Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/b66c83-0d61-421f-b083-2b9fc41e0a80/1/lQ8nt7aehrX5cyGkXgKZKMCcDqs.roa
File: lQ8nt7aehrX5cyGkXgKZKMCcDqs.roa (raw, json)
Hash identifier: idZ1141CqWiXgsQcB6RmZ/zJhAdsA1dO0RfUTrdWKAo=
Subject key identifier: 95:0F:27:B7:B6:9E:86:B5:F9:73:21:A4:5E:02:99:28:C0:9C:0E:AB
Certificate issuer: /CN=560190bdfb0a3f23b4411e7d748eddbbd09f8546
Certificate serial: 0192906725E9C4A2F02EE0BC8C065F724A58
Authority key identifier: 56:01:90:BD:FB:0A:3F:23:B4:41:1E:7D:74:8E:DD:BB:D0:9F:85:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VgGQvfsKPyO0QR59dI7du9CfhUY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/b66c83-0d61-421f-b083-2b9fc41e0a80/1/lQ8nt7aehrX5cyGkXgKZKMCcDqs.roa
Signing time: Tue 15 Oct 2024 13:38:51 +0000
ROA not before: Tue 15 Oct 2024 13:38:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29014
IP address blocks: 45.83.108.0/22 maxlen: 24
212.108.160.0/20 maxlen: 20
212.108.176.0/21 maxlen: 21
2a02:358::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/77/b66c83-0d61-421f-b083-2b9fc41e0a80/1/VgGQvfsKPyO0QR59dI7du9CfhUY.crl
rsync://rpki.ripe.net/repository/DEFAULT/77/b66c83-0d61-421f-b083-2b9fc41e0a80/1/VgGQvfsKPyO0QR59dI7du9CfhUY.mft
rsync://rpki.ripe.net/repository/DEFAULT/VgGQvfsKPyO0QR59dI7du9CfhUY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 04:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:90:67:25:e9:c4:a2:f0:2e:e0:bc:8c:06:5f:72:4a:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=560190bdfb0a3f23b4411e7d748eddbbd09f8546
Validity
Not Before: Oct 15 13:38:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=950f27b7b69e86b5f97321a45e029928c09c0eab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:70:73:f2:29:d5:94:05:2d:ba:44:e8:2e:4e:
b5:08:a6:fc:f5:ff:42:ec:fa:17:08:05:51:b7:e3:
a9:55:2c:f3:c2:31:53:33:37:3d:39:f6:b1:0d:c7:
42:b2:dc:5f:ca:74:4a:04:0b:e8:48:db:e7:bf:de:
da:98:cb:e9:3b:f7:db:89:88:b6:5d:6e:8e:d9:f8:
e5:d5:71:59:a9:9d:4c:c5:a1:52:ec:fc:9e:8c:4b:
43:a8:a5:17:af:02:01:52:53:ae:71:c2:4b:0a:c9:
56:eb:1e:f6:42:75:fe:7b:ad:81:51:56:cc:f5:a4:
0e:9e:ea:dc:d1:42:da:bb:77:20:ee:32:95:3a:5a:
72:e0:ef:e2:e6:2a:72:97:dc:29:15:51:0d:be:5c:
70:be:e4:14:14:0a:2f:f8:39:9a:06:5b:6e:ba:f6:
ec:9c:22:c6:fc:94:d8:6d:ab:96:00:34:09:89:09:
be:a5:64:67:1b:d5:5c:1e:93:5d:60:92:59:b9:6e:
28:a9:85:e1:e0:e7:10:0a:29:fb:a8:e5:23:31:e6:
0e:31:41:8f:3d:3b:1f:6f:8b:f6:d9:33:ce:cb:10:
72:fd:96:51:73:b8:d6:bd:39:e2:78:d1:f9:e1:fc:
ee:3b:3b:55:e4:7e:1d:ad:2e:d0:56:25:79:ef:6b:
a0:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:0F:27:B7:B6:9E:86:B5:F9:73:21:A4:5E:02:99:28:C0:9C:0E:AB
X509v3 Authority Key Identifier:
keyid:56:01:90:BD:FB:0A:3F:23:B4:41:1E:7D:74:8E:DD:BB:D0:9F:85:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VgGQvfsKPyO0QR59dI7du9CfhUY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/b66c83-0d61-421f-b083-2b9fc41e0a80/1/lQ8nt7aehrX5cyGkXgKZKMCcDqs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/b66c83-0d61-421f-b083-2b9fc41e0a80/1/VgGQvfsKPyO0QR59dI7du9CfhUY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.83.108.0/22
212.108.160.0-212.108.183.255
IPv6:
2a02:358::/32
Signature Algorithm: sha256WithRSAEncryption
4a:38:83:31:a4:36:81:be:02:72:b4:0c:50:f2:40:23:32:68:
b8:a3:c1:57:8f:82:95:6c:ce:96:a2:99:3d:ac:36:1a:48:08:
18:03:21:34:54:cb:b6:8d:a6:0c:bc:51:47:f0:f4:be:28:52:
33:73:e1:b4:01:1b:f7:ef:0b:83:57:a2:ca:7a:3c:93:df:54:
f0:0a:be:00:61:0c:ca:9a:c2:7d:7a:fd:6a:c7:7f:4b:f7:5b:
06:0e:3c:77:7b:ca:74:52:b7:a1:66:24:18:87:13:34:25:91:
ae:ef:55:f8:b2:eb:1b:a5:21:a3:9f:a1:33:2e:20:1f:2e:bd:
4a:a6:9f:5f:9c:0f:3d:1b:fe:fd:8e:86:a2:b5:a3:4b:83:74:
4b:91:6e:ef:ab:c2:76:59:7f:fe:b9:9f:3e:ce:88:88:c6:28:
30:dd:c0:f6:fe:df:30:d1:76:34:d0:63:99:96:0c:df:6d:10:
1f:ed:2a:92:bf:13:c3:c1:de:b9:29:8d:bb:12:d4:7f:fd:02:
2f:30:cf:67:8a:1d:c2:d7:52:16:c7:00:41:56:85:ff:3a:36:
e7:90:00:84:5e:eb:fa:6d:2c:62:3f:4d:25:3c:7c:0a:ab:e3:
d2:de:2b:e2:f6:fd:35:bd:d2:de:b8:87:cc:02:25:01:ff:5c:
cc:46:7a:b0
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZKQZyXpxKLwLuC8jAZfckpYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2MDE5MGJkZmIwYTNmMjNiNDQxMWU3ZDc0OGVkZGJiZDA5
Zjg1NDYwHhcNMjQxMDE1MTMzODUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTBmMjdiN2I2OWU4NmI1Zjk3MzIxYTQ1ZTAyOTkyOGMwOWMwZWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjXBz8inVlAUtukToLk61CKb89f9C
7PoXCAVRt+OpVSzzwjFTMzc9OfaxDcdCstxfynRKBAvoSNvnv97amMvpO/fbiYi2
XW6O2fjl1XFZqZ1MxaFS7PyejEtDqKUXrwIBUlOuccJLCslW6x72QnX+e62BUVbM
9aQOnurc0ULau3cg7jKVOlpy4O/i5ipyl9wpFVENvlxwvuQUFAov+DmaBltuuvbs
nCLG/JTYbauWADQJiQm+pWRnG9VcHpNdYJJZuW4oqYXh4OcQCin7qOUjMeYOMUGP
PTsfb4v22TPOyxBy/ZZRc7jWvTnieNH54fzuOztV5H4drS7QViV572ug9QIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFJUPJ7e2noa1+XMhpF4CmSjAnA6rMB8GA1UdIwQY
MBaAFFYBkL37Cj8jtEEefXSO3bvQn4VGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVmdHUXZmc0tQeU8wUVI1OWRJN2R1OUNmaFVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny9iNjZjODMtMGQ2MS00MjFmLWIwODMt
MmI5ZmM0MWUwYTgwLzEvbFE4bnQ3YWVoclg1Y3lHa1hnS1pLTUNjRHFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny9iNjZjODMtMGQ2MS00MjFmLWIwODMtMmI5ZmM0MWUwYTgw
LzEvVmdHUXZmc0tQeU8wUVI1OWRJN2R1OUNmaFVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQCLVNsMAwD
BAXUbKADBAPUbLAwDQQCAAIwBwMFACoCA1gwDQYJKoZIhvcNAQELBQADggEBAEo4
gzGkNoG+AnK0DFDyQCMyaLijwVePgpVszpaimT2sNhpICBgDITRUy7aNpgy8UUfw
9L4oUjNz4bQBG/fvC4NXosp6PJPfVPAKvgBhDMqawn16/WrHf0v3WwYOPHd7ynRS
t6FmJBiHEzQlka7vVfiy6xulIaOfoTMuIB8uvUqmn1+cDz0b/v2OhqK1o0uDdEuR
bu+rwnZZf/65nz7OiIjGKDDdwPb+3zDRdjTQY5mWDN9tEB/tKpK/E8PB3rkpjbsS
1H/9Ai8wz2eKHcLXUhbHAEFWhf86NueQAIRe6/ptLGI/TSU8fAqr49LeK+L2/TW9
0t64h8wCJQH/XMxGerA=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:01:11 2024 by rpki-client on console-fra.rpki-client.org