Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/LyymrIY-UlgWUjWtdDuKMlcR9JI.roa
File: LyymrIY-UlgWUjWtdDuKMlcR9JI.roa (raw, json)
Hash identifier: nl2XYIwwXWy75WMO4c25WWNMef+sBoQpyGWT/ULyrnw=
Subject key identifier: 2F:2C:A6:AC:86:3E:52:58:16:52:35:AD:74:3B:8A:32:57:11:F4:92
Certificate issuer: /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial: 01932061A3C4B9CEE67B9FFF1E76309D2E88
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/LyymrIY-UlgWUjWtdDuKMlcR9JI.roa
Signing time: Tue 12 Nov 2024 12:38:09 +0000
ROA not before: Tue 12 Nov 2024 12:38:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 80.71.228.0/24 maxlen: 24
80.71.230.0/24 maxlen: 24
81.29.144.0/24 maxlen: 24
81.29.147.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.mft
rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:20:61:a3:c4:b9:ce:e6:7b:9f:ff:1e:76:30:9d:2e:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Validity
Not Before: Nov 12 12:38:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2f2ca6ac863e5258165235ad743b8a325711f492
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:81:94:b0:e7:64:e0:25:7a:80:45:3e:55:f3:
d7:8d:c1:09:f7:77:b3:c6:64:64:87:a5:86:d8:26:
0b:04:65:4a:99:54:62:20:7a:9b:cf:28:92:eb:4c:
ab:26:55:9f:d6:16:9a:76:5b:a3:eb:e2:2d:a7:e4:
10:07:0e:89:7b:1e:fa:ec:d4:6a:cb:cb:25:ca:0c:
ea:f9:a3:90:19:b8:4c:f1:5a:5b:da:d8:3a:06:30:
37:90:b8:28:8d:e7:ff:eb:73:b3:80:29:e5:5f:fc:
8c:b4:29:b6:fe:f1:1c:31:4e:c5:01:38:e9:d0:08:
5c:82:bd:9f:88:69:00:6f:cf:eb:08:b4:c3:d6:62:
bb:3b:f3:5b:45:77:91:0a:75:ef:d2:bf:f8:7c:3f:
5d:4a:85:28:8b:cf:b1:e2:5a:63:c1:aa:38:29:f5:
1a:c4:de:11:15:59:c3:f5:cc:69:f5:bf:e9:16:5e:
19:ef:20:d6:7d:9c:33:21:75:a3:d7:ab:f6:3c:60:
d3:8e:6d:19:3a:4f:45:c9:9e:62:98:1b:b1:86:32:
70:72:24:69:72:8d:7d:ce:44:cb:c1:8f:15:e7:62:
d9:1b:46:95:62:7a:a6:f5:1f:09:b1:b2:29:ab:8e:
e0:94:5b:34:0b:97:68:cf:5f:d7:90:94:39:03:be:
f2:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:2C:A6:AC:86:3E:52:58:16:52:35:AD:74:3B:8A:32:57:11:F4:92
X509v3 Authority Key Identifier:
keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/LyymrIY-UlgWUjWtdDuKMlcR9JI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.71.228.0/24
80.71.230.0/24
81.29.144.0/24
81.29.147.0/24
Signature Algorithm: sha256WithRSAEncryption
79:84:88:c5:74:1b:54:5e:6b:cc:13:d0:63:c0:73:da:65:62:
4d:69:cb:4f:48:68:13:50:d4:00:e6:1e:33:9a:ec:d9:c6:f7:
be:f3:9a:f2:7d:3c:60:d0:86:13:df:6b:6f:62:f6:ec:e7:31:
89:11:82:27:cd:7c:e1:dc:3a:13:13:c3:7a:36:7b:0a:79:fb:
a8:ab:0e:18:38:3f:e5:4f:4c:bb:54:79:52:70:c9:12:cc:ff:
4b:68:72:0f:bf:ac:d2:c9:8a:53:12:3f:16:01:e8:73:b0:38:
89:9c:b1:13:fc:c6:ee:be:40:db:97:50:18:2a:0d:1f:ad:33:
20:aa:c6:72:ff:ba:bf:e9:d6:1e:60:5f:f5:e9:c7:ce:a5:b5:
3b:0b:96:b7:c6:9b:5c:fc:0d:cf:84:31:f7:bb:f3:29:25:ac:
2f:6b:08:18:8b:ce:48:f9:4e:8c:1a:b6:7c:6f:9a:5b:0f:86:
ff:ac:26:db:bb:9a:d1:81:95:91:03:7d:8f:bc:a0:88:c0:16:
8d:58:13:1b:00:1b:c4:ba:ab:ba:94:9d:bd:a5:aa:27:26:1d:
2a:60:7c:34:62:e8:56:64:7d:fc:d4:4f:75:db:01:34:0b:22:
c9:a1:8f:fa:a0:0f:99:a9:4a:a8:18:66:bf:d6:20:eb:e5:c7:
aa:93:c6:5a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZMgYaPEuc7me5//HnYwnS6IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjQxMTEyMTIzODA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjJjYTZhYzg2M2U1MjU4MTY1MjM1YWQ3NDNiOGEzMjU3MTFmNDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnYGUsOdk4CV6gEU+VfPXjcEJ93ez
xmRkh6WG2CYLBGVKmVRiIHqbzyiS60yrJlWf1haadluj6+Itp+QQBw6Jex767NRq
y8slygzq+aOQGbhM8Vpb2tg6BjA3kLgojef/63OzgCnlX/yMtCm2/vEcMU7FATjp
0Ahcgr2fiGkAb8/rCLTD1mK7O/NbRXeRCnXv0r/4fD9dSoUoi8+x4lpjwao4KfUa
xN4RFVnD9cxp9b/pFl4Z7yDWfZwzIXWj16v2PGDTjm0ZOk9FyZ5imBuxhjJwciRp
co19zkTLwY8V52LZG0aVYnqm9R8JsbIpq47glFs0C5doz1/XkJQ5A77yQwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFC8spqyGPlJYFlI1rXQ7ijJXEfSSMB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvTHl5bXJJWS1VbGdXVWpXdGREdUtNbGNSOUpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUEfkAwQA
UEfmAwQAUR2QAwQAUR2TMA0GCSqGSIb3DQEBCwUAA4IBAQB5hIjFdBtUXmvME9Bj
wHPaZWJNactPSGgTUNQA5h4zmuzZxve+85ryfTxg0IYT32tvYvbs5zGJEYInzXzh
3DoTE8N6NnsKefuoqw4YOD/lT0y7VHlScMkSzP9LaHIPv6zSyYpTEj8WAehzsDiJ
nLET/MbuvkDbl1AYKg0frTMgqsZy/7q/6dYeYF/16cfOpbU7C5a3xptc/A3PhDH3
u/MpJawvawgYi85I+U6MGrZ8b5pbD4b/rCbbu5rRgZWRA32PvKCIwBaNWBMbABvE
uqu6lJ29paonJh0qYHw0YuhWZH381E912wE0CyLJoY/6oA+ZqUqoGGa/1iDr5ceq
k8Za
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:37:12 2024 by rpki-client on console-fra.rpki-client.org