Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/0df28d-924d-4b4e-94b8-824ffc6942f4/1/lEheX6dz9U-BByINJMk6nEh5p7w.roa
File: lEheX6dz9U-BByINJMk6nEh5p7w.roa (raw, json)
Hash identifier: LU3LLCoUqfV+tqkFTNz+Z0E/RXSoquB45VKhUmEyrPw=
Subject key identifier: 94:48:5E:5F:A7:73:F5:4F:81:07:22:0D:24:C9:3A:9C:48:79:A7:BC
Certificate issuer: /CN=d689cb71891c6d94bd9e6f14f16e7e37c2c728bf
Certificate serial: 0192D9C93D134D77ADAD19F25EF46F23D6E2
Authority key identifier: D6:89:CB:71:89:1C:6D:94:BD:9E:6F:14:F1:6E:7E:37:C2:C7:28:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1onLcYkcbZS9nm8U8W5-N8LHKL8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/0df28d-924d-4b4e-94b8-824ffc6942f4/1/lEheX6dz9U-BByINJMk6nEh5p7w.roa
Signing time: Tue 29 Oct 2024 19:38:17 +0000
ROA not before: Tue 29 Oct 2024 19:38:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203448
IP address blocks: 185.134.172.0/22 maxlen: 24
185.134.172.0/24 maxlen: 24
185.134.173.0/24 maxlen: 24
185.134.174.0/24 maxlen: 24
2a0d:40c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/0df28d-924d-4b4e-94b8-824ffc6942f4/1/1onLcYkcbZS9nm8U8W5-N8LHKL8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d7/0df28d-924d-4b4e-94b8-824ffc6942f4/1/1onLcYkcbZS9nm8U8W5-N8LHKL8.mft
rsync://rpki.ripe.net/repository/DEFAULT/1onLcYkcbZS9nm8U8W5-N8LHKL8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 19:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:d9:c9:3d:13:4d:77:ad:ad:19:f2:5e:f4:6f:23:d6:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d689cb71891c6d94bd9e6f14f16e7e37c2c728bf
Validity
Not Before: Oct 29 19:38:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=94485e5fa773f54f8107220d24c93a9c4879a7bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:3a:1b:e2:33:31:81:ff:86:bc:f8:61:e5:9b:
d4:1c:ec:93:ae:e8:92:59:e4:e9:38:50:7b:cf:ba:
9b:7b:c3:11:48:7b:6b:d3:88:78:3e:9f:c5:e0:aa:
4b:d0:e7:51:af:7a:6e:a8:fc:1d:11:79:3c:39:b9:
c0:1a:31:ab:72:cd:7b:88:5e:36:cb:ff:a4:eb:a4:
59:0d:bc:b8:bb:72:64:da:b8:f5:ff:31:64:64:83:
3d:69:33:c5:a7:0b:01:fd:6b:ba:da:d8:17:17:d8:
98:81:61:e5:ae:17:d8:84:3a:c0:b9:39:d7:84:22:
66:21:fb:c7:04:4a:42:3b:dd:33:ef:39:6e:be:83:
e8:07:61:5e:f4:57:c8:b3:e6:67:71:b5:2e:cb:2c:
65:93:b6:de:93:2f:ec:02:45:f9:b9:f0:fd:6e:ab:
a9:ab:de:3b:46:62:86:04:df:95:85:ae:b0:a5:b8:
ea:51:ef:24:d9:59:b2:89:39:18:51:b3:6a:0d:c4:
e4:e5:91:03:77:b2:99:c1:0f:84:58:ec:f2:cf:f2:
90:fb:47:8b:0f:ec:b0:35:30:9a:2d:a6:36:4b:18:
f5:39:db:16:11:af:e8:be:bc:e3:23:da:fa:bc:b0:
56:88:4f:b2:a9:c4:ad:81:9c:4a:d5:9f:ed:af:44:
d3:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:48:5E:5F:A7:73:F5:4F:81:07:22:0D:24:C9:3A:9C:48:79:A7:BC
X509v3 Authority Key Identifier:
keyid:D6:89:CB:71:89:1C:6D:94:BD:9E:6F:14:F1:6E:7E:37:C2:C7:28:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1onLcYkcbZS9nm8U8W5-N8LHKL8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/0df28d-924d-4b4e-94b8-824ffc6942f4/1/lEheX6dz9U-BByINJMk6nEh5p7w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/0df28d-924d-4b4e-94b8-824ffc6942f4/1/1onLcYkcbZS9nm8U8W5-N8LHKL8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.134.172.0/22
IPv6:
2a0d:40c0::/32
Signature Algorithm: sha256WithRSAEncryption
0f:7b:4e:f2:1e:8f:af:d6:e3:51:3b:3c:d1:2b:3c:3a:b7:bd:
dc:15:82:48:6d:a7:99:5f:20:e2:fb:32:9d:e8:d1:37:da:da:
d7:66:e5:98:44:47:38:f1:e4:d5:30:a5:70:b1:96:db:cb:19:
b0:1c:c0:fe:85:ad:83:ba:c4:56:2a:bd:10:31:da:f5:ae:b3:
f2:cc:75:3c:56:c1:e1:bf:55:d1:22:5e:33:55:02:56:f6:b3:
fe:b0:d3:05:fb:db:e9:01:1b:d9:bd:bc:5f:90:94:e6:c1:2b:
ec:f2:5a:f9:af:ba:b9:60:3f:9f:46:f2:19:a9:03:92:d0:17:
b4:65:4c:f5:f2:93:18:a5:a9:b9:ae:91:61:80:cb:0c:f7:03:
7d:8d:d6:87:c6:ba:b3:a3:3c:a1:94:e6:f4:19:40:44:c5:92:
3a:ee:68:18:e1:9a:f2:c8:c3:d3:3b:b2:82:0f:c0:37:d8:73:
06:c2:98:5d:b2:40:0e:7a:c2:bf:3b:50:8c:84:e7:35:ce:cf:
05:f6:c9:93:36:a9:d1:f5:b2:4e:27:d3:d9:27:d3:39:ca:a2:
64:1a:2f:cb:c8:aa:0b:b8:19:87:45:b0:37:8b:d4:8e:50:b7:
33:ff:2c:d3:7d:cd:86:5b:35:2b:3d:c6:ee:b3:09:ee:84:91:
59:93:99:eb
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZLZyT0TTXetrRnyXvRvI9biMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2ODljYjcxODkxYzZkOTRiZDllNmYxNGYxNmU3ZTM3YzJj
NzI4YmYwHhcNMjQxMDI5MTkzODE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDQ4NWU1ZmE3NzNmNTRmODEwNzIyMGQyNGM5M2E5YzQ4NzlhN2JjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9job4jMxgf+GvPhh5ZvUHOyTruiS
WeTpOFB7z7qbe8MRSHtr04h4Pp/F4KpL0OdRr3puqPwdEXk8ObnAGjGrcs17iF42
y/+k66RZDby4u3Jk2rj1/zFkZIM9aTPFpwsB/Wu62tgXF9iYgWHlrhfYhDrAuTnX
hCJmIfvHBEpCO90z7zluvoPoB2Fe9FfIs+ZncbUuyyxlk7beky/sAkX5ufD9bqup
q947RmKGBN+Vha6wpbjqUe8k2VmyiTkYUbNqDcTk5ZEDd7KZwQ+EWOzyz/KQ+0eL
D+ywNTCaLaY2Sxj1OdsWEa/ovrzjI9r6vLBWiE+yqcStgZxK1Z/tr0TTswIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJRIXl+nc/VPgQciDSTJOpxIeae8MB8GA1UdIwQY
MBaAFNaJy3GJHG2UvZ5vFPFufjfCxyi/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMW9uTGNZa2NiWlM5bm04VThXNS1OOExIS0w4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy8wZGYyOGQtOTI0ZC00YjRlLTk0Yjgt
ODI0ZmZjNjk0MmY0LzEvbEVoZVg2ZHo5VS1CQnlJTkpNazZuRWg1cDd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy8wZGYyOGQtOTI0ZC00YjRlLTk0YjgtODI0ZmZjNjk0MmY0
LzEvMW9uTGNZa2NiWlM5bm04VThXNS1OOExIS0w4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYasMA0E
AgACMAcDBQAqDUDAMA0GCSqGSIb3DQEBCwUAA4IBAQAPe07yHo+v1uNROzzRKzw6
t73cFYJIbaeZXyDi+zKd6NE32trXZuWYREc48eTVMKVwsZbbyxmwHMD+ha2DusRW
Kr0QMdr1rrPyzHU8VsHhv1XRIl4zVQJW9rP+sNMF+9vpARvZvbxfkJTmwSvs8lr5
r7q5YD+fRvIZqQOS0Be0ZUz18pMYpam5rpFhgMsM9wN9jdaHxrqzozyhlOb0GUBE
xZI67mgY4ZryyMPTO7KCD8A32HMGwphdskAOesK/O1CMhOc1zs8F9smTNqnR9bJO
J9PZJ9M5yqJkGi/LyKoLuBmHRbA3i9SOULcz/yzTfc2GWzUrPcbuswnuhJFZk5nr
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:23:59 2024 by rpki-client on console-ams.rpki-client.org