Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/LrfUlsA5WfOXKzc4BUIaOvtLgWg.roa
File: LrfUlsA5WfOXKzc4BUIaOvtLgWg.roa (raw, json)
Hash identifier: vLnLRAQhJil8g5eAEIev+hqWiQaK+6x5u9euwSMbH7c=
Subject key identifier: 2E:B7:D4:96:C0:39:59:F3:97:2B:37:38:05:42:1A:3A:FB:4B:81:68
Certificate issuer: /CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
Certificate serial: 018CC56EB4E0CE250044238A277393E566E1
Authority key identifier: 2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/LrfUlsA5WfOXKzc4BUIaOvtLgWg.roa
Signing time: Mon 01 Jan 2024 14:30:15 +0000
ROA not before: Mon 01 Jan 2024 14:30:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7029
IP address blocks: 5.249.184.0/22 maxlen: 24
5.249.180.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.mft
rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:b4:e0:ce:25:00:44:23:8a:27:73:93:e5:66:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
Validity
Not Before: Jan 1 14:30:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2eb7d496c03959f3972b373805421a3afb4b8168
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:32:bf:5d:79:f4:7f:bd:ab:1b:0f:2a:f6:40:
d4:cc:cb:b0:50:71:d2:05:7e:39:db:06:bf:1e:a2:
1e:ee:b7:75:97:5c:d1:4c:c7:5b:e5:24:94:a9:e8:
79:5d:35:c5:59:be:5b:35:f2:45:2a:f3:23:8b:55:
c8:77:fb:21:df:e6:2b:f2:e5:7b:02:7f:03:0f:f8:
59:9a:34:e4:5a:2e:a2:bd:00:51:f2:18:32:96:44:
91:3f:9e:cc:08:ee:cb:1f:be:c6:1e:35:68:ac:58:
a2:33:ba:cd:13:87:e1:73:58:b9:ba:81:cb:d3:41:
e2:51:bf:70:dc:dd:24:2c:63:d0:6d:2f:75:3b:a0:
e9:3b:be:85:db:05:8e:df:16:ed:11:af:b2:f9:37:
26:d7:1c:99:13:0b:88:06:4d:fb:38:1c:73:e7:f3:
35:9d:83:3f:db:d2:17:fd:04:c2:bd:81:79:41:e4:
58:f6:5c:ca:5b:73:a3:1e:c8:65:33:74:df:fd:2d:
f4:ca:cc:0e:29:75:b8:13:8f:84:24:74:de:c6:ff:
c5:2e:59:3a:56:88:59:35:65:6b:1b:10:7a:5f:29:
59:ad:bf:10:7f:f8:33:1c:2c:ff:2c:e7:02:88:d3:
88:d1:e2:26:fd:91:3a:bf:16:92:04:8f:0b:8c:4d:
ee:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:B7:D4:96:C0:39:59:F3:97:2B:37:38:05:42:1A:3A:FB:4B:81:68
X509v3 Authority Key Identifier:
keyid:2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/LrfUlsA5WfOXKzc4BUIaOvtLgWg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.249.180.0-5.249.187.255
Signature Algorithm: sha256WithRSAEncryption
dd:d8:af:2b:52:40:9c:f7:34:9c:d2:19:ce:34:67:90:0d:a7:
7c:f5:62:50:70:61:92:b8:28:2a:3f:ea:01:70:67:90:2b:0c:
00:72:09:fa:0c:36:60:47:04:16:f7:36:e7:68:d1:6c:68:5e:
fb:19:af:b5:90:ca:82:b6:0f:cb:78:55:ed:b5:da:52:c6:20:
e4:eb:50:3b:a8:99:89:f1:b9:9f:12:34:4e:ae:fd:ce:8a:d7:
f0:4d:3c:1f:ba:9f:11:ae:c6:14:72:2e:5a:e1:6b:51:41:a4:
48:0d:41:c5:68:c4:90:ec:41:59:51:72:8b:83:69:df:78:e3:
70:ca:63:72:4b:37:b9:3f:d4:22:1f:63:93:31:44:fd:33:04:
a8:01:c3:80:04:87:ad:ff:f4:eb:51:10:65:52:53:a6:a2:7a:
a7:44:d4:cd:b0:9d:58:66:fe:47:4f:3e:2f:a9:08:75:e9:b4:
14:ed:30:65:0c:53:a3:2c:e3:66:b8:b9:0a:aa:2f:5f:8a:1a:
64:15:7a:c3:af:5f:c6:01:a2:f1:f8:65:3b:dd:50:2d:1e:f5:
e7:3b:73:5d:9f:c3:31:e4:cc:00:c9:67:1c:d0:0c:fe:36:06:
b0:18:7d:ee:c9:90:9c:f6:1d:84:ca:72:3c:56:0c:ca:48:ea:
47:e3:ba:6d
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzFbrTgziUARCOKJ3OT5WbhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlODI5NjNmZjFhYTcwYWIxMGQxZDMzZTg2YjFkNmQ0OTRk
NmNlNTEwHhcNMjQwMTAxMTQzMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWI3ZDQ5NmMwMzk1OWYzOTcyYjM3MzgwNTQyMWEzYWZiNGI4MTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAozK/XXn0f72rGw8q9kDUzMuwUHHS
BX452wa/HqIe7rd1l1zRTMdb5SSUqeh5XTXFWb5bNfJFKvMji1XId/sh3+Yr8uV7
An8DD/hZmjTkWi6ivQBR8hgylkSRP57MCO7LH77GHjVorFiiM7rNE4fhc1i5uoHL
00HiUb9w3N0kLGPQbS91O6DpO76F2wWO3xbtEa+y+Tcm1xyZEwuIBk37OBxz5/M1
nYM/29IX/QTCvYF5QeRY9lzKW3OjHshlM3Tf/S30yswOKXW4E4+EJHTexv/FLlk6
VohZNWVrGxB6XylZrb8Qf/gzHCz/LOcCiNOI0eIm/ZE6vxaSBI8LjE3upQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFC631JbAOVnzlys3OAVCGjr7S4FoMB8GA1UdIwQY
MBaAFC6Clj/xqnCrENHTPoax1tSU1s5RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQt
ZGY2NGYwZTgyMzYwLzEvTHJmVWxzQTVXZk9YS3pjNEJVSWFPdnRMZ1dnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQtZGY2NGYwZTgyMzYw
LzEvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAIF+bQD
BAIF+bgwDQYJKoZIhvcNAQELBQADggEBAN3YrytSQJz3NJzSGc40Z5ANp3z1YlBw
YZK4KCo/6gFwZ5ArDAByCfoMNmBHBBb3Nudo0WxoXvsZr7WQyoK2D8t4Ve212lLG
IOTrUDuomYnxuZ8SNE6u/c6K1/BNPB+6nxGuxhRyLlrha1FBpEgNQcVoxJDsQVlR
couDad9443DKY3JLN7k/1CIfY5MxRP0zBKgBw4AEh63/9OtREGVSU6aieqdE1M2w
nVhm/kdPPi+pCHXptBTtMGUMU6Ms42a4uQqqL1+KGmQVesOvX8YBovH4ZTvdUC0e
9ec7c12fwzHkzADJZxzQDP42BrAYfe7JkJz2HYTKcjxWDMpI6kfjum0=
-----END CERTIFICATE-----
Generated at Sun May 5 19:46:39 2024 by rpki-client on console-fra.rpki-client.org