Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/lzkstto_3MMLUoiNn5WwGTJX7rg.roa
File: lzkstto_3MMLUoiNn5WwGTJX7rg.roa (raw, json)
Hash identifier: FBck5t3XMNajnroy9EeH8CG8HANfXdlvXuyRD9cnh0U=
Subject key identifier: 97:39:2C:B6:DA:3F:DC:C3:0B:52:88:8D:9F:95:B0:19:32:57:EE:B8
Certificate issuer: /CN=7df132df13e4be53d8250c8c48420264eef6c14c
Certificate serial: 018CC802CCAF28D1A1FEF1EDF9DB3D31B52C
Authority key identifier: 7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/lzkstto_3MMLUoiNn5WwGTJX7rg.roa
Signing time: Tue 02 Jan 2024 02:31:15 +0000
ROA not before: Tue 02 Jan 2024 02:31:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57142
IP address blocks: 89.47.3.0/24 maxlen: 24
86.107.54.0/24 maxlen: 24
89.47.10.0/24 maxlen: 24
89.32.185.0/24 maxlen: 24
89.44.236.0/24 maxlen: 24
89.32.191.0/24 maxlen: 24
86.107.182.0/24 maxlen: 24
86.107.181.0/24 maxlen: 24
176.126.175.0/24 maxlen: 24
188.240.208.0/24 maxlen: 24
86.107.30.0/24 maxlen: 24
89.43.38.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.mft
rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:cc:af:28:d1:a1:fe:f1:ed:f9:db:3d:31:b5:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df132df13e4be53d8250c8c48420264eef6c14c
Validity
Not Before: Jan 2 02:31:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=97392cb6da3fdcc30b52888d9f95b0193257eeb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:5e:c9:5b:1c:30:24:e9:94:0b:9b:06:be:5b:
aa:a5:c0:72:47:94:3b:70:8c:6f:fc:14:0f:81:5b:
33:75:53:d6:82:e5:73:c6:2b:f3:86:69:76:39:f5:
38:bd:da:5d:c6:b1:4c:21:5f:4e:04:b3:f4:a3:d3:
6e:c2:c9:60:5f:f1:16:04:b0:e9:c0:c6:8e:2d:9e:
88:3a:ac:42:81:b2:fe:fc:9f:49:0d:ee:5d:97:fa:
f6:c0:b4:b5:12:e1:5b:62:74:8a:ac:6b:a2:9f:0d:
3c:56:d8:8e:99:96:1e:26:03:03:40:20:55:fc:bf:
ba:ec:04:c1:e7:8e:a8:3c:27:0e:5a:dc:ec:86:e0:
10:65:2d:6f:7f:f8:76:78:84:a7:ee:34:94:a3:f2:
7a:c6:55:8f:6c:a1:5e:7d:39:3e:84:6c:cd:41:ab:
f9:34:38:00:75:ee:2b:46:aa:a8:d9:72:bd:9d:b3:
20:59:61:13:f1:f3:e0:a0:40:49:34:74:39:6f:a8:
73:f8:f6:53:37:36:66:2e:f2:74:20:18:05:01:46:
5e:6b:83:5b:29:90:49:66:c6:3a:93:74:e8:af:98:
c1:ec:22:41:00:2a:8f:c8:36:17:d8:ec:b7:23:55:
35:95:e1:db:ed:fc:16:59:e0:1e:93:d9:20:6a:aa:
b2:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:39:2C:B6:DA:3F:DC:C3:0B:52:88:8D:9F:95:B0:19:32:57:EE:B8
X509v3 Authority Key Identifier:
keyid:7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/lzkstto_3MMLUoiNn5WwGTJX7rg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.107.30.0/24
86.107.54.0/24
86.107.181.0-86.107.182.255
89.32.185.0/24
89.32.191.0/24
89.43.38.0/24
89.44.236.0/24
89.47.3.0/24
89.47.10.0/24
176.126.175.0/24
188.240.208.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:f3:16:52:3d:19:d8:d3:5a:00:f7:33:2f:ef:8f:6f:22:7f:
de:11:9e:8d:fb:23:78:fe:f8:ae:28:2d:dd:eb:db:1e:91:56:
1a:02:3a:2a:f2:5e:8a:3f:9f:40:eb:c7:f2:95:d7:b5:31:61:
59:4f:e2:e3:44:cf:32:96:e7:f8:20:50:e1:25:a6:9c:33:2c:
6f:7b:cd:8d:cf:92:2c:60:43:0f:f5:c3:7e:cd:78:cd:42:f8:
7c:44:67:f5:8d:98:e9:0e:c3:0d:e7:f6:a0:bd:55:6b:e3:a5:
7d:08:dc:4e:33:1c:87:40:39:a3:bb:5e:d1:20:5b:7e:0c:22:
ac:b3:6a:eb:bd:b9:6f:80:23:d5:a0:a7:96:96:cc:95:57:22:
63:c0:22:50:69:13:4f:7a:ef:79:c7:96:bc:7a:52:de:f5:b9:
28:e8:1f:27:30:5b:03:02:c4:08:21:99:8c:71:f1:61:19:f2:
e6:94:8b:90:6f:fa:0a:6a:86:ab:43:03:37:89:bb:ea:c1:78:
d4:6d:45:ad:fd:45:54:cf:3b:c6:4c:e5:53:01:aa:3e:f3:e2:
ba:14:b7:30:f9:dd:2f:bd:b5:a2:fb:58:c0:28:2f:7f:aa:57:
9f:53:e4:b4:54:9e:0d:fd:78:d7:64:65:99:dc:5b:1b:ce:48:
81:0c:f5:de
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAYzIAsyvKNGh/vHt+ds9MbUsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjEzMmRmMTNlNGJlNTNkODI1MGM4YzQ4NDIwMjY0ZWVm
NmMxNGMwHhcNMjQwMTAyMDIzMTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzM5MmNiNmRhM2ZkY2MzMGI1Mjg4OGQ5Zjk1YjAxOTMyNTdlZWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr17JWxwwJOmUC5sGvluqpcByR5Q7
cIxv/BQPgVszdVPWguVzxivzhml2OfU4vdpdxrFMIV9OBLP0o9NuwslgX/EWBLDp
wMaOLZ6IOqxCgbL+/J9JDe5dl/r2wLS1EuFbYnSKrGuinw08VtiOmZYeJgMDQCBV
/L+67ATB546oPCcOWtzshuAQZS1vf/h2eISn7jSUo/J6xlWPbKFefTk+hGzNQav5
NDgAde4rRqqo2XK9nbMgWWET8fPgoEBJNHQ5b6hz+PZTNzZmLvJ0IBgFAUZea4Nb
KZBJZsY6k3Tor5jB7CJBACqPyDYX2Oy3I1U1leHb7fwWWeAek9kgaqqypwIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFJc5LLbaP9zDC1KIjZ+VsBkyV+64MB8GA1UdIwQY
MBaAFH3xMt8T5L5T2CUMjEhCAmTu9sFMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYt
OTc3ODY3NGVkYzk3LzEvbHprc3R0b18zTU1MVW9pTm41V3dHVEpYN3JnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYtOTc3ODY3NGVkYzk3
LzEvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQAVmseAwQA
Vms2MAwDBABWa7UDBABWa7YDBABZILkDBABZIL8DBABZKyYDBABZLOwDBABZLwMD
BABZLwoDBACwfq8DBAC88NAwDQYJKoZIhvcNAQELBQADggEBAFrzFlI9GdjTWgD3
My/vj28if94Rno37I3j++K4oLd3r2x6RVhoCOiryXoo/n0Drx/KV17UxYVlP4uNE
zzKW5/ggUOElppwzLG97zY3PkixgQw/1w37NeM1C+HxEZ/WNmOkOww3n9qC9VWvj
pX0I3E4zHIdAOaO7XtEgW34MIqyzauu9uW+AI9Wgp5aWzJVXImPAIlBpE09673nH
lrx6Ut71uSjoHycwWwMCxAghmYxx8WEZ8uaUi5Bv+gpqhqtDAzeJu+rBeNRtRa39
RVTPO8ZM5VMBqj7z4roUtzD53S+9taL7WMAoL3+qV59T5LRUng39eNdkZZncWxvO
SIEM9d4=
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:37:19 2024 by rpki-client on console-fra.rpki-client.org