Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/LelvczJMkfTDCdgPafFl3vrqDIg.roa
File: LelvczJMkfTDCdgPafFl3vrqDIg.roa (raw, json)
Hash identifier: MLiocw4Cz5IYUDRRRMqR3T62te4hQkIYc4rJb/8HkvM=
Subject key identifier: 2D:E9:6F:73:32:4C:91:F4:C3:09:D8:0F:69:F1:65:DE:FA:EA:0C:88
Certificate issuer: /CN=adf491488a7cd8448a420945871c0b99672dc66e
Certificate serial: 018E9D578FED46144986029D8CECE0611621
Authority key identifier: AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/LelvczJMkfTDCdgPafFl3vrqDIg.roa
Signing time: Tue 02 Apr 2024 05:45:45 +0000
ROA not before: Tue 02 Apr 2024 05:45:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198154
IP address blocks: 217.60.244.0/24 maxlen: 24
217.60.247.0/24 maxlen: 24
217.60.249.0/24 maxlen: 24
217.60.252.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.mft
rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:9d:57:8f:ed:46:14:49:86:02:9d:8c:ec:e0:61:16:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adf491488a7cd8448a420945871c0b99672dc66e
Validity
Not Before: Apr 2 05:45:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2de96f73324c91f4c309d80f69f165defaea0c88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:36:e5:49:1a:b2:9d:f6:a5:a3:7e:6a:77:54:
99:fe:86:46:68:d7:f3:13:3e:b2:dd:db:4d:cc:55:
b9:83:a0:b9:68:e6:e1:db:34:d3:7e:84:0e:af:86:
d4:aa:e8:30:e1:58:1d:da:50:0a:6a:49:e3:cc:e3:
6d:5e:db:9f:36:37:8a:0f:8a:d7:6a:d0:49:a4:26:
be:d5:b7:27:0f:dd:72:0f:56:67:fd:57:96:9d:1e:
80:43:f6:b5:0e:08:a0:2f:9b:62:ac:cf:ab:c4:a5:
3f:e0:70:f2:35:5a:d2:35:71:02:72:3c:1f:88:d1:
1c:a8:2b:1d:a4:7c:f9:29:47:d8:be:19:97:ea:c8:
78:be:a8:36:14:a8:59:51:84:f6:9c:0b:fa:09:05:
9f:ec:54:45:d5:bb:dd:1d:e2:25:66:b2:c8:d9:20:
32:f6:db:b7:dc:3d:c6:31:8e:a0:7e:f7:cf:3d:14:
2f:f4:96:5e:4d:80:21:97:c0:ed:b6:cb:a8:17:f8:
da:5d:a0:c6:f5:2d:5b:86:cb:99:98:09:96:11:c8:
6f:da:8f:0c:66:9f:37:5f:a1:33:17:fc:f3:b0:5a:
2e:d8:da:65:d4:fc:cb:05:39:8f:70:ed:76:a7:5c:
03:e5:e4:bc:8c:0e:1e:67:3e:06:7c:81:ed:61:63:
fd:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:E9:6F:73:32:4C:91:F4:C3:09:D8:0F:69:F1:65:DE:FA:EA:0C:88
X509v3 Authority Key Identifier:
keyid:AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/LelvczJMkfTDCdgPafFl3vrqDIg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.60.244.0/24
217.60.247.0/24
217.60.249.0/24
217.60.252.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:a5:af:75:a4:85:db:52:cf:40:ad:67:22:3c:50:5a:99:fd:
b7:5b:21:fa:f7:cc:da:c3:b9:ef:73:b5:e3:27:ee:fc:82:e3:
8e:a8:45:8f:8d:f8:46:f8:26:da:52:18:8f:24:f4:fa:47:04:
a0:c9:34:c5:ef:8f:9d:6e:4e:34:89:4e:11:77:fa:80:cf:32:
ac:99:84:3b:94:b5:b2:6f:17:92:ab:f6:fa:92:f4:a6:bb:40:
be:a4:d7:46:07:d7:7e:e8:b4:fe:62:d7:e1:45:2a:cc:e0:7a:
ed:e6:f0:ec:21:60:58:b3:ff:2e:30:7d:45:c7:91:11:ae:7c:
89:79:9c:18:2c:6b:d4:a4:49:88:15:05:09:2b:11:78:9a:9a:
ec:02:32:ab:19:fa:20:44:6d:07:4a:80:b8:a7:56:5e:95:f9:
54:c8:98:99:b9:58:ac:e8:6d:48:0e:e3:09:f1:9d:49:d9:d5:
41:d0:6a:86:9d:a7:7a:e2:df:2e:4b:b6:d3:6c:1d:e1:b0:fa:
57:33:4b:9c:35:2a:2d:f0:c5:81:93:e8:07:8d:55:4f:d2:ba:
45:17:66:c5:30:28:dc:90:c6:2c:0c:73:4a:a6:c2:27:7b:a7:
1a:16:b0:42:1d:7e:97:89:44:f3:45:c6:09:59:cc:f9:37:c0:
e8:6d:2c:d1
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY6dV4/tRhRJhgKdjOzgYRYhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZjQ5MTQ4OGE3Y2Q4NDQ4YTQyMDk0NTg3MWMwYjk5Njcy
ZGM2NmUwHhcNMjQwNDAyMDU0NTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGU5NmY3MzMyNGM5MWY0YzMwOWQ4MGY2OWYxNjVkZWZhZWEwYzg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4DblSRqynfalo35qd1SZ/oZGaNfz
Ez6y3dtNzFW5g6C5aObh2zTTfoQOr4bUqugw4Vgd2lAKaknjzONtXtufNjeKD4rX
atBJpCa+1bcnD91yD1Zn/VeWnR6AQ/a1DgigL5tirM+rxKU/4HDyNVrSNXECcjwf
iNEcqCsdpHz5KUfYvhmX6sh4vqg2FKhZUYT2nAv6CQWf7FRF1bvdHeIlZrLI2SAy
9tu33D3GMY6gfvfPPRQv9JZeTYAhl8DttsuoF/jaXaDG9S1bhsuZmAmWEchv2o8M
Zp83X6EzF/zzsFou2Npl1PzLBTmPcO12p1wD5eS8jA4eZz4GfIHtYWP9zwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFC3pb3MyTJH0wwnYD2nxZd766gyIMB8GA1UdIwQY
MBaAFK30kUiKfNhEikIJRYccC5lnLcZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQt
MGJlZTA2MTI2YjFhLzEvTGVsdmN6Sk1rZlREQ2RnUGFmRmwzdnJxRElnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQtMGJlZTA2MTI2YjFh
LzEvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQA2Tz0AwQA
2Tz3AwQA2Tz5AwQA2Tz8MA0GCSqGSIb3DQEBCwUAA4IBAQC8pa91pIXbUs9ArWci
PFBamf23WyH698zaw7nvc7XjJ+78guOOqEWPjfhG+CbaUhiPJPT6RwSgyTTF74+d
bk40iU4Rd/qAzzKsmYQ7lLWybxeSq/b6kvSmu0C+pNdGB9d+6LT+YtfhRSrM4Hrt
5vDsIWBYs/8uMH1Fx5ERrnyJeZwYLGvUpEmIFQUJKxF4mprsAjKrGfogRG0HSoC4
p1ZelflUyJiZuVis6G1IDuMJ8Z1J2dVB0GqGnad64t8uS7bTbB3hsPpXM0ucNSot
8MWBk+gHjVVP0rpFF2bFMCjckMYsDHNKpsIne6caFrBCHX6XiUTzRcYJWcz5N8Do
bSzR
-----END CERTIFICATE-----
Generated at Thu Apr 25 23:09:23 2024 by rpki-client on console-fra.rpki-client.org