Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/Lwhx7gW6UbAExuhNm6w1MqyuMmA.roa
File: Lwhx7gW6UbAExuhNm6w1MqyuMmA.roa (raw, json)
Hash identifier: B6WqEGpObdKlS0Lmd+gKpy/vOBifSLZXcydbQ2nPrb4=
Subject key identifier: 2F:08:71:EE:05:BA:51:B0:04:C6:E8:4D:9B:AC:35:32:AC:AE:32:60
Certificate issuer: /CN=253a3b5f51808168c212c094a2baaff38e16464a
Certificate serial: 018CC5DC48FA54953E13967283A0184A0F0E
Authority key identifier: 25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/Lwhx7gW6UbAExuhNm6w1MqyuMmA.roa
Signing time: Mon 01 Jan 2024 16:29:57 +0000
ROA not before: Mon 01 Jan 2024 16:29:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 52016
IP address blocks: 194.190.137.0/24 maxlen: 24
194.190.157.0/24 maxlen: 24
194.226.130.0/23 maxlen: 24
194.190.21.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.mft
rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 02:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:48:fa:54:95:3e:13:96:72:83:a0:18:4a:0f:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=253a3b5f51808168c212c094a2baaff38e16464a
Validity
Not Before: Jan 1 16:29:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2f0871ee05ba51b004c6e84d9bac3532acae3260
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:fd:17:d6:b7:96:c1:ea:1b:ef:3d:a0:fa:9a:
cc:9a:50:02:0f:a9:f6:4d:9f:da:cb:4b:1c:1d:1c:
d2:7e:72:c5:33:c8:a2:46:76:8f:d3:48:3f:83:1d:
af:6b:57:3f:f4:77:63:2a:c5:5b:a2:3b:6e:1a:9d:
84:fd:4b:72:ac:a4:e7:34:00:4d:07:71:2a:82:ff:
d0:43:41:e5:0a:13:31:c5:77:b3:96:90:a0:b7:65:
7f:0c:c7:c8:e4:d7:17:03:cb:0b:fc:e7:56:6d:03:
f0:6e:34:e6:26:db:30:40:7c:1f:81:8c:eb:e8:e9:
8f:61:63:cf:91:44:10:76:bb:f1:81:0e:fd:a9:a2:
b2:e0:90:c2:ba:f5:45:a3:68:1a:59:b1:d2:8e:13:
0f:ca:ae:6f:d7:d4:df:da:b4:31:80:66:11:23:f7:
4b:d7:b0:08:4c:68:2b:3a:42:8b:44:d8:fc:ec:ae:
1e:c2:45:8a:0a:aa:9c:2f:35:e9:f5:bc:38:e6:31:
5b:d5:ea:cc:b3:55:f3:80:22:f6:9e:cb:12:3f:46:
47:15:79:a2:4c:6a:7a:78:35:84:2c:34:28:6a:c8:
55:54:b2:b4:10:29:00:d8:13:56:40:90:a7:ae:46:
65:5f:84:5d:08:d0:ed:8b:01:e5:26:2f:2a:63:0d:
9d:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:08:71:EE:05:BA:51:B0:04:C6:E8:4D:9B:AC:35:32:AC:AE:32:60
X509v3 Authority Key Identifier:
keyid:25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/Lwhx7gW6UbAExuhNm6w1MqyuMmA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.190.21.0/24
194.190.137.0/24
194.190.157.0/24
194.226.130.0/23
Signature Algorithm: sha256WithRSAEncryption
77:89:4e:42:1c:80:12:af:bb:35:05:26:fc:e8:25:fe:f0:64:
54:cb:d3:c9:01:33:a5:da:45:3c:73:dd:92:36:1f:e3:29:42:
94:ae:b1:3e:ef:92:df:cc:e8:c7:93:e1:8d:13:17:3e:06:97:
6b:78:e4:bc:c9:52:1e:43:9d:7a:3c:05:0a:5b:94:45:70:14:
84:99:0c:12:28:c3:e6:3b:f7:87:4f:70:00:0f:e1:08:8b:4d:
25:fc:2e:c4:4d:3a:f0:2e:55:f3:47:0f:2d:1a:c8:a2:c7:60:
ce:18:91:b1:c3:5c:08:d4:ce:ad:22:1c:4d:eb:ff:af:e4:f3:
0a:16:0d:c2:ad:b9:86:0b:d2:d1:7f:67:a2:f2:c0:8d:c6:a6:
58:34:b3:47:08:d1:c9:94:78:75:64:4b:e0:11:45:94:e5:36:
4c:87:8d:e4:4d:89:44:fa:b5:35:6a:ea:95:b4:8a:1b:66:c8:
c8:ec:71:df:b4:b0:9a:8f:83:5c:53:cc:4b:25:1c:24:21:f9:
ce:72:39:0d:98:d2:8f:06:f0:98:96:d6:95:f2:10:e3:47:72:
57:e9:ed:d3:a7:8e:30:ed:e4:5b:b5:cc:69:97:ff:fd:c6:f5:
34:dd:50:87:a6:62:9e:60:55:40:20:b6:5a:45:b2:32:de:dc:
00:7c:e8:56
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzF3Ej6VJU+E5Zyg6AYSg8OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1M2EzYjVmNTE4MDgxNjhjMjEyYzA5NGEyYmFhZmYzOGUx
NjQ2NGEwHhcNMjQwMTAxMTYyOTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjA4NzFlZTA1YmE1MWIwMDRjNmU4NGQ5YmFjMzUzMmFjYWUzMjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkP0X1reWweob7z2g+prMmlACD6n2
TZ/ay0scHRzSfnLFM8iiRnaP00g/gx2va1c/9HdjKsVbojtuGp2E/UtyrKTnNABN
B3Eqgv/QQ0HlChMxxXezlpCgt2V/DMfI5NcXA8sL/OdWbQPwbjTmJtswQHwfgYzr
6OmPYWPPkUQQdrvxgQ79qaKy4JDCuvVFo2gaWbHSjhMPyq5v19Tf2rQxgGYRI/dL
17AITGgrOkKLRNj87K4ewkWKCqqcLzXp9bw45jFb1erMs1XzgCL2nssSP0ZHFXmi
TGp6eDWELDQoashVVLK0ECkA2BNWQJCnrkZlX4RdCNDtiwHlJi8qYw2dIQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFC8Ice4FulGwBMboTZusNTKsrjJgMB8GA1UdIwQY
MBaAFCU6O19RgIFowhLAlKK6r/OOFkZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQt
OWU5YTFlMDM3MzhlLzEvTHdoeDdnVzZVYkFFeHVoTm02dzFNcXl1TW1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQtOWU5YTFlMDM3Mzhl
LzEvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwr4VAwQA
wr6JAwQAwr6dAwQBwuKCMA0GCSqGSIb3DQEBCwUAA4IBAQB3iU5CHIASr7s1BSb8
6CX+8GRUy9PJATOl2kU8c92SNh/jKUKUrrE+75LfzOjHk+GNExc+BpdreOS8yVIe
Q516PAUKW5RFcBSEmQwSKMPmO/eHT3AAD+EIi00l/C7ETTrwLlXzRw8tGsiix2DO
GJGxw1wI1M6tIhxN6/+v5PMKFg3CrbmGC9LRf2ei8sCNxqZYNLNHCNHJlHh1ZEvg
EUWU5TZMh43kTYlE+rU1auqVtIobZsjI7HHftLCaj4NcU8xLJRwkIfnOcjkNmNKP
BvCYltaV8hDjR3JX6e3Tp44w7eRbtcxpl//9xvU03VCHpmKeYFVAILZaRbIy3twA
fOhW
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:05:51 2024 by rpki-client on console-fra.rpki-client.org