Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/Lz1TkDrmLronOQL-iGwHJ8D_qD0.roa
File: Lz1TkDrmLronOQL-iGwHJ8D_qD0.roa (raw, json)
Hash identifier: 4fXPAqY7JjCQZGH7ZXlTp8ySNivgefj4UQRruneSbK8=
Subject key identifier: 2F:3D:53:90:3A:E6:2E:BA:27:39:02:FE:88:6C:07:27:C0:FF:A8:3D
Certificate issuer: /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial: 018CCA9939DD608B6406091607A5794C93E7
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/Lz1TkDrmLronOQL-iGwHJ8D_qD0.roa
Signing time: Tue 02 Jan 2024 14:34:48 +0000
ROA not before: Tue 02 Jan 2024 14:34:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204834
IP address blocks: 87.107.94.0/24 maxlen: 24
87.107.94.0/23 maxlen: 23
87.107.95.0/24 maxlen: 24
81.12.92.0/23 maxlen: 23
81.12.92.0/24 maxlen: 24
81.12.93.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.mft
rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 May 2024 19:23:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:39:dd:60:8b:64:06:09:16:07:a5:79:4c:93:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
Validity
Not Before: Jan 2 14:34:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2f3d53903ae62eba273902fe886c0727c0ffa83d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:63:39:48:9f:32:78:df:eb:5d:b8:34:e5:b6:
ce:93:5e:e0:a0:14:b8:88:87:cb:90:f4:0e:6b:5e:
9b:e5:55:04:1c:74:a2:63:b3:4f:ac:b5:f2:7b:92:
c1:26:e0:5a:72:fa:84:63:a7:0c:64:31:63:fc:6c:
b2:aa:c2:d1:66:35:1b:ef:96:01:8b:9b:ea:63:82:
01:76:51:c7:5e:34:b1:f0:a4:b2:ff:27:9e:33:03:
2f:0a:c2:bd:81:82:43:9f:91:b8:bc:db:ea:64:55:
27:98:87:70:cc:68:22:02:05:0e:28:16:a9:17:f5:
fa:be:ad:fd:7f:b7:ac:52:4d:00:e7:71:51:24:f4:
40:13:90:a0:36:3d:d1:3e:62:df:85:46:7b:c7:ef:
b8:49:ee:94:60:bd:fd:5a:9f:46:3c:3e:4c:08:22:
6c:11:95:76:cf:eb:b4:c0:90:6e:c5:67:2c:05:ac:
6d:91:0a:17:c0:47:09:b3:a2:84:66:75:68:75:97:
1c:02:00:c7:c0:10:aa:2a:17:d6:e2:06:bf:fb:29:
b1:4d:80:71:07:84:39:c4:ed:9b:62:70:0d:2b:87:
c2:14:25:61:7e:ce:10:48:5d:9c:05:63:7d:f6:99:
99:d0:04:26:c1:ae:cc:64:c7:a2:b2:1e:6f:1f:6e:
3c:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:3D:53:90:3A:E6:2E:BA:27:39:02:FE:88:6C:07:27:C0:FF:A8:3D
X509v3 Authority Key Identifier:
keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/Lz1TkDrmLronOQL-iGwHJ8D_qD0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.12.92.0/23
87.107.94.0/23
Signature Algorithm: sha256WithRSAEncryption
a1:cc:c7:8a:68:41:e8:c2:2e:20:72:27:b3:66:e5:fd:01:01:
b7:86:bb:b0:ad:2a:49:ba:10:c0:4f:44:5d:8b:71:d6:a5:f9:
76:7a:1b:21:0d:8f:69:32:aa:6b:53:01:e8:c5:9d:e5:70:5b:
a8:d6:64:f5:a7:02:44:a3:68:fb:13:e8:b6:5f:be:db:e1:16:
a2:62:aa:99:56:f3:c9:d8:8c:39:aa:c0:e9:5a:4b:cc:ed:da:
c3:91:34:5b:c9:44:87:53:1d:dc:2c:c4:13:e0:90:2a:41:50:
f3:4d:72:f4:ef:9d:28:ca:13:a4:9a:fb:24:a2:28:de:31:e9:
cf:22:a7:98:d3:28:43:86:43:7c:db:83:9f:45:73:68:2a:0f:
b4:18:a9:6a:50:4d:8e:1d:44:0e:2b:f0:4c:6a:95:6d:88:90:
6a:7d:8d:3b:61:de:9d:dc:38:73:68:75:fc:56:3c:78:aa:63:
00:a6:f8:f5:7d:a3:ed:2f:1a:67:ce:8d:8c:f7:fa:d5:86:72:
25:b1:65:3b:da:c7:5c:ae:bb:06:58:29:d5:be:ec:16:5a:73:
33:8a:f5:fb:77:9d:e1:ca:79:96:51:5c:e9:06:77:4e:44:b4:
24:f3:1e:ab:24:33:3a:88:6b:a5:ba:12:93:eb:aa:44:e7:80:
68:41:5c:dd
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzKmTndYItkBgkWB6V5TJPnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzc1ZDk0NzFiODVkOTYzZmVmNmQyODM1OTBlMmQ5NDJk
ZDVjMjEwHhcNMjQwMTAyMTQzNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjNkNTM5MDNhZTYyZWJhMjczOTAyZmU4ODZjMDcyN2MwZmZhODNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgWM5SJ8yeN/rXbg05bbOk17goBS4
iIfLkPQOa16b5VUEHHSiY7NPrLXye5LBJuBacvqEY6cMZDFj/GyyqsLRZjUb75YB
i5vqY4IBdlHHXjSx8KSy/yeeMwMvCsK9gYJDn5G4vNvqZFUnmIdwzGgiAgUOKBap
F/X6vq39f7esUk0A53FRJPRAE5CgNj3RPmLfhUZ7x++4Se6UYL39Wp9GPD5MCCJs
EZV2z+u0wJBuxWcsBaxtkQoXwEcJs6KEZnVodZccAgDHwBCqKhfW4ga/+ymxTYBx
B4Q5xO2bYnANK4fCFCVhfs4QSF2cBWN99pmZ0AQmwa7MZMeish5vH248SQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFC89U5A65i66JzkC/ohsByfA/6g9MB8GA1UdIwQY
MBaAFAB3XZRxuF2WP+9tKDWQ4tlC3VwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQt
NzZiMzNlNGNlODIxLzEvTHoxVGtEcm1Mcm9uT1FMLWlHd0hKOERfcUQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQtNzZiMzNlNGNlODIx
LzEvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBUQxcAwQB
V2teMA0GCSqGSIb3DQEBCwUAA4IBAQChzMeKaEHowi4gciezZuX9AQG3hruwrSpJ
uhDAT0Rdi3HWpfl2ehshDY9pMqprUwHoxZ3lcFuo1mT1pwJEo2j7E+i2X77b4Rai
YqqZVvPJ2Iw5qsDpWkvM7drDkTRbyUSHUx3cLMQT4JAqQVDzTXL0750oyhOkmvsk
oijeMenPIqeY0yhDhkN824OfRXNoKg+0GKlqUE2OHUQOK/BMapVtiJBqfY07Yd6d
3DhzaHX8Vjx4qmMApvj1faPtLxpnzo2M9/rVhnIlsWU72sdcrrsGWCnVvuwWWnMz
ivX7d53hynmWUVzpBndORLQk8x6rJDM6iGuluhKT66pE54BoQVzd
-----END CERTIFICATE-----
Generated at Fri May 17 02:20:24 2024 by rpki-client on console-ams.rpki-client.org