Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/7edbcf-b90f-4707-b289-a3d377c6feef/1/Lwx08QP9m967BYPDvTy5JB19YyU.roa
File: Lwx08QP9m967BYPDvTy5JB19YyU.roa (raw, json)
Hash identifier: Iqkm61omZ0y+6InhbRxPIliHOVxKQuxrZK9Ict4bJu4=
Subject key identifier: 2F:0C:74:F1:03:FD:9B:DE:BB:05:83:C3:BD:3C:B9:24:1D:7D:63:25
Certificate issuer: /CN=b6fe63ee8a23f4916e4053531e6950db6c31e805
Certificate serial: 018CC79336DCDAC8D9F93C71FAC8076645C5
Authority key identifier: B6:FE:63:EE:8A:23:F4:91:6E:40:53:53:1E:69:50:DB:6C:31:E8:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tv5j7ooj9JFuQFNTHmlQ22wx6AU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/7edbcf-b90f-4707-b289-a3d377c6feef/1/Lwx08QP9m967BYPDvTy5JB19YyU.roa
Signing time: Tue 02 Jan 2024 00:29:22 +0000
ROA not before: Tue 02 Jan 2024 00:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199434
IP address blocks: 5.57.24.0/21 maxlen: 21
5.57.24.0/24 maxlen: 24
5.57.26.0/24 maxlen: 24
5.57.28.0/22 maxlen: 22
5.57.27.0/24 maxlen: 24
5.57.25.0/24 maxlen: 24
185.197.48.0/22 maxlen: 22
2a0a:6280::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/de/7edbcf-b90f-4707-b289-a3d377c6feef/1/tv5j7ooj9JFuQFNTHmlQ22wx6AU.crl
rsync://rpki.ripe.net/repository/DEFAULT/de/7edbcf-b90f-4707-b289-a3d377c6feef/1/tv5j7ooj9JFuQFNTHmlQ22wx6AU.mft
rsync://rpki.ripe.net/repository/DEFAULT/tv5j7ooj9JFuQFNTHmlQ22wx6AU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:36:dc:da:c8:d9:f9:3c:71:fa:c8:07:66:45:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b6fe63ee8a23f4916e4053531e6950db6c31e805
Validity
Not Before: Jan 2 00:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2f0c74f103fd9bdebb0583c3bd3cb9241d7d6325
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:27:75:e9:b3:53:3a:47:c2:49:08:69:fd:14:
99:d1:77:fe:3a:a2:91:0e:6b:07:ae:b5:07:a4:ee:
d4:0a:40:9c:bb:96:08:95:41:c0:e4:d6:61:57:61:
39:82:86:1f:7d:37:89:d6:0d:92:fb:ab:a5:eb:66:
7e:df:b7:00:48:cf:50:af:cd:b7:d5:d7:6c:b1:17:
bb:09:d9:90:f3:91:e6:3e:a0:42:5f:ba:55:41:e2:
7b:fc:32:df:3d:6d:23:41:d8:28:f8:73:69:1e:2c:
76:71:a9:c0:08:9f:11:95:d2:22:6c:68:13:93:4b:
ee:69:8e:2c:3d:f6:5c:a9:0e:36:3c:e5:94:5d:21:
6a:90:0e:a8:a6:1f:82:a1:8e:5e:90:2c:07:34:4d:
18:af:eb:cc:72:31:f0:3d:ce:f8:f4:ba:61:4c:26:
ce:91:19:ca:ca:09:b6:a9:32:6d:29:87:e8:6c:3e:
de:8c:16:b2:87:33:0f:7f:24:d3:83:0b:4b:c0:d3:
ad:44:4f:52:41:1d:d7:e0:85:89:ad:75:80:16:62:
76:e8:66:66:ee:f0:e0:8b:1b:32:1b:e0:2a:92:aa:
99:7d:c7:92:47:db:f3:ac:29:03:5f:f4:3b:78:d2:
3c:c0:4e:03:36:41:da:dc:fe:b4:50:5f:ac:fb:c6:
d8:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:0C:74:F1:03:FD:9B:DE:BB:05:83:C3:BD:3C:B9:24:1D:7D:63:25
X509v3 Authority Key Identifier:
keyid:B6:FE:63:EE:8A:23:F4:91:6E:40:53:53:1E:69:50:DB:6C:31:E8:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tv5j7ooj9JFuQFNTHmlQ22wx6AU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/7edbcf-b90f-4707-b289-a3d377c6feef/1/Lwx08QP9m967BYPDvTy5JB19YyU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/7edbcf-b90f-4707-b289-a3d377c6feef/1/tv5j7ooj9JFuQFNTHmlQ22wx6AU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.24.0/21
185.197.48.0/22
IPv6:
2a0a:6280::/29
Signature Algorithm: sha256WithRSAEncryption
96:69:19:82:24:c8:70:6a:f0:7c:7b:28:5e:fa:d4:1f:bb:43:
3c:9b:cf:22:28:f4:ca:45:29:0f:6a:97:a5:c6:3a:c7:09:45:
e0:a6:55:75:21:39:8e:74:37:21:d8:26:95:d8:9c:04:02:38:
42:9d:ee:14:f3:a7:cd:63:df:ed:03:63:61:c9:fe:f1:92:0b:
07:df:d5:d6:b1:f7:9d:a3:a8:1c:61:5e:c5:f8:3a:d1:4d:c1:
27:4a:ce:4c:3c:a4:65:ec:e5:80:a6:4c:48:1f:8e:9f:fc:b4:
86:52:8b:fd:72:90:55:5c:cb:a2:ab:2c:ee:b7:71:cb:ab:ea:
4a:3f:5b:8b:2a:2b:66:05:41:02:a9:15:8c:b5:41:d6:99:74:
43:f2:28:06:62:ad:e5:a5:bf:24:f7:d7:10:a2:87:6d:eb:5e:
08:5d:68:b3:55:27:42:35:de:e1:97:19:c4:b6:bb:e5:8b:54:
71:46:3f:99:b8:5e:0d:28:58:fb:a7:6c:b5:90:e3:c2:75:b5:
94:7e:03:7a:73:d4:4c:7b:09:5e:8c:b1:a2:e0:5a:78:54:0b:
d5:b4:b5:c5:7f:95:58:da:e4:c4:70:02:d7:39:f9:f0:24:76:
0f:7c:c8:96:3c:84:a7:dc:07:4f:a6:59:15:07:6b:09:6d:85:
95:1a:3c:c7
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzHkzbc2sjZ+Txx+sgHZkXFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2ZmU2M2VlOGEyM2Y0OTE2ZTQwNTM1MzFlNjk1MGRiNmMz
MWU4MDUwHhcNMjQwMTAyMDAyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjBjNzRmMTAzZmQ5YmRlYmIwNTgzYzNiZDNjYjkyNDFkN2Q2MzI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnCd16bNTOkfCSQhp/RSZ0Xf+OqKR
DmsHrrUHpO7UCkCcu5YIlUHA5NZhV2E5goYffTeJ1g2S+6ul62Z+37cASM9Qr823
1ddssRe7CdmQ85HmPqBCX7pVQeJ7/DLfPW0jQdgo+HNpHix2canACJ8RldIibGgT
k0vuaY4sPfZcqQ42POWUXSFqkA6oph+CoY5ekCwHNE0Yr+vMcjHwPc749LphTCbO
kRnKygm2qTJtKYfobD7ejBayhzMPfyTTgwtLwNOtRE9SQR3X4IWJrXWAFmJ26GZm
7vDgixsyG+AqkqqZfceSR9vzrCkDX/Q7eNI8wE4DNkHa3P60UF+s+8bYnwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFC8MdPED/ZveuwWDw708uSQdfWMlMB8GA1UdIwQY
MBaAFLb+Y+6KI/SRbkBTUx5pUNtsMegFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHY1ajdvb2o5SkZ1UUZOVEhtbFEyMnd4NkFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS83ZWRiY2YtYjkwZi00NzA3LWIyODkt
YTNkMzc3YzZmZWVmLzEvTHd4MDhRUDltOTY3QllQRHZUeTVKQjE5WXlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS83ZWRiY2YtYjkwZi00NzA3LWIyODktYTNkMzc3YzZmZWVm
LzEvdHY1ajdvb2o5SkZ1UUZOVEhtbFEyMnd4NkFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDBTkYAwQC
ucUwMA0EAgACMAcDBQMqCmKAMA0GCSqGSIb3DQEBCwUAA4IBAQCWaRmCJMhwavB8
eyhe+tQfu0M8m88iKPTKRSkPapelxjrHCUXgplV1ITmOdDch2CaV2JwEAjhCne4U
86fNY9/tA2Nhyf7xkgsH39XWsfedo6gcYV7F+DrRTcEnSs5MPKRl7OWApkxIH46f
/LSGUov9cpBVXMuiqyzut3HLq+pKP1uLKitmBUECqRWMtUHWmXRD8igGYq3lpb8k
99cQoodt614IXWizVSdCNd7hlxnEtrvli1RxRj+ZuF4NKFj7p2y1kOPCdbWUfgN6
c9RMewlejLGi4Fp4VAvVtLXFf5VY2uTEcALXOfnwJHYPfMiWPISn3AdPplkVB2sJ
bYWVGjzH
-----END CERTIFICATE-----
Generated at Sat Jun 1 17:01:08 2024 by rpki-client on console-ams.rpki-client.org