Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/lgCl1BQJ0GhVbq0hEp1-bf7zKDo.roa
File: lgCl1BQJ0GhVbq0hEp1-bf7zKDo.roa (raw, json)
Hash identifier: UzoApNVoQ+CshrQRuY0dYhO6jHLzC5/6dfHgyoMwSmM=
Subject key identifier: 96:00:A5:D4:14:09:D0:68:55:6E:AD:21:12:9D:7E:6D:FE:F3:28:3A
Certificate issuer: /CN=49e14bf76f42da4f2ac003a6c69d61c2320e2cd8
Certificate serial: 019175F9ADD9997A5540F972C0FCF9C854BE
Authority key identifier: 49:E1:4B:F7:6F:42:DA:4F:2A:C0:03:A6:C6:9D:61:C2:32:0E:2C:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeFL929C2k8qwAOmxp1hwjIOLNg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/lgCl1BQJ0GhVbq0hEp1-bf7zKDo.roa
Signing time: Wed 21 Aug 2024 17:26:22 +0000
ROA not before: Wed 21 Aug 2024 17:26:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39855
IP address blocks: 62.68.92.0/24 maxlen: 24
193.108.131.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/SeFL929C2k8qwAOmxp1hwjIOLNg.crl
rsync://rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/SeFL929C2k8qwAOmxp1hwjIOLNg.mft
rsync://rpki.ripe.net/repository/DEFAULT/SeFL929C2k8qwAOmxp1hwjIOLNg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 13:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:75:f9:ad:d9:99:7a:55:40:f9:72:c0:fc:f9:c8:54:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e14bf76f42da4f2ac003a6c69d61c2320e2cd8
Validity
Not Before: Aug 21 17:26:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9600a5d41409d068556ead21129d7e6dfef3283a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:df:9a:d4:57:09:53:47:a9:97:5f:75:be:e6:
2c:08:75:6e:4e:ad:dc:fb:7a:36:bb:22:98:d5:28:
22:69:be:6d:1f:f3:40:0b:87:5b:47:3c:57:3d:28:
7b:b4:7f:6e:73:f4:c4:2d:c1:74:7c:29:1c:c2:32:
70:27:33:5c:1e:01:e6:5d:50:7a:23:6a:f6:25:93:
c1:72:e7:5f:d1:bb:9e:3c:01:87:a4:d8:2d:0c:c3:
e1:2d:e6:2b:7e:d6:f1:07:79:f9:db:c5:2f:1f:8e:
ce:cf:4e:70:b4:42:bd:55:35:90:54:d0:14:d1:e4:
fb:70:a8:e4:29:80:02:cf:53:0e:d4:43:c4:6a:83:
e7:45:94:cc:98:b1:6f:84:b4:db:0a:9b:84:a7:be:
b2:01:55:ad:48:7a:3e:71:60:77:61:47:14:37:96:
f5:bb:5b:d5:e5:de:a2:75:0e:f6:40:8b:93:a6:ed:
42:4e:e4:1f:2b:89:4c:1e:70:b6:59:96:ee:7d:a3:
8b:c6:a0:10:4a:91:b2:1a:60:99:ac:c7:18:62:0f:
7e:e3:20:a6:75:e8:c0:84:b3:a4:fc:4b:fb:9f:f8:
a7:77:a9:6a:ef:e8:7f:4d:b3:72:1d:32:18:78:86:
ea:e6:f5:f5:59:2b:49:1c:34:81:59:ff:c0:88:c8:
e3:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:00:A5:D4:14:09:D0:68:55:6E:AD:21:12:9D:7E:6D:FE:F3:28:3A
X509v3 Authority Key Identifier:
keyid:49:E1:4B:F7:6F:42:DA:4F:2A:C0:03:A6:C6:9D:61:C2:32:0E:2C:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeFL929C2k8qwAOmxp1hwjIOLNg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/lgCl1BQJ0GhVbq0hEp1-bf7zKDo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/SeFL929C2k8qwAOmxp1hwjIOLNg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.68.92.0/24
193.108.131.0/24
Signature Algorithm: sha256WithRSAEncryption
20:23:f2:dc:35:5c:0c:6e:eb:f1:e9:47:70:c9:00:3e:2a:89:
e0:4c:75:8f:0a:37:06:6e:cf:0d:79:0c:a5:11:5b:a2:61:4d:
48:fc:66:81:a4:3f:69:19:d7:5a:d2:8d:2d:1a:8c:64:37:68:
b2:fd:78:2d:ea:f5:7a:eb:05:f3:83:94:92:1e:df:ff:47:1d:
c7:9f:4e:16:45:dd:47:14:88:e1:a2:ee:07:8f:2a:da:82:60:
86:c0:75:38:cf:de:cb:d5:e0:36:9b:15:86:2b:77:54:73:32:
0c:54:06:92:26:e5:5b:7f:3c:e5:7b:99:a1:ce:2a:c5:c6:21:
d2:6c:c6:ea:74:f0:17:cc:68:35:c2:0b:22:ec:6d:a3:74:41:
75:75:c8:5f:eb:40:a4:b7:e4:a6:1b:8b:51:28:74:d8:37:20:
18:1a:a4:e7:2b:e1:f0:e1:63:ed:36:5e:83:db:4c:8d:cb:68:
a1:7a:d3:fc:47:77:a7:c7:00:ef:ca:9c:05:d1:16:9b:c2:bc:
ec:17:c6:4e:82:12:54:c5:a7:d8:de:ee:f7:d9:0b:11:bf:cc:
bf:34:4d:0c:59:8a:87:4d:01:3a:fb:da:f3:00:bf:99:bb:9e:
71:b4:b5:64:eb:24:6e:bf:b5:88:20:7b:a6:29:9f:98:4c:74:
70:01:86:6b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZF1+a3ZmXpVQPlywPz5yFS+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTE0YmY3NmY0MmRhNGYyYWMwMDNhNmM2OWQ2MWMyMzIw
ZTJjZDgwHhcNMjQwODIxMTcyNjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjAwYTVkNDE0MDlkMDY4NTU2ZWFkMjExMjlkN2U2ZGZlZjMyODNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs9+a1FcJU0epl191vuYsCHVuTq3c
+3o2uyKY1Sgiab5tH/NAC4dbRzxXPSh7tH9uc/TELcF0fCkcwjJwJzNcHgHmXVB6
I2r2JZPBcudf0buePAGHpNgtDMPhLeYrftbxB3n528UvH47Oz05wtEK9VTWQVNAU
0eT7cKjkKYACz1MO1EPEaoPnRZTMmLFvhLTbCpuEp76yAVWtSHo+cWB3YUcUN5b1
u1vV5d6idQ72QIuTpu1CTuQfK4lMHnC2WZbufaOLxqAQSpGyGmCZrMcYYg9+4yCm
dejAhLOk/Ev7n/ind6lq7+h/TbNyHTIYeIbq5vX1WStJHDSBWf/AiMjjNQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJYApdQUCdBoVW6tIRKdfm3+8yg6MB8GA1UdIwQY
MBaAFEnhS/dvQtpPKsADpsadYcIyDizYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VGTDkyOUMyazhxd0FPbXhwMWh3aklPTE5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC81NjE2N2YtNTMyNy00Yzg4LWI0ZWEt
M2JlY2NhYWUzMzZkLzEvbGdDbDFCUUowR2hWYnEwaEVwMS1iZjd6S0RvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC81NjE2N2YtNTMyNy00Yzg4LWI0ZWEtM2JlY2NhYWUzMzZk
LzEvU2VGTDkyOUMyazhxd0FPbXhwMWh3aklPTE5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAPkRcAwQA
wWyDMA0GCSqGSIb3DQEBCwUAA4IBAQAgI/LcNVwMbuvx6UdwyQA+KongTHWPCjcG
bs8NeQylEVuiYU1I/GaBpD9pGdda0o0tGoxkN2iy/Xgt6vV66wXzg5SSHt//Rx3H
n04WRd1HFIjhou4HjyragmCGwHU4z97L1eA2mxWGK3dUczIMVAaSJuVbfzzle5mh
zirFxiHSbMbqdPAXzGg1wgsi7G2jdEF1dchf60Ckt+SmG4tRKHTYNyAYGqTnK+Hw
4WPtNl6D20yNy2ihetP8R3enxwDvypwF0RabwrzsF8ZOghJUxafY3u732QsRv8y/
NE0MWYqHTQE6+9rzAL+Zu55xtLVk6yRuv7WIIHumKZ+YTHRwAYZr
-----END CERTIFICATE-----
Generated at Mon Nov 25 22:05:33 2024 by rpki-client on console-ams.rpki-client.org