Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/Lxzl-u5c--8hsmivKetUFFMwuRQ.roa
File: Lxzl-u5c--8hsmivKetUFFMwuRQ.roa (raw, json)
Hash identifier: hWrzVRmkK/p6LnIQVQto2D1B/RJ3klgvwywKr/c9ATc=
Subject key identifier: 2F:1C:E5:FA:EE:5C:FB:EF:21:B2:68:AF:29:EB:54:14:53:30:B9:14
Certificate issuer: /CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Certificate serial: 0191E6928976FD0E7E5A8AB043E7FF45ADEF
Authority key identifier: 65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/Lxzl-u5c--8hsmivKetUFFMwuRQ.roa
Signing time: Thu 12 Sep 2024 14:10:48 +0000
ROA not before: Thu 12 Sep 2024 14:10:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42831
IP address blocks: 195.216.178.0/24 maxlen: 24
195.216.179.0/24 maxlen: 24
195.216.180.0/24 maxlen: 24
195.216.181.0/24 maxlen: 24
195.216.182.0/24 maxlen: 24
195.216.183.0/24 maxlen: 24
195.216.184.0/24 maxlen: 24
195.216.185.0/24 maxlen: 24
195.216.187.0/24 maxlen: 24
195.216.188.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ZbfWaZg1v-moCB38EU3xv20hXac.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ZbfWaZg1v-moCB38EU3xv20hXac.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:e6:92:89:76:fd:0e:7e:5a:8a:b0:43:e7:ff:45:ad:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Validity
Not Before: Sep 12 14:10:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2f1ce5faee5cfbef21b268af29eb54145330b914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:4c:65:e2:b4:e6:b4:7b:db:7e:14:df:4d:d3:
2f:d6:4e:0f:88:39:17:53:2f:00:c9:41:e6:86:2a:
47:8d:00:4a:ee:ea:1a:8a:e9:a0:cb:49:c9:56:ad:
c6:f3:06:49:ef:98:07:82:23:09:62:bb:92:b0:b8:
a5:a7:85:0f:c3:8f:6b:e4:2d:b8:20:a3:06:d5:e5:
39:a5:e6:19:f6:60:ea:09:25:1b:49:85:e6:be:62:
5f:13:66:42:1b:6b:38:c2:76:6d:d1:5b:64:d1:71:
a6:1b:8f:9c:03:2c:57:15:6c:0a:2c:0b:7a:35:1d:
fe:39:a3:aa:f2:4a:22:b6:c6:d3:41:6c:5c:95:d1:
c0:4a:c5:3a:1e:98:70:f4:86:ca:eb:35:9d:b7:d1:
70:84:15:ef:bb:72:44:18:e6:3d:be:ad:3b:93:97:
d8:75:37:ae:c5:e6:a1:de:ac:5b:84:ac:b5:d3:ca:
27:83:fe:8d:dd:e4:bc:51:02:b9:8c:fe:8a:40:0a:
c7:72:59:46:f9:3f:58:e1:29:2f:44:05:3e:9a:f6:
fb:df:06:15:01:6c:5a:b1:fe:2d:e2:69:5d:4e:bc:
15:24:76:43:3f:c4:cb:b9:3b:d0:65:46:5d:f3:e2:
45:b7:b5:1e:4d:50:7b:b4:91:ae:2b:92:ea:1b:34:
3c:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:1C:E5:FA:EE:5C:FB:EF:21:B2:68:AF:29:EB:54:14:53:30:B9:14
X509v3 Authority Key Identifier:
keyid:65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/Lxzl-u5c--8hsmivKetUFFMwuRQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ZbfWaZg1v-moCB38EU3xv20hXac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.216.178.0-195.216.185.255
195.216.187.0-195.216.188.255
Signature Algorithm: sha256WithRSAEncryption
6d:2d:83:74:cf:4d:24:32:c0:74:7f:8b:d4:c6:79:6a:ae:8c:
5e:26:ff:ce:2f:2a:81:c1:64:68:94:fa:42:76:3e:88:b6:69:
d0:d7:60:1d:38:23:ba:5c:cc:9b:ba:47:64:1d:00:40:b5:1d:
f5:e6:f0:64:78:f6:7b:c9:84:69:ed:50:69:89:c3:78:7c:34:
69:f8:a7:12:e8:1f:e2:9f:9a:21:2f:4e:c7:c9:e9:dc:37:d8:
ff:a3:ad:ad:4d:a0:1d:9b:c2:a4:88:98:7a:27:14:f8:b2:c7:
8c:2d:23:4a:71:e1:66:d1:98:0a:6d:84:69:d9:22:cd:17:a2:
cb:fd:21:61:dd:4f:77:83:79:b7:88:3d:3d:95:d8:fb:ce:52:
08:54:fe:2a:89:fa:3c:1d:04:0f:df:4b:de:2d:66:7a:cd:d8:
06:f3:3b:5f:8b:8e:f6:42:48:18:07:ab:c0:10:9a:5c:d5:fa:
01:75:e8:2b:2f:03:fe:8e:cd:e0:b4:61:07:11:1b:d3:7a:0d:
bb:2b:d4:04:2f:85:de:20:5f:01:2f:ff:7f:87:03:c2:c1:f8:
5f:86:c9:46:ea:92:f5:33:55:0f:45:f2:51:e3:6e:81:48:1e:
c8:69:ac:7f:b0:ed:d4:f2:b4:c0:14:92:13:d7:1f:07:02:ee:
5a:76:d5:8e
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZHmkol2/Q5+WoqwQ+f/Ra3vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YjdkNjY5OTgzNWJmZTlhODA4MWRmYzExNGRmMWJmNmQy
MTVkYTcwHhcNMjQwOTEyMTQxMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjFjZTVmYWVlNWNmYmVmMjFiMjY4YWYyOWViNTQxNDUzMzBiOTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmExl4rTmtHvbfhTfTdMv1k4PiDkX
Uy8AyUHmhipHjQBK7uoaiumgy0nJVq3G8wZJ75gHgiMJYruSsLilp4UPw49r5C24
IKMG1eU5peYZ9mDqCSUbSYXmvmJfE2ZCG2s4wnZt0Vtk0XGmG4+cAyxXFWwKLAt6
NR3+OaOq8koitsbTQWxcldHASsU6Hphw9IbK6zWdt9FwhBXvu3JEGOY9vq07k5fY
dTeuxeah3qxbhKy108ong/6N3eS8UQK5jP6KQArHcllG+T9Y4SkvRAU+mvb73wYV
AWxasf4t4mldTrwVJHZDP8TLuTvQZUZd8+JFt7UeTVB7tJGuK5LqGzQ8WwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFC8c5fruXPvvIbJorynrVBRTMLkUMB8GA1UdIwQY
MBaAFGW31mmYNb/pqAgd/BFN8b9tIV2nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDct
OWU0MTNlYmY0MmYzLzEvTHh6bC11NWMtLThoc21pdktldFVGRk13dVJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDctOWU0MTNlYmY0MmYz
LzEvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBAHD2LID
BAHD2LgwDAMEAMPYuwMEAMPYvDANBgkqhkiG9w0BAQsFAAOCAQEAbS2DdM9NJDLA
dH+L1MZ5aq6MXib/zi8qgcFkaJT6QnY+iLZp0NdgHTgjulzMm7pHZB0AQLUd9ebw
ZHj2e8mEae1QaYnDeHw0afinEugf4p+aIS9Ox8np3DfY/6OtrU2gHZvCpIiYeicU
+LLHjC0jSnHhZtGYCm2EadkizReiy/0hYd1Pd4N5t4g9PZXY+85SCFT+Kon6PB0E
D99L3i1mes3YBvM7X4uO9kJIGAerwBCaXNX6AXXoKy8D/o7N4LRhBxEb03oNuyvU
BC+F3iBfAS//f4cDwsH4X4bJRuqS9TNVD0XyUeNugUgeyGmsf7Dt1PK0wBSSE9cf
BwLuWnbVjg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:38:02 2024 by rpki-client on console-fra.rpki-client.org