDKSmA4J8lrO99grVY6o.crl
rsync://rpki.ripe.net/repository/DEFAULT/70/d7e668-f07e-438b-9fa8-80ab779eed10/1/ow9vtvXIDKSmA4J8lrO99grVY6o.mft
rsync://rpki.ripe.net/repository/DEFAULT/ow9vtvXIDKSmA4J8lrO99grVY6o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:2a:b4:6b:9f:37:7d:3c:91:66:24:41:26:60:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a30f6fb6f5c80ca4a603827c96b3bdf60ad563aa
Validity
Not Before: Jan 2 00:30:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=97f2e7824487a144f7bd3b2616344a52973362ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:57:a7:23:c7:82:33:8b:51:bb:b4:59:79:19:
d8:cc:2a:76:bf:60:07:27:a9:71:63:f5:a0:38:d2:
11:92:8e:bf:ce:53:1b:77:1e:5d:3c:65:8d:c3:5b:
1a:b7:94:98:92:da:7a:43:3c:60:cc:7a:51:e1:83:
bd:b7:2c:5b:fa:a9:68:0c:63:8b:04:0c:a9:dc:dc:
42:aa:26:4f:a0:2b:f8:dd:3e:e1:66:41:57:05:c0:
8b:38:a0:f7:ca:0f:bc:60:96:36:3a:17:66:cf:d2:
d1:c3:35:d4:19:7a:73:be:d5:8e:ef:31:8b:2a:44:
3a:a9:03:c2:95:5d:a8:a2:07:f8:3b:cf:c0:a3:e4:
29:48:f6:93:db:1f:0f:a8:62:ee:27:73:8a:ab:fc:
dd:b1:3c:e4:64:e0:72:b3:a3:6f:eb:f8:cf:58:90:
5e:32:f0:5c:73:e8:99:3c:a2:0e:3d:98:9d:d4:61:
f6:03:db:e6:c8:84:8f:13:57:af:3e:47:2a:08:8d:
44:c6:ec:a8:e6:0a:c1:47:95:9c:f0:4a:9a:88:48:
7a:01:75:9a:11:60:fe:c8:7a:85:72:d5:15:c9:d4:
7f:de:99:3d:35:99:e6:c2:78:41:0a:78:01:bf:30:
e6:6d:a5:78:ac:6a:4f:d6:c3:83:93:8d:cc:1f:08:
b5:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:F2:E7:82:44:87:A1:44:F7:BD:3B:26:16:34:4A:52:97:33:62:EC
X509v3 Authority Key Identifier:
keyid:A3:0F:6F:B6:F5:C8:0C:A4:A6:03:82:7C:96:B3:BD:F6:0A:D5:63:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ow9vtvXIDKSmA4J8lrO99grVY6o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/d7e668-f07e-438b-9fa8-80ab779eed10/1/l_LngkSHoUT3vTsmFjRKUpczYuw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/d7e668-f07e-438b-9fa8-80ab779eed10/1/ow9vtvXIDKSmA4J8lrO99grVY6o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.177.128.0/22
IPv6:
2a0c:dec0::/29
Signature Algorithm: sha256WithRSAEncryption
06:4a:1c:c0:4a:0f:18:60:88:9b:70:b7:13:05:cb:d4:a2:40:
48:8c:88:68:27:53:d8:46:08:3d:15:68:0b:8c:71:bf:1b:f0:
99:8c:91:c3:de:d6:bb:4e:7c:c1:cc:34:b9:72:70:5a:53:88:
44:0f:45:67:65:b4:15:48:ab:e6:a5:c6:66:e9:54:25:66:c2:
64:fc:9f:92:6d:56:06:9d:58:c6:ea:96:4c:cf:a7:7b:12:8a:
35:77:ab:ad:f5:ef:d5:6a:c6:ce:b8:a2:e0:84:f0:80:c2:49:
43:30:95:72:3a:c8:d5:d2:4b:ad:8f:89:6e:29:e3:50:50:f8:
ba:37:87:e3:38:d5:94:54:d8:9b:af:91:5f:1e:92:b2:19:bf:
81:23:c5:e5:c7:86:10:85:a1:ef:d6:cd:9c:44:5f:bd:82:4a:
89:af:60:bc:02:16:47:b4:61:c8:ba:4c:17:1b:ab:9a:f5:7e:
ad:c6:8b:fe:c7:5b:cf:94:bb:52:5c:63:ea:7d:cd:3b:17:69:
3c:e0:ad:39:41:47:fc:10:79:c8:f8:f0:96:a2:cc:87:79:a2:
78:4b:eb:ef:61:be:24:7f:10:d9:4c:f7:a4:b7:3d:26:8a:d4:
76:a7:50:e4:37:52:18:9d:58:98:27:c6:05:7a:84:57:b0:79:
01:97:7a:fd
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzHlCq0a583fTyRZiRBJmDQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMGY2ZmI2ZjVjODBjYTRhNjAzODI3Yzk2YjNiZGY2MGFk
NTYzYWEwHhcNMjQwMTAyMDAzMDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2YyZTc4MjQ0ODdhMTQ0ZjdiZDNiMjYxNjM0NGE1Mjk3MzM2MmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAglenI8eCM4tRu7RZeRnYzCp2v2AH
J6lxY/WgONIRko6/zlMbdx5dPGWNw1sat5SYktp6QzxgzHpR4YO9tyxb+qloDGOL
BAyp3NxCqiZPoCv43T7hZkFXBcCLOKD3yg+8YJY2Ohdmz9LRwzXUGXpzvtWO7zGL
KkQ6qQPClV2oogf4O8/Ao+QpSPaT2x8PqGLuJ3OKq/zdsTzkZOBys6Nv6/jPWJBe
MvBcc+iZPKIOPZid1GH2A9vmyISPE1evPkcqCI1Exuyo5grBR5Wc8EqaiEh6AXWa
EWD+yHqFctUVydR/3pk9NZnmwnhBCngBvzDmbaV4rGpP1sODk43MHwi1WwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJfy54JEh6FE9707JhY0SlKXM2LsMB8GA1UdIwQY
MBaAFKMPb7b1yAykpgOCfJazvfYK1WOqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3c5dnR2WElES1NtQTRKOGxyTzk5Z3JWWTZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9kN2U2NjgtZjA3ZS00MzhiLTlmYTgt
ODBhYjc3OWVlZDEwLzEvbF9MbmdrU0hvVVQzdlRzbUZqUktVcGN6WXV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9kN2U2NjgtZjA3ZS00MzhiLTlmYTgtODBhYjc3OWVlZDEw
LzEvb3c5dnR2WElES1NtQTRKOGxyTzk5Z3JWWTZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwbGAMA0E
AgACMAcDBQMqDN7AMA0GCSqGSIb3DQEBCwUAA4IBAQAGShzASg8YYIibcLcTBcvU
okBIjIhoJ1PYRgg9FWgLjHG/G/CZjJHD3ta7TnzBzDS5cnBaU4hED0VnZbQVSKvm
pcZm6VQlZsJk/J+SbVYGnVjG6pZMz6d7Eoo1d6ut9e/VasbOuKLghPCAwklDMJVy
OsjV0kutj4luKeNQUPi6N4fjONWUVNibr5FfHpKyGb+BI8Xlx4YQhaHv1s2cRF+9
gkqJr2C8AhZHtGHIukwXG6ua9X6txov+x1vPlLtSXGPqfc07F2k84K05QUf8EHnI
+PCWosyHeaJ4S+vvYb4kfxDZTPektz0mitR2p1DkN1IYnViYJ8YFeoRXsHkBl3r9
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:00:41 2024 by rpki-client on console-fra.rpki-client.org