Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/bf2631-cfac-4a87-a37b-551584e5c0a4/1/L-hkImLrqb5bdqTtYF-f4VEyToM.roa
File: L-hkImLrqb5bdqTtYF-f4VEyToM.roa (raw, json)
Hash identifier: YLucN2cSfqLVaHoGEnn8+9vRpNF1QNn5lO4nk7SXkBY=
Subject key identifier: 2F:E8:64:22:62:EB:A9:BE:5B:76:A4:ED:60:5F:9F:E1:51:32:4E:83
Certificate issuer: /CN=353620da4452ac82aaf4c8c08819eb0b82513b83
Certificate serial: 0192D8793C0D8E946EA0CE7792B1A806A1D8
Authority key identifier: 35:36:20:DA:44:52:AC:82:AA:F4:C8:C0:88:19:EB:0B:82:51:3B:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NTYg2kRSrIKq9MjAiBnrC4JRO4M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/bf2631-cfac-4a87-a37b-551584e5c0a4/1/L-hkImLrqb5bdqTtYF-f4VEyToM.roa
Signing time: Tue 29 Oct 2024 13:31:16 +0000
ROA not before: Tue 29 Oct 2024 13:31:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215342
IP address blocks: 87.120.131.0/24 maxlen: 24
87.120.136.0/22 maxlen: 22
87.121.96.0/23 maxlen: 23
185.120.180.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/bf2631-cfac-4a87-a37b-551584e5c0a4/1/NTYg2kRSrIKq9MjAiBnrC4JRO4M.crl
rsync://rpki.ripe.net/repository/DEFAULT/b8/bf2631-cfac-4a87-a37b-551584e5c0a4/1/NTYg2kRSrIKq9MjAiBnrC4JRO4M.mft
rsync://rpki.ripe.net/repository/DEFAULT/NTYg2kRSrIKq9MjAiBnrC4JRO4M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:d8:79:3c:0d:8e:94:6e:a0:ce:77:92:b1:a8:06:a1:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=353620da4452ac82aaf4c8c08819eb0b82513b83
Validity
Not Before: Oct 29 13:31:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2fe8642262eba9be5b76a4ed605f9fe151324e83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:23:92:64:b7:95:4d:7a:cd:49:00:ea:c8:6c:
9d:e6:26:e6:28:09:1f:41:b8:a0:c5:b7:45:2c:8a:
ef:73:60:56:3a:d0:12:b0:7a:bb:ad:34:37:cd:2a:
95:6a:73:0a:21:56:f0:6f:8e:27:b1:44:5a:e5:85:
57:31:fc:19:71:0b:a1:cf:9a:1b:1f:3a:59:0d:da:
63:4d:76:75:bc:73:dd:c8:4f:0e:08:be:6f:37:c8:
8e:f5:66:07:ff:55:c5:03:fa:80:39:59:41:b8:27:
53:48:ca:00:9b:7f:60:17:03:a4:3c:23:e4:e0:64:
bc:29:cf:f7:ff:f3:60:02:f1:6f:81:2f:7e:d0:59:
4c:f8:71:17:73:e8:62:8d:79:51:4d:db:2e:a4:94:
b7:7c:5c:ea:6c:32:d5:1a:90:7f:97:bc:01:19:57:
b7:5d:f5:05:af:d6:98:b1:72:29:b4:49:86:fe:8c:
ed:72:f3:6d:97:64:0a:5c:29:62:f0:7e:61:99:e9:
b5:f7:7b:16:7d:83:e4:9b:15:52:a6:1a:b1:47:4f:
f2:c8:ac:c8:e8:0f:37:87:6e:42:b4:a1:1c:31:cf:
46:cf:11:d2:97:ff:e9:e4:59:b7:32:20:9d:79:a3:
70:a6:9f:47:84:24:1f:f1:92:13:33:ca:54:29:32:
2f:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:E8:64:22:62:EB:A9:BE:5B:76:A4:ED:60:5F:9F:E1:51:32:4E:83
X509v3 Authority Key Identifier:
keyid:35:36:20:DA:44:52:AC:82:AA:F4:C8:C0:88:19:EB:0B:82:51:3B:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NTYg2kRSrIKq9MjAiBnrC4JRO4M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/bf2631-cfac-4a87-a37b-551584e5c0a4/1/L-hkImLrqb5bdqTtYF-f4VEyToM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/bf2631-cfac-4a87-a37b-551584e5c0a4/1/NTYg2kRSrIKq9MjAiBnrC4JRO4M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.120.131.0/24
87.120.136.0/22
87.121.96.0/23
185.120.180.0/24
Signature Algorithm: sha256WithRSAEncryption
87:95:a8:ab:1c:5c:8c:0c:44:9b:29:35:4f:5d:26:ba:02:66:
6c:16:46:72:03:e1:72:a5:07:49:d4:4b:52:18:77:00:8c:90:
d2:8c:69:f6:cf:8e:2e:68:64:5f:c4:ac:78:4d:04:37:35:7b:
1a:33:14:c5:59:c5:be:aa:3c:2f:4c:08:9b:76:35:39:90:41:
23:9e:d8:33:eb:4f:65:85:f2:a8:08:2f:4d:d8:09:2e:66:91:
d7:93:d6:2c:03:23:b3:92:26:ee:98:da:50:01:9c:1c:bb:58:
c3:ff:91:49:40:e5:c0:59:ee:e9:4b:de:cd:d0:9b:2b:38:72:
ec:d6:3f:b9:f5:34:e2:0c:14:81:8c:6a:13:79:8a:98:d8:c7:
3f:62:50:bd:e5:52:2c:43:83:99:db:55:bb:dc:74:0e:8a:63:
20:92:18:9f:93:c9:f4:8c:08:03:58:eb:ce:cf:06:61:db:4f:
7c:78:b1:c9:4b:bc:e0:0f:54:b5:e5:91:22:8c:48:01:bd:81:
b8:03:62:43:66:0e:37:4f:45:47:28:eb:01:b6:50:9f:5a:65:
b1:c4:67:80:8d:bf:8d:1d:dc:c0:7a:ea:59:75:6e:bd:f6:85:
10:db:1d:9b:42:2d:b1:30:38:26:a2:0f:53:57:c3:c7:78:ca:
69:80:ac:92
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZLYeTwNjpRuoM53krGoBqHYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MzYyMGRhNDQ1MmFjODJhYWY0YzhjMDg4MTllYjBiODI1
MTNiODMwHhcNMjQxMDI5MTMzMTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmU4NjQyMjYyZWJhOWJlNWI3NmE0ZWQ2MDVmOWZlMTUxMzI0ZTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxyOSZLeVTXrNSQDqyGyd5ibmKAkf
QbigxbdFLIrvc2BWOtASsHq7rTQ3zSqVanMKIVbwb44nsURa5YVXMfwZcQuhz5ob
HzpZDdpjTXZ1vHPdyE8OCL5vN8iO9WYH/1XFA/qAOVlBuCdTSMoAm39gFwOkPCPk
4GS8Kc/3//NgAvFvgS9+0FlM+HEXc+hijXlRTdsupJS3fFzqbDLVGpB/l7wBGVe3
XfUFr9aYsXIptEmG/oztcvNtl2QKXCli8H5hmem193sWfYPkmxVSphqxR0/yyKzI
6A83h25CtKEcMc9GzxHSl//p5Fm3MiCdeaNwpp9HhCQf8ZITM8pUKTIvwwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFC/oZCJi66m+W3ak7WBfn+FRMk6DMB8GA1UdIwQY
MBaAFDU2INpEUqyCqvTIwIgZ6wuCUTuDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlRZZzJrUlNySUtxOU1qQWlCbnJDNEpSTzRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9iZjI2MzEtY2ZhYy00YTg3LWEzN2It
NTUxNTg0ZTVjMGE0LzEvTC1oa0ltTHJxYjViZHFUdFlGLWY0VkV5VG9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9iZjI2MzEtY2ZhYy00YTg3LWEzN2ItNTUxNTg0ZTVjMGE0
LzEvTlRZZzJrUlNySUtxOU1qQWlCbnJDNEpSTzRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAV3iDAwQC
V3iIAwQBV3lgAwQAuXi0MA0GCSqGSIb3DQEBCwUAA4IBAQCHlairHFyMDESbKTVP
XSa6AmZsFkZyA+FypQdJ1EtSGHcAjJDSjGn2z44uaGRfxKx4TQQ3NXsaMxTFWcW+
qjwvTAibdjU5kEEjntgz609lhfKoCC9N2AkuZpHXk9YsAyOzkibumNpQAZwcu1jD
/5FJQOXAWe7pS97N0JsrOHLs1j+59TTiDBSBjGoTeYqY2Mc/YlC95VIsQ4OZ21W7
3HQOimMgkhifk8n0jAgDWOvOzwZh2098eLHJS7zgD1S15ZEijEgBvYG4A2JDZg43
T0VHKOsBtlCfWmWxxGeAjb+NHdzAeupZdW699oUQ2x2bQi2xMDgmog9TV8PHeMpp
gKyS
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:54:58 2024 by rpki-client on console-ams.rpki-client.org