Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/lcOTo4ScTg8b-c7XX9Dv9XcdIDQ.roa
File: lcOTo4ScTg8b-c7XX9Dv9XcdIDQ.roa (raw, json)
Hash identifier: bOuv1PNys97/geyGQQKbN74k7Kxxr0ZJUCSjvXz4Vpk=
Subject key identifier: 95:C3:93:A3:84:9C:4E:0F:1B:F9:CE:D7:5F:D0:EF:F5:77:1D:20:34
Certificate issuer: /CN=851d4e34d4e48539c170451d4e26138887f6e922
Certificate serial: 018CC9BB9AB00EC0BB48E4E45DB72EB68DC9
Authority key identifier: 85:1D:4E:34:D4:E4:85:39:C1:70:45:1D:4E:26:13:88:87:F6:E9:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hR1ONNTkhTnBcEUdTiYTiIf26SI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/lcOTo4ScTg8b-c7XX9Dv9XcdIDQ.roa
Signing time: Tue 02 Jan 2024 10:32:44 +0000
ROA not before: Tue 02 Jan 2024 10:32:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41960
IP address blocks: 45.129.144.0/22 maxlen: 24
185.249.40.0/22 maxlen: 24
2a0e:5b40::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/hR1ONNTkhTnBcEUdTiYTiIf26SI.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/hR1ONNTkhTnBcEUdTiYTiIf26SI.mft
rsync://rpki.ripe.net/repository/DEFAULT/hR1ONNTkhTnBcEUdTiYTiIf26SI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:9a:b0:0e:c0:bb:48:e4:e4:5d:b7:2e:b6:8d:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=851d4e34d4e48539c170451d4e26138887f6e922
Validity
Not Before: Jan 2 10:32:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=95c393a3849c4e0f1bf9ced75fd0eff5771d2034
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:1c:0a:1c:1a:6f:a3:0d:28:d5:27:10:50:54:
56:69:cc:df:97:8c:42:74:76:9c:c7:c8:0e:94:34:
a0:5e:97:07:36:ea:5e:ca:f9:f1:cc:5c:c9:8e:36:
51:cb:b7:12:47:74:40:67:6f:43:a0:e3:a4:77:6d:
c6:72:bc:46:44:4d:e0:1c:83:aa:aa:3f:ae:69:d2:
62:60:9c:7a:e3:1c:f5:80:56:14:69:ec:53:5a:48:
12:27:65:8c:6b:a1:7f:ac:fa:a3:c3:1f:fa:55:2d:
15:be:df:5d:cf:6f:45:49:f9:d5:c8:62:1f:ff:92:
d1:0b:1e:e8:41:2d:74:9a:b4:c2:57:c5:30:af:60:
16:5d:f0:36:b4:80:71:d2:b9:22:50:1c:8c:59:68:
11:9f:78:8e:5d:44:fb:ca:9e:6a:73:36:e1:58:1c:
40:ea:8d:7e:ca:d7:45:ea:53:50:8e:ae:de:8e:57:
ff:56:7d:2f:cd:cd:a6:b5:ba:02:c6:10:a9:e1:27:
8c:3c:21:6e:b4:45:27:6b:15:ea:06:31:68:36:71:
35:36:1d:58:70:ce:c9:a8:15:b0:32:82:ef:2c:99:
86:13:dc:d0:36:16:50:a6:7d:ad:ef:ba:87:ba:70:
67:94:97:d5:53:d4:e6:22:57:67:6b:9a:12:1d:df:
3a:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:C3:93:A3:84:9C:4E:0F:1B:F9:CE:D7:5F:D0:EF:F5:77:1D:20:34
X509v3 Authority Key Identifier:
keyid:85:1D:4E:34:D4:E4:85:39:C1:70:45:1D:4E:26:13:88:87:F6:E9:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hR1ONNTkhTnBcEUdTiYTiIf26SI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/lcOTo4ScTg8b-c7XX9Dv9XcdIDQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/hR1ONNTkhTnBcEUdTiYTiIf26SI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.144.0/22
185.249.40.0/22
IPv6:
2a0e:5b40::/29
Signature Algorithm: sha256WithRSAEncryption
5e:2a:08:3e:2a:5e:f7:00:74:06:1b:f8:c1:73:31:88:a4:8d:
3b:e1:ca:2c:b5:f0:f4:0e:10:00:50:9b:60:a4:4b:b0:d5:a4:
6d:93:7d:8b:d2:4a:9d:bf:11:5c:95:a5:91:22:ee:6d:f0:c1:
0b:d7:79:d1:3a:1c:3a:1f:d1:38:b3:11:3b:a9:c7:2b:55:23:
ae:51:ce:4e:01:52:d7:6e:c4:ec:be:60:6a:36:a6:74:0b:c4:
4c:74:37:ae:2f:fc:d5:1b:e7:0c:57:cd:ee:fa:cf:99:da:6d:
d3:f3:a8:75:d4:33:dd:0f:04:00:f4:49:57:09:7e:2b:02:2c:
ab:37:20:1f:f1:24:8d:5c:c8:94:93:0e:71:03:4b:7b:0f:e0:
bf:1c:f2:7f:3e:d9:7a:11:3f:90:81:42:d9:57:4b:81:27:8c:
6a:9f:2a:23:4a:0b:3a:91:9b:35:fc:bd:24:42:ec:5b:fc:c4:
d0:a1:3e:e5:6f:6f:01:ac:3c:1c:93:ef:5b:b3:bf:3a:8b:05:
a7:38:6a:b5:14:dc:47:23:1f:b1:c8:5c:a5:7e:a5:38:e0:6a:
60:38:da:ab:dd:10:dd:b6:b9:8a:5c:28:78:b7:2f:2f:ea:f6:
fc:59:24:be:54:2d:b6:78:5a:3e:e3:c4:0b:ca:28:aa:99:fb:
68:a2:ba:cf
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzJu5qwDsC7SOTkXbcuto3JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MWQ0ZTM0ZDRlNDg1MzljMTcwNDUxZDRlMjYxMzg4ODdm
NmU5MjIwHhcNMjQwMTAyMTAzMjQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWMzOTNhMzg0OWM0ZTBmMWJmOWNlZDc1ZmQwZWZmNTc3MWQyMDM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlBwKHBpvow0o1ScQUFRWaczfl4xC
dHacx8gOlDSgXpcHNupeyvnxzFzJjjZRy7cSR3RAZ29DoOOkd23GcrxGRE3gHIOq
qj+uadJiYJx64xz1gFYUaexTWkgSJ2WMa6F/rPqjwx/6VS0Vvt9dz29FSfnVyGIf
/5LRCx7oQS10mrTCV8Uwr2AWXfA2tIBx0rkiUByMWWgRn3iOXUT7yp5qczbhWBxA
6o1+ytdF6lNQjq7ejlf/Vn0vzc2mtboCxhCp4SeMPCFutEUnaxXqBjFoNnE1Nh1Y
cM7JqBWwMoLvLJmGE9zQNhZQpn2t77qHunBnlJfVU9TmIldna5oSHd86yQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJXDk6OEnE4PG/nO11/Q7/V3HSA0MB8GA1UdIwQY
MBaAFIUdTjTU5IU5wXBFHU4mE4iH9ukiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFIxT05OVGtoVG5CY0VVZFRpWVRpSWYyNlNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9iZjE1ODktNmFkZi00NGIzLTk3NDYt
ODFjNDA1NTE0OGUwLzEvbGNPVG80U2NUZzhiLWM3WFg5RHY5WGNkSURRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9iZjE1ODktNmFkZi00NGIzLTk3NDYtODFjNDA1NTE0OGUw
LzEvaFIxT05OVGtoVG5CY0VVZFRpWVRpSWYyNlNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLYGQAwQC
ufkoMA0EAgACMAcDBQMqDltAMA0GCSqGSIb3DQEBCwUAA4IBAQBeKgg+Kl73AHQG
G/jBczGIpI074costfD0DhAAUJtgpEuw1aRtk32L0kqdvxFclaWRIu5t8MEL13nR
Ohw6H9E4sxE7qccrVSOuUc5OAVLXbsTsvmBqNqZ0C8RMdDeuL/zVG+cMV83u+s+Z
2m3T86h11DPdDwQA9ElXCX4rAiyrNyAf8SSNXMiUkw5xA0t7D+C/HPJ/Ptl6ET+Q
gULZV0uBJ4xqnyojSgs6kZs1/L0kQuxb/MTQoT7lb28BrDwck+9bs786iwWnOGq1
FNxHIx+xyFylfqU44GpgONqr3RDdtrmKXCh4ty8v6vb8WSS+VC22eFo+48QLyiiq
mftoorrP
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:39:58 2024 by rpki-client on console-fra.rpki-client.org