Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/4afeab-02b9-4ebd-bfa2-8e80b496a03e/1/LcBU1nUQb8GPYT39P9FrjAzjaNs.roa
File: LcBU1nUQb8GPYT39P9FrjAzjaNs.roa (raw, json)
Hash identifier: rmfqXAblv2Tae2atCUeXAzXHBSMKehoXjzj39pxW04g=
Subject key identifier: 2D:C0:54:D6:75:10:6F:C1:8F:61:3D:FD:3F:D1:6B:8C:0C:E3:68:DB
Certificate issuer: /CN=4e04e0a718a6139a9c65f0d4886bb82714da6682
Certificate serial: 018CC72589C29F44557BB46608B979B1208C
Authority key identifier: 4E:04:E0:A7:18:A6:13:9A:9C:65:F0:D4:88:6B:B8:27:14:DA:66:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TgTgpximE5qcZfDUiGu4JxTaZoI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/4afeab-02b9-4ebd-bfa2-8e80b496a03e/1/LcBU1nUQb8GPYT39P9FrjAzjaNs.roa
Signing time: Mon 01 Jan 2024 22:29:35 +0000
ROA not before: Mon 01 Jan 2024 22:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24867
IP address blocks: 82.211.64.0/18 maxlen: 24
85.133.0.0/17 maxlen: 24
62.140.192.0/19 maxlen: 24
2a01:398::/32 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/4afeab-02b9-4ebd-bfa2-8e80b496a03e/1/TgTgpximE5qcZfDUiGu4JxTaZoI.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/4afeab-02b9-4ebd-bfa2-8e80b496a03e/1/TgTgpximE5qcZfDUiGu4JxTaZoI.mft
rsync://rpki.ripe.net/repository/DEFAULT/TgTgpximE5qcZfDUiGu4JxTaZoI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 19:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:25:89:c2:9f:44:55:7b:b4:66:08:b9:79:b1:20:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e04e0a718a6139a9c65f0d4886bb82714da6682
Validity
Not Before: Jan 1 22:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2dc054d675106fc18f613dfd3fd16b8c0ce368db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:9f:a0:cd:63:40:33:bd:0a:34:c1:82:b4:7e:
98:30:27:76:37:91:c8:9e:73:b9:89:41:96:40:dc:
36:cd:e5:2f:3e:70:b6:d4:35:29:eb:95:d7:3b:cb:
dd:61:80:f7:dd:f3:e2:4b:63:c7:60:a8:eb:8c:08:
71:49:f6:c5:46:e1:ef:36:8b:b4:2d:d0:5f:8f:2b:
f5:f7:80:9c:5d:53:78:02:c5:74:4b:d1:f0:12:90:
f3:71:95:f8:52:a0:b9:c5:73:30:d5:d5:34:43:1d:
ef:06:62:71:68:23:a8:f4:df:2b:60:e0:7e:88:02:
89:8d:8a:45:f9:7d:65:24:93:d0:be:65:25:b9:1d:
78:6c:f4:0d:8c:3e:e4:4c:60:24:4d:ef:2d:05:75:
67:0b:61:6d:98:6e:bb:53:c2:db:70:8f:3f:d5:50:
ad:d8:06:b9:64:66:f3:3b:e1:d8:f1:26:18:39:a6:
16:56:1a:9d:04:1a:b1:52:05:8f:74:ec:19:85:c4:
8b:29:98:97:f1:85:be:b5:4c:20:a0:85:2c:ec:16:
e9:18:a4:ee:d6:98:c8:12:0d:ed:de:fb:ee:27:d3:
5c:9a:72:fb:e4:cc:57:9c:09:ce:42:65:26:39:8f:
fc:4e:5a:ab:e3:7c:b5:71:59:5c:a0:31:4b:ff:ce:
b8:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:C0:54:D6:75:10:6F:C1:8F:61:3D:FD:3F:D1:6B:8C:0C:E3:68:DB
X509v3 Authority Key Identifier:
keyid:4E:04:E0:A7:18:A6:13:9A:9C:65:F0:D4:88:6B:B8:27:14:DA:66:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TgTgpximE5qcZfDUiGu4JxTaZoI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/4afeab-02b9-4ebd-bfa2-8e80b496a03e/1/LcBU1nUQb8GPYT39P9FrjAzjaNs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/4afeab-02b9-4ebd-bfa2-8e80b496a03e/1/TgTgpximE5qcZfDUiGu4JxTaZoI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.140.192.0/19
82.211.64.0/18
85.133.0.0/17
IPv6:
2a01:398::/32
Signature Algorithm: sha256WithRSAEncryption
91:c1:21:4b:2e:91:53:bc:23:ec:bc:f5:15:12:fc:7b:d7:f1:
dd:dc:e9:ca:28:2e:88:6d:75:7e:f1:09:73:ce:27:de:79:30:
4f:92:7e:5e:0f:d6:af:6a:17:38:a7:a3:14:9f:f0:c8:dc:73:
d1:5b:95:14:35:35:96:ab:aa:13:88:44:63:35:ec:5f:92:4e:
52:03:d2:cf:6b:c8:41:2d:07:bc:b4:1e:58:50:da:0d:5f:64:
a5:8a:7a:a1:36:74:b4:ea:de:c2:55:f8:3d:02:6c:40:02:04:
57:5b:b8:ca:59:08:d2:7e:d9:f1:27:1f:2b:12:b3:fa:58:dd:
52:55:fb:70:92:8e:00:c1:60:49:6c:04:4d:fa:d4:ea:44:c5:
6d:65:43:43:be:77:72:d5:56:93:09:6b:58:c9:7f:6f:96:ce:
e5:ad:a1:54:2f:74:d5:e4:ee:bf:1b:60:00:2e:3e:ee:2a:d3:
a4:9a:dd:31:a6:cc:5c:5b:e4:ed:ca:43:c7:95:bf:b9:db:c9:
64:91:7f:e0:f4:cb:bf:f6:e9:e9:50:9a:23:d7:37:08:33:44:
ef:8a:0c:1b:77:c7:7f:84:91:a6:07:2f:aa:1d:ee:51:55:19:
2a:98:c5:3a:7d:66:fd:85:a9:94:d8:ee:29:60:a6:ca:36:8c:
be:fb:47:b7
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzHJYnCn0RVe7RmCLl5sSCMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMDRlMGE3MThhNjEzOWE5YzY1ZjBkNDg4NmJiODI3MTRk
YTY2ODIwHhcNMjQwMTAxMjIyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGMwNTRkNjc1MTA2ZmMxOGY2MTNkZmQzZmQxNmI4YzBjZTM2OGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvp+gzWNAM70KNMGCtH6YMCd2N5HI
nnO5iUGWQNw2zeUvPnC21DUp65XXO8vdYYD33fPiS2PHYKjrjAhxSfbFRuHvNou0
LdBfjyv194CcXVN4AsV0S9HwEpDzcZX4UqC5xXMw1dU0Qx3vBmJxaCOo9N8rYOB+
iAKJjYpF+X1lJJPQvmUluR14bPQNjD7kTGAkTe8tBXVnC2FtmG67U8LbcI8/1VCt
2Aa5ZGbzO+HY8SYYOaYWVhqdBBqxUgWPdOwZhcSLKZiX8YW+tUwgoIUs7BbpGKTu
1pjIEg3t3vvuJ9NcmnL75MxXnAnOQmUmOY/8Tlqr43y1cVlcoDFL/864xQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFC3AVNZ1EG/Bj2E9/T/Ra4wM42jbMB8GA1UdIwQY
MBaAFE4E4KcYphOanGXw1IhruCcU2maCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGdUZ3B4aW1FNXFjWmZEVWlHdTRKeFRhWm9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC80YWZlYWItMDJiOS00ZWJkLWJmYTIt
OGU4MGI0OTZhMDNlLzEvTGNCVTFuVVFiOEdQWVQzOVA5RnJqQXpqYU5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC80YWZlYWItMDJiOS00ZWJkLWJmYTItOGU4MGI0OTZhMDNl
LzEvVGdUZ3B4aW1FNXFjWmZEVWlHdTRKeFRhWm9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQFPozAAwQG
UtNAAwQHVYUAMA0EAgACMAcDBQAqAQOYMA0GCSqGSIb3DQEBCwUAA4IBAQCRwSFL
LpFTvCPsvPUVEvx71/Hd3OnKKC6IbXV+8QlzzifeeTBPkn5eD9avahc4p6MUn/DI
3HPRW5UUNTWWq6oTiERjNexfkk5SA9LPa8hBLQe8tB5YUNoNX2SlinqhNnS06t7C
Vfg9AmxAAgRXW7jKWQjSftnxJx8rErP6WN1SVftwko4AwWBJbARN+tTqRMVtZUND
vndy1VaTCWtYyX9vls7lraFUL3TV5O6/G2AALj7uKtOkmt0xpsxcW+TtykPHlb+5
28lkkX/g9Mu/9unpUJoj1zcIM0Tvigwbd8d/hJGmBy+qHe5RVRkqmMU6fWb9hamU
2O4pYKbKNoy++0e3
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:10:30 2024 by rpki-client on console-ams.rpki-client.org