Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/7f1649-0c9d-405d-a134-66d253432f5f/1/LhU2u0wBSUQa6nOD8rzM2lVVR44.roa
File: LhU2u0wBSUQa6nOD8rzM2lVVR44.roa (raw, json)
Hash identifier: qqowKcGEXVRclUvM5tV4nkXY9vaXF22/sZ81SRn1nM4=
Subject key identifier: 2E:15:36:BB:4C:01:49:44:1A:EA:73:83:F2:BC:CC:DA:55:55:47:8E
Certificate issuer: /CN=942f565ed16d8c337a8c8ab3cdc572ef1150f5a9
Certificate serial: 01921A8666D293D26761F527836DA3EC910C
Authority key identifier: 94:2F:56:5E:D1:6D:8C:33:7A:8C:8A:B3:CD:C5:72:EF:11:50:F5:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lC9WXtFtjDN6jIqzzcVy7xFQ9ak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/7f1649-0c9d-405d-a134-66d253432f5f/1/LhU2u0wBSUQa6nOD8rzM2lVVR44.roa
Signing time: Sun 22 Sep 2024 16:17:48 +0000
ROA not before: Sun 22 Sep 2024 16:17:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47332
IP address blocks: 37.148.240.0/24 maxlen: 24
37.148.241.0/24 maxlen: 24
93.191.40.0/24 maxlen: 24
93.191.41.0/24 maxlen: 24
93.191.42.0/24 maxlen: 24
93.191.43.0/24 maxlen: 24
93.191.44.0/24 maxlen: 24
93.191.45.0/24 maxlen: 24
93.191.46.0/24 maxlen: 24
93.191.47.0/24 maxlen: 24
185.153.244.0/24 maxlen: 24
195.13.32.0/24 maxlen: 24
195.13.33.0/24 maxlen: 24
195.13.34.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/7f1649-0c9d-405d-a134-66d253432f5f/1/lC9WXtFtjDN6jIqzzcVy7xFQ9ak.crl
rsync://rpki.ripe.net/repository/DEFAULT/9c/7f1649-0c9d-405d-a134-66d253432f5f/1/lC9WXtFtjDN6jIqzzcVy7xFQ9ak.mft
rsync://rpki.ripe.net/repository/DEFAULT/lC9WXtFtjDN6jIqzzcVy7xFQ9ak.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:1a:86:66:d2:93:d2:67:61:f5:27:83:6d:a3:ec:91:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=942f565ed16d8c337a8c8ab3cdc572ef1150f5a9
Validity
Not Before: Sep 22 16:17:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2e1536bb4c0149441aea7383f2bcccda5555478e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:2b:5e:13:d2:9c:35:da:c5:b4:1a:1f:f0:40:
fe:fa:12:62:82:be:f4:6f:2e:55:af:36:76:62:f8:
0c:6d:b4:f6:cd:93:89:d2:ed:98:1d:c3:94:68:36:
25:7a:34:b7:96:a3:51:ec:09:5e:fe:5f:57:15:4b:
5a:55:8b:96:49:e8:c3:f6:0d:6c:68:2b:c9:63:20:
e6:43:06:41:dc:bc:37:c1:fe:7e:62:4e:35:23:73:
6a:44:d5:ee:46:b9:61:e3:9d:17:14:f6:2a:5f:ae:
c9:7b:d5:66:41:d8:c8:85:cb:89:f5:52:d1:38:d1:
8e:16:69:bd:b5:4d:ff:90:ef:a1:90:7d:76:38:bb:
79:9c:e1:50:15:71:ff:b8:7f:dc:11:61:04:c6:5d:
48:f8:b8:7d:84:e0:61:cd:ee:7b:b3:92:5d:89:3b:
a5:90:1f:e7:45:ed:2d:62:bf:61:9a:53:8b:22:c4:
ed:cb:47:9c:7a:5b:ae:25:f7:4a:50:20:97:f1:7a:
26:49:44:33:22:a8:1f:03:03:68:b7:15:11:de:3d:
9f:11:50:d5:63:ba:73:08:43:e2:9c:8a:79:17:84:
5b:d8:af:2b:f0:7b:59:ef:25:cb:d6:07:94:07:f8:
e5:0c:2d:4e:b0:57:80:79:fb:5c:3d:ef:07:36:8f:
b1:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:15:36:BB:4C:01:49:44:1A:EA:73:83:F2:BC:CC:DA:55:55:47:8E
X509v3 Authority Key Identifier:
keyid:94:2F:56:5E:D1:6D:8C:33:7A:8C:8A:B3:CD:C5:72:EF:11:50:F5:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lC9WXtFtjDN6jIqzzcVy7xFQ9ak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/7f1649-0c9d-405d-a134-66d253432f5f/1/LhU2u0wBSUQa6nOD8rzM2lVVR44.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/7f1649-0c9d-405d-a134-66d253432f5f/1/lC9WXtFtjDN6jIqzzcVy7xFQ9ak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.148.240.0/23
93.191.40.0/21
185.153.244.0/24
195.13.32.0-195.13.34.255
Signature Algorithm: sha256WithRSAEncryption
41:7a:19:43:85:26:e6:99:61:28:16:d0:6f:38:ae:87:c3:9a:
56:7b:3a:e4:89:c2:9e:e3:38:de:e0:d5:f3:15:d8:2a:dd:5f:
c8:39:75:cb:59:2c:1b:e9:25:7c:37:09:d7:87:11:89:59:87:
98:39:0e:06:01:a1:e5:c8:42:0e:c9:fb:df:31:40:23:e6:6e:
bf:34:c7:96:d4:54:c6:02:1e:17:00:78:1a:78:83:8d:a5:44:
c2:10:bf:a3:bb:ed:44:5f:e0:ea:aa:16:9b:9b:8f:60:20:6c:
12:fa:0f:fa:13:3d:6a:27:90:35:28:00:e8:bb:a8:c1:a0:02:
b0:6c:d5:7f:4d:b5:79:6e:c7:d9:86:a7:7a:7d:83:95:e4:d7:
b1:07:51:6c:cb:46:7f:3d:ee:3e:a4:21:72:37:14:d1:40:8a:
ac:bb:9c:b3:21:c1:97:8f:a4:2a:ff:77:d2:4a:53:08:0a:77:
87:3f:c5:34:97:57:b8:62:c9:1d:92:71:63:e1:bd:e8:4d:07:
9c:88:f6:f2:a3:d2:6c:2b:47:6f:0b:47:e3:dc:8f:c3:d5:6f:
8f:87:0c:a5:01:7f:b3:5f:7b:d6:5b:24:45:f3:84:f5:3c:a3:
34:39:8c:dc:31:4c:56:ef:44:9e:e8:f6:6d:f7:dd:1b:72:02:
a2:6f:58:1c
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZIahmbSk9JnYfUng22j7JEMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MmY1NjVlZDE2ZDhjMzM3YThjOGFiM2NkYzU3MmVmMTE1
MGY1YTkwHhcNMjQwOTIyMTYxNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTE1MzZiYjRjMDE0OTQ0MWFlYTczODNmMmJjY2NkYTU1NTU0NzhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0CteE9KcNdrFtBof8ED++hJigr70
by5VrzZ2YvgMbbT2zZOJ0u2YHcOUaDYlejS3lqNR7Ale/l9XFUtaVYuWSejD9g1s
aCvJYyDmQwZB3Lw3wf5+Yk41I3NqRNXuRrlh450XFPYqX67Je9VmQdjIhcuJ9VLR
ONGOFmm9tU3/kO+hkH12OLt5nOFQFXH/uH/cEWEExl1I+Lh9hOBhze57s5JdiTul
kB/nRe0tYr9hmlOLIsTty0eceluuJfdKUCCX8XomSUQzIqgfAwNotxUR3j2fEVDV
Y7pzCEPinIp5F4Rb2K8r8HtZ7yXL1geUB/jlDC1OsFeAeftcPe8HNo+xHwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFC4VNrtMAUlEGupzg/K8zNpVVUeOMB8GA1UdIwQY
MBaAFJQvVl7RbYwzeoyKs83Fcu8RUPWpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEM5V1h0RnRqRE42aklxenpjVnk3eEZROWFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy83ZjE2NDktMGM5ZC00MDVkLWExMzQt
NjZkMjUzNDMyZjVmLzEvTGhVMnUwd0JTVVFhNm5PRDhyek0ybFZWUjQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy83ZjE2NDktMGM5ZC00MDVkLWExMzQtNjZkMjUzNDMyZjVm
LzEvbEM5V1h0RnRqRE42aklxenpjVnk3eEZROWFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBJZTwAwQD
Xb8oAwQAuZn0MAwDBAXDDSADBADDDSIwDQYJKoZIhvcNAQELBQADggEBAEF6GUOF
JuaZYSgW0G84rofDmlZ7OuSJwp7jON7g1fMV2CrdX8g5dctZLBvpJXw3CdeHEYlZ
h5g5DgYBoeXIQg7J+98xQCPmbr80x5bUVMYCHhcAeBp4g42lRMIQv6O77URf4Oqq
Fpubj2AgbBL6D/oTPWonkDUoAOi7qMGgArBs1X9NtXlux9mGp3p9g5Xk17EHUWzL
Rn897j6kIXI3FNFAiqy7nLMhwZePpCr/d9JKUwgKd4c/xTSXV7hiyR2ScWPhvehN
B5yI9vKj0mwrR28LR+Pcj8PVb4+HDKUBf7Nfe9ZbJEXzhPU8ozQ5jNwxTFbvRJ7o
9m333RtyAqJvWBw=
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:48:29 2024 by rpki-client on console-fra.rpki-client.org