Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/lmcGoAdaBKQ3hAfm6buD_QTDKTQ.roa
File: lmcGoAdaBKQ3hAfm6buD_QTDKTQ.roa (raw, json)
Hash identifier: C5rw2T1tUB5czhgVGfpw5vdWpG4YpKkJjpuIgiSjEXM=
Subject key identifier: 96:67:06:A0:07:5A:04:A4:37:84:07:E6:E9:BB:83:FD:04:C3:29:34
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018E7FE6F1278E1AE001E10ED3148C0D80C2
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/lmcGoAdaBKQ3hAfm6buD_QTDKTQ.roa
Signing time: Wed 27 Mar 2024 12:33:45 +0000
ROA not before: Wed 27 Mar 2024 12:33:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62390
IP address blocks: 89.33.13.0/24 maxlen: 24
89.37.116.0/24 maxlen: 24
89.37.117.0/24 maxlen: 24
89.45.12.0/23 maxlen: 23
89.45.12.0/24 maxlen: 24
89.45.13.0/24 maxlen: 24
89.47.232.0/24 maxlen: 24
93.119.105.0/24 maxlen: 24
188.240.210.0/24 maxlen: 24
188.240.221.0/24 maxlen: 24
2001:4d18:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.mft
rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:7f:e6:f1:27:8e:1a:e0:01:e1:0e:d3:14:8c:0d:80:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Mar 27 12:33:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=966706a0075a04a4378407e6e9bb83fd04c32934
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:8f:9f:b8:42:47:6b:7f:6c:1d:2a:e7:cf:04:
85:d7:93:97:13:57:8f:ec:2c:18:89:23:c9:60:5e:
a5:ac:db:31:29:f9:16:f0:3d:a5:f6:22:c8:92:21:
21:0e:75:24:0f:9e:d7:d6:ec:ea:d3:c7:15:a7:c6:
ae:bc:d2:e1:02:8b:8f:7f:52:3c:3b:a2:37:40:b4:
8e:b9:fc:81:5f:49:f2:ed:30:83:30:01:d1:b4:be:
42:99:78:55:08:8f:35:a9:8b:4e:25:8b:96:6d:e1:
8c:45:36:02:1f:8b:a5:1e:46:be:94:f1:74:b9:3e:
d7:18:81:67:42:10:f5:36:af:07:0f:c3:3f:02:ed:
ae:1b:d7:fa:3b:bd:11:19:a9:9b:d7:be:81:b7:1e:
f1:3b:6b:5a:43:20:2f:e5:83:0c:4c:de:ab:4d:4f:
ad:6b:72:94:0b:fd:fc:d1:38:62:70:ec:4e:00:35:
7b:f3:fa:ea:78:d3:c9:03:c8:40:bc:1f:aa:18:81:
9e:f7:54:00:1b:7f:50:41:bc:3f:1c:28:dd:b0:0e:
ec:84:2c:f1:9b:87:1b:0f:77:b6:77:a9:67:66:60:
b0:a9:79:92:a2:c5:8b:be:6a:bc:c2:04:aa:ce:f5:
d3:b2:bf:93:0c:16:f7:eb:a8:f1:60:ac:2f:47:37:
c5:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:67:06:A0:07:5A:04:A4:37:84:07:E6:E9:BB:83:FD:04:C3:29:34
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/lmcGoAdaBKQ3hAfm6buD_QTDKTQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.33.13.0/24
89.37.116.0/23
89.45.12.0/23
89.47.232.0/24
93.119.105.0/24
188.240.210.0/24
188.240.221.0/24
IPv6:
2001:4d18:2::/48
Signature Algorithm: sha256WithRSAEncryption
52:0c:f7:99:d5:fb:f6:dc:22:62:df:6d:48:ad:8b:e1:21:eb:
92:e4:0b:05:ee:58:ea:51:6f:30:04:f6:6e:f2:4b:7a:db:78:
51:13:16:fd:ad:15:ee:a3:2b:8c:0c:ef:df:8a:b0:8b:e0:9b:
b5:e4:ad:dc:6b:91:b7:00:76:06:5a:b7:0a:23:d8:90:25:1b:
ec:10:6f:02:fd:60:a1:de:01:0d:f8:76:a6:e4:b2:e7:a8:36:
64:b8:e9:89:ce:34:76:05:15:e2:19:37:65:c1:4f:2d:aa:1f:
b5:83:64:99:79:f6:20:57:2a:3c:eb:90:c2:6a:56:5a:a5:fd:
1e:1c:ad:fe:b6:f1:e8:e5:44:2c:43:cf:5b:80:a5:3a:b2:92:
46:bc:13:00:d2:99:b3:56:e0:11:b9:73:f3:34:2d:7f:f4:ae:
6a:02:77:f7:da:2a:46:29:78:bf:7b:28:03:91:ca:51:3b:3b:
c9:4c:05:0d:a4:48:f2:9f:e5:26:e2:a8:ff:36:9b:f0:9d:c7:
13:bf:e1:bd:0d:40:6a:ce:53:22:8a:64:f0:ec:1c:65:83:c0:
a1:6e:6d:e1:63:ce:b0:16:f9:25:10:dd:81:fa:60:c1:76:78:
f4:6e:bb:4d:b9:c7:1b:b1:83:1c:df:83:c5:d4:89:e2:db:37:
aa:07:24:23
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAY5/5vEnjhrgAeEO0xSMDYDCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjQwMzI3MTIzMzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjY3MDZhMDA3NWEwNGE0Mzc4NDA3ZTZlOWJiODNmZDA0YzMyOTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhY+fuEJHa39sHSrnzwSF15OXE1eP
7CwYiSPJYF6lrNsxKfkW8D2l9iLIkiEhDnUkD57X1uzq08cVp8auvNLhAouPf1I8
O6I3QLSOufyBX0ny7TCDMAHRtL5CmXhVCI81qYtOJYuWbeGMRTYCH4ulHka+lPF0
uT7XGIFnQhD1Nq8HD8M/Au2uG9f6O70RGamb176Btx7xO2taQyAv5YMMTN6rTU+t
a3KUC/380ThicOxOADV78/rqeNPJA8hAvB+qGIGe91QAG39QQbw/HCjdsA7shCzx
m4cbD3e2d6lnZmCwqXmSosWLvmq8wgSqzvXTsr+TDBb366jxYKwvRzfFGwIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFJZnBqAHWgSkN4QH5um7g/0Ewyk0MB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvbG1jR29BZGFCS1EzaEFmbTZidURfUVRES1RRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAwBAIAATAqAwQAWSENAwQB
WSV0AwQBWS0MAwQAWS/oAwQAXXdpAwQAvPDSAwQAvPDdMA8EAgACMAkDBwAgAU0Y
AAIwDQYJKoZIhvcNAQELBQADggEBAFIM95nV+/bcImLfbUiti+Eh65LkCwXuWOpR
bzAE9m7yS3rbeFETFv2tFe6jK4wM79+KsIvgm7XkrdxrkbcAdgZatwoj2JAlG+wQ
bwL9YKHeAQ34dqbksueoNmS46YnONHYFFeIZN2XBTy2qH7WDZJl59iBXKjzrkMJq
Vlql/R4crf628ejlRCxDz1uApTqykka8EwDSmbNW4BG5c/M0LX/0rmoCd/faKkYp
eL97KAORylE7O8lMBQ2kSPKf5SbiqP82m/CdxxO/4b0NQGrOUyKKZPDsHGWDwKFu
beFjzrAW+SUQ3YH6YMF2ePRuu025xxuxgxzfg8XUieLbN6oHJCM=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:27:28 2024 by rpki-client on console-ams.rpki-client.org