Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/94b66e-3e0d-4332-ab4f-770f8eab2ae7/1/LAm09GnL6fIsW1Z0hzjaW9pMDmA.roa
File: LAm09GnL6fIsW1Z0hzjaW9pMDmA.roa (raw, json)
Hash identifier: EQ8/uFuZdjAxOS160nC0Pt6qcalBzWUGsZF4gNeJL3E=
Subject key identifier: 2C:09:B4:F4:69:CB:E9:F2:2C:5B:56:74:87:38:DA:5B:DA:4C:0E:60
Certificate issuer: /CN=6832c32d2259013991260d530d9120031aaefcd0
Certificate serial: 018CC348F0B2E468E884AB559818A6F2B04F
Authority key identifier: 68:32:C3:2D:22:59:01:39:91:26:0D:53:0D:91:20:03:1A:AE:FC:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aDLDLSJZATmRJg1TDZEgAxqu_NA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/94b66e-3e0d-4332-ab4f-770f8eab2ae7/1/LAm09GnL6fIsW1Z0hzjaW9pMDmA.roa
Signing time: Mon 01 Jan 2024 04:29:46 +0000
ROA not before: Mon 01 Jan 2024 04:29:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 145.46.168.0/24 maxlen: 24
145.46.170.0/24 maxlen: 24
145.46.169.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/94b66e-3e0d-4332-ab4f-770f8eab2ae7/1/aDLDLSJZATmRJg1TDZEgAxqu_NA.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/94b66e-3e0d-4332-ab4f-770f8eab2ae7/1/aDLDLSJZATmRJg1TDZEgAxqu_NA.mft
rsync://rpki.ripe.net/repository/DEFAULT/aDLDLSJZATmRJg1TDZEgAxqu_NA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:f0:b2:e4:68:e8:84:ab:55:98:18:a6:f2:b0:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6832c32d2259013991260d530d9120031aaefcd0
Validity
Not Before: Jan 1 04:29:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2c09b4f469cbe9f22c5b56748738da5bda4c0e60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:e0:4b:ef:12:67:39:ab:49:3f:54:2d:0c:bb:
53:05:a2:7b:75:6f:94:93:74:3c:0f:af:f9:ad:7b:
5f:bb:83:5e:57:bf:3a:fc:68:d8:05:29:5b:8a:cb:
39:5d:99:4c:c5:b1:68:ac:65:45:bd:5a:3c:8d:f4:
c0:95:83:a9:f5:1e:39:0e:bf:a1:89:c1:b6:aa:5b:
ef:7c:20:5e:80:29:bf:b1:1b:7a:56:00:ab:67:d7:
98:09:19:54:7c:ed:1b:e0:bd:24:d3:ad:bc:bf:e7:
bf:b9:8f:cf:cd:27:aa:cd:3a:a1:03:13:90:22:76:
d0:d1:70:92:0c:fc:d3:9f:db:9a:77:6d:bc:2a:99:
2e:c0:df:18:7f:6b:bd:10:f1:a5:59:e8:a5:4b:94:
4c:16:8a:c0:23:75:cb:30:f0:59:28:1a:4b:95:38:
1c:d3:52:d6:33:85:62:fb:90:eb:3b:ab:8a:1e:f7:
79:16:5b:6e:04:78:36:e1:6e:6b:b3:fe:49:d9:69:
05:04:66:97:c4:fe:b0:90:a7:dc:43:e7:99:c8:fa:
1e:49:fd:26:83:2f:7d:32:d0:20:ed:c2:ae:2a:13:
d5:f8:29:da:ab:b3:25:f8:32:0a:28:e4:42:86:5b:
c4:03:7c:5b:01:40:93:30:da:12:e3:7b:79:c3:5c:
8f:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:09:B4:F4:69:CB:E9:F2:2C:5B:56:74:87:38:DA:5B:DA:4C:0E:60
X509v3 Authority Key Identifier:
keyid:68:32:C3:2D:22:59:01:39:91:26:0D:53:0D:91:20:03:1A:AE:FC:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aDLDLSJZATmRJg1TDZEgAxqu_NA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/94b66e-3e0d-4332-ab4f-770f8eab2ae7/1/LAm09GnL6fIsW1Z0hzjaW9pMDmA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/94b66e-3e0d-4332-ab4f-770f8eab2ae7/1/aDLDLSJZATmRJg1TDZEgAxqu_NA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.46.168.0-145.46.170.255
Signature Algorithm: sha256WithRSAEncryption
7d:48:86:3c:e9:6e:51:e3:71:48:9e:ed:40:25:cb:48:da:5a:
02:07:57:6f:1d:8d:d3:ff:e3:15:48:e0:00:24:95:3d:91:8f:
e2:72:4c:1e:55:05:3e:a5:e5:8d:42:f6:5d:27:d1:ee:fa:c3:
1f:89:e1:40:59:5d:90:97:af:70:e3:68:a2:3d:6d:df:25:e6:
47:b4:41:e0:30:6c:e9:99:d1:48:cf:7a:3b:91:06:7b:df:f4:
fb:7f:61:e3:58:62:92:47:a9:06:a7:68:b0:22:dc:93:b6:95:
55:95:b4:63:55:56:f9:7f:69:90:12:62:4f:a7:77:dc:9d:c9:
52:7f:1a:e8:6a:79:22:c2:bf:59:0d:03:d7:08:d1:c5:e7:73:
08:6d:50:5f:3d:c6:1c:84:b0:08:e3:f5:52:a1:94:17:ae:02:
ee:14:75:21:c7:c9:57:9d:4f:fd:af:80:0f:e0:a0:07:fd:ce:
6e:25:f3:3b:34:d4:cb:d2:8d:6c:6c:69:0e:6e:70:f4:00:47:
8f:1d:b1:93:7e:01:a2:c4:76:0a:f5:d2:f1:d6:19:10:57:24:
29:e4:41:47:49:8e:cc:e5:84:aa:49:ab:80:0e:a4:d6:4d:3d:
8d:ee:e9:e5:43:10:7f:a1:05:19:1a:17:6d:55:7a:9f:2d:27:
ac:44:45:e0
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzDSPCy5GjohKtVmBim8rBPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MzJjMzJkMjI1OTAxMzk5MTI2MGQ1MzBkOTEyMDAzMWFh
ZWZjZDAwHhcNMjQwMTAxMDQyOTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzA5YjRmNDY5Y2JlOWYyMmM1YjU2NzQ4NzM4ZGE1YmRhNGMwZTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiOBL7xJnOatJP1QtDLtTBaJ7dW+U
k3Q8D6/5rXtfu4NeV786/GjYBSlbiss5XZlMxbForGVFvVo8jfTAlYOp9R45Dr+h
icG2qlvvfCBegCm/sRt6VgCrZ9eYCRlUfO0b4L0k0628v+e/uY/PzSeqzTqhAxOQ
InbQ0XCSDPzTn9uad228KpkuwN8Yf2u9EPGlWeilS5RMForAI3XLMPBZKBpLlTgc
01LWM4Vi+5DrO6uKHvd5FltuBHg24W5rs/5J2WkFBGaXxP6wkKfcQ+eZyPoeSf0m
gy99MtAg7cKuKhPV+Cnaq7Ml+DIKKORChlvEA3xbAUCTMNoS43t5w1yPXQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFCwJtPRpy+nyLFtWdIc42lvaTA5gMB8GA1UdIwQY
MBaAFGgywy0iWQE5kSYNUw2RIAMarvzQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYURMRExTSlpBVG1SSmcxVERaRWdBeHF1X05BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC85NGI2NmUtM2UwZC00MzMyLWFiNGYt
NzcwZjhlYWIyYWU3LzEvTEFtMDlHbkw2ZklzVzFaMGh6amFXOXBNRG1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC85NGI2NmUtM2UwZC00MzMyLWFiNGYtNzcwZjhlYWIyYWU3
LzEvYURMRExTSlpBVG1SSmcxVERaRWdBeHF1X05BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAORLqgD
BACRLqowDQYJKoZIhvcNAQELBQADggEBAH1IhjzpblHjcUie7UAly0jaWgIHV28d
jdP/4xVI4AAklT2Rj+JyTB5VBT6l5Y1C9l0n0e76wx+J4UBZXZCXr3DjaKI9bd8l
5ke0QeAwbOmZ0UjPejuRBnvf9Pt/YeNYYpJHqQanaLAi3JO2lVWVtGNVVvl/aZAS
Yk+nd9ydyVJ/GuhqeSLCv1kNA9cI0cXncwhtUF89xhyEsAjj9VKhlBeuAu4UdSHH
yVedT/2vgA/goAf9zm4l8zs01MvSjWxsaQ5ucPQAR48dsZN+AaLEdgr10vHWGRBX
JCnkQUdJjszlhKpJq4AOpNZNPY3u6eVDEH+hBRkaF21Vep8tJ6xEReA=
-----END CERTIFICATE-----
Generated at Thu May 2 16:27:00 2024 by rpki-client on console-fra.rpki-client.org