Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/058624-de77-4224-b540-ca3350e760cb/1/LFjpi39GN_LD_cURGlo8TQuVz_I.roa
File: LFjpi39GN_LD_cURGlo8TQuVz_I.roa (raw, json)
Hash identifier: SyrfzaSH6kLpEk0Sm8H2aw2UG4V/CfcAz2w9xmYr7kw=
Subject key identifier: 2C:58:E9:8B:7F:46:37:F2:C3:FD:C5:11:1A:5A:3C:4D:0B:95:CF:F2
Certificate issuer: /CN=391c5d3331145ec8e271876f8042207b9d00cb64
Certificate serial: 018CC26D014FC12EB0EF91B4FC13AFD82685
Authority key identifier: 39:1C:5D:33:31:14:5E:C8:E2:71:87:6F:80:42:20:7B:9D:00:CB:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ORxdMzEUXsjicYdvgEIge50Ay2Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/058624-de77-4224-b540-ca3350e760cb/1/LFjpi39GN_LD_cURGlo8TQuVz_I.roa
Signing time: Mon 01 Jan 2024 00:29:32 +0000
ROA not before: Mon 01 Jan 2024 00:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204352
IP address blocks: 185.249.105.0/24 maxlen: 24
185.249.104.0/24 maxlen: 24
185.249.107.0/24 maxlen: 24
185.249.106.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/058624-de77-4224-b540-ca3350e760cb/1/ORxdMzEUXsjicYdvgEIge50Ay2Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/058624-de77-4224-b540-ca3350e760cb/1/ORxdMzEUXsjicYdvgEIge50Ay2Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/ORxdMzEUXsjicYdvgEIge50Ay2Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:01:4f:c1:2e:b0:ef:91:b4:fc:13:af:d8:26:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=391c5d3331145ec8e271876f8042207b9d00cb64
Validity
Not Before: Jan 1 00:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2c58e98b7f4637f2c3fdc5111a5a3c4d0b95cff2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:05:3e:0d:74:1f:80:62:b6:34:04:bd:90:47:
17:40:fb:1d:3f:87:50:b6:74:99:94:d0:db:49:da:
8b:fc:51:90:b0:fe:98:8b:ba:b9:3a:ac:10:7c:7d:
01:06:07:27:f3:da:6b:9a:9e:50:43:55:2d:7e:f0:
5e:df:2e:df:76:4c:44:c6:79:6d:df:f1:67:e4:dd:
d1:ab:b6:a1:ab:fc:6b:72:a7:f3:d4:9f:cc:6f:59:
69:0a:2e:89:3e:84:75:44:72:1e:cd:1c:c0:eb:5a:
aa:0f:d8:07:c4:33:a9:49:cb:1b:75:df:22:6b:e5:
d6:a1:23:f7:7a:0c:5e:c6:5c:36:18:90:60:5b:18:
56:9c:42:6c:1e:a5:00:1f:35:44:b5:9b:f2:fb:3f:
e7:9b:a1:b7:ab:cf:40:ac:b2:04:e0:be:1a:eb:ac:
37:f4:0c:66:c3:38:83:5d:e5:0a:e2:a7:7e:dd:34:
cf:45:97:c9:13:e5:00:a0:3c:bf:9b:24:c3:32:b2:
da:ea:98:f6:ea:e3:1c:30:e1:dd:b1:75:04:db:ab:
8d:be:77:7d:24:03:e3:8b:b3:78:96:de:27:af:78:
a3:5b:74:19:4e:99:d7:9b:3f:0d:06:06:d8:0d:e2:
9e:f2:de:63:5d:f4:d2:74:d6:db:1f:3c:8f:59:d3:
51:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:58:E9:8B:7F:46:37:F2:C3:FD:C5:11:1A:5A:3C:4D:0B:95:CF:F2
X509v3 Authority Key Identifier:
keyid:39:1C:5D:33:31:14:5E:C8:E2:71:87:6F:80:42:20:7B:9D:00:CB:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ORxdMzEUXsjicYdvgEIge50Ay2Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/058624-de77-4224-b540-ca3350e760cb/1/LFjpi39GN_LD_cURGlo8TQuVz_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/058624-de77-4224-b540-ca3350e760cb/1/ORxdMzEUXsjicYdvgEIge50Ay2Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.249.104.0/22
Signature Algorithm: sha256WithRSAEncryption
0e:48:88:37:61:32:21:4e:3e:2d:79:58:c5:1e:ac:ac:fa:1c:
3a:bf:cb:c6:cd:b8:60:ab:60:37:02:53:47:07:ab:27:4d:4b:
c1:a1:c0:32:f1:d8:14:d8:4f:df:61:35:99:04:49:da:40:90:
8a:c6:bb:dd:c3:fe:7b:d8:a3:34:a3:0e:4c:98:e4:cf:2a:a8:
9d:82:e2:16:1b:53:3b:a6:20:23:fc:2a:ae:37:ec:4d:99:e0:
dc:d1:c0:01:75:fb:4e:2e:26:0f:2a:7b:24:cf:90:3f:4b:c1:
59:79:9a:d9:1f:ee:04:0f:cb:e7:8f:82:a1:48:53:05:44:1d:
07:b3:69:f9:9d:31:d4:8e:ad:d5:b3:a2:42:2f:2f:3e:cc:c3:
0c:90:f1:4f:25:0b:95:4f:05:c5:f2:5f:47:f9:8d:fa:32:33:
81:29:24:1e:6d:b8:f8:4a:19:33:87:5f:50:3b:db:d2:53:5b:
a7:49:2d:fa:d5:43:63:61:35:26:63:47:2d:74:a4:81:81:4d:
79:0c:88:3d:99:f6:1f:58:bf:ef:ee:31:0d:d6:6f:1d:50:d7:
32:09:4e:ec:81:a1:0f:b4:47:6c:04:1c:c7:ce:9d:c6:89:82:
c4:b5:cf:73:2c:aa:16:6f:35:b2:f9:48:ec:71:58:69:93:9b:
de:f4:84:d2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbQFPwS6w75G0/BOv2CaFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MWM1ZDMzMzExNDVlYzhlMjcxODc2ZjgwNDIyMDdiOWQw
MGNiNjQwHhcNMjQwMTAxMDAyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzU4ZTk4YjdmNDYzN2YyYzNmZGM1MTExYTVhM2M0ZDBiOTVjZmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkAU+DXQfgGK2NAS9kEcXQPsdP4dQ
tnSZlNDbSdqL/FGQsP6Yi7q5OqwQfH0BBgcn89prmp5QQ1UtfvBe3y7fdkxExnlt
3/Fn5N3Rq7ahq/xrcqfz1J/Mb1lpCi6JPoR1RHIezRzA61qqD9gHxDOpScsbdd8i
a+XWoSP3egxexlw2GJBgWxhWnEJsHqUAHzVEtZvy+z/nm6G3q89ArLIE4L4a66w3
9AxmwziDXeUK4qd+3TTPRZfJE+UAoDy/myTDMrLa6pj26uMcMOHdsXUE26uNvnd9
JAPji7N4lt4nr3ijW3QZTpnXmz8NBgbYDeKe8t5jXfTSdNbbHzyPWdNR+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCxY6Yt/Rjfyw/3FERpaPE0Llc/yMB8GA1UdIwQY
MBaAFDkcXTMxFF7I4nGHb4BCIHudAMtkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1J4ZE16RVVYc2ppY1lkdmdFSWdlNTBBeTJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC8wNTg2MjQtZGU3Ny00MjI0LWI1NDAt
Y2EzMzUwZTc2MGNiLzEvTEZqcGkzOUdOX0xEX2NVUkdsbzhUUXVWel9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC8wNTg2MjQtZGU3Ny00MjI0LWI1NDAtY2EzMzUwZTc2MGNi
LzEvT1J4ZE16RVVYc2ppY1lkdmdFSWdlNTBBeTJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCufloMA0G
CSqGSIb3DQEBCwUAA4IBAQAOSIg3YTIhTj4teVjFHqys+hw6v8vGzbhgq2A3AlNH
B6snTUvBocAy8dgU2E/fYTWZBEnaQJCKxrvdw/572KM0ow5MmOTPKqidguIWG1M7
piAj/CquN+xNmeDc0cABdftOLiYPKnskz5A/S8FZeZrZH+4ED8vnj4KhSFMFRB0H
s2n5nTHUjq3Vs6JCLy8+zMMMkPFPJQuVTwXF8l9H+Y36MjOBKSQebbj4Shkzh19Q
O9vSU1unSS361UNjYTUmY0ctdKSBgU15DIg9mfYfWL/v7jEN1m8dUNcyCU7sgaEP
tEdsBBzHzp3GiYLEtc9zLKoWbzWy+UjscVhpk5ve9ITS
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:21:42 2024 by rpki-client on console-ams.rpki-client.org