Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/5feb13-9e43-4325-85c9-196e6f375fd6/1/lcmeFUOin01oHe9L6q5SR2ZfTxI.roa
File: lcmeFUOin01oHe9L6q5SR2ZfTxI.roa (raw, json)
Hash identifier: O2wk00e9lEbiJYrDnaB4t3LTIVOkQ1Wf1D9cSq0hXHw=
Subject key identifier: 95:C9:9E:15:43:A2:9F:4D:68:1D:EF:4B:EA:AE:52:47:66:5F:4F:12
Certificate issuer: /CN=a4824308bc83b4ee56f1c0c1b9fbfc311b0cd44a
Certificate serial: 0192961C53ED8C72C9111B636A4D6EC4C7AC
Authority key identifier: A4:82:43:08:BC:83:B4:EE:56:F1:C0:C1:B9:FB:FC:31:1B:0C:D4:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pIJDCLyDtO5W8cDBufv8MRsM1Eo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/5feb13-9e43-4325-85c9-196e6f375fd6/1/lcmeFUOin01oHe9L6q5SR2ZfTxI.roa
Signing time: Wed 16 Oct 2024 16:14:51 +0000
ROA not before: Wed 16 Oct 2024 16:14:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210911
IP address blocks: 81.95.192.0/24 maxlen: 24
81.95.193.0/24 maxlen: 24
81.95.194.0/24 maxlen: 24
81.95.196.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/5feb13-9e43-4325-85c9-196e6f375fd6/1/pIJDCLyDtO5W8cDBufv8MRsM1Eo.crl
rsync://rpki.ripe.net/repository/DEFAULT/a9/5feb13-9e43-4325-85c9-196e6f375fd6/1/pIJDCLyDtO5W8cDBufv8MRsM1Eo.mft
rsync://rpki.ripe.net/repository/DEFAULT/pIJDCLyDtO5W8cDBufv8MRsM1Eo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 04:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:96:1c:53:ed:8c:72:c9:11:1b:63:6a:4d:6e:c4:c7:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4824308bc83b4ee56f1c0c1b9fbfc311b0cd44a
Validity
Not Before: Oct 16 16:14:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=95c99e1543a29f4d681def4beaae5247665f4f12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:da:c5:b6:17:48:6c:be:aa:94:ba:ef:a7:9b:
79:65:df:8c:24:91:49:ba:b1:be:34:17:62:8c:65:
ec:cc:d5:50:6c:9c:86:88:90:5c:f6:f5:98:99:eb:
8a:40:a0:44:9e:33:d7:20:28:b6:e8:e8:83:1f:36:
01:81:c1:4f:04:49:d1:1e:47:06:93:ae:ee:15:47:
47:6b:0b:a3:69:72:e2:2d:ee:0b:02:ae:e2:a3:97:
ab:76:fb:4a:04:6f:cc:9a:77:5e:3a:71:0b:52:1a:
d3:59:4f:10:79:50:81:f7:62:6e:38:1d:de:ea:3a:
c3:58:d5:c5:8c:b8:cd:1e:57:e9:fe:53:84:4f:de:
05:70:ba:06:ea:bb:da:e6:b7:af:29:5b:a9:93:25:
87:73:dc:f6:9c:50:18:7d:05:f3:1d:f6:8c:9d:8c:
30:8d:5f:f0:42:36:a7:b9:be:65:36:d6:2f:4d:52:
57:d1:80:ba:45:c0:5e:5c:b2:44:f1:24:c1:3b:de:
fc:94:4d:ea:16:a8:f4:93:3a:20:ba:17:a2:01:70:
2a:8a:d6:19:b9:1d:19:4c:19:86:66:62:dd:78:48:
06:54:f8:67:2d:4c:02:05:87:5d:93:02:d7:ef:06:
c4:56:c1:01:27:41:60:c9:b2:9c:01:26:e3:a9:cb:
1d:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:C9:9E:15:43:A2:9F:4D:68:1D:EF:4B:EA:AE:52:47:66:5F:4F:12
X509v3 Authority Key Identifier:
keyid:A4:82:43:08:BC:83:B4:EE:56:F1:C0:C1:B9:FB:FC:31:1B:0C:D4:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pIJDCLyDtO5W8cDBufv8MRsM1Eo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/5feb13-9e43-4325-85c9-196e6f375fd6/1/lcmeFUOin01oHe9L6q5SR2ZfTxI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/5feb13-9e43-4325-85c9-196e6f375fd6/1/pIJDCLyDtO5W8cDBufv8MRsM1Eo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.95.192.0-81.95.194.255
81.95.196.0/24
Signature Algorithm: sha256WithRSAEncryption
d9:8c:05:a3:d6:8e:2a:fb:2e:1b:76:5e:c1:33:53:b6:41:e3:
d7:3f:78:56:92:f8:7d:6b:ef:b7:84:7f:36:76:b8:62:74:a0:
29:e2:72:2f:8d:ca:65:b0:7c:2c:d1:df:8f:30:68:40:a3:03:
d7:48:c5:72:c5:df:39:c4:7a:3c:19:3a:64:e0:10:7e:14:da:
d9:31:ae:4c:8b:ef:e6:22:ea:a7:e5:c6:64:96:54:62:e9:2d:
ef:dc:14:1f:1b:f1:0b:bf:a6:d9:00:eb:14:41:b3:bf:47:06:
6a:31:d7:32:66:35:36:af:ff:98:a1:c2:9c:42:5b:a5:86:99:
f6:36:ac:3b:3b:5d:aa:9d:15:bb:9f:b4:ea:9a:52:d2:99:81:
99:02:04:17:52:1d:7f:aa:84:5f:c6:a1:2f:95:c4:89:51:2a:
df:ee:25:eb:79:74:e6:19:53:7e:b0:22:84:7a:df:ea:fd:6d:
84:9d:5c:88:fe:87:4d:22:0a:0a:68:09:4a:43:b5:e0:e5:ee:
63:54:c1:49:e5:9b:19:3d:9d:d4:9f:bc:1e:17:d6:7d:c1:a4:
97:4d:56:6f:21:0a:32:26:73:d5:e4:83:9e:fd:e4:1d:d2:d4:
0b:6d:1b:e5:86:39:25:2b:79:d1:45:7c:83:29:26:a0:a3:b7:
8b:17:3b:e7
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZKWHFPtjHLJERtjak1uxMesMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0ODI0MzA4YmM4M2I0ZWU1NmYxYzBjMWI5ZmJmYzMxMWIw
Y2Q0NGEwHhcNMjQxMDE2MTYxNDUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWM5OWUxNTQzYTI5ZjRkNjgxZGVmNGJlYWFlNTI0NzY2NWY0ZjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7trFthdIbL6qlLrvp5t5Zd+MJJFJ
urG+NBdijGXszNVQbJyGiJBc9vWYmeuKQKBEnjPXICi26OiDHzYBgcFPBEnRHkcG
k67uFUdHawujaXLiLe4LAq7io5erdvtKBG/MmndeOnELUhrTWU8QeVCB92JuOB3e
6jrDWNXFjLjNHlfp/lOET94FcLoG6rva5revKVupkyWHc9z2nFAYfQXzHfaMnYww
jV/wQjanub5lNtYvTVJX0YC6RcBeXLJE8STBO978lE3qFqj0kzoguheiAXAqitYZ
uR0ZTBmGZmLdeEgGVPhnLUwCBYddkwLX7wbEVsEBJ0FgybKcASbjqcsdAQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFJXJnhVDop9NaB3vS+quUkdmX08SMB8GA1UdIwQY
MBaAFKSCQwi8g7TuVvHAwbn7/DEbDNRKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcElKRENMeUR0TzVXOGNEQnVmdjhNUnNNMUVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS81ZmViMTMtOWU0My00MzI1LTg1Yzkt
MTk2ZTZmMzc1ZmQ2LzEvbGNtZUZVT2luMDFvSGU5TDZxNVNSMlpmVHhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS81ZmViMTMtOWU0My00MzI1LTg1YzktMTk2ZTZmMzc1ZmQ2
LzEvcElKRENMeUR0TzVXOGNEQnVmdjhNUnNNMUVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAZRX8AD
BABRX8IDBABRX8QwDQYJKoZIhvcNAQELBQADggEBANmMBaPWjir7Lht2XsEzU7ZB
49c/eFaS+H1r77eEfzZ2uGJ0oCnici+NymWwfCzR348waECjA9dIxXLF3znEejwZ
OmTgEH4U2tkxrkyL7+Yi6qflxmSWVGLpLe/cFB8b8Qu/ptkA6xRBs79HBmox1zJm
NTav/5ihwpxCW6WGmfY2rDs7XaqdFbuftOqaUtKZgZkCBBdSHX+qhF/GoS+VxIlR
Kt/uJet5dOYZU36wIoR63+r9bYSdXIj+h00iCgpoCUpDteDl7mNUwUnlmxk9ndSf
vB4X1n3BpJdNVm8hCjImc9Xkg5795B3S1AttG+WGOSUredFFfIMpJqCjt4sXO+c=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:53:24 2024 by rpki-client on console-ams.rpki-client.org