Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/74940a-d9fa-4552-be5c-a7ade434d451/1/lbe52AgaCXNAj9v__wXp76OOkUE.roa
File: lbe52AgaCXNAj9v__wXp76OOkUE.roa (raw, json)
Hash identifier: tfA091EL0ijBDoY6qxLtCOmO+o84EcH8zhetLlPQOII=
Subject key identifier: 95:B7:B9:D8:08:1A:09:73:40:8F:DB:FF:FF:05:E9:EF:A3:8E:91:41
Certificate issuer: /CN=beb12ce6a91030e27d5abad146df27bc2880652b
Certificate serial: 018CC72660FDE0BE2D0D7DAE9AAAD7C8E9DF
Authority key identifier: BE:B1:2C:E6:A9:10:30:E2:7D:5A:BA:D1:46:DF:27:BC:28:80:65:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vrEs5qkQMOJ9WrrRRt8nvCiAZSs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/74940a-d9fa-4552-be5c-a7ade434d451/1/lbe52AgaCXNAj9v__wXp76OOkUE.roa
Signing time: Mon 01 Jan 2024 22:30:30 +0000
ROA not before: Mon 01 Jan 2024 22:30:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42705
IP address blocks: 193.186.199.0/24 maxlen: 24
5.11.23.0/24 maxlen: 24
5.11.20.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/74940a-d9fa-4552-be5c-a7ade434d451/1/vrEs5qkQMOJ9WrrRRt8nvCiAZSs.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/74940a-d9fa-4552-be5c-a7ade434d451/1/vrEs5qkQMOJ9WrrRRt8nvCiAZSs.mft
rsync://rpki.ripe.net/repository/DEFAULT/vrEs5qkQMOJ9WrrRRt8nvCiAZSs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 00:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:60:fd:e0:be:2d:0d:7d:ae:9a:aa:d7:c8:e9:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=beb12ce6a91030e27d5abad146df27bc2880652b
Validity
Not Before: Jan 1 22:30:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=95b7b9d8081a0973408fdbffff05e9efa38e9141
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:6f:ce:51:7a:8d:82:9b:c4:4d:7b:b4:ce:89:
ec:94:01:8b:03:01:ef:c5:e6:c4:64:51:f3:96:0f:
58:99:69:64:7d:03:1c:73:90:48:72:74:c4:62:ca:
05:44:ea:96:a5:88:40:01:38:7d:1d:3b:a9:7d:a1:
4a:fa:1f:c3:a8:19:8f:80:f4:a7:dd:55:c5:df:07:
1d:83:8d:cd:4a:bd:08:9d:5d:dc:08:7b:bb:68:1b:
be:1e:24:ca:0a:fa:00:ee:f4:59:e3:6a:01:e3:84:
5b:53:56:da:99:5e:05:c4:a2:2c:18:4b:3c:bf:e9:
bf:01:a8:3a:b4:51:b8:2e:f9:0a:2f:82:2c:e9:31:
de:51:79:b0:07:6a:ae:57:a1:a3:2d:6a:cb:51:2b:
35:97:2b:a2:09:2e:4f:23:15:05:41:12:a4:e4:3a:
74:23:c8:d2:fd:3b:a8:55:ec:15:56:f4:01:37:93:
b1:dc:e6:ca:68:0c:36:63:7b:2d:b9:3d:e2:fc:0c:
60:fa:46:f0:1e:d6:66:5d:fc:b5:1d:7d:eb:09:b6:
32:bc:fc:b9:99:7c:0a:8a:11:6d:8a:8e:ae:48:ae:
b1:3e:f7:2f:98:66:97:7f:eb:43:88:59:70:21:34:
42:22:1f:85:ab:bf:e4:99:75:fa:35:ee:dc:9c:2b:
60:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:B7:B9:D8:08:1A:09:73:40:8F:DB:FF:FF:05:E9:EF:A3:8E:91:41
X509v3 Authority Key Identifier:
keyid:BE:B1:2C:E6:A9:10:30:E2:7D:5A:BA:D1:46:DF:27:BC:28:80:65:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vrEs5qkQMOJ9WrrRRt8nvCiAZSs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/74940a-d9fa-4552-be5c-a7ade434d451/1/lbe52AgaCXNAj9v__wXp76OOkUE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/74940a-d9fa-4552-be5c-a7ade434d451/1/vrEs5qkQMOJ9WrrRRt8nvCiAZSs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.11.20.0/24
5.11.23.0/24
193.186.199.0/24
Signature Algorithm: sha256WithRSAEncryption
53:e2:fa:e2:6b:75:d9:74:59:4b:0e:1f:33:7b:7e:85:12:64:
b3:cc:ec:d6:ba:be:4c:66:6b:3e:92:27:93:e3:59:b2:94:3f:
fb:14:d1:18:0c:c2:69:4c:d7:b3:45:85:68:05:f3:ac:c0:35:
20:56:c6:28:35:27:ef:a0:1e:3b:96:3a:d7:60:fb:15:74:cf:
a6:b4:3d:7c:11:31:39:91:8e:db:c4:e2:0c:44:3f:15:2b:aa:
62:f6:9c:98:90:13:3e:04:0e:07:6f:a0:04:a9:1e:92:7d:35:
77:68:a1:a9:8d:85:69:d1:d9:93:54:20:1f:79:b4:a2:29:df:
bc:e2:55:ba:3d:98:ba:0d:c1:f7:44:8f:dc:dc:7a:73:2e:82:
e6:6a:e9:32:a0:11:0c:05:5d:3b:56:8a:36:bc:cb:fc:0c:16:
ab:ea:69:42:f1:66:e7:da:8a:fe:5a:52:0e:f3:83:7d:92:c0:
b9:3a:1c:9d:8f:81:c3:28:3f:a8:8b:01:99:21:35:d8:c7:9c:
86:7d:51:de:dd:7f:e0:fc:0c:20:2e:b4:84:c0:3d:9f:8b:d9:
c6:d4:e9:45:00:34:8b:c8:0b:1e:f8:1d:8f:62:7c:d5:4d:82:
b7:1c:39:16:47:5e:b3:5f:74:8f:0c:72:cb:b6:b5:ed:b5:fc:
75:a2:0b:b3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzHJmD94L4tDX2umqrXyOnfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlYjEyY2U2YTkxMDMwZTI3ZDVhYmFkMTQ2ZGYyN2JjMjg4
MDY1MmIwHhcNMjQwMTAxMjIzMDMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWI3YjlkODA4MWEwOTczNDA4ZmRiZmZmZjA1ZTllZmEzOGU5MTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgG/OUXqNgpvETXu0zonslAGLAwHv
xebEZFHzlg9YmWlkfQMcc5BIcnTEYsoFROqWpYhAATh9HTupfaFK+h/DqBmPgPSn
3VXF3wcdg43NSr0InV3cCHu7aBu+HiTKCvoA7vRZ42oB44RbU1bamV4FxKIsGEs8
v+m/Aag6tFG4LvkKL4Is6THeUXmwB2quV6GjLWrLUSs1lyuiCS5PIxUFQRKk5Dp0
I8jS/TuoVewVVvQBN5Ox3ObKaAw2Y3stuT3i/Axg+kbwHtZmXfy1HX3rCbYyvPy5
mXwKihFtio6uSK6xPvcvmGaXf+tDiFlwITRCIh+Fq7/kmXX6Ne7cnCtggQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJW3udgIGglzQI/b//8F6e+jjpFBMB8GA1UdIwQY
MBaAFL6xLOapEDDifVq60UbfJ7wogGUrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdnJFczVxa1FNT0o5V3JyUlJ0OG52Q2lBWlNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC83NDk0MGEtZDlmYS00NTUyLWJlNWMt
YTdhZGU0MzRkNDUxLzEvbGJlNTJBZ2FDWE5Bajl2X193WHA3Nk9Pa1VFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC83NDk0MGEtZDlmYS00NTUyLWJlNWMtYTdhZGU0MzRkNDUx
LzEvdnJFczVxa1FNT0o5V3JyUlJ0OG52Q2lBWlNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABQsUAwQA
BQsXAwQAwbrHMA0GCSqGSIb3DQEBCwUAA4IBAQBT4vria3XZdFlLDh8ze36FEmSz
zOzWur5MZms+kieT41mylD/7FNEYDMJpTNezRYVoBfOswDUgVsYoNSfvoB47ljrX
YPsVdM+mtD18ETE5kY7bxOIMRD8VK6pi9pyYkBM+BA4Hb6AEqR6SfTV3aKGpjYVp
0dmTVCAfebSiKd+84lW6PZi6DcH3RI/c3HpzLoLmaukyoBEMBV07Voo2vMv8DBar
6mlC8Wbn2or+WlIO84N9ksC5Ohydj4HDKD+oiwGZITXYx5yGfVHe3X/g/AwgLrSE
wD2fi9nG1OlFADSLyAse+B2PYnzVTYK3HDkWR16zX3SPDHLLtrXttfx1oguz
-----END CERTIFICATE-----
Generated at Sat Nov 23 07:50:17 2024 by rpki-client on console-ams.rpki-client.org