Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/LvnYGVJcWzCHFr_pihaVePAgwPM.roa
File: LvnYGVJcWzCHFr_pihaVePAgwPM.roa (raw, json)
Hash identifier: HtwzUGG3IEA6wqxZCImAGPM9D4tPoy1AUp9fsXIJ7aY=
Subject key identifier: 2E:F9:D8:19:52:5C:5B:30:87:16:BF:E9:8A:16:95:78:F0:20:C0:F3
Certificate issuer: /CN=f93ac6cd2240249bba60171f086e9101cc87ca24
Certificate serial: 01929E3578393AD89F35EBE9D6BEE7C2A164
Authority key identifier: F9:3A:C6:CD:22:40:24:9B:BA:60:17:1F:08:6E:91:01:CC:87:CA:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/LvnYGVJcWzCHFr_pihaVePAgwPM.roa
Signing time: Fri 18 Oct 2024 05:59:17 +0000
ROA not before: Fri 18 Oct 2024 05:59:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 36113
IP address blocks: 176.111.216.0/24 maxlen: 24
2a0e:c80:4::/48 maxlen: 48
2a0f:9980:7::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:9e:35:78:39:3a:d8:9f:35:eb:e9:d6:be:e7:c2:a1:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f93ac6cd2240249bba60171f086e9101cc87ca24
Validity
Not Before: Oct 18 05:59:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2ef9d819525c5b308716bfe98a169578f020c0f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:85:4b:d9:3a:f0:8e:30:2a:e6:de:79:ba:57:
bf:77:0f:ff:96:c1:c9:d6:b1:d7:14:20:23:1b:37:
f7:3b:c5:de:b6:da:cb:e6:73:b5:77:30:a5:2f:cc:
0e:bb:56:26:44:98:5f:48:5b:45:97:d5:7c:52:e3:
31:76:87:e7:41:fa:d4:cc:52:80:79:c7:1f:48:8f:
24:61:51:e5:57:c7:cb:b7:29:3b:44:a0:f4:37:2a:
99:98:d0:a7:d9:15:aa:e0:c3:85:ae:10:9d:28:c4:
f8:e8:82:d0:b1:4e:fe:38:8e:e8:b5:1c:2d:5d:aa:
0d:39:6d:ef:54:a3:98:b4:62:1a:27:bf:9b:f6:fe:
98:2f:c9:22:d2:c0:28:72:34:79:7a:5e:fc:4d:ee:
38:41:3e:3e:43:53:68:df:9f:7b:59:32:c1:dc:8f:
8d:7d:a9:b9:2d:b7:52:ba:90:eb:04:c9:ed:22:ea:
7d:b9:d5:8b:c6:a8:5b:e1:e8:85:65:86:1d:64:83:
af:8b:06:0f:dc:aa:e0:05:24:5e:d7:f7:32:e8:ce:
13:6a:e6:eb:41:34:ce:9b:df:b9:37:3c:69:f5:b0:
d7:2f:a4:51:75:48:9e:70:3e:09:6f:d1:85:89:6f:
e9:c3:2d:c1:8f:59:e0:f9:aa:b4:16:cc:3b:80:c1:
cc:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:F9:D8:19:52:5C:5B:30:87:16:BF:E9:8A:16:95:78:F0:20:C0:F3
X509v3 Authority Key Identifier:
keyid:F9:3A:C6:CD:22:40:24:9B:BA:60:17:1F:08:6E:91:01:CC:87:CA:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/LvnYGVJcWzCHFr_pihaVePAgwPM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.111.216.0/24
IPv6:
2a0e:c80:4::/48
2a0f:9980:7::/48
Signature Algorithm: sha256WithRSAEncryption
81:62:9c:8c:5f:e3:a0:23:3e:c2:8e:58:9e:49:af:99:38:11:
19:a6:c0:17:1d:2d:ab:90:78:1e:7d:c3:98:13:23:29:d3:95:
ca:52:0b:9d:9f:f1:b9:62:c2:07:16:86:4e:9d:64:a4:d3:51:
05:9b:3e:ba:ed:b6:e6:aa:bb:d6:ce:8b:60:bd:f4:48:43:f8:
90:cd:fb:c6:fd:2d:eb:c8:57:ca:b8:d6:b7:26:3b:65:47:4e:
87:9f:ac:9d:63:0c:98:e9:fd:b7:9d:9e:61:15:ca:4b:bc:a7:
1e:97:cc:ef:40:8f:bd:f3:67:f2:77:37:0f:98:b2:99:cb:12:
a7:2e:83:4f:fd:33:11:87:9c:e5:19:c8:5f:0c:9a:7a:44:b1:
d9:42:74:da:61:76:17:f9:7a:29:bd:94:91:c9:54:40:ae:04:
48:3c:84:97:e7:8c:3e:b2:67:a8:61:1a:e2:d3:f1:d0:b6:aa:
00:b7:93:ec:dc:fb:3a:6e:99:25:a7:50:f9:80:00:a3:b6:c3:
ba:41:ae:8c:41:5f:c4:dc:fc:46:ce:4b:7c:1e:23:05:61:74:
c6:e7:15:d7:0d:04:a4:94:ed:30:44:b8:56:ef:b3:0e:8f:8e:
88:ed:35:61:a2:88:9a:e2:4e:80:2e:83:6e:7d:0f:14:4b:f0:
6f:2b:30:38
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZKeNXg5OtifNevp1r7nwqFkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5M2FjNmNkMjI0MDI0OWJiYTYwMTcxZjA4NmU5MTAxY2M4
N2NhMjQwHhcNMjQxMDE4MDU1OTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWY5ZDgxOTUyNWM1YjMwODcxNmJmZTk4YTE2OTU3OGYwMjBjMGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwIVL2TrwjjAq5t55ule/dw//lsHJ
1rHXFCAjGzf3O8XettrL5nO1dzClL8wOu1YmRJhfSFtFl9V8UuMxdofnQfrUzFKA
eccfSI8kYVHlV8fLtyk7RKD0NyqZmNCn2RWq4MOFrhCdKMT46ILQsU7+OI7otRwt
XaoNOW3vVKOYtGIaJ7+b9v6YL8ki0sAocjR5el78Te44QT4+Q1No3597WTLB3I+N
fam5LbdSupDrBMntIup9udWLxqhb4eiFZYYdZIOviwYP3KrgBSRe1/cy6M4Taubr
QTTOm9+5Nzxp9bDXL6RRdUiecD4Jb9GFiW/pwy3Bj1ng+aq0Fsw7gMHM4QIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFC752BlSXFswhxa/6YoWlXjwIMDzMB8GA1UdIwQY
MBaAFPk6xs0iQCSbumAXHwhukQHMh8okMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1Uckd6U0pBSkp1NllCY2ZDRzZSQWN5SHlpUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTgvYjAzMjEzLTVlODAtNDkzMS04MWNl
LWY3NTJkODE2MDVmYi8xL0x2bllHVkpjV3pDSEZyX3BpaGFWZVBBZ3dQTS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOTgvYjAzMjEzLTVlODAtNDkzMS04MWNlLWY3NTJkODE2MDVm
Yi8xLzEtVHJHelNKQUpKdTZZQmNmQ0c2UkFjeUh5aVEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwOQYIKwYBBQUHAQcBAf8EKjAoMAwEAgABMAYDBACwb9gw
GAQCAAIwEgMHACoODIAABAMHACoPmYAABzANBgkqhkiG9w0BAQsFAAOCAQEAgWKc
jF/joCM+wo5YnkmvmTgRGabAFx0tq5B4Hn3DmBMjKdOVylILnZ/xuWLCBxaGTp1k
pNNRBZs+uu225qq71s6LYL30SEP4kM37xv0t68hXyrjWtyY7ZUdOh5+snWMMmOn9
t52eYRXKS7ynHpfM70CPvfNn8nc3D5iymcsSpy6DT/0zEYec5RnIXwyaekSx2UJ0
2mF2F/l6Kb2UkclUQK4ESDyEl+eMPrJnqGEa4tPx0LaqALeT7Nz7Om6ZJadQ+YAA
o7bDukGujEFfxNz8Rs5LfB4jBWF0xucV1w0EpJTtMES4Vu+zDo+OiO01YaKImuJO
gC6Dbn0PFEvwbyswOA==
-----END CERTIFICATE-----
Generated at Mon Nov 25 01:31:56 2024 by rpki-client on console-ams.rpki-client.org