Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/LjmFXmG3iq8eWifChf8l_WBW0CY.roa
File: LjmFXmG3iq8eWifChf8l_WBW0CY.roa (raw, json)
Hash identifier: r8b7r2e27NQ4x4f9WdRVKo3oqmo0M4g8tUj6HtHEzAw=
Subject key identifier: 2E:39:85:5E:61:B7:8A:AF:1E:5A:27:C2:85:FF:25:FD:60:56:D0:26
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 0190A2B9A86CFA414C07BEB2FCFBCD64CA62
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/LjmFXmG3iq8eWifChf8l_WBW0CY.roa
Signing time: Thu 11 Jul 2024 16:56:34 +0000
ROA not before: Thu 11 Jul 2024 16:56:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 270158
IP address blocks: 5.102.108.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:a2:b9:a8:6c:fa:41:4c:07:be:b2:fc:fb:cd:64:ca:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Jul 11 16:56:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2e39855e61b78aaf1e5a27c285ff25fd6056d026
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:f3:13:a7:11:ec:8f:68:3b:14:c1:68:db:84:
19:3e:6a:da:27:0f:26:d2:b2:07:1e:69:18:79:42:
8b:13:84:40:d3:9f:ec:9c:f5:e4:5d:61:33:9a:95:
f3:5a:7a:bc:4a:d1:85:cd:38:00:dc:6c:68:d3:c4:
1f:ef:ff:d3:96:25:43:59:58:7b:61:fb:5c:f8:1a:
20:49:2c:6b:59:9f:e1:95:7f:8b:07:62:2f:a8:c6:
17:eb:01:84:e6:f7:fd:23:c3:f9:51:ef:3e:4a:15:
11:7c:3a:9a:43:2d:f4:0c:a0:44:81:39:07:9b:9d:
a4:54:fc:16:fd:d7:d7:c2:83:b0:88:07:d0:1c:57:
31:cb:aa:2d:51:b8:e7:52:d3:7e:e1:ab:f5:23:0c:
92:4d:27:11:7e:89:ee:70:12:ea:8a:57:70:f6:24:
25:bc:1a:88:cc:43:95:cc:2d:70:19:02:92:6b:47:
8e:39:e8:a7:91:c8:31:de:56:5b:0a:51:97:3c:f0:
72:23:96:a4:c0:44:a3:3b:f6:58:05:9a:ac:96:35:
6b:60:e9:84:5c:c5:8f:89:39:e1:f0:1f:96:1d:cb:
b9:05:3f:af:8e:c7:1f:4e:1c:10:b3:91:60:f2:9a:
eb:c6:1a:47:e2:36:ba:e6:4f:6a:3f:7f:f7:47:ba:
ee:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:39:85:5E:61:B7:8A:AF:1E:5A:27:C2:85:FF:25:FD:60:56:D0:26
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/LjmFXmG3iq8eWifChf8l_WBW0CY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.108.0/22
Signature Algorithm: sha256WithRSAEncryption
11:43:4a:cb:01:8c:97:34:94:73:d0:2e:0e:2b:37:3a:3e:ff:
de:17:3e:2f:89:cf:d8:51:c5:57:38:e5:cf:3b:d5:66:fb:00:
04:d9:3c:bf:b2:2a:92:79:d7:cf:83:44:83:8a:e7:2c:17:72:
85:cb:a0:c2:79:b2:43:72:57:bd:8d:1f:53:74:53:f0:10:15:
d2:05:0d:72:48:a9:fc:dc:91:55:c0:5f:fb:9e:5a:e3:72:84:
80:9f:6f:2f:d4:ab:4c:18:db:9f:6f:db:72:2a:df:3b:08:f2:
00:20:2c:62:52:65:1d:d5:4d:10:30:1d:47:26:fc:be:cf:2e:
82:3c:8d:98:d5:71:83:b7:bd:e8:a0:c3:6f:6d:e1:98:e3:43:
f7:0a:31:77:ee:45:a6:d8:6a:2d:16:12:49:9f:7f:dc:2c:38:
16:e8:41:50:7f:8d:35:75:f8:ef:bc:49:89:57:d0:c6:bf:8c:
ed:94:7a:cc:e7:6e:7f:7d:da:50:10:09:a3:30:5f:5b:7c:76:
a9:8e:31:b7:fb:c1:b4:a0:02:f7:48:f0:31:ff:d0:37:e9:d8:
63:e8:48:5d:0d:02:64:e1:53:72:f2:9b:65:72:51:0a:e1:35:
8d:3f:08:54:00:51:9d:93:19:f8:a4:b2:7c:10:0a:2f:d6:f5:
cf:b2:56:22
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZCiuahs+kFMB76y/PvNZMpiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQwNzExMTY1NjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTM5ODU1ZTYxYjc4YWFmMWU1YTI3YzI4NWZmMjVmZDYwNTZkMDI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/MTpxHsj2g7FMFo24QZPmraJw8m
0rIHHmkYeUKLE4RA05/snPXkXWEzmpXzWnq8StGFzTgA3Gxo08Qf7//TliVDWVh7
Yftc+BogSSxrWZ/hlX+LB2IvqMYX6wGE5vf9I8P5Ue8+ShURfDqaQy30DKBEgTkH
m52kVPwW/dfXwoOwiAfQHFcxy6otUbjnUtN+4av1IwySTScRfonucBLqildw9iQl
vBqIzEOVzC1wGQKSa0eOOeinkcgx3lZbClGXPPByI5akwESjO/ZYBZqsljVrYOmE
XMWPiTnh8B+WHcu5BT+vjscfThwQs5Fg8prrxhpH4ja65k9qP3/3R7ruSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC45hV5ht4qvHlonwoX/Jf1gVtAmMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvTGptRlhtRzNpcThlV2lmQ2hmOGxfV0JXMENZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBWZsMA0G
CSqGSIb3DQEBCwUAA4IBAQARQ0rLAYyXNJRz0C4OKzc6Pv/eFz4vic/YUcVXOOXP
O9Vm+wAE2Ty/siqSedfPg0SDiucsF3KFy6DCebJDcle9jR9TdFPwEBXSBQ1ySKn8
3JFVwF/7nlrjcoSAn28v1KtMGNufb9tyKt87CPIAICxiUmUd1U0QMB1HJvy+zy6C
PI2Y1XGDt73ooMNvbeGY40P3CjF37kWm2GotFhJJn3/cLDgW6EFQf401dfjvvEmJ
V9DGv4ztlHrM525/fdpQEAmjMF9bfHapjjG3+8G0oAL3SPAx/9A36dhj6EhdDQJk
4VNy8ptlclEK4TWNPwhUAFGdkxn4pLJ8EAov1vXPslYi
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:36:00 2024 by rpki-client on console-fra.rpki-client.org