Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/lz1AvWqZlkUxMLw996bVWE3FeKc.roa
File: lz1AvWqZlkUxMLw996bVWE3FeKc.roa (raw, json)
Hash identifier: fX2Ml6sDKJw6/fnZzPGi2mcsxn4O5/YFH7Q3y9JhirI=
Subject key identifier: 97:3D:40:BD:6A:99:96:45:31:30:BC:3D:F7:A6:D5:58:4D:C5:78:A7
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 018CC8DFB2AB182B02F178F7E0957EF8802A
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/lz1AvWqZlkUxMLw996bVWE3FeKc.roa
Signing time: Tue 02 Jan 2024 06:32:32 +0000
ROA not before: Tue 02 Jan 2024 06:32:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211443
IP address blocks: 192.162.100.0/24 maxlen: 24
192.162.102.0/24 maxlen: 24
192.162.101.0/24 maxlen: 24
192.162.103.0/24 maxlen: 24
193.0.203.0/24 maxlen: 24
193.0.200.0/24 maxlen: 24
194.63.141.0/24 maxlen: 24
194.63.143.0/24 maxlen: 24
194.63.140.0/24 maxlen: 24
194.63.142.0/24 maxlen: 24
193.168.226.0/24 maxlen: 24
91.217.77.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.mft
rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:b2:ab:18:2b:02:f1:78:f7:e0:95:7e:f8:80:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jan 2 06:32:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=973d40bd6a9996453130bc3df7a6d5584dc578a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:fd:0e:6e:d8:ce:bc:43:1b:58:d4:fd:f5:59:
70:72:1a:f7:80:42:0a:d7:7e:17:c8:ba:77:28:ad:
49:51:a3:a0:71:e5:01:44:01:1f:40:31:14:5a:65:
25:c5:4b:8f:13:4b:eb:c5:ae:5a:25:ba:14:10:43:
22:58:a7:60:bd:bf:2e:23:ee:5d:d3:d0:b2:1b:81:
17:24:20:dd:18:a5:5a:fd:93:f1:dd:f8:81:58:1c:
d8:a0:1f:70:d2:97:52:26:60:b8:8d:34:7f:97:33:
93:e9:cd:65:e4:a9:0d:99:03:5d:34:8b:cb:3c:3e:
be:3d:f6:22:42:08:b2:71:2e:43:a4:8a:e0:b6:61:
90:f4:b5:a5:3c:a6:47:47:aa:d2:84:1b:e4:14:7a:
a3:38:fd:5d:8a:9a:cd:c1:56:c2:6c:11:21:f3:61:
02:f7:98:b5:62:b3:f5:1c:eb:87:9e:ab:38:23:6e:
8c:4c:93:99:b7:59:7f:99:47:a3:74:46:98:f1:8f:
33:7d:89:37:21:69:ad:cf:5e:76:c6:1c:1e:de:b6:
1a:2c:91:73:e5:49:9e:b3:ea:e2:4a:f7:67:4a:72:
a7:11:97:17:fc:bb:33:48:df:40:3a:d7:3e:b2:0b:
4b:51:9f:ad:01:93:a4:ee:3e:62:57:b8:18:43:ca:
8b:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:3D:40:BD:6A:99:96:45:31:30:BC:3D:F7:A6:D5:58:4D:C5:78:A7
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/lz1AvWqZlkUxMLw996bVWE3FeKc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.77.0/24
192.162.100.0/22
193.0.200.0/24
193.0.203.0/24
193.168.226.0/24
194.63.140.0/22
Signature Algorithm: sha256WithRSAEncryption
a4:c9:64:ab:7b:fb:8c:38:3d:f6:29:10:6a:3f:ea:c9:94:91:
7b:c6:97:ed:4f:c9:19:d9:c0:9d:44:b3:29:f3:0f:eb:0a:9f:
ba:e4:ef:90:30:10:b6:71:4f:1a:de:dc:8c:1c:cc:9e:72:0a:
9f:3e:fd:07:84:58:20:7b:0e:10:15:f9:ca:67:95:23:fa:1f:
f1:66:9b:e1:90:12:26:2a:95:c9:a4:12:b8:7b:24:b9:b6:7e:
38:b1:67:15:00:4b:f5:da:74:de:62:41:15:cf:c4:71:58:63:
e3:a6:16:69:85:91:fa:cc:79:ee:46:b9:e6:9e:26:7d:f2:f9:
78:46:04:60:4f:07:4b:27:4f:07:7d:9e:dc:90:b9:35:89:5e:
39:a7:5a:3b:c3:c5:92:89:52:7c:f6:be:53:dd:5a:ef:14:bb:
da:74:20:0d:1d:34:a1:b9:3a:2f:32:27:25:04:7d:2e:da:b0:
6e:ad:a8:90:c5:e1:9a:b1:39:72:44:56:85:b8:5e:e9:e1:18:
b6:0a:b3:0a:ef:3e:4e:ee:c4:b2:06:e3:a9:dd:71:e4:48:e7:
3e:86:9d:47:d5:75:00:b7:c6:f9:29:b2:93:da:6c:11:13:eb:
4b:06:d2:e5:4e:d9:5f:0e:02:5b:f7:b1:56:4a:ac:ac:a8:36:
b0:db:51:7b
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzI37KrGCsC8Xj34JV++IAqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjQwMTAyMDYzMjMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzNkNDBiZDZhOTk5NjQ1MzEzMGJjM2RmN2E2ZDU1ODRkYzU3OGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz/0ObtjOvEMbWNT99Vlwchr3gEIK
134XyLp3KK1JUaOgceUBRAEfQDEUWmUlxUuPE0vrxa5aJboUEEMiWKdgvb8uI+5d
09CyG4EXJCDdGKVa/ZPx3fiBWBzYoB9w0pdSJmC4jTR/lzOT6c1l5KkNmQNdNIvL
PD6+PfYiQgiycS5DpIrgtmGQ9LWlPKZHR6rShBvkFHqjOP1diprNwVbCbBEh82EC
95i1YrP1HOuHnqs4I26MTJOZt1l/mUejdEaY8Y8zfYk3IWmtz152xhwe3rYaLJFz
5Umes+riSvdnSnKnEZcX/LszSN9AOtc+sgtLUZ+tAZOk7j5iV7gYQ8qLRwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJc9QL1qmZZFMTC8Pfem1VhNxXinMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvbHoxQXZXcVpsa1V4TUx3OTk2YlZXRTNGZUtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAW9lNAwQC
wKJkAwQAwQDIAwQAwQDLAwQAwajiAwQCwj+MMA0GCSqGSIb3DQEBCwUAA4IBAQCk
yWSre/uMOD32KRBqP+rJlJF7xpftT8kZ2cCdRLMp8w/rCp+65O+QMBC2cU8a3tyM
HMyecgqfPv0HhFggew4QFfnKZ5Uj+h/xZpvhkBImKpXJpBK4eyS5tn44sWcVAEv1
2nTeYkEVz8RxWGPjphZphZH6zHnuRrnmniZ98vl4RgRgTwdLJ08HfZ7ckLk1iV45
p1o7w8WSiVJ89r5T3VrvFLvadCANHTShuTovMiclBH0u2rBuraiQxeGasTlyRFaF
uF7p4Ri2CrMK7z5O7sSyBuOp3XHkSOc+hp1H1XUAt8b5KbKT2mwRE+tLBtLlTtlf
DgJb97FWSqysqDaw21F7
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:41:58 2024 by rpki-client on console-ams.rpki-client.org