Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/lnx0MSNXu-b8u8FI0lpqz-A7oHw.roa
File: lnx0MSNXu-b8u8FI0lpqz-A7oHw.roa (raw, json)
Hash identifier: NVmLaYkx9p0xeTDyYslIT2xRvTPcao/7hqa2UU+qxCQ=
Subject key identifier: 96:7C:74:31:23:57:BB:E6:FC:BB:C1:48:D2:5A:6A:CF:E0:3B:A0:7C
Certificate issuer: /CN=2968b4e0ef8106f0e12ab8e501d2aa4e36b783c2
Certificate serial: 01934DF3B5CFFA42BCDB097FF0805FF8A838
Authority key identifier: 29:68:B4:E0:EF:81:06:F0:E1:2A:B8:E5:01:D2:AA:4E:36:B7:83:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWi04O-BBvDhKrjlAdKqTja3g8I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/lnx0MSNXu-b8u8FI0lpqz-A7oHw.roa
Signing time: Thu 21 Nov 2024 09:00:37 +0000
ROA not before: Thu 21 Nov 2024 09:00:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208333
IP address blocks: 2a01:e901:105::/48 maxlen: 48
2a01:e901:115::/48 maxlen: 48
2a01:e901:125::/48 maxlen: 48
2a01:e901:135::/48 maxlen: 48
2a01:e901:145::/48 maxlen: 48
2a01:e901:155::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/KWi04O-BBvDhKrjlAdKqTja3g8I.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/KWi04O-BBvDhKrjlAdKqTja3g8I.mft
rsync://rpki.ripe.net/repository/DEFAULT/KWi04O-BBvDhKrjlAdKqTja3g8I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:4d:f3:b5:cf:fa:42:bc:db:09:7f:f0:80:5f:f8:a8:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2968b4e0ef8106f0e12ab8e501d2aa4e36b783c2
Validity
Not Before: Nov 21 09:00:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=967c74312357bbe6fcbbc148d25a6acfe03ba07c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:dd:23:6e:4a:7d:51:3f:7d:a8:a8:c6:c7:c8:
13:47:58:d9:d0:cc:80:3c:fc:56:57:2e:15:7c:ce:
3c:4e:96:ea:2a:f9:ba:c9:9a:2d:e0:73:90:59:a2:
90:ad:4f:6d:55:40:08:e3:de:4e:6a:b3:a2:aa:96:
8e:8b:a2:aa:58:0b:bc:4b:88:d1:97:0d:f5:9c:c1:
c5:ba:90:77:13:f1:29:a3:d3:94:69:98:63:78:78:
7b:94:47:45:be:47:34:1d:5c:3c:8d:1d:e7:45:76:
2f:62:55:25:27:91:ac:eb:4a:3a:9e:67:fd:16:25:
f1:75:1e:e2:04:3e:bc:04:a0:1b:53:88:67:f9:ca:
38:66:42:db:30:45:c4:95:84:04:1a:30:bc:22:07:
63:a9:02:57:ec:3b:60:d6:36:3e:ed:16:1a:fb:1b:
ec:88:42:e8:eb:a3:7a:d6:22:32:01:4c:bd:9c:3f:
24:e7:99:ec:58:95:08:70:e8:f6:21:7c:15:74:59:
07:53:5b:f5:a0:b0:c7:1a:06:57:07:93:5b:ed:98:
9d:8b:c5:f5:01:fc:8e:1e:5b:56:43:53:7b:35:4b:
7b:d7:9d:ef:e7:2d:16:05:7e:32:de:be:1f:90:cd:
ca:44:30:73:85:5c:91:47:e4:e1:c0:c6:c4:b5:7b:
09:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:7C:74:31:23:57:BB:E6:FC:BB:C1:48:D2:5A:6A:CF:E0:3B:A0:7C
X509v3 Authority Key Identifier:
keyid:29:68:B4:E0:EF:81:06:F0:E1:2A:B8:E5:01:D2:AA:4E:36:B7:83:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWi04O-BBvDhKrjlAdKqTja3g8I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/lnx0MSNXu-b8u8FI0lpqz-A7oHw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/KWi04O-BBvDhKrjlAdKqTja3g8I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:e901:105::/48
2a01:e901:115::/48
2a01:e901:125::/48
2a01:e901:135::/48
2a01:e901:145::/48
2a01:e901:155::/48
Signature Algorithm: sha256WithRSAEncryption
23:b4:b4:87:f0:7b:48:20:c3:ed:ce:7d:fb:fc:be:51:c2:18:
32:5e:32:16:0a:e1:17:1a:71:26:0b:56:4b:4d:25:be:16:84:
ff:e8:8e:73:e6:6e:45:c4:f2:b5:a8:2c:c9:ec:f8:e7:70:f2:
fe:e3:e5:ac:a5:47:14:55:1e:83:d6:9a:e1:f4:e0:ef:3a:42:
ee:4b:c0:37:ca:5c:99:62:1d:7e:12:a1:25:ca:18:bf:c2:87:
42:6f:8b:ad:71:d4:9c:7c:91:a3:57:c1:77:37:38:e5:a0:4a:
65:59:aa:0a:38:19:4f:bc:da:65:17:4d:0f:62:83:d9:ce:0e:
38:d8:8c:4e:30:de:bf:4b:54:9c:69:c2:49:d9:ab:e6:5e:7f:
e8:51:fe:0c:2f:93:84:bd:6a:65:d6:fb:a7:97:ca:84:d6:c5:
9f:d6:1a:84:cd:a3:58:ac:9b:10:f1:da:9b:ab:1b:57:b7:f5:
5b:20:59:b0:86:e1:ce:6d:6d:f4:20:6a:da:6e:ec:c1:91:25:
98:05:73:26:7f:dc:5f:4b:fb:5f:b5:0c:93:c8:4a:42:ac:3c:
13:aa:40:2d:73:21:0d:c3:2f:65:0f:08:89:7e:16:c7:0d:b4:
ff:42:5e:2c:7c:90:fe:b0:04:45:d1:37:83:71:5f:3d:c5:2e:
d1:c6:a3:09
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZNN87XP+kK82wl/8IBf+Kg4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NjhiNGUwZWY4MTA2ZjBlMTJhYjhlNTAxZDJhYTRlMzZi
NzgzYzIwHhcNMjQxMTIxMDkwMDM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjdjNzQzMTIzNTdiYmU2ZmNiYmMxNDhkMjVhNmFjZmUwM2JhMDdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6N0jbkp9UT99qKjGx8gTR1jZ0MyA
PPxWVy4VfM48TpbqKvm6yZot4HOQWaKQrU9tVUAI495OarOiqpaOi6KqWAu8S4jR
lw31nMHFupB3E/Epo9OUaZhjeHh7lEdFvkc0HVw8jR3nRXYvYlUlJ5Gs60o6nmf9
FiXxdR7iBD68BKAbU4hn+co4ZkLbMEXElYQEGjC8IgdjqQJX7Dtg1jY+7RYa+xvs
iELo66N61iIyAUy9nD8k55nsWJUIcOj2IXwVdFkHU1v1oLDHGgZXB5Nb7Zidi8X1
AfyOHltWQ1N7NUt7153v5y0WBX4y3r4fkM3KRDBzhVyRR+ThwMbEtXsJ6QIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFJZ8dDEjV7vm/LvBSNJaas/gO6B8MB8GA1UdIwQY
MBaAFClotODvgQbw4Sq45QHSqk42t4PCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1dpMDRPLUJCdkRoS3JqbEFkS3FUamEzZzhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy80ODE2MzctNmMxYy00NWU4LThmYmQt
NDRmOGVkNWQ2MWQ3LzEvbG54ME1TTlh1LWI4dThGSTBscHF6LUE3b0h3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy80ODE2MzctNmMxYy00NWU4LThmYmQtNDRmOGVkNWQ2MWQ3
LzEvS1dpMDRPLUJCdkRoS3JqbEFkS3FUamEzZzhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAAjA2AwcAKgHpAQEF
AwcAKgHpAQEVAwcAKgHpAQElAwcAKgHpAQE1AwcAKgHpAQFFAwcAKgHpAQFVMA0G
CSqGSIb3DQEBCwUAA4IBAQAjtLSH8HtIIMPtzn37/L5RwhgyXjIWCuEXGnEmC1ZL
TSW+FoT/6I5z5m5FxPK1qCzJ7PjncPL+4+WspUcUVR6D1prh9ODvOkLuS8A3ylyZ
Yh1+EqElyhi/wodCb4utcdScfJGjV8F3NzjloEplWaoKOBlPvNplF00PYoPZzg44
2IxOMN6/S1ScacJJ2avmXn/oUf4ML5OEvWpl1vunl8qE1sWf1hqEzaNYrJsQ8dqb
qxtXt/VbIFmwhuHObW30IGrabuzBkSWYBXMmf9xfS/tftQyTyEpCrDwTqkAtcyEN
wy9lDwiJfhbHDbT/Ql4sfJD+sARF0TeDcV89xS7RxqMJ
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:56:35 2024 by rpki-client on console-ams.rpki-client.org