Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/lpQJ0qgVLgSuy9rBbxxcGYhCyHI.roa
File: lpQJ0qgVLgSuy9rBbxxcGYhCyHI.roa (raw, json)
Hash identifier: WoCaTTJgXc93Rqn0Rd/9gOZautxVx5b3MaXCSXe5t4Y=
Subject key identifier: 96:94:09:D2:A8:15:2E:04:AE:CB:DA:C1:6F:1C:5C:19:88:42:C8:72
Certificate issuer: /CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Certificate serial: 018CC348C3C4E9A806DCBCD4FB76D6EDBB95
Authority key identifier: 9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/lpQJ0qgVLgSuy9rBbxxcGYhCyHI.roa
Signing time: Mon 01 Jan 2024 04:29:34 +0000
ROA not before: Mon 01 Jan 2024 04:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44090
IP address blocks: 185.169.20.0/23 maxlen: 23
185.169.22.0/23 maxlen: 23
5.202.102.0/24 maxlen: 24
185.169.39.0/24 maxlen: 24
5.202.72.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.mft
rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:c3:c4:e9:a8:06:dc:bc:d4:fb:76:d6:ed:bb:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Validity
Not Before: Jan 1 04:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=969409d2a8152e04aecbdac16f1c5c198842c872
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:7f:e5:d1:a7:6f:32:4a:54:68:55:8b:76:82:
7e:fe:9f:35:32:55:34:99:9d:12:0e:62:ab:a7:4c:
a4:82:fc:f7:69:68:11:7c:b2:c1:d7:5f:4d:33:94:
55:99:1e:1e:26:47:7e:20:5b:b5:c7:c8:7b:4d:a9:
6d:2f:d7:84:54:16:5b:0a:f6:ab:70:53:96:93:b6:
06:bf:ef:40:ca:7d:17:12:3a:1c:12:11:96:45:50:
ca:02:9f:78:29:cd:08:ea:84:94:b1:63:1e:63:7b:
d8:c0:e1:15:07:17:ba:58:41:d0:9e:5e:fe:ad:fa:
b2:8b:3c:76:ab:7c:a8:16:14:bb:35:8b:27:75:0b:
10:fa:35:41:87:ce:23:0a:1b:6d:a6:97:bc:04:8b:
58:c3:4a:85:b0:96:d6:93:09:6e:d1:f7:31:42:15:
15:d4:c6:ca:b9:c7:e2:ef:9c:d1:14:f1:92:86:f4:
a4:12:c3:b7:2c:e2:18:bf:58:f0:bd:e5:16:3e:a2:
4a:27:cd:46:71:98:cb:3e:64:03:4f:96:5d:93:20:
b2:68:19:7e:4f:ec:72:be:46:5e:07:dd:77:fa:f5:
f0:96:8e:b4:a5:86:b0:f0:c6:93:a0:fd:7a:5f:6a:
7c:de:c0:90:7a:e5:06:14:59:00:f3:ae:30:09:36:
87:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:94:09:D2:A8:15:2E:04:AE:CB:DA:C1:6F:1C:5C:19:88:42:C8:72
X509v3 Authority Key Identifier:
keyid:9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/lpQJ0qgVLgSuy9rBbxxcGYhCyHI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.202.72.0/22
5.202.102.0/24
185.169.20.0/22
185.169.39.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:07:83:e7:6a:2a:cb:10:61:e9:12:d0:a3:68:15:36:1b:3b:
b4:c9:ad:80:cf:03:b8:70:da:7d:0a:95:21:45:d2:68:b1:ff:
dc:3a:4d:64:60:6f:96:5c:57:4c:bc:fd:ab:72:89:88:57:96:
7f:78:de:95:10:7d:b3:6b:83:38:e2:38:66:dd:e9:0d:e0:c5:
1d:41:ca:80:61:f9:66:93:3c:67:00:24:fe:12:f5:83:ed:3d:
1a:d3:8b:70:83:72:48:e0:15:97:42:f9:da:e7:f1:56:73:99:
b4:d6:e3:bc:86:a6:eb:8e:51:d5:e1:57:60:90:5d:44:59:d7:
8d:75:42:97:38:a7:94:52:8a:a0:ce:ab:b3:fa:b5:f5:13:24:
ed:10:4f:f7:ff:57:f7:46:91:28:8d:e7:7b:aa:99:66:e7:79:
7d:be:64:63:ff:ed:a1:f5:6b:25:97:b5:38:59:53:df:d7:93:
88:dc:c8:af:95:69:0b:b4:40:ac:b5:32:a1:54:6f:1b:d0:89:
c5:dc:1b:4c:0a:a7:76:6e:15:46:31:a4:9e:e7:49:6f:11:79:
73:a6:a6:99:df:aa:19:6b:61:b2:2e:5d:f8:71:7e:27:ce:28:
c1:dc:c7:e4:81:64:45:63:4e:08:46:9d:4a:19:be:04:f9:69:
8c:a3:e3:c1
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzDSMPE6agG3LzU+3bW7buVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMWU2OTM2OGFiZDM0NTM4ZmU3N2RkYWFiY2RjODM1YWY1
OTVlYmEwHhcNMjQwMTAxMDQyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Njk0MDlkMmE4MTUyZTA0YWVjYmRhYzE2ZjFjNWMxOTg4NDJjODcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjn/l0advMkpUaFWLdoJ+/p81MlU0
mZ0SDmKrp0ykgvz3aWgRfLLB119NM5RVmR4eJkd+IFu1x8h7TaltL9eEVBZbCvar
cFOWk7YGv+9Ayn0XEjocEhGWRVDKAp94Kc0I6oSUsWMeY3vYwOEVBxe6WEHQnl7+
rfqyizx2q3yoFhS7NYsndQsQ+jVBh84jChttppe8BItYw0qFsJbWkwlu0fcxQhUV
1MbKucfi75zRFPGShvSkEsO3LOIYv1jwveUWPqJKJ81GcZjLPmQDT5ZdkyCyaBl+
T+xyvkZeB913+vXwlo60pYaw8MaToP16X2p83sCQeuUGFFkA864wCTaH1QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJaUCdKoFS4ErsvawW8cXBmIQshyMB8GA1UdIwQY
MBaAFJoeaTaKvTRTj+d92qvNyDWvWV66MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjIt
MTA5ODJlMDQwZDUzLzEvbHBRSjBxZ1ZMZ1N1eTlyQmJ4eGNHWWhDeUhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjItMTA5ODJlMDQwZDUz
LzEvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCBcpIAwQA
BcpmAwQCuakUAwQAuaknMA0GCSqGSIb3DQEBCwUAA4IBAQCPB4PnairLEGHpEtCj
aBU2Gzu0ya2AzwO4cNp9CpUhRdJosf/cOk1kYG+WXFdMvP2rcomIV5Z/eN6VEH2z
a4M44jhm3ekN4MUdQcqAYflmkzxnACT+EvWD7T0a04twg3JI4BWXQvna5/FWc5m0
1uO8hqbrjlHV4VdgkF1EWdeNdUKXOKeUUoqgzquz+rX1EyTtEE/3/1f3RpEojed7
qplm53l9vmRj/+2h9Wsll7U4WVPf15OI3MivlWkLtECstTKhVG8b0InF3BtMCqd2
bhVGMaSe50lvEXlzpqaZ36oZa2GyLl34cX4nzijB3MfkgWRFY04IRp1KGb4E+WmM
o+PB
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:58:50 2024 by rpki-client on console-fra.rpki-client.org