Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/lxWN8fAJqpDuaqeV59mNHvuipWQ.roa
File: lxWN8fAJqpDuaqeV59mNHvuipWQ.roa (raw, json)
Hash identifier: z4NUA7GrwHNEeHf1hRlUwG41wZKnqE5AguSDzcIct8A=
Subject key identifier: 97:15:8D:F1:F0:09:AA:90:EE:6A:A7:95:E7:D9:8D:1E:FB:A2:A5:64
Certificate issuer: /CN=6e6d7bcabfcc308d420053c482a0d59fb1282e30
Certificate serial: 018E567225CAB55D03FFCAD2A623006E4ED3
Authority key identifier: 6E:6D:7B:CA:BF:CC:30:8D:42:00:53:C4:82:A0:D5:9F:B1:28:2E:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bm17yr_MMI1CAFPEgqDVn7EoLjA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/lxWN8fAJqpDuaqeV59mNHvuipWQ.roa
Signing time: Tue 19 Mar 2024 11:21:45 +0000
ROA not before: Tue 19 Mar 2024 11:21:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 145.219.18.0/23 maxlen: 23
145.219.20.0/23 maxlen: 23
145.219.32.0/19 maxlen: 19
145.219.64.0/18 maxlen: 18
145.219.128.0/17 maxlen: 17
193.176.255.0/24 maxlen: 24
2a04:b0c4::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/bm17yr_MMI1CAFPEgqDVn7EoLjA.crl
rsync://rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/bm17yr_MMI1CAFPEgqDVn7EoLjA.mft
rsync://rpki.ripe.net/repository/DEFAULT/bm17yr_MMI1CAFPEgqDVn7EoLjA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:56:72:25:ca:b5:5d:03:ff:ca:d2:a6:23:00:6e:4e:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e6d7bcabfcc308d420053c482a0d59fb1282e30
Validity
Not Before: Mar 19 11:21:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=97158df1f009aa90ee6aa795e7d98d1efba2a564
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:ad:70:96:1b:92:64:71:ce:33:c1:c8:20:3e:
81:18:b5:ef:94:c5:ee:40:64:a7:a4:93:32:32:2e:
c8:a2:e5:6c:9e:3a:63:5f:ca:ce:84:44:c7:4a:f5:
ba:8f:45:97:a9:16:71:cd:aa:ea:b6:69:1f:92:0e:
24:d7:d7:91:5a:7f:9b:93:79:4a:67:e3:73:88:05:
59:3e:2a:e2:02:ce:92:39:45:f3:f7:bf:b9:c5:f7:
ea:2a:63:2f:56:91:c5:d6:22:b7:10:c2:93:5e:1a:
e7:99:8b:5a:a0:95:4d:40:f3:14:82:a1:03:31:70:
ca:a9:ee:45:ff:cf:32:f7:1b:a5:21:f3:88:a5:67:
be:89:04:83:2d:02:9f:66:43:c4:ec:86:39:89:a5:
49:ac:cb:98:66:7c:e5:51:c9:76:e2:0a:e2:24:f5:
ba:ce:55:0a:a5:05:d5:44:b3:68:04:8f:dc:4c:53:
a2:3d:72:e4:d0:ab:25:95:5c:d3:1c:b1:8e:5a:98:
c0:45:1c:65:e1:6f:98:ff:0a:8c:5f:ab:25:51:0e:
2d:e9:ea:24:73:dd:67:1c:39:23:a8:58:0b:d7:c2:
bf:19:89:65:ec:f2:39:15:a9:30:2b:47:17:87:44:
85:c2:c3:29:bf:e3:ab:b3:91:3d:ae:06:79:12:4b:
f1:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:15:8D:F1:F0:09:AA:90:EE:6A:A7:95:E7:D9:8D:1E:FB:A2:A5:64
X509v3 Authority Key Identifier:
keyid:6E:6D:7B:CA:BF:CC:30:8D:42:00:53:C4:82:A0:D5:9F:B1:28:2E:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bm17yr_MMI1CAFPEgqDVn7EoLjA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/lxWN8fAJqpDuaqeV59mNHvuipWQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/bm17yr_MMI1CAFPEgqDVn7EoLjA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.219.18.0-145.219.21.255
145.219.32.0-145.219.255.255
193.176.255.0/24
IPv6:
2a04:b0c4::/30
Signature Algorithm: sha256WithRSAEncryption
58:89:b5:de:8c:4b:25:b7:58:08:e1:9a:1b:f6:a7:53:c7:47:
49:dd:9a:38:9d:75:80:d9:95:f4:54:37:04:74:ba:fc:de:dd:
f4:58:da:90:cb:aa:d9:03:c7:26:1b:f0:84:1c:cb:9e:40:ed:
7e:2d:1b:d7:61:ed:2e:0b:c9:ab:fe:8d:84:83:e6:c2:b6:07:
3d:fe:b5:cf:91:01:f7:63:ce:58:43:e8:73:11:0f:b2:ea:73:
b7:79:9d:1d:93:17:99:a9:fe:d1:40:11:e8:95:a8:d9:f0:9d:
3f:c4:a8:4f:c4:69:5f:e3:3a:de:30:f5:57:58:bc:ee:bd:20:
c8:c0:87:5d:86:65:89:fa:18:7f:35:08:35:00:9f:e7:46:53:
c5:c5:ad:1d:4e:b3:7f:c7:5b:b8:8d:83:50:db:59:e6:9b:d6:
f2:aa:54:22:cb:db:fa:83:c8:c1:56:5a:1e:f4:22:fe:5e:bb:
d2:bc:f2:91:b5:8f:9e:0c:27:cf:e8:86:b8:45:8f:80:bc:4c:
dd:83:53:32:c7:6f:ed:a5:fd:ff:a2:3e:72:2e:e1:44:00:9a:
9b:d8:93:c7:93:7f:bc:a3:5d:e3:c7:04:77:a7:3a:3f:7e:1a:
9b:1b:d9:da:27:49:d5:85:ca:bc:27:cd:ad:ad:56:e2:b6:ee:
cf:3d:12:51
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAY5WciXKtV0D/8rSpiMAbk7TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlNmQ3YmNhYmZjYzMwOGQ0MjAwNTNjNDgyYTBkNTlmYjEy
ODJlMzAwHhcNMjQwMzE5MTEyMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzE1OGRmMWYwMDlhYTkwZWU2YWE3OTVlN2Q5OGQxZWZiYTJhNTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmK1wlhuSZHHOM8HIID6BGLXvlMXu
QGSnpJMyMi7IouVsnjpjX8rOhETHSvW6j0WXqRZxzarqtmkfkg4k19eRWn+bk3lK
Z+NziAVZPiriAs6SOUXz97+5xffqKmMvVpHF1iK3EMKTXhrnmYtaoJVNQPMUgqED
MXDKqe5F/88y9xulIfOIpWe+iQSDLQKfZkPE7IY5iaVJrMuYZnzlUcl24griJPW6
zlUKpQXVRLNoBI/cTFOiPXLk0KsllVzTHLGOWpjARRxl4W+Y/wqMX6slUQ4t6eok
c91nHDkjqFgL18K/GYll7PI5FakwK0cXh0SFwsMpv+Ors5E9rgZ5Ekvx9QIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFJcVjfHwCaqQ7mqnlefZjR77oqVkMB8GA1UdIwQY
MBaAFG5te8q/zDCNQgBTxIKg1Z+xKC4wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm0xN3lyX01NSTFDQUZQRWdxRFZuN0VvTGpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy80NWM2ODktYWZhYS00ZGEzLWE5NDIt
OTMxOTRlYjYxMDhkLzEvbHhXTjhmQUpxcER1YXFlVjU5bU5IdnVpcFdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy80NWM2ODktYWZhYS00ZGEzLWE5NDItOTMxOTRlYjYxMDhk
LzEvYm0xN3lyX01NSTFDQUZQRWdxRFZuN0VvTGpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODAnBAIAATAhMAwDBAGR2xID
BAGR2xQwCwMEBZHbIAMDApHYAwQAwbD/MA0EAgACMAcDBQIqBLDEMA0GCSqGSIb3
DQEBCwUAA4IBAQBYibXejEslt1gI4Zob9qdTx0dJ3Zo4nXWA2ZX0VDcEdLr83t30
WNqQy6rZA8cmG/CEHMueQO1+LRvXYe0uC8mr/o2Eg+bCtgc9/rXPkQH3Y85YQ+hz
EQ+y6nO3eZ0dkxeZqf7RQBHolajZ8J0/xKhPxGlf4zreMPVXWLzuvSDIwIddhmWJ
+hh/NQg1AJ/nRlPFxa0dTrN/x1u4jYNQ21nmm9byqlQiy9v6g8jBVloe9CL+XrvS
vPKRtY+eDCfP6Ia4RY+AvEzdg1Myx2/tpf3/oj5yLuFEAJqb2JPHk3+8o13jxwR3
pzo/fhqbG9naJ0nVhcq8J82trVbitu7PPRJR
-----END CERTIFICATE-----
Generated at Thu Apr 25 23:35:02 2024 by rpki-client on console-fra.rpki-client.org