Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/LA53G5NMoMtLWw9CsLpgsFxITwU.roa
File: LA53G5NMoMtLWw9CsLpgsFxITwU.roa (raw, json)
Hash identifier: lQtOJKjwvZkVB7FqCMMA6/28aQRwXZITlSnCxiQeM2o=
Subject key identifier: 2C:0E:77:1B:93:4C:A0:CB:4B:5B:0F:42:B0:BA:60:B0:5C:48:4F:05
Certificate issuer: /CN=1c7ad7754795ddd605f28838bb7cc359df7a266a
Certificate serial: 01920AA0E28700E2A395ACAEAA0BD64DE1B1
Authority key identifier: 1C:7A:D7:75:47:95:DD:D6:05:F2:88:38:BB:7C:C3:59:DF:7A:26:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HHrXdUeV3dYF8og4u3zDWd96Jmo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/LA53G5NMoMtLWw9CsLpgsFxITwU.roa
Signing time: Thu 19 Sep 2024 14:12:48 +0000
ROA not before: Thu 19 Sep 2024 14:12:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 53356
IP address blocks: 91.234.22.0/24 maxlen: 24
194.59.7.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/HHrXdUeV3dYF8og4u3zDWd96Jmo.crl
rsync://rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/HHrXdUeV3dYF8og4u3zDWd96Jmo.mft
rsync://rpki.ripe.net/repository/DEFAULT/HHrXdUeV3dYF8og4u3zDWd96Jmo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:0a:a0:e2:87:00:e2:a3:95:ac:ae:aa:0b:d6:4d:e1:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c7ad7754795ddd605f28838bb7cc359df7a266a
Validity
Not Before: Sep 19 14:12:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2c0e771b934ca0cb4b5b0f42b0ba60b05c484f05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:7a:95:6f:be:c6:21:e2:c9:23:f5:57:af:a5:
e1:9d:3d:62:97:5d:73:97:f0:46:d2:c1:5b:bf:7e:
14:91:ae:0c:66:e5:17:c0:d0:59:e2:e8:95:9b:e2:
d2:38:d3:fd:d5:8d:1d:92:06:89:ef:2d:f2:90:1b:
9d:cd:fc:f3:60:11:af:e6:c7:fc:0e:13:8a:42:04:
2e:88:dc:fa:a0:ed:0a:67:1f:b0:58:7f:b4:a2:df:
da:33:c9:9b:90:9c:5b:65:83:e5:93:7c:61:d2:70:
e6:d6:8d:0c:1a:64:01:e9:d5:fa:c4:93:11:d1:79:
83:f9:38:c7:db:b1:cc:1e:3d:d6:70:74:56:19:8a:
26:b8:63:58:e2:3b:b0:89:f9:60:b6:8a:a3:b1:a8:
87:b3:d0:9c:7a:30:be:12:65:a6:10:d1:3c:bc:3d:
cc:5c:22:03:a2:47:93:73:a5:85:04:34:06:f3:03:
b1:4b:21:d5:7e:87:42:2c:89:27:95:04:51:7d:b4:
14:d3:c2:46:0f:53:6d:89:21:d2:30:47:06:78:0c:
72:d3:10:8c:dd:00:8f:cf:6b:65:77:0a:2d:ca:36:
53:c7:9b:2f:37:82:4d:ff:7e:99:ef:b5:e4:61:2e:
14:62:a8:36:27:5a:61:0d:22:48:6e:c4:91:56:8e:
22:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:0E:77:1B:93:4C:A0:CB:4B:5B:0F:42:B0:BA:60:B0:5C:48:4F:05
X509v3 Authority Key Identifier:
keyid:1C:7A:D7:75:47:95:DD:D6:05:F2:88:38:BB:7C:C3:59:DF:7A:26:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HHrXdUeV3dYF8og4u3zDWd96Jmo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/LA53G5NMoMtLWw9CsLpgsFxITwU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/HHrXdUeV3dYF8og4u3zDWd96Jmo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.234.22.0/24
194.59.7.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:55:ee:fd:12:f8:78:6a:c1:6c:be:79:6f:24:4f:eb:5a:fa:
f2:4c:f2:64:e3:2f:e9:7b:0d:a7:0d:cc:0e:90:67:52:13:33:
d9:b7:6d:ff:47:be:e6:49:2d:d6:d6:71:7c:d8:be:f3:ca:f7:
36:32:c3:fd:50:76:80:ee:f2:cf:aa:3d:b3:d1:71:09:dd:b5:
22:35:48:91:55:a8:61:16:a4:cf:89:0e:46:8e:0f:82:dd:25:
7d:42:ef:4d:37:e1:42:33:85:b5:6e:ca:57:d3:f0:46:4c:a6:
91:e8:46:73:fe:20:f9:a5:16:25:41:c6:ca:06:d8:f1:05:95:
12:6a:68:dc:ac:14:dd:dd:6e:0c:c9:75:ea:e1:a2:d3:1c:60:
ea:66:64:bf:f4:66:62:a0:44:b8:2e:c7:86:5b:f7:46:d1:ab:
32:30:5e:d0:b6:bd:a5:3e:8e:2f:3e:d3:e5:f1:20:ee:6a:eb:
30:b6:ed:7c:79:84:6d:a0:c1:83:df:a6:38:09:80:26:c2:28:
ee:be:d4:6e:66:bd:93:b9:a6:87:91:6d:07:c5:1c:9c:64:21:
3a:15:64:11:59:40:53:fe:0d:e3:ec:ea:c8:c1:7f:9e:f4:8b:
bd:a9:8a:26:e6:c7:a0:74:a0:56:d3:8c:66:6c:71:8b:c5:13:
66:80:d6:e9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZIKoOKHAOKjlayuqgvWTeGxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjN2FkNzc1NDc5NWRkZDYwNWYyODgzOGJiN2NjMzU5ZGY3
YTI2NmEwHhcNMjQwOTE5MTQxMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzBlNzcxYjkzNGNhMGNiNGI1YjBmNDJiMGJhNjBiMDVjNDg0ZjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsnqVb77GIeLJI/VXr6XhnT1il11z
l/BG0sFbv34Uka4MZuUXwNBZ4uiVm+LSONP91Y0dkgaJ7y3ykBudzfzzYBGv5sf8
DhOKQgQuiNz6oO0KZx+wWH+0ot/aM8mbkJxbZYPlk3xh0nDm1o0MGmQB6dX6xJMR
0XmD+TjH27HMHj3WcHRWGYomuGNY4juwiflgtoqjsaiHs9CcejC+EmWmENE8vD3M
XCIDokeTc6WFBDQG8wOxSyHVfodCLIknlQRRfbQU08JGD1NtiSHSMEcGeAxy0xCM
3QCPz2tldwotyjZTx5svN4JN/36Z77XkYS4UYqg2J1phDSJIbsSRVo4igwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCwOdxuTTKDLS1sPQrC6YLBcSE8FMB8GA1UdIwQY
MBaAFBx613VHld3WBfKIOLt8w1nfeiZqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEhyWGRVZVYzZFlGOG9nNHUzekRXZDk2Sm1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9jNWE5ZTMtNjcyMi00YjZhLWJlNTgt
YWRhNWMyMGUzZjdiLzEvTEE1M0c1Tk1vTXRMV3c5Q3NMcGdzRnhJVHdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9jNWE5ZTMtNjcyMi00YjZhLWJlNTgtYWRhNWMyMGUzZjdi
LzEvSEhyWGRVZVYzZFlGOG9nNHUzekRXZDk2Sm1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+oWAwQA
wjsHMA0GCSqGSIb3DQEBCwUAA4IBAQCeVe79Evh4asFsvnlvJE/rWvryTPJk4y/p
ew2nDcwOkGdSEzPZt23/R77mSS3W1nF82L7zyvc2MsP9UHaA7vLPqj2z0XEJ3bUi
NUiRVahhFqTPiQ5Gjg+C3SV9Qu9NN+FCM4W1bspX0/BGTKaR6EZz/iD5pRYlQcbK
BtjxBZUSamjcrBTd3W4MyXXq4aLTHGDqZmS/9GZioES4LseGW/dG0asyMF7Qtr2l
Po4vPtPl8SDuauswtu18eYRtoMGD36Y4CYAmwijuvtRuZr2TuaaHkW0HxRycZCE6
FWQRWUBT/g3j7OrIwX+e9Iu9qYom5segdKBW04xmbHGLxRNmgNbp
-----END CERTIFICATE-----
Generated at Mon Nov 25 11:48:48 2024 by rpki-client on console-ams.rpki-client.org