Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/bd81e7-397e-4d5d-a5f1-3a0faa28b5ac/1/LU5TwDY-KxfbSDE1348CxGL2se0.roa
File: LU5TwDY-KxfbSDE1348CxGL2se0.roa (raw, json)
Hash identifier: mPhBdYAfFbtBD1vrPou7SXyt5ZQ0opQ/j/CdEJTxGLY=
Subject key identifier: 2D:4E:53:C0:36:3E:2B:17:DB:48:31:35:DF:8F:02:C4:62:F6:B1:ED
Certificate issuer: /CN=d8320bd4ef858fd62bb2485d08b0a86920e911c1
Certificate serial: 018CC5DC442252276F99ADCCE3DA3684A39B
Authority key identifier: D8:32:0B:D4:EF:85:8F:D6:2B:B2:48:5D:08:B0:A8:69:20:E9:11:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2DIL1O-Fj9YrskhdCLCoaSDpEcE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/bd81e7-397e-4d5d-a5f1-3a0faa28b5ac/1/LU5TwDY-KxfbSDE1348CxGL2se0.roa
Signing time: Mon 01 Jan 2024 16:29:56 +0000
ROA not before: Mon 01 Jan 2024 16:29:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60752
IP address blocks: 185.26.1.0/24 maxlen: 24
185.26.0.0/24 maxlen: 24
185.26.3.0/24 maxlen: 24
185.26.2.0/24 maxlen: 24
193.35.225.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/bd81e7-397e-4d5d-a5f1-3a0faa28b5ac/1/2DIL1O-Fj9YrskhdCLCoaSDpEcE.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/bd81e7-397e-4d5d-a5f1-3a0faa28b5ac/1/2DIL1O-Fj9YrskhdCLCoaSDpEcE.mft
rsync://rpki.ripe.net/repository/DEFAULT/2DIL1O-Fj9YrskhdCLCoaSDpEcE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 00:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:44:22:52:27:6f:99:ad:cc:e3:da:36:84:a3:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8320bd4ef858fd62bb2485d08b0a86920e911c1
Validity
Not Before: Jan 1 16:29:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2d4e53c0363e2b17db483135df8f02c462f6b1ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:8c:ab:10:5d:fb:ad:b5:8e:b6:14:98:7d:72:
a6:d7:64:18:0c:e8:9e:b0:e1:5c:f2:2b:2c:7e:f0:
14:f0:ca:25:c2:47:39:a6:43:3c:91:79:28:58:14:
fd:cb:d0:e2:00:4c:ae:eb:70:76:68:3e:43:da:c7:
a4:13:af:d5:8b:e6:83:af:6c:d8:4a:af:aa:fd:99:
b5:8f:d0:41:65:bb:98:39:97:e8:95:eb:ca:23:36:
5f:13:46:1b:c2:e8:b2:62:7d:fc:b0:d3:ef:5c:05:
64:e5:c5:70:30:49:99:dd:4a:83:c7:ed:66:97:08:
3e:e7:17:94:31:ac:58:db:e9:41:8c:71:9d:34:f6:
ed:eb:e3:f5:47:49:54:97:8c:7a:a4:27:b4:f5:6c:
2c:70:83:66:96:4a:ec:bb:9b:ac:5a:15:e3:aa:58:
ea:85:13:e9:68:cc:22:44:f0:22:3e:c8:9d:af:ba:
d9:b9:18:43:bf:45:f4:99:98:56:92:7a:f0:c5:68:
6b:5a:f4:f7:86:24:aa:d6:ac:3b:b2:bd:55:40:f9:
79:76:21:2d:0b:4b:66:87:ed:80:71:c3:82:48:a3:
91:08:dd:3f:4f:5d:10:cd:c2:d9:a1:ab:b1:b4:04:
8f:0c:16:a0:66:09:e2:6e:5d:9b:06:9d:dc:90:1c:
55:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:4E:53:C0:36:3E:2B:17:DB:48:31:35:DF:8F:02:C4:62:F6:B1:ED
X509v3 Authority Key Identifier:
keyid:D8:32:0B:D4:EF:85:8F:D6:2B:B2:48:5D:08:B0:A8:69:20:E9:11:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2DIL1O-Fj9YrskhdCLCoaSDpEcE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/bd81e7-397e-4d5d-a5f1-3a0faa28b5ac/1/LU5TwDY-KxfbSDE1348CxGL2se0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/bd81e7-397e-4d5d-a5f1-3a0faa28b5ac/1/2DIL1O-Fj9YrskhdCLCoaSDpEcE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.26.0.0/22
193.35.225.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:ee:14:36:76:7c:57:9a:d6:ca:40:48:c9:55:d9:c6:c1:d1:
84:a7:3a:f4:f2:d0:00:64:f9:ab:6b:6b:c0:d1:f8:f8:48:13:
af:40:8e:6d:9b:fd:66:8b:95:55:a6:21:64:e9:f5:8a:f5:6c:
f3:cb:37:82:fa:b6:73:be:3d:e4:5a:49:d4:ce:31:bd:16:d4:
7d:16:d1:66:65:cd:b3:ed:63:bd:3b:5e:56:8a:6d:2c:40:a0:
9c:bd:3d:65:65:e2:57:00:ca:86:d1:9d:25:e4:4d:30:86:af:
3d:1e:8d:45:d5:7f:75:e6:3a:74:7f:f6:7a:df:83:a3:22:7d:
c7:29:04:55:88:b5:dc:d1:71:71:05:d7:9b:98:26:99:ca:cb:
fe:90:52:1f:95:a1:e9:04:9f:0c:05:08:23:dd:ec:74:91:83:
30:e4:3c:33:a4:91:2f:9f:25:64:e8:48:18:51:ad:6a:2a:e5:
dc:f7:63:56:3c:a3:6b:b2:cd:26:6d:14:bb:1d:0f:6d:c9:3a:
fd:1f:b5:a6:46:7b:56:95:7c:f6:64:2c:3d:af:1c:54:7c:84:
ac:89:07:7c:2a:f9:ce:ed:f6:be:ca:8b:d0:8e:9f:8f:79:3b:
bc:9e:4e:e1:6a:06:58:49:aa:3b:13:88:fd:3f:5b:06:1e:3c:
cc:7b:3a:e3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzF3EQiUidvma3M49o2hKObMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MzIwYmQ0ZWY4NThmZDYyYmIyNDg1ZDA4YjBhODY5MjBl
OTExYzEwHhcNMjQwMTAxMTYyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDRlNTNjMDM2M2UyYjE3ZGI0ODMxMzVkZjhmMDJjNDYyZjZiMWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuYyrEF37rbWOthSYfXKm12QYDOie
sOFc8issfvAU8Molwkc5pkM8kXkoWBT9y9DiAEyu63B2aD5D2sekE6/Vi+aDr2zY
Sq+q/Zm1j9BBZbuYOZfolevKIzZfE0YbwuiyYn38sNPvXAVk5cVwMEmZ3UqDx+1m
lwg+5xeUMaxY2+lBjHGdNPbt6+P1R0lUl4x6pCe09WwscINmlkrsu5usWhXjqljq
hRPpaMwiRPAiPsidr7rZuRhDv0X0mZhWknrwxWhrWvT3hiSq1qw7sr1VQPl5diEt
C0tmh+2AccOCSKORCN0/T10QzcLZoauxtASPDBagZgnibl2bBp3ckBxVSwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFC1OU8A2PisX20gxNd+PAsRi9rHtMB8GA1UdIwQY
MBaAFNgyC9TvhY/WK7JIXQiwqGkg6RHBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkRJTDFPLUZqOVlyc2toZENMQ29hU0RwRWNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi9iZDgxZTctMzk3ZS00ZDVkLWE1ZjEt
M2EwZmFhMjhiNWFjLzEvTFU1VHdEWS1LeGZiU0RFMTM0OEN4R0wyc2UwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi9iZDgxZTctMzk3ZS00ZDVkLWE1ZjEtM2EwZmFhMjhiNWFj
LzEvMkRJTDFPLUZqOVlyc2toZENMQ29hU0RwRWNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuRoAAwQA
wSPhMA0GCSqGSIb3DQEBCwUAA4IBAQCt7hQ2dnxXmtbKQEjJVdnGwdGEpzr08tAA
ZPmra2vA0fj4SBOvQI5tm/1mi5VVpiFk6fWK9WzzyzeC+rZzvj3kWknUzjG9FtR9
FtFmZc2z7WO9O15Wim0sQKCcvT1lZeJXAMqG0Z0l5E0whq89Ho1F1X915jp0f/Z6
34OjIn3HKQRViLXc0XFxBdebmCaZysv+kFIflaHpBJ8MBQgj3ex0kYMw5DwzpJEv
nyVk6EgYUa1qKuXc92NWPKNrss0mbRS7HQ9tyTr9H7WmRntWlXz2ZCw9rxxUfISs
iQd8KvnO7fa+yovQjp+PeTu8nk7hagZYSao7E4j9P1sGHjzMezrj
-----END CERTIFICATE-----
Generated at Sat Nov 23 08:46:11 2024 by rpki-client on console-fra.rpki-client.org