Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/LnAfweg2i1k0JVlJ8-EEU9vTt_U.roa
File: LnAfweg2i1k0JVlJ8-EEU9vTt_U.roa (raw, json)
Hash identifier: kPIAT03NXx7e4mGXPM+0Sv2Z3AjLTurel6w7BAaHk08=
Subject key identifier: 2E:70:1F:C1:E8:36:8B:59:34:25:59:49:F3:E1:04:53:DB:D3:B7:F5
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018CC8029514741848291FA37791F87DBA10
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/LnAfweg2i1k0JVlJ8-EEU9vTt_U.roa
Signing time: Tue 02 Jan 2024 02:31:01 +0000
ROA not before: Tue 02 Jan 2024 02:31:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211936
IP address blocks: 45.147.227.0/24 maxlen: 24
185.238.229.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:95:14:74:18:48:29:1f:a3:77:91:f8:7d:ba:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 2 02:31:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2e701fc1e8368b5934255949f3e10453dbd3b7f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:ea:2e:67:2e:7f:82:b3:be:42:ad:37:59:c4:
e7:a0:a9:85:7f:a6:e5:f2:a7:93:28:46:4a:c6:c5:
ae:c8:2e:fb:6a:53:23:a4:03:05:29:2e:d6:23:9c:
59:b0:8f:f7:1e:5b:66:f8:bb:01:58:f2:6a:d3:6a:
45:4b:da:f1:1a:37:66:04:42:35:4f:77:d7:8d:50:
8d:1b:07:cd:8f:08:9c:d9:48:16:25:8e:af:ce:49:
84:f4:20:9f:9a:f2:a5:ea:38:72:04:ac:92:e6:0b:
14:45:74:ba:b8:e3:39:38:63:dc:4d:40:3e:56:68:
1e:ed:5a:98:57:e3:f5:c1:eb:27:71:c9:4f:55:39:
b3:22:33:73:04:c6:37:de:9b:64:6e:f9:f8:b4:85:
c7:bf:b3:b9:3c:ca:e0:c8:04:91:af:9e:be:cd:a9:
89:29:58:19:d1:89:ab:83:ed:be:8f:64:7f:d3:e3:
6c:6e:ad:09:c5:c8:3a:78:44:09:b4:49:ae:fa:6d:
6e:61:b8:75:aa:7a:59:fd:b4:a2:6d:23:b8:af:1f:
61:cf:0c:88:1e:33:53:99:17:77:9e:ee:ea:8d:d7:
3d:0e:db:37:22:d4:dd:07:d6:a7:12:80:26:04:df:
4d:1c:37:85:3e:6f:91:46:3c:8f:ec:b8:00:56:db:
aa:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:70:1F:C1:E8:36:8B:59:34:25:59:49:F3:E1:04:53:DB:D3:B7:F5
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/LnAfweg2i1k0JVlJ8-EEU9vTt_U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.227.0/24
185.238.229.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:ce:f1:b6:12:cc:97:39:cb:8d:30:d9:39:ca:37:c2:91:0d:
9c:54:d1:db:fd:99:ee:e6:75:2a:1b:aa:d4:b2:3f:ee:98:62:
b1:ff:ae:16:d4:a4:c2:45:10:db:ec:b4:67:a1:84:83:86:b2:
c7:f3:7c:6e:d8:ee:43:20:f1:7d:c1:6f:4c:a2:5b:e9:e9:17:
6c:89:49:ea:99:7e:64:83:07:b3:d1:c3:6d:31:80:d9:3b:78:
0b:27:99:db:21:d1:f3:6e:fc:67:4b:c5:3f:0c:63:10:18:04:
d0:14:b3:8c:1c:99:6a:9f:3c:5d:8e:34:41:30:e1:4b:f5:50:
41:a8:62:a4:24:23:d9:c1:e5:68:81:55:b8:7a:41:7a:f5:20:
15:00:e2:76:0e:cf:8b:3a:67:1b:cb:68:5e:6d:57:3d:69:d4:
7a:38:08:7f:a2:19:59:29:d2:86:63:b2:be:a4:81:ce:a6:94:
11:33:56:cc:d2:2d:a0:06:bf:4a:a9:d6:42:59:ba:0b:eb:6d:
34:56:9a:50:e7:91:bd:e0:c4:30:db:17:03:c8:0a:4b:16:28:
f2:43:96:a4:ce:43:94:c6:00:03:cd:fc:49:b6:d3:a9:9e:bf:
17:46:93:7f:16:54:73:85:dd:d8:e1:35:82:4e:e1:1d:20:50:
33:6c:25:a3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIApUUdBhIKR+jd5H4fboQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwMTAyMDIzMTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTcwMWZjMWU4MzY4YjU5MzQyNTU5NDlmM2UxMDQ1M2RiZDNiN2Y1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxuouZy5/grO+Qq03WcTnoKmFf6bl
8qeTKEZKxsWuyC77alMjpAMFKS7WI5xZsI/3Hltm+LsBWPJq02pFS9rxGjdmBEI1
T3fXjVCNGwfNjwic2UgWJY6vzkmE9CCfmvKl6jhyBKyS5gsURXS6uOM5OGPcTUA+
Vmge7VqYV+P1wesncclPVTmzIjNzBMY33ptkbvn4tIXHv7O5PMrgyASRr56+zamJ
KVgZ0Ymrg+2+j2R/0+Nsbq0Jxcg6eEQJtEmu+m1uYbh1qnpZ/bSibSO4rx9hzwyI
HjNTmRd3nu7qjdc9Dts3ItTdB9anEoAmBN9NHDeFPm+RRjyP7LgAVtuqewIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFC5wH8HoNotZNCVZSfPhBFPb07f1MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvTG5BZndlZzJpMWswSlZsSjgtRUVVOXZUdF9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZPjAwQA
ue7lMA0GCSqGSIb3DQEBCwUAA4IBAQB6zvG2EsyXOcuNMNk5yjfCkQ2cVNHb/Znu
5nUqG6rUsj/umGKx/64W1KTCRRDb7LRnoYSDhrLH83xu2O5DIPF9wW9Molvp6Rds
iUnqmX5kgwez0cNtMYDZO3gLJ5nbIdHzbvxnS8U/DGMQGATQFLOMHJlqnzxdjjRB
MOFL9VBBqGKkJCPZweVogVW4ekF69SAVAOJ2Ds+LOmcby2hebVc9adR6OAh/ohlZ
KdKGY7K+pIHOppQRM1bM0i2gBr9KqdZCWboL6200VppQ55G94MQw2xcDyApLFijy
Q5akzkOUxgADzfxJttOpnr8XRpN/FlRzhd3Y4TWCTuEdIFAzbCWj
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:27:30 2024 by rpki-client on console-ams.rpki-client.org