Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/9d8f21-b27f-435d-a7b5-784624a7b47e/1/LxQ8ZLNLwdaQelwrIjjknUArx44.roa
File: LxQ8ZLNLwdaQelwrIjjknUArx44.roa (raw, json)
Hash identifier: 2HmJdIcnDREKJpD0H8q2hfjVKwTgOsYawTG/l5oooC0=
Subject key identifier: 2F:14:3C:64:B3:4B:C1:D6:90:7A:5C:2B:22:38:E4:9D:40:2B:C7:8E
Certificate issuer: /CN=896d5866c35093352e7b9e0762c591e08e50f967
Certificate serial: 018CC6B7D5DA11DD6C8E6C56222A041CA42E
Authority key identifier: 89:6D:58:66:C3:50:93:35:2E:7B:9E:07:62:C5:91:E0:8E:50:F9:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iW1YZsNQkzUue54HYsWR4I5Q-Wc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/9d8f21-b27f-435d-a7b5-784624a7b47e/1/LxQ8ZLNLwdaQelwrIjjknUArx44.roa
Signing time: Mon 01 Jan 2024 20:29:45 +0000
ROA not before: Mon 01 Jan 2024 20:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31308
IP address blocks: 193.151.20.0/24 maxlen: 24
193.151.21.0/24 maxlen: 24
2001:67c:2c91::/48 maxlen: 48
2001:67c:2c90::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9f/9d8f21-b27f-435d-a7b5-784624a7b47e/1/iW1YZsNQkzUue54HYsWR4I5Q-Wc.crl
rsync://rpki.ripe.net/repository/DEFAULT/9f/9d8f21-b27f-435d-a7b5-784624a7b47e/1/iW1YZsNQkzUue54HYsWR4I5Q-Wc.mft
rsync://rpki.ripe.net/repository/DEFAULT/iW1YZsNQkzUue54HYsWR4I5Q-Wc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:02:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:d5:da:11:dd:6c:8e:6c:56:22:2a:04:1c:a4:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=896d5866c35093352e7b9e0762c591e08e50f967
Validity
Not Before: Jan 1 20:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2f143c64b34bc1d6907a5c2b2238e49d402bc78e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:2b:56:8b:cd:c6:55:41:dd:54:2a:bc:b5:88:
c6:1f:1e:cd:05:95:5d:a8:12:76:b0:a5:47:2b:e3:
51:92:c4:63:4d:a9:2b:e5:d2:27:5d:cf:ab:0d:0e:
90:e1:aa:3a:9e:0d:41:d3:f1:29:a3:f5:f5:dd:f8:
e3:aa:b9:14:86:15:71:d3:59:e9:59:85:26:a2:78:
9f:45:5e:4b:60:5e:46:d4:d0:69:24:2b:33:9e:bf:
54:18:16:01:f0:b5:ce:fc:6d:7d:3b:4c:70:d9:e6:
48:58:33:44:d9:06:77:16:48:40:3f:fd:10:80:a7:
56:26:61:c2:0f:ef:b0:51:78:9a:ea:67:4c:f0:5b:
7f:42:f4:22:df:08:a8:69:f3:61:8f:31:df:8e:ab:
95:a1:78:0a:93:c7:40:1c:db:db:c7:30:bc:cf:42:
fb:cf:22:0f:40:5d:45:bc:1f:6b:66:81:ef:8c:24:
d0:73:ad:91:02:fd:5f:95:16:3b:fc:74:27:05:67:
85:94:0a:06:cc:50:93:6e:9c:bf:55:89:12:82:c3:
33:f5:b9:0d:22:bc:03:d4:15:f5:55:5a:80:18:6a:
50:97:5d:2b:c1:f9:b5:22:1a:43:fb:30:c8:40:e9:
84:e3:fc:35:6f:95:32:5f:93:de:08:fc:5a:a8:2f:
9d:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:14:3C:64:B3:4B:C1:D6:90:7A:5C:2B:22:38:E4:9D:40:2B:C7:8E
X509v3 Authority Key Identifier:
keyid:89:6D:58:66:C3:50:93:35:2E:7B:9E:07:62:C5:91:E0:8E:50:F9:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iW1YZsNQkzUue54HYsWR4I5Q-Wc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/9d8f21-b27f-435d-a7b5-784624a7b47e/1/LxQ8ZLNLwdaQelwrIjjknUArx44.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/9d8f21-b27f-435d-a7b5-784624a7b47e/1/iW1YZsNQkzUue54HYsWR4I5Q-Wc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.151.20.0/23
IPv6:
2001:67c:2c90::/47
Signature Algorithm: sha256WithRSAEncryption
5e:23:2c:48:a3:33:30:8f:f6:2c:91:68:3b:31:cc:2f:07:3d:
0e:ed:16:1a:7f:f5:07:c6:57:8a:50:df:43:38:35:bd:5b:e8:
15:7a:ef:cc:5f:a4:7f:11:f9:75:fa:99:6f:a5:83:03:36:7c:
06:cf:f9:8d:48:ce:12:2d:97:18:92:b2:d1:47:20:cb:c7:e5:
0a:3c:ec:c2:b9:20:56:33:58:aa:44:ce:ad:78:61:9d:9a:ac:
1e:e2:90:80:10:05:97:b9:0c:0b:4f:72:45:81:70:e7:04:fc:
2c:79:5f:c7:b9:65:d4:b7:9e:be:8c:18:70:e5:fe:13:e5:42:
48:7e:e3:ce:77:37:43:f4:2c:63:f9:f7:57:87:32:83:a9:15:
41:1f:43:bc:18:8a:1f:0c:eb:b0:71:3f:91:4d:ec:64:8c:5c:
0c:68:cc:fd:09:7f:72:14:16:d4:2e:e6:c1:d2:76:75:7b:26:
c1:5a:dc:6b:bc:9f:47:a8:51:54:98:f0:a4:53:e4:de:b0:2c:
ec:f0:93:7c:6d:2b:01:77:27:c1:ff:4c:c9:a6:98:85:4f:c0:
54:0f:97:90:fc:c0:65:e5:64:53:f9:60:6c:66:8b:74:dd:33:
8e:be:f3:34:82:93:71:9a:01:7e:d9:29:48:d4:83:9f:60:6c:
93:76:9f:47
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzGt9XaEd1sjmxWIioEHKQuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5NmQ1ODY2YzM1MDkzMzUyZTdiOWUwNzYyYzU5MWUwOGU1
MGY5NjcwHhcNMjQwMTAxMjAyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjE0M2M2NGIzNGJjMWQ2OTA3YTVjMmIyMjM4ZTQ5ZDQwMmJjNzhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjStWi83GVUHdVCq8tYjGHx7NBZVd
qBJ2sKVHK+NRksRjTakr5dInXc+rDQ6Q4ao6ng1B0/Epo/X13fjjqrkUhhVx01np
WYUmonifRV5LYF5G1NBpJCsznr9UGBYB8LXO/G19O0xw2eZIWDNE2QZ3FkhAP/0Q
gKdWJmHCD++wUXia6mdM8Ft/QvQi3wioafNhjzHfjquVoXgKk8dAHNvbxzC8z0L7
zyIPQF1FvB9rZoHvjCTQc62RAv1flRY7/HQnBWeFlAoGzFCTbpy/VYkSgsMz9bkN
IrwD1BX1VVqAGGpQl10rwfm1IhpD+zDIQOmE4/w1b5UyX5PeCPxaqC+dpwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFC8UPGSzS8HWkHpcKyI45J1AK8eOMB8GA1UdIwQY
MBaAFIltWGbDUJM1LnueB2LFkeCOUPlnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVcxWVpzTlFrelV1ZTU0SFlzV1I0STVRLVdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi85ZDhmMjEtYjI3Zi00MzVkLWE3YjUt
Nzg0NjI0YTdiNDdlLzEvTHhROFpMTkx3ZGFRZWx3cklqamtuVUFyeDQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi85ZDhmMjEtYjI3Zi00MzVkLWE3YjUtNzg0NjI0YTdiNDdl
LzEvaVcxWVpzTlFrelV1ZTU0SFlzV1I0STVRLVdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBwZcUMA8E
AgACMAkDBwEgAQZ8LJAwDQYJKoZIhvcNAQELBQADggEBAF4jLEijMzCP9iyRaDsx
zC8HPQ7tFhp/9QfGV4pQ30M4Nb1b6BV678xfpH8R+XX6mW+lgwM2fAbP+Y1IzhIt
lxiSstFHIMvH5Qo87MK5IFYzWKpEzq14YZ2arB7ikIAQBZe5DAtPckWBcOcE/Cx5
X8e5ZdS3nr6MGHDl/hPlQkh+4853N0P0LGP591eHMoOpFUEfQ7wYih8M67BxP5FN
7GSMXAxozP0Jf3IUFtQu5sHSdnV7JsFa3Gu8n0eoUVSY8KRT5N6wLOzwk3xtKwF3
J8H/TMmmmIVPwFQPl5D8wGXlZFP5YGxmi3TdM46+8zSCk3GaAX7ZKUjUg59gbJN2
n0c=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:04:32 2024 by rpki-client on console-fra.rpki-client.org